Privacy Policy describes the principles of processing information about you, including personal data and cookies.
________________________________________
1. General Information
1. This policy concerns the website, operating at the URL: theknittingbox.pl
2. The service operator and personal data administrator is: Anaon Industries Simon Fiastre Lascazes, 12370 Belmont-sur-Rance, France.
3. Operator's email contact address: contact@theknittingbox.pl
4. The Operator is the Administrator of your personal data concerning voluntarily provided data on the Service.
5. The Service uses personal data for the following purposes:
- Conducting newsletters
- Handling queries through the form.
- Preparation, packing, and shipping of goods.
- Execution of ordered services.
- Presentation of offers or information.
6. The Service collects information about users and their behavior in the following ways:
- Through voluntarily provided data in forms, which are entered into the Operator's systems.
- By storing cookies in end-user devices ("cookies").
2. Selected data protection methods employed by the Operator
1. Personal data login and input areas are protected in the transmission layer (SSL certificate). This ensures that personal data and login details entered on the site are encrypted on the user's computer and can only be read on the target server.
2. Personal data stored in the database is encrypted in a way that only the Operator possessing the key can read it. This safeguards the data in the event of the database being stolen from the server.
3. User passwords are stored in hashed form. The hashing function is one-way, making it impossible to reverse, which is a contemporary standard for storing user passwords.
4. The Operator periodically changes its administrative passwords.
5. To protect data, the Operator regularly performs backup copies.
6. Regularly updating all software used by the Operator to process personal data is a crucial aspect of data protection, particularly in terms of updating software components.
3. Hosting
1. The Service is hosted (technically maintained) on the operator's servers: Hostinger.
1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if necessary to fulfill an agreement with you or to fulfill obligations incumbent on the Administrator. This applies to recipient groups such as:
- Hosting companies based on a data processing agreement.
- Couriers.
- Postal operators.
- Banks.
- Payment operators.
- Authorized employees and collaborators using data for the purpose of site operation.
2. Your personal data processed by the Administrator will not be retained longer than necessary for activities related to them, as specified by separate regulations (e.g., accounting). Regarding marketing data, they will not be processed for more than 3 years.
3. You have the right to request from the Administrator:
- Access to your personal data.
- Their rectification.
- Erasure.
- Restriction of processing.
- Data portability.
4. You have the right to object to processing pursuant to section 3.3 c) concerning the processing of personal data for the purpose of the Administrator's legitimate interests, including profiling. However, the right of objection cannot be exercised if there are valid legal grounds for processing that take precedence over your interests, rights, and freedoms, especially the establishment, exercise, or defense of legal claims.
5. You have the right to lodge a complaint with the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw.
6. Providing personal data is voluntary but necessary for Service operation.
7. Actions may be taken against you involving automated decision-making, including profiling, to provide services under an agreement and for direct marketing conducted by the Administrator.
8. Personal data is not transferred to third countries within the meaning of personal data protection regulations. This means that they are not transferred outside the European Union.
5. Information in forms
1. The Service collects information voluntarily provided by the user, including personal data if provided.
2. The Service may store connection parameter information (timestamp, IP address).
3. In certain cases, the Service may store information facilitating the link between form data and the user's email address. In this case, the user's email address appears within the URL address of the page containing the form.
4. Data provided in the form is processed for the purpose resulting from the specific form function, e.g., to process a service request or business contact, registration of services, etc. Each form's context and description clearly indicate its purpose.
6. Administrator's Logs
1. Information about user behavior on the site may be logged. This data is used to administer the Service.
7. Significant marketing techniques
1. The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc., USA). The Operator does not transfer personal data to the service operator but only anonymized information. The service relies on the use of cookies in the user's terminal device. Users can view and edit information from Google's ad network based on cookie files using the tool: https://www.google.com/ads/preferences/
2. The Operator uses remarketing techniques to tailor advertising messages to user behavior on the site. This may create the illusion that user personal data is used for tracking, but in practice, no personal data is transferred from the Operator to advertising operators. The technological prerequisite for such actions is enabled cookie support.
3. The Operator employs solutions that study user behavior through heatmap creation and behavior recording. This information is anonymized before being transmitted to the service operator, ensuring that it does not identify specific individuals. In particular, entered passwords and other personal data are not recorded.
8. Cookie information
1. The Service uses cookies.
2. Cookies are computer data, especially text files, stored on the end user's device and intended for use with the Service's web pages. Cookies usually contain the name of the website they come from, the time they are stored on the end user's device, and a unique number.
3. The entity placing cookies on the end user's device and accessing them is the Service operator.
4. Cookies are used for the following purposes:
- Maintaining a user session (after logging in), allowing the user to avoid re-entering login and password on each page.
- Achieving the objectives specified above in the "Significant marketing techniques" section.
5. The Service uses two basic types of cookies: "session" (session cookies) and "persistent" (persistent cookies). "Session" cookies are temporary files stored on the user's device until they log out, leave the website, or close the browser. "Persistent" cookies are stored on the user's device for the time specified in the cookie parameters or until the user deletes them.
6. Website browsing software (web browser) usually allows cookies to be stored on the end user's device by default. Service users can change these settings. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided in the web browser's help or documentation.
7. Limiting the use of cookies may affect certain functionalities available on the Service's websites.
8. Cookies placed on the user's device by the Service operator can also be used by entities cooperating with the Service operator, especially: Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).
We reserve the right to make changes to the Privacy Policy.
This Privacy Policy is effective as of August 22, 2023.