§1 GENERAL PROVISIONS

This Privacy Policy and Cookies Policy defines the rules for the processing and protection of personal data provided by Users and Cookies files, as well as other technologies appearing on the website and in the online store at https://livedguides.com/.

The Administrator of the website and the personal data provided therein is Słucham Media sp. z o. o. with its registered office in Warsaw, 02-141, ul. Ustrzycka 6, entered into the Register of Entrepreneurs of the National Court Register (KRS) under number: 0001168597, NIP (Tax Identification Number): 5223332492, REGON (National Business Registry Number): 54149964400000, with a share capital of 5000 PLN, in accordance with the information corresponding to the current excerpt from the Register of Entrepreneurs contained in the Central Information of the National Court Register, represented by Marta Niemira – President of the Management Board.

I care about the security of personal data and the privacy of the Website User. I am glad you visited my Website.

If you have any doubts regarding the provisions of this Privacy Policy and Cookies Policy, please contact the Administrator via e-mail at: marta@agencjaslucham.pl.

The Administrator reserves the right to introduce changes to the privacy policy, and every User of the website is obliged to be familiar with the current privacy policy. The reasons for changes may be: the development of internet technology, changes in generally applicable law, or the development of the Website through, for example, the Administrator's use of new tools. The date of publication of the current Privacy Policy is provided at the bottom of the page.

§2 DEFINITIONS

Administrator – Słucham Media sp. z o. o. with its registered office in Warsaw, 02-141, ul. Ustrzycka 6, entered into the Register of Entrepreneurs of the National Court Register (KRS) under number: 0001168597, NIP: 5223332492, REGON: 54149964400000, with a share capital of 5000 PLN, in accordance with the information corresponding to the current excerpt from the Register of Entrepreneurs contained in the Central Information of the National Court Register, represented by Marta Niemira – President of the Management Board.

User – any entity present on and using the website.

Website and/or Online Store – the website and online store located at https://livedguides.com/.

Form or Forms – places on the Website that allow the User to enter personal data for specified purposes, e.g., for sending the newsletter, placing an order, or contacting the User.

Newsletter – means a free service provided electronically by the Administrator to the User by sending e-mail messages through which the Administrator informs about events, services, products, and other elements relevant from the Administrator's point of view and/or to achieve the Administrator's legitimate interest, which is direct marketing, including sending marketing and commercial content with the User's consent. Detailed information about Newsletter sending is provided later in this privacy policy.

GDPR – means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal Data Protection Act – the Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000 as amended).

Act on Rendering Services by Electronic Means – the Act of 18 July 2002 on rendering services by electronic means (Journal of Laws of 2020, item 344 as amended).

Telecommunications Law Act – the Act of 16 July 2004 – Telecommunications Law (Journal of Laws of 2021, item 576 as amended).

§3 PERSONAL DATA AND PRINCIPLES OF ITS PROCESSING

WHO IS THE ADMINISTRATOR OF THE USER'S PERSONAL DATA?

The Administrator of the User's personal data is Słucham Media sp. z o. o. with its registered office in Warsaw, 02-141, ul. Ustrzycka 6, entered into the Register of Entrepreneurs of the National Court Register (KRS) under number: 0001168597, NIP: 5223332492, REGON: 54149964400000, with a share capital of 5000 PLN, in accordance with the information corresponding to the current excerpt from the Register of Entrepreneurs contained in the Central Information of the National Court Register, represented by Marta Niemira – President of the Management Board.

IS PROVIDING DATA VOLUNTARY? WHAT IS THE CONSEQUENCE OF NOT PROVIDING IT?

The provision of data is voluntary, however, failure to provide certain information, generally marked as mandatory on the Administrator's pages, will result in the impossibility of performing the given service and achieving a specific purpose or taking certain actions.

The provision by the User of data that is not mandatory or is in excess of what the Administrator needs to process occurs based on the User's own decision, and the processing is then based on the premise contained in Article 6(1)(a) of the GDPR (consent). The User gives consent to the processing of this data and to the anonymization of data that the Administrator does not require and does not want to process, but which the User nevertheless provided to the Administrator.

FOR WHAT PURPOSES AND ON WHAT LEGAL GROUNDS DO WE PROCESS THE USER'S PERSONAL DATA PROVIDED WHEN USING THE WEBSITE?

The User's personal data on the Administrator's Website may be processed for the following purposes and on the following legal grounds:

• Performance of a service or a concluded contract, sending an offer (e.g., advertising) at the User's request — based on Article 6(1)(b) of the GDPR (necessity for the conclusion and/or performance of a contract or taking action upon request).
• Issuing an invoice, bill, and fulfilling other obligations resulting from tax law regulations in case of placing orders in the Online Store or other products and services — based on Article 6(1)(c) of the GDPR (obligation resulting from legal provisions).
• Granting a discount or informing about promotions and interesting offers of the Administrator or entities recommended by them — based on Article 6(1)(a) of the GDPR (consent).
• Storing unpaid orders — based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Considering complaints or claims related to the contract — based on Article 6(1)(b) of the GDPR (necessity for the conclusion and/or performance of a contract) and based on Article 6(1)(c) of the GDPR (obligation resulting from legal provisions).
• Establishing, exercising, or defending against claims — based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Telephone contact in matters related to the performance of the service — based on Article 6(1)(b) of the GDPR (necessity for the conclusion and/or performance of a contract).
• Creating registers related to the GDPR and other regulations — based on Article 6(1)(c) of the GDPR(obligation resulting from legal provisions) and Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Archival and evidence purposes, for securing information that may serve to demonstrate facts — based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Analytical purposes, consisting, among other things, of analyzing data collected automatically when using the website, including cookies, e.g., Google Analytics cookies, Facebook Pixel — based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Using cookies on the Website and its subpages — based on Article 6(1)(a) of the GDPR (consent).
• Managing the Website and the Administrator's pages on other platforms — based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Posting by the User of opinions about the services provided by the Administrator — based on Article 6(1)(a) of the GDPR (consent).
• Internal administrative purposes of the Administrator related to managing contact with the User, which is a legitimate interest of the data Administrator based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Sending the newsletter – based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator consisting in processing data for direct marketing purposes) and based on the Act on Rendering Services by Electronic Means (consent).
• Adapting the content displayed on the Administrator's pages to individual needs and continuously improving the quality of services offered – based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Direct marketing aimed at the User of the Administrator's own products or services or recommended third-party products – based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator).
• Targeting advertising on social media and websites, such as Facebook Leads Ads or Facebook Custom Audience, YouTube, and conducting remarketing - based on Article 6(1)(a) of the GDPR (consent) and based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator) consisting in the promotion and advertising of the Administrator's services through remarketing directed to people subscribed to the mailing list or visiting a given website).
• The provision by the User of data that is not mandatory or is in excess of what the Administrator needs to process occurs based on the User's own decision, and the processing is then based on the premise contained in Article 6(1)(a) of the GDPR (consent). The User gives consent to the processing of this data and to the anonymization of data that the Administrator does not require and does not want to process, but which the User nevertheless provided to the Administrator.

HOW IS DATA COLLECTED?

Only the data that the user provides themselves is collected and processed (with the exception of – in certain situations – data collected automatically via cookies, as discussed below).

During a visit to the website, data regarding the visit itself is automatically collected, e.g., the User's IP address, domain name, browser type, operating system type, etc. (logging data). Automatically collected data may be used to analyze user behavior on the website, collect demographic data about users, or to personalize the content of the website in order to improve it. However, this data is processed solely for the purposes of administering the website, ensuring efficient hosting service, or directing marketing content and is not associated with the data of individual users. You can read more about cookies later in this policy.

Data may also be collected for the purpose of completing Forms on the Website, which is discussed later in the privacy policy.

Information Society Services

The Administrator does not collect data from children. The User should be 16 years of age or older to independently consent to the processing of personal data for the purpose of providing information society services, including for marketing purposes, or to obtain the consent of a legal guardian (e.g., parent) for this purpose.

If the User is under 16 years of age, they should not use the Website and the service https://livedguides.pl/.

The Administrator is entitled to take reasonable efforts to verify whether the user meets the age requirement mentioned above, or whether the person holding parental responsibility or guardianship over the User under 16 years of age has given or approved the consent.

WHAT ARE THE USER'S RIGHTS?

The User is entitled at any time to the rights contained in Articles 15-21 of the GDPR, i.e.:

• the right to access their data content,
• the right to data portability,
• the right to rectify the data,
• the right to correct the data,
• the right to erase data if there is no basis for its processing,
• the right to restrict processing if it occurred incorrectly or without a legal basis,
• the right to object to the processing of data based on the legitimate interest of the administrator,
• the right to lodge a complaint with a supervisory authority – the President of the Personal Data Protection Office (on the principles specified in the Personal Data Protection Act), if they consider that the processing of their data is inconsistent with currently applicable data protection law.
• the right to be forgotten if further processing is not provided for by currently applicable law.

The Administrator notes that these rights are not absolute and do not apply to all personal data processing activities of the User. This applies, for example, to the right to obtain a copy of the data. This right may not adversely affect the rights and freedoms of others, such as copyright or professional secrecy. To learn about the limitations regarding the User's rights, please refer to the text of the GDPR.

However, the User always has the right to lodge a complaint with a supervisory authority.

To exercise their rights, the User may contact the Administrator via e-mail at: marta@agencjaslucham.pl or by mail to the address of the Administrator's place of business, if provided in this privacy policy, indicating the scope of their requests. A response will be provided no later than 30 days from the date of receipt of the request and its justification, unless an extension of this period is justified in accordance with the GDPR.

CAN THE USER WITHDRAW EXPRESSED CONSENT?

If the User has given consent to a specific action, such consent may be withdrawn at any time, which will result in the removal of the e-mail address from the Administrator's mailing list and the cessation of the indicated actions (in the case of subscription based on consent). Withdrawal of consent does not affect the processing of data that took place based on the consent before its withdrawal.

In some cases, the data may not be completely erased and will be kept for the purpose of defending against possible claims for the period compliant with the provisions of the Civil Code or, for example, for the purpose of fulfilling legal obligations imposed on the Administrator.

In each case, the Administrator will respond to the User's request, appropriately justifying further actions resulting from legal obligations.

DO WE TRANSFER THE USER'S DATA TO THIRD COUNTRIES?

The User's data may be transferred outside the European Union – to third countries.

Due to the fact that the Administrator uses external providers of various services, e.g., Meta Platforms Ireland Limited (Facebook and subsidiaries), hereinafter referred to as Meta or Facebook, Google, Microsoft, etc., the User's data may be transferred to the United States of America (USA) in connection with its storage on American servers (in whole or in part). Google and Facebook apply compliance mechanisms provided for by the GDPR (e.g., certificates) or standard contractual clauses in relation to their services. They will be transferred only to recipients who guarantee the highest protection and security of data, including through:

• cooperation with entities processing personal data in countries for which a relevant decision has been issued by the European Commission,
• application of standard contractual clauses issued by the European Commission (as is the case, for example, with Google),
• application of binding corporate rules approved by the competent supervisory authority,
• or those for the transfer of personal data to whom the User has given consent.

Detailed information is available in the privacy policy of each of these service providers, available on their websites. For example:

• Google Ireland Limited: https://policies.google.com/privacy?hl=pl
• Meta Platforms Ireland Limited: https://www.facebook.com/privacy/explanation
• UAB MailerLite: https://www.mailerlite.com/legal/privacy-policy

Currently, the services offered by Google and Meta are mainly provided by entities located in the European Union. However, it is necessary to check the privacy policy of these providers each time to receive up-to-date information on the protection of personal data. MailerLite may store some data in the United States or use service providers from that country, but the data is processed mainly in the European Union.

HOW LONG DO WE STORE THE USER'S DATA?

The User's data will be stored by the Administrator for the duration of the respective services/achievement of purposes and:

• for the period of service provision and cooperation, as well as for the statute of limitations period for claims in accordance with legal provisions – in relation to data provided by contractors and clients or Users,
• for the period of conducting conversations and negotiations preceding the conclusion of a contract or the performance of a service – in relation to data provided in a request for quotation,
• for the period required by law, including tax law – in relation to personal data related to the fulfillment of obligations resulting from applicable regulations,
• until an effective objection lodged pursuant to Article 21 of the GDPR is raised – in relation to personal data processed based on the legitimate interest of the administrator, including for direct marketing purposes,
• until consent is withdrawn or the purpose of processing, the business purpose is achieved – in relation to personal data processed based on consent. After consent is withdrawn, the data may still be processed for the purpose of defending against possible claims in accordance with the statute of limitations for those claims or a (shorter) period indicated to the User,
• until the data becomes outdated or loses its usefulness – in relation to personal data processed mainly for analytical, statistical purposes, the use of cookies, and the administration of the Administrator's Pages,
• for a maximum period of 3 years in the case of persons who have unsubscribed from the newsletter for the purpose of defending against possible claims (e.g., information about the subscription date and the date of unsubscription from the newsletter, the number of newsletters received, actions taken, and activity related to the received messages), or after a period of 1 year of no activity by a given subscriber, e.g., not opening any message from the Administrator.

The data storage periods indicated in years are calculated at the end of each year in which data processing began. This is intended to streamline the data processing and management process.

Detailed personal data processing periods, concerning individual processing activities, are contained in the Administrator's register of processing activities.

DATA SECURITY

The User's personal data is stored and protected with due diligence, in accordance with the Administrator's implemented internal procedures. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular personal data protection regulations. These measures are primarily intended to secure Users' personal data against unauthorized access.

In particular, access to Users' personal data is limited to authorized persons who are obliged to keep this data confidential or entities entrusted with the processing of personal data on the basis of a separate data entrustment agreement.

The User should also exercise diligence in securing their personal data transmitted over the Internet, in particular by not disclosing their login details to third parties, using antivirus security, and updating software.

WHO MAY BE THE RECIPIENTS OF PERSONAL DATA?

The Administrator informs that it uses the services of external entities. The entities to which it entrusts the processing of personal data (such as courier companies, electronic payment intermediaries, accounting firms, companies providing newsletter services) guarantee the application of appropriate personal data protection and security measures required by law, in particular by the GDPR.

The Administrator informs the User that it entrusts the processing of personal data to the following entities, among others:

• MailerLite Limited – for the purpose of sending the newsletter and using the mailing system,
• MailerLite Limited – for the purpose of storing personal data on the server,
• Słucham Media sp. z o. o. – for the purpose of creating landing pages and collecting leads,
• PARTNER R.DZIEKAN SPÓŁKA JAWNA – for the purpose of issuing accounting documents,
• PayPro S.A – for the purpose of operating the payment system and electronic transactions,
• Słucham Media sp. z o. o. – for the purpose of company management,
• Słucham Media sp. z o. o. – for the purpose of using Google services, including e-mail,
• Słucham Media sp. z o. o. – for the purpose of domain and mail server operation,
• Słucham Media sp. z o. o. – for IT support or IT management of the Website,
• other contractors or subcontractors engaged for technical, administrative support, or to provide legal assistance to the Administrator and its clients, e.g., accounting, IT, graphic, copywriting assistance, debt collection companies, lawyers, etc.

Personal data may also be made available to other recipients, including offices, e.g., the tax office – to fulfill legal and tax obligations related to settlements and accounting.

Entities that process personal data, like the Administrator, ensure compliance with European standards for personal data protection, including standards set by legal acts and decisions of the European Commission, and also apply compliance mechanisms when transferring data outside the EEA, including in the form of standard contractual clauses adopted by the European Commission Decision 2021/915 of 4 June 2021 on standard contractual clauses between controllers and processors pursuant to Article 28(7) of Regulation (EU) 2016/679 and Article 29(7) of Regulation (EU) 2018/1725 https://eur-lex.europa.eu/legal-content/PL/TXT/PDF/?uri=CELEX:32021D0915&from=PL.

HAVE WE APPOINTED A DATA PROTECTION OFFICER?

The Personal Data Administrator hereby informs that it has not appointed a Data Protection Officer (DPO) and performs the duties related to the processing of personal data independently.

The User acknowledges that their personal data may be transferred to authorized state authorities in connection with proceedings conducted by them, at their request and after fulfilling the conditions confirming the necessity of obtaining this data from the Administrator.

DO WE PROFILE THE USER'S DATA?

The User's personal data will not be used for automated decision-making that affects the User's rights, obligations, or freedoms within the meaning of the GDPR.

Within the website and tracking technologies, the User's data may be profiled, which helps to better personalize the company's offer that the Administrator directs to the User (mainly through so-called behavioral advertising). However, this should not have any impact on the User's legal situation, in particular on the terms of contracts concluded by them or contracts they intend to conclude. It can only help to better match content and targeted ads to the User's interests. The information used is anonymous and is not associated with the personal data provided by the User, e.g., in the purchase process. It results from statistical data, e.g., gender, age, interests, approximate location, behavior on the Website.

Every User has the right to object to profiling if it were to negatively affect the User's rights and obligations.

If you want to learn more about behavioral advertising, click here: https://www.youronlinechoices.com/pl/o-reklamie-behawioralnej

§4 FORMS

The Administrator uses the following types of forms on the Website:

a) Newsletter Subscription Form – requires entering your name and e-mail address in the appropriate place. These fields are mandatory. Then, in order to add their e-mail address to the Administrator's subscriber base, the User must confirm their willingness to subscribe. The data obtained in this way is added to the mailing list for sending the newsletter.

Subscription/enrollment means that the User agrees to this Privacy Policy and consents to receiving marketing and commercial information via electronic means of communication, e.g., e-mail, within the meaning of the Act of 18 July 2002 on rendering services by electronic means (Journal of Laws No. 144, item 1204 as amended).

By subscribing to the newsletter, the User also consents to the Administrator using the User's telecommunications terminal equipment (e.g., phone, tablet, computer) for direct marketing of the Administrator's products and services and presenting commercial information to the User in accordance with Article 172(1) of the Telecommunications Law Act (Journal of Laws of 2014, item 243 as amended).

The above consents are voluntary, but necessary for sending the newsletter, including, among other things, informing about services, new blog entries, products, promotions, and discounts offered by the Administrator or third-party products recommended by them. Consents may be withdrawn at any time, which will result in the cessation of sending the newsletter in accordance with the rules contained in this privacy policy.

The newsletter is sent for an indefinite period, from the moment of activation until the consent is withdrawn. After withdrawing consent, the User's data may be stored in the newsletter database for a period of up to 2 years/1 year, in order to demonstrate the fact of the User giving consent to communication via the newsletter, the User's actions (e-mail open rate), and the moment of its withdrawal, as well as any related claims, which constitutes the Administrator's legitimate interest (Article 6(1)(f) of the GDPR).

Sending the newsletter may be stopped if the User shows no activity for a minimum of 1 year from the start of the newsletter service or from reading the last e-mail (newsletter sent). In such a case, the Administrator will remove the User's data from the newsletter sending system (provider). The User will not be entitled to receive any message from the Administrator unless they decide to subscribe again in the Newsletter subscription form or contact the Administrator in another selected way for this purpose.

The mailing system used to send the newsletter records all activity and actions taken by the User related to the e-mails sent to them (date and time of opening the message, clicking on links, moment of unsubscription, etc.).

The Administrator may also conduct remarketing based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services directed to people who have subscribed to the newsletter, by uploading the e-mail addresses of subscribers to the marketing tool offered by Facebook Inc., the so-called ad manager, and then advertising created by the Administrator or authorized persons is directed to them, through the Administrator's advertising account, provided that the newsletter subscribers are also users of the Facebook platform (have an account there). This data is deleted each time after the end of the advertising campaign. In the case of carrying out another advertising campaign, an updated subscriber database is uploaded to the tool). Detailed information on the so-called custom audiences, data hashing rules, and processing of this data can be found in the Facebook privacy policy at this link https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com/legal/terms/dataprocessing, and the Administrator recommends that every User and subscriber familiarize themselves with these rules.

b) Order Form in the Store – When placing an order in the Administrator's online store, you must provide specific data in accordance with the rules contained in the sales regulations for the purpose of order fulfillment, fulfillment of legal obligations imposed on the Administrator, settlements, handling claims, for statistical and archival purposes, as well as for direct marketing to customers, which is the Administrator's legitimate interest.

This mainly includes: name, surname, company name, NIP (Tax ID), place of residence or company headquarters, delivery address (if applicable), e-mail address. If you already have a user account in the store, then it is enough to provide the login (or e-mail address) and password and log into your account, and then proceed with the further steps related to the order.

The Administrator stores the data for the duration of the order or service fulfillment, and after its completion for the period necessary to defend against claims. Furthermore, for the time specified by law, e.g., tax law (including the period of invoice storage).

c) Complaint and Withdrawal from Contract Form in the online store https://livedguides.pl/ – If you use the Administrator's services or products, you can file a complaint or withdraw from the concluded contract. For this purpose, the Administrator allows you to fill out the complaint form and the withdrawal form attached to the sales regulations. You can also perform these actions without filling out the form, but by providing the necessary data.

The required data in this case are: name, surname or possibly username, place of residence or company headquarters address (if the order was placed on behalf of a company), e-mail address, telephone number (if applicable), bank account number (if a refund is necessary).

The provision of data is voluntary, but necessary to consider the complaint in accordance with the law and sales regulations. The data will be stored for the purpose of implementing the complaint procedure/withdrawal from the contract, as well as for archival purposes and defense against claims.

The Administrator may entrust the processing of personal data to third parties without the User's separate consent (based on an entrustment agreement). Data obtained from the forms may not be transferred to third parties.

If the User uses the services of external providers such as Google or Disqus, they should familiarize themselves with their privacy policy, available from these service providers, on their websites.

§5 DISCLAIMER AND COPYRIGHT

The content presented on the Website does not constitute specialist advice or guidance (e.g., educational) and does not refer to a specific factual situation. If the User wants to obtain help in a specific matter, they should contact a person authorized to provide such advice or the Administrator at the provided contact details. The Administrator is not responsible for the use of the content contained on the Website or actions or omissions taken based on them.

All content placed on the Website is the subject of copyright of specific persons and/or the Administrator (e.g., photos, texts, other materials, etc.). The Administrator does not consent to the copying of this content in whole or in part without their explicit, prior consent.

The Administrator hereby informs the User that any dissemination of content made available by the Administrator constitutes a violation of law and may result in civil or criminal liability. The Administrator may also seek appropriate compensation for material or non-material losses in accordance with applicable regulations.

The Administrator is not responsible for the use of materials available on the website in a manner inconsistent with the law.

The content placed on the Website is current as of the date of its publication, unless otherwise indicated.

§6 TECHNOLOGIES

In order to use the Administrator's website, it is necessary to have:

• A device with Internet access
• An active e-mail inbox receiving e-mails
• An Internet browser that allows displaying websites
• Software that allows reading content in the presented formats, e.g., pdf, video, mp3, mp4.

§7 COOKIES POLICY

Like most websites, the Administrator's Website uses so-called tracking technologies, i.e., cookies ("ciasteczka"), which allows the website to be improved to meet the needs of the visiting users.

The Website does not automatically collect any information, except for the information contained in cookies.

Cookies (so-called "ciasteczka") are IT data, small text files, which are stored on the end device, e.g., a computer, tablet, smartphone, when you use my Website.

These may be own cookies (coming directly from my website) and third-party cookies (coming from websites other than mine).

Cookies allow the content of my website to be adapted to the individual needs of the User and the needs of other visiting users. They also enable the creation of statistics that show how website users use it and navigate it. Thanks to this, I can improve my website, its content, structure, and appearance.

The Administrator uses the following third-party cookies on the Website:

a) Facebook Conversion Pixel and ads created via the Facebook portal (Facebook Ads, Facebook Custom Audiences) – for the purpose of managing ads on Facebook and conducting remarketing activities, which is the Administrator's legitimate interest. The Administrator may also direct advertising content to the User via the Facebook portal as part of contact ads.

The Facebook Pixel tool is provided by Meta Platforms Ireland Limited and its affiliated companies. This is an analytical tool that helps measure ad effectiveness, shows what actions Users take on the Website, and helps reach a specific group of people (Facebook Ads, Facebook Insights). The Administrator may also direct advertising content to the User via the Facebook portal as part of contact ads.

The Administrator may also conduct remarketing based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services directed to people who have consented to the sending of offers (or people similar to them or users who have liked the Fanpage) in such a way that the provided e-mail addresses are uploaded to the marketing tool offered by Meta Platforms Ireland Limited, the so-called ad manager, and then advertising created by the Administrator or authorized persons is directed to them, through the Administrator's advertising account, provided that these people are also users of the Facebook platform (have an account there). This data is deleted each time after the end of the advertising campaign. In the case of carrying out another advertising campaign, an updated contact database is uploaded to the tool). Detailed information on the so-called custom audiences, data hashing rules, and processing of this data can be found in the Facebook privacy policy at this link https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com/legal/terms/dataprocessing, and the Administrator recommends that every User familiarize themselves with these rules.

Information collected through the use of Facebook Pixel is anonymous and does not allow for the identification of the User. They show general data about users: location, age, gender, interests. The Facebook portal provider may combine this information with the information that the User provides to it through their Facebook account and then use it according to its own assumptions and purposes.

The Administrator recommends familiarizing yourself with the details related to the use of the Facebook Pixel tool and possibly asking questions to the provider of this tool, as well as managing your privacy settings on the Facebook portal. More information can be found at the link: https://www.facebook.com/privacy/explanation. You can always opt out of cookies responsible for displaying remarketing ads, e.g., at https://www.facebook.com/help/1075880512458213/.

By using the website, the User consents to the installation of the indicated cookie on their end device.

b) Embedded Google Analytics code – for the purpose of analyzing Website statistics. Google Analytics uses its own cookies to analyze the actions and behavior of Website Users. These files are used to store information, e.g., from which website the User came to the current website. They help to improve the Website.

This tool is used under an agreement concluded with Google Ireland Limited, but it is provided by Google LLC. Actions taken under the use of the Google Analytics code are based on the Administrator's legitimate interest consisting in creating and using statistics, which then allows for the improvement of the Administrator's services and the optimization of the Website.

When using the Google Analytics tool, the Administrator does not process any User data that allows for their identification.

The Administrator recommends familiarizing yourself with the details related to the use of the Google Analytics tool, the possibility of disabling the tracking code, and possibly asking questions to the provider of this tool at the link: https://support.google.com/analytics#topic=3544906.

c) Tools used to evaluate the effectiveness of Google Ads advertising campaigns - for the purpose of conducting advertising and remarketing campaigns, which is the Administrator's legitimate interest.

The Administrator does not collect any data that would allow for the identification of the User's personal data. The Administrator recommends familiarizing yourself with the Google privacy policy to learn the details of how these functions work and how to possibly disable them from the User's browser level.

d) Cookies used to recover abandoned carts and User activity on the online store website – for the purpose of directing advertising communication to the User related to an uncompleted order, which is the Administrator's legitimate interest.

The Administrator again recommends familiarizing yourself with the privacy policy of each of the above service providers in order to learn about the possibilities of making changes and settings that ensure the protection of the User's rights.

The Website uses two types of cookies: session cookies, which are deleted after closing the browser, logging out, or leaving the website, and persistent cookies, which are stored on the User's end device, which allows the browser to be recognized the next time the User enters the website, for a period specified in the cookie parameters or until they are deleted by the User.

In many cases, the software used for browsing websites (internet browser) defaults to allowing the storage of cookies on the User's end device. Website Users can change the settings regarding cookies at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about their placement on the Website User's device each time. Detailed information about the possibilities and methods of handling cookies is available in the software settings (internet browser).

The Administrator informs that restrictions on the use of cookies (disabling them, restricting them) may affect some functionalities available on the Website's pages and make its operation difficult.

More information about cookies is available at https://wszystkoociasteczkach.pl or in the "Help" section of the internet browser menu.

§8 CONSENT TO COOKIES

When you first enter the Website, you must consent to cookies or take other possible actions indicated in the message to continue using the content of the Website. Using the Website means giving consent. If you do not want to give such consent – leave the Website. You can also always change your browser settings, disable or delete cookies. Necessary information can be found in the "Help" tab of the User's browser.

§9 SERVER LOGS

Using the Website involves sending queries to the server on which the Website is stored.

Each query directed to the server is saved in the server logs. The logs include, among others, the User's IP address, the server date and time, information about the web browser and operating system used by the User.

The logs are recorded and stored on the server.

Server logs are used to administer the Website, and their content is not disclosed to anyone except persons and entities authorized to administer the server.

The Administrator does not use server logs in any way to identify the User.

Privacy Policy Publication Date: 6.10.2025 Last Update Date: 6.10.2025