§ 1 General Provisions

1. This Privacy Policy defines the rules for processing personal data collected through the website www.sklepinventia.pl (hereinafter referred to as the “Website”).

2. The data controller is the online store Inventia Sklep, operated by INVENTIA TECHNOLOGIES SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, located at Leśna 11, 83-041 Żuławka, registered with the National Court Register by the District Court of Gdańsk-North, VII Commercial Division under KRS number 0000983002, NIP: 6040232180, REGON: 522624156.

3. Personal data collected by INVENTIA TECHNOLOGIES is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR).

4. The Administrator ensures the privacy of Website Users and makes every effort to protect their data.

§ 2 Types and Purposes of Data Processing

1. The Administrator collects data from individuals conducting business or professional activities and individuals representing legal entities (hereinafter collectively referred to as “Users”).

2. Personal data is collected in the following cases:
   a) Account registration to create and manage an account (legal basis: contract execution).
   b) Placing orders to fulfill a purchase contract (legal basis: contract execution).

3. During registration, Users provide:
   a) Email address,
   b) Address details,
   c) Name and surname,
   d) Phone number.

4. For business entities, the data set includes the company name and tax identification number (NIP).

5. Users set a unique password during registration, which can be changed later.

6. When placing an order, Users provide:
   a) Email address,
   b) Address details,
   c) Name and surname,
   d) Phone number,
   e) Shipping information based on the selected delivery method.

7. Providing personal data is voluntary but necessary to place and fulfill orders.

§ 3 Data Protection Measures

1. Personal data entry points are secured by SSL encryption, ensuring secure data transmission.
2. Administrative passwords are updated periodically.
3. Data is regularly backed up.
4. Software updates are performed to maintain security.

§ 4 Data Sharing and Transfer

1. Data may be shared with service providers:
   a) Processors acting on instructions from the Administrator (e.g., hosting, analytics, marketing).
   b) Administrators who independently determine the purpose of data processing (e.g., payment services).

2. Data retention is based on:
   a) Consent withdrawal or contract performance duration plus statutory limitation periods.

3. Data may be disclosed to authorized state authorities.

§ 5 User Rights

1. Right to Withdraw Consent: Users can withdraw consent at any time without affecting the lawfulness of prior processing.
2. Right to Object: Users may object to data processing based on legitimate interests.
3. Right to Erasure: Users can request deletion of data under certain conditions.
4. Right to Restrict Processing: Users can request data usage limitations.
5. Right of Access: Users have the right to access their data.
6. Right to Rectification: Users can request data correction.
7. Right to Data Portability: Users can receive and transfer their data to another controller.

§ 6 Additional Use of Personal Data

1. Personal data is used for:
   a) Comment systems,
   b) Order processing,
   c) Newsletter management,
   d) Debt collection,
   e) Marketing offers.

2. Cookies and other tracking technologies are used to gather user behavior data.

§ 7 Security Management

1. The Website uses SSL encryption for secure data transmission.

2. Password recovery is handled through secure email-based verification.

3. Users are warned not to share login credentials and to disregard phishing attempts.

§ 8 Consent for Data Processing

1. Users consent to direct marketing by INVENTIA TECHNOLOGIES based on GDPR Article 6(1)(a).