Privacy policy

1. General information

1. This policy applies to the website, operating at the URL: https://maerstore.com
2. The operator of the website and the Administrator of personal data is: Maer Spółka z Ograniczoną Odpowiedzialnością ul. Popielnik 8, 31-983, Kraków, Poland KRS number 0000721654, NIP 6783173115, REGON 369633370
3. Operator’s contact email address: maer@maer.com.pl
4. The Operator is the Administrator of your personal data with respect to data voluntarily provided on the Website.
5. The Website uses personal data for the following purposes:
   • Preparation, packaging, and shipment of goods
   • Handling inquiries via the form
   • Execution of ordered services
   • Presentation of offers or information
   • Payment processing and fraud prevention
6. The Website performs functions of obtaining information about users and their behavior in the following way:
   1. Through data voluntarily entered in forms, which are entered into the Operator’s systems.
   2. By storing cookies in end-user devices (“cookies”).

2. Selected data protection methods used by the Operator

1. Places of logging in and entering personal data are protected at the transmission layer (SSL certificate). Thanks to this, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
2. User passwords are stored in hashed form. The hashing function operates in a one-way manner – it is not possible to reverse its operation, which is currently a standard in storing user passwords.
3. An important element of data protection is regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.
4. To protect data, the Operator regularly performs backups.

3. Hosting

1. The website is hosted (technically maintained) on the operator’s server: GoDaddy
2. The hosting company, in order to ensure technical reliability, keeps logs at the server level. The following may be recorded:
   • resources identified by URL (addresses of requested resources – pages, files),
   • time of request arrival,
   • time of response sending,
   • name of the client station – identification carried out by the HTTP protocol,
   • information about errors that occurred during HTTP transaction processing,
   • URL address of the previously visited page (referer link) – if the transition to the Website occurred via a link,
   • information about the user’s browser,
   • information about the IP address,
   • diagnostic information related to the process of independently ordering services via forms on the website,
   • information related to handling email addressed to the Operator and sent by the Operator.

4. Your rights and additional information on how data is used

1. In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill obligations incumbent on the Administrator. This applies to such groups of recipients:
   • authorized employees and associates who use the data in order to achieve the purpose of the website
   • couriers
   • Personal data may be transferred to entities handling electronic payments or payment cards (e.g. Revolut Ltd) to the extent necessary to execute the payment
2. Your personal data processed by the Administrator no longer than is necessary to perform activities related to them specified by separate regulations (e.g., accounting). In relation to marketing data, the data will not be processed longer than for 3 years.
3. You have the right to request from the Administrator:
   • access to your personal data,
   • rectification,
   • deletion,
   • restriction of processing,
   • and data portability.
4. You have the right to object to processing indicated in point 3.3 c) regarding the processing of personal data for the purpose of legitimate interests pursued by the Administrator, including profiling, however, the right to object cannot be exercised in the event of valid legitimate grounds for processing overriding your interests, rights and freedoms, in particular the establishment, pursuit or defense of claims.
5. You have the right to lodge a complaint against the Administrator’s actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
6. Providing personal data is voluntary but necessary to use the Website.
7. In relation to you, actions involving automated decision-making, including profiling, may be undertaken in order to provide services under the concluded contract and for direct marketing conducted by the Administrator.
8. Personal data is not transferred to third countries within the meaning of data protection regulations. Data may be transferred outside the EEA only on the basis of appropriate legal safeguards (e.g. Standard Contractual Clauses or EC decisions)

5. Information in forms

1. The Website collects information voluntarily provided by the user, including personal data, if they are provided.
2. The Website may save information about connection parameters (time stamp, IP address).
3. In some cases, the Website may save information facilitating the linking of data in the form with the email address of the user filling out the form. In such a case, the user’s email address appears within the URL of the page containing the form.
4. The data provided in the form is processed for the purpose resulting from the function of the specific form, e.g., to handle a service request or commercial contact, service registration, etc. Each time, the context and description of the form clearly informs what it is used for.

6. Administrator logs

1. Information about user behavior on the website may be logged. This data is used for website administration.

7. Important marketing techniques

1. The Operator uses statistical analysis of website traffic via Google Analytics (Google Inc. based in the USA). The Operator does not transfer personal data to the service provider, but only anonymized information. The service is based on the use of cookies in the user’s end device. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/

8. Information about cookies

1. The Website uses cookies.
2. Cookies are IT data, in particular text files, which are stored on the Website User’s end device and are intended for use with the Website’s pages. Cookies usually contain the name of the website they come from, the time of their storage on the end device, and a unique number.
3. The entity placing cookies on the Website User’s end device and obtaining access to them is the Website operator.
4. Cookies are used for the following purposes:
   1. maintaining the Website user’s session (after logging in), thanks to which the user does not have to re-enter login and password on each subpage of the Website;
   2. implementing the purposes specified above in the section “Important marketing techniques”;
5. Within the Website, two basic types of cookies are used: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). “Persistent” cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.
6. Web browsing software (web browser) usually allows storing cookies on the User’s end device by default. Website Users can change settings in this regard. The web browser allows deleting cookies. It is also possible to automatically block cookies. Detailed information on this can be found in the help or documentation of the web browser.
7. Restrictions on the use of cookies may affect some functionalities available on the Website pages.
8. Cookies placed on the Website User’s end device may also be used by entities cooperating with the Website operator, in particular companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing cookies – how to give and withdraw consent in practice?

1. If the user does not want to receive cookies, they can change browser settings. We reserve that disabling cookies necessary for authentication processes, security, and maintaining user preferences may make it difficult, and in extreme cases may prevent the use of websites.
2. To manage cookie settings, select the web browser you use from the list below and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

   Mobile devices:

   • Android
   • Safari (iOS)
   • Windows Phone