Loading...

Join S'portofino Club and receive the 10% discount code

As much as 30 days for a free return only logged in users

Any questions Call: +48 61 610 31 44

  • Account Information
  • My addresses
  • My Orders
  • My Wish List
  • Sign In
  • Compare Products
  • Join S'portofino Club
Menu
My Cart
My Wishlist

Displaying search results for:

English / EUR
Menu
English / EUR
Account

Privacy policy

1.      Introduction

The purpose of this Privacy Policy is to define the measures taken by SAT sp. z o.o. with regard to the protection of your Personal Data, as well as the scope and legal basis for their processing, following your use of the Website. All operations of SAT sp. z o.o. are subject to applicable legislation on the protection of personal data, in particular the Regulation and the Act.

In case of any questions regarding the processing of your Personal Data, please contact our Data Protection Officer at [email protected]

2.      Definitions

Certain terms used in this Policy are capitalised and they have the meaning ascribed to them in the Terms and Conditions, the "S’portofino Club" S’portofino Loyalty Program Terms and Conditions, or as defined below:

2.1. Controller - the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; in this Privacy Policy, the Controller is SAT sp. z o.o. with its registered office in Poznań (60-277), ul. Grochowska 27, entered in the Register of Entrepreneurs of the National Court Register under the KRS number 0000633957, NIP (tax identification number) 7792446406, REGON (statistical identification number) 365284658, hereinafter referred to as the Controller;

2.2. Personal Data - any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2.3. Messenger - an online messaging application used for communications;

2.4. Privacy Policy - this document defining the measures taken by SAT sp. z o.o. with regard to the protection of the Personal Data, as well as the scope and legal basis for their processing;

2.5. Regulation - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);

2.6. Act - Act of 10 May 2018 on the protection of personal data;

3.      Categories of the Personal Data - scope of data

The following types of Personal Data are processed on the Website for each category of data subject:

  1. Prospective Users (IP address of the computer, information contained in cookies, other data provided voluntarily in Messenger app);
  2. Users (name, surname, delivery address, e-mail address, telephone number, company, registered office address, NIP (tax identification number), bank account number, IP address of the computer, information contained in cookies);
  3. Members, i.e. persons who have registered a Member Account (name, surname, delivery address, residence address, e-mail address, telephone number, company, registered office address, NIP (tax identification number), bank account number, IP address of the computer, information contained in cookies, gender, date of birth);
  4. persons contacting the Controller (name, surname, e-mail address, telephone number);

hereinafter referred to as the "Personal Data".

4.      Purpose of processing the Personal Data

4.1. The Personal Data of Prospective Users are processed by the Controller:

  1. on the basis of Article 6(1)(a) of the GDPR, where the processing is carried out on the basis of consent given when accepting the configuration of cookies, usually during the first visit to the Website; such consent is voluntary and it can be withdrawn at any time, and its withdrawal does not affect the lawfulness of the processing carried out before its withdrawal in order to adapt the displayed content to specific preferences and to improve the quality of the online shopping experience;
  2. on the basis of Article 6(1)(b) of the GDPR, where the processing is necessary for the performance of the contract, for the purposes of communications using Messenger;
  3. on the basis of Article 6(1)(f) of the GDPR, where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in protecting the rights of SAT sp. z o.o. and of the Prospective User, as well as for the development and optimisation of the service, including the resolution of technical issues and the provision of relevant functions.

4.2. The User's Personal Data are processed for the same purposes for which the Prospective User's Personal Data are processed, as well as:

a) on the basis of Article 6(1)(b) of the GDPR, where the processing is necessary for the performance of the contract, for the purposes of performing the concluded sales contracts, the operational execution of orders, the dispatch or delivery of the ordered goods, the handling of returns and complaints, and the fulfilment of the obligations arising from the granted commercial and statutory warranties;

b) on the basis of Article 6(1)(f) of the GDPR, where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in protecting the rights of SAT sp. z o.o., in order to manage receivables.

4.3. The Member's Personal Data are processed for the same purposes for which the User's Personal Data are processed, as well as:

a) on the basis of Article 6(1)(a) of the GDPR, where the processing is carried out on the basis of consent given when accepting the configuration of cookies; such consent is voluntary and it can be withdrawn at any time, and its withdrawal does not affect the lawfulness of the processing carried out before its withdrawal for the purposes of:

  • customising ads;
  • adapting the displayed ads based on the profile;
  • adapting the marketing content based on the profile (newsletter);

b) on the basis of Article 6(1)(b) of the GDPR, where the processing is necessary for the performance of the contract, for the purposes of:

  • registration of a Member Account and ensuring operation of the Member's profile;
  • issuing, execution and delivery of gift cards and discount vouchers;
  • handling promotional campaigns and competitions;

c) on the basis of Article 6(1)(f) of the GDPR, where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in ensuring the security of the provided services, for the purposes of non-advertising communications with the Members regarding technical or security issues (e.g. fraud warnings, account blocking, maintenance information).

4.4. The Personal Data of persons contacting the Controller will be processed in order to provide answers to their questions, on the basis of Article 6(1)(f) of the GDPR, where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in responding to queries and the defence against possible claims. The Personal Data will also be processed in connection with call monitoring in order to provide quality customer service. The data will be processed on the basis of your consent (Article 6(1)(a) of the GDPR), which you will give upon contacting the Controller (implied consent), as well as on the basis of Article 6(1)(f) of the GDPR - the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in the provision of high quality customer service and the defence against possible claims.

5.      Period of processing of the Personal Data

The Personal Data of Users and Members will be processed by the Website for the period necessary for the performance of the contract for the provision of Loyalty Program services or the sales contract, extended by the period of limitation of possible claims or, if it is provided for in legislation, for the period provided for by the applicable legislation. The Personal Data processed in connection with call monitoring will be processed for a period of up to three months from the date of the recording, unless the recording constitutes evidence in proceedings conducted under the law.

When determining the data processing period, provisions of the following acts of law will be taken into account:

  • Act of 29 August 1997 - Tax Ordinance;
  • Act of 23 April 1964 - Civil Code;
  • Act of 26 June 1974 - Labour Code.

6.      Recipients (transfer of the Personal Data to countries outside the European Economic Area)

The Website may entrust the Personal Data of Users and Members to third parties participating in the performance of the contract for the provision of services, including the implementation of the Loyalty Program, or participating in the performance of the sales contract, for the purposes of proper performance of such contracts, e.g. Poczta Polska (Polish post), carriers, logistics companies, companies handling payment transactions, entities providing marketing services, entities providing server collocation services, public authorities, insofar as this is regulated by law.

In addition, in order to effectively operate the Website and analyse the Personal Data processed therein, the Personal Data of Prospective Users, Users, Members and persons contacting the Controller contained in the cookies may be transferred outside the European Economic Area, including, but not limited to, Google LLC, on the basis of Article 46 of the GDPR.

Details regarding the processing of the Personal Data by Google are available at: https://safety.google/privacy/privacy-controls/.

7.      Rights

Pursuant to the Regulation, the person contacting the Controller and each Prospective User, Member and User have the rights described below.

7.1. The right to access your Personal Data, i.e. to obtain confirmation as to whether SAT sp. z o.o. processes your Personal Data and to be informed of the details of such processing, including, in particular, the purposes and legal basis for the processing, the scope of the data held by SAT sp. z o.o., the entities to which your data are disclosed and the planned date of erasure. In addition, you have the right to obtain a copy of your Personal Data from SAT sp. z o.o.

7.2. The right to rectification of the Personal Data, i.e. to obtain from the Controller without undue delay the rectification of the inaccurate Personal Data and to have the incomplete Personal Data completed.

7.3. The right to erasure of the Personal Data ("Right to be forgotten"), i.e. to obtain from the Controller the erasure of the Personal Data without undue delay where one of the following grounds applies:

  • the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed by SAT sp. z o.o.;
  • you withdraw your consent on which the processing is based or object to the processing and there is no other legal ground for the processing of your Personal Data;
  • your Personal Data have been unlawfully processed.

7.4.The right to restrict processing of the Personal Data, which gives you the right to obtain from the Controller restriction of processing where one of the following applies:

  • you contest the accuracy of the Personal Data, for a period enabling the Controller to verify the accuracy of the Personal Data;
  • the processing is unlawful, but you oppose the erasure of your Personal Data;
  • SAT sp. z o.o. no longer needs your Personal Data, but you may require them for the establishment, exercise or defence of legal claims;
  • you have objected to processing pending the verification whether the legitimate grounds of the Controller override the grounds for the objection,

7.5. The right to data portability,e. to receive your Personal Data in a structured and commonly used format where the processing is based on consent and where the processing is carried out by automated means.

7.6. The right to object to the processing of Personal Data on grounds relating to your particular situation - to processing relating to your Personal Data based on Article 6(1)(e) or (f), including profiling on the basis of these provisions. The right to object to processing may also be exercised if the Personal Data are processed for direct marketing purposes; in such case, the data subject has the right to object at any time to processing of their Personal Data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

7.7. The right to withdraw your consent, which you may exercise at any time if your Personal Data are processed on the basis of your consent, which does not affect the lawfulness of the processing carried out before such withdrawal.

7.8. The right to obtain human intervention, to express your point of view and to challenge the decision made with regard to you, which you may exercise at any time, if you are subject to a decision which is based solely on automated processing and which produces legal effects concerning you or similarly significantly affects you.

7.9. The right to lodge a complaint, in relation to the processing of your Personal Data, with a supervisory authority, which is the President of the Personal Data Protection Office (address: PrezesUrzęduOchronyDanychOsobowych, ul. Stawki 2, 00-193 Warszawa).

8.      Technical and organisational measures

8.1. The Controller will implement appropriate technical and organisational measures to ensure the protection of the Personal Data being processed, in particular to protect the data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the Personal Data transmitted, stored or otherwise processed, including, but not limited to:

  • keeping internal records regarding personal data protection;
  • organising staff training concerning personal data protection;
  • applying written contracts for the processing of personal data with third-party processors;
  • carrying out regular audits and tests of the effectiveness of technical and organisational measures to ensure the security of the processing of the Personal Data.

8.2. In addition, the Personal Data are transferred securely using encryption. This applies to the ordering process and to the customer login. We use the SSL (SecureSocketLayer) encryption system.

9.      Cookies

9.1. The Website automatically collects information contained e.g. in cookies.

9.2. Cookies are IT data, in particular text files, which are stored on the end device of a Prospective User, User or Member and which are intended for the use of the Website. Cookies usually contain the name of the website they originate from, the time they are stored on the end device, and a unique number.

9.3. Cookies are used for:

  1. adapting the content of the Website to the preferences of the Prospective User, User or Member and optimising the use of the web pages; in particular, such files allow for the recognition of the Prospective User's, User's or Member's device and the appropriate display of the web page, adapted to their individual needs;
  2. creating statistics which help us understand how a Prospective User, User or Member uses the web pages so that we can improve their structure and content;
  3. maintaining the Member's session (after logging in) so that they do not need to re-enter their login and password on each page of the Website.

9.4. There are two main types of cookies used on the Website:

  1. "session cookies" - they are temporary files that are stored on the end device of a Prospective User, User or Member until they log out, leave the web page or switch off the software (web browser);
  2. "persistent cookies" – they are cookies that are stored on the end device of a Prospective User, User or Member for the time specified in the parameters of the cookies or until they are deleted by the User or Member.

9.5. The cookies used on the Website can also be divided into:

  1. functionality cookies - such files allow saving information about the use of the Website and product preferences; the files enable the Website to be used in a way that is as tailored as possible to the Prospective User, User or Member, on the basis of Article 6(1)(a) of the GDPR, where the processing is carried out on the basis of consent that is voluntary and that can be withdrawn at any time, and its withdrawal does not affect the lawfulness of the processing carried out before its withdrawal;
  2. performance cookies - cookies that help the Controller understand how a Prospective User, User or Member uses the Website, which content and products they are particularly interested in and what problems they have, on the basis of Article 6(1)(a) of the GDPR, where the processing is carried out on the basis of consent that is voluntary and that can be withdrawn at any time, and its withdrawal does not affect the lawfulness of the processing carried out before its withdrawal;
  3. marketing cookies - these files allow targeting ads tailored to the preferences of a Prospective User, User or Member on websites and in applications of entities other than SAT sp. z o.o., on the basis of Article 6(1)(a) of the GDPR, where the processing is carried out on the basis of consent that is voluntary and that can be withdrawn at any time, and its withdrawal does not affect the lawfulness of the processing carried out before its withdrawal;
  4. strictly necessary cookies - cookies which are necessary for the proper functioning of the Website; blocking them in the browser may result in the malfunctioning of the Website, on the basis of Article 6(1)(f) of the GDPR, where the processing is necessary for the purposes of the legitimate interests pursued by the Controller, consisting in protecting the rights of SAT sp. z o.o. and of the Prospective User in order to ensure the security of the provided services.

9.6. In addition, cookies are divided by origin, i.e. by the website administrator who manages them:

  1. first-party cookies - cookies placed on websites directly by SAT sp. z o.o.;
  2. third-party cookies - cookies placed on websites by entities other than SAT sp. z o.o.

9.7. In many cases, the web browsing software (web browser) allows cookies to be stored on the end device of a Prospective User, User or Member by default. Prospective Users, Users and Members may change their cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in browser settings or to each time inform about their placement on the device of a Prospective User, User or Member. Detailed information on the possibility and methods of managing cookies is available in the settings of your software (web browser).

9.8. The Operator of the Website informs that restrictions on the use of cookies may affect some of the functionalities available on the Website.

10.    Profiling

10.1. SAT sp. z o.o. uses automated processing tools to process the Personal Data of a Prospective User, User or Member. By means of the Personal Data profiling tools, SAT sp. z o. o. is able to assess personal factors concerning a specific Prospective User, User or Member, in particular, to analyse or forecast aspects concerning e.g. personal preferences, interests or behaviour.

10.2. The purpose of profiling is to provide individual Prospective Users, Users or Members with customised and tailored offers and content across all channels, including, but not limited to, through e-mail marketing, dynamic content, advertising networks or direct sales.

10.3. The profiling of a Prospective User's, User's or Member's Personal Data by SAT sp. z o. o. takes place on the basis of their express consent.

10.4. Pursuant to Article 22 of the Regulation, every Prospective User, User or Member has the right to object to the processing of their Personal Data consisting in profiling.

Load the chat