Privacy Policy

I. Personal Data Controller

Kalfero Agnieszka Podlawska Monika Podlawska civil partnership
ul. Sieradzka 30/2
60-163 Poznań
NIP: 779 249 82 19

Privacy and Data Security Policy

This document explains the rules and scope of personal data processing, the rights of Customers, and the obligations of the store as a data controller. Kalfero store uses modern technical and organizational measures to ensure a high level of personal data protection.

1. Data Controller

Kalfero – Kalfero Agnieszka Podlawska Monika Podlawska civil partnership, 60-163 Poznań, ul. Sieradzka 30/2.

2. Personal Data Processing

Customers' personal data is processed solely for the operation of the store and the provision of services offered therein.

3. Purpose of Processing

• Sending newsletters via email and SMS
• Registering on the website
• Concluding sales agreements
• Handling settlements
• Delivering ordered goods
• Exercising consumer rights

4. Types of Data

• First and last name
• Shipping address
• Email address and phone number
• Payment information
• Company data (for entrepreneurs)

5. Legal Basis

Data is processed in accordance with GDPR (Regulation (EU) 2016/679), especially Article 6 of the Regulation.

6. Data Provision Conditions

Providing data is voluntary but necessary for using the store's services. Consent is given during registration and order placement.

7. Data Subject Rights

• Right to access data
• Right to correct or rectify data
• Right to withdraw consent
• Right to object to processing
• Right to restrict processing
• Right to data portability
• Right to information about processing

8. Data Retention Period

Data is stored until the account is deleted or consent is withdrawn.

9. Data Security

Data is protected by legal, technical (e.g., SSL certificate), and organizational measures.

10. Data Transfer

Data may be transferred to cooperating entities (e.g., delivery services, payment processing). It is not sold or transferred outside the EU.

11. Newsletter

Customers can subscribe to the newsletter by providing their email and phone number. They can unsubscribe at any time.

12. Cookies

The store uses cookies for statistical, advertising, and functional purposes. Users can manage them via their browser settings.

13. Google Analytics

The store uses Google services (Analytics, Tag Manager, DoubleClick). Data may be transferred to servers in the USA. You can block cookies and use the plugin: gaoptout.

14. Final Provisions

If you have questions, contact the administrator. The policy may be updated, and changes will be posted on the store's website.

15. Contact

kontakt@kalfero.com or contact form on the website.

II. GDPR Compliance

1. Data is:
   • processed lawfully, fairly, and transparently,
   • collected for specific and legitimate purposes,
   • adequate and limited to what is necessary,
   • accurate and up-to-date,
   • stored no longer than necessary,
   • protected using appropriate technical and organizational measures.
2. Appropriate measures are applied based on processing context and risks.
3. Data subjects have access to their data as required by law.
4. Processing is based on customer consent or other lawful grounds.
5. Authorized persons process data under controller's instruction.
6. Data is not disclosed without a legal basis.

III. Purposes and Legal Basis

• Customer consent – Art. 6(1)(a) GDPR
• Contract performance – Art. 6(1)(b) GDPR
• Archiving – Art. 6(1)(f) GDPR
• Marketing (e.g., newsletter) – Art. 6(1)(f) GDPR

IV. Cooperation with ING Bank Śląski

Data may be transferred to ING Bank Śląski S.A. for the purposes of:

• providing online payment infrastructure,
• processing and settling payments,
• verifying contract performance and handling complaints.

Providing such data is necessary to conclude and perform contracts.