Privacy Policy
1. Who is responsible for data processing and whom can you contact?
Sterckenn sp. z o. o., a company registered under polish law, with its registered seats at ul. Serwituty 25, 02-233 Warszawa, tax identification number 5223032608, registered by District Court in Warszawa in National Court Register under KRS number 0000564201
email: support@sterckenn.com
2. Personal data
Personal data is data about your person by which you can be identified. This includes, for example, your name, address, e-mail address, location data, payment data and many other details. In principle, you do not have to disclose any personal data in order to visit our website. In some cases, however, we need it in order to be able to offer you the desired services on our website. If you use one of our services where this is required, we generally only collect the data that is necessary for this purpose, and even this is not done without your consent.
3. Visiting our website
3.1 General use
When you visit our website, our web servers store by default the IP of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of the visit. The processing of this information is mandatory for the technical transmission of the web pages, the comfortable use of our services and the secure server operation Our legitimate interest results from Art. 6 para. 1 lit. f) General Data Protection Regulation (GDPR)A direct determination of your identity is not possible on the basis of the information and it will not be estabilished by us. The information is stored and automatically deleted after the aforementioned purposes have been achieved. The standard periods for deletion are based on the criterion of necessity.
3.1.1 Automatically stored data (server log files)
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. It is:- Date and time of the request
- Name of the requested file
- Page from which the file was requested
- access status (file transferred, file not found, etc.)
- Web browser and operating system used
- complete IP address of the requesting computer
- amount of data transferred
This data is not merged with other data sources. The processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest concerning improvement of the stability and functionality of our website.
For reasons of technical security, in particular to defend against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is also processed in anonymized form for statistical purposes; it is not compared with other data or transferred to third parties, even in the form of excerpts.
3.1.2 Cookies, tracking pixels and tools
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of session cookies, the responsible party can provide the users of this website with a user-friendly service that would not be possible without the cookie setting. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) lit. f GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your prior consent. On your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. If necessary, your data will be passed on to partners or third-party providers. Only if you explicitly agree to this, these cookies will be stored, and the legal basis is then your consent according to Art. 6 para. 1 lit. a GDPR. You can change your settings for the use of cookies here at any time.
Disabling Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended not to disable cookies.
Third Party Cookies
In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as the time you spend on the site and the pages that you visit so we can continue to produce interesting content.
For more information on Google Analytics cookies, see the official Google Analytics page.
From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience on the site and at the same time we understand which optimizations our users appreciate the most.
3.1.3 Social plugins
Social buttons from social networks may be used on our website. These are only integrated into the page as HTML links, so that when you activate our website, no connection is yet established with the servers of the respective provider. If you click on one of the buttons, the website of the respective social network opens in a new window of your browser. There you can, for example, click the Like or Share button.
3.1.4 Consent management
You can manage, revoke or change your settings for the use of cookies.
3.2 Online presence and service optimization, analysis, statistics and marketing
ShopifyWe host our website with Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter "Shopify").
Shopify is a tool for creating and hosting e-commerce websites. When you visit our website, Shopify collects your IP address and information about the device and browser you use. Shopify is also used to analyze visitor numbers, visitor sources, and customer behavior, as well as to compile user statistics. When you make a purchase on our website, Shopify also collects your name, email address, shipping and billing addresses, payment information, and other data related to the purchase (e.g., phone number, amount of sales made, and the like). Shopify stores cookies in your browser for analytics purposes.
For details, see Shopify's privacy policy:
https://www.shopify.com/legal/privacy
The use of Shopify is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR, if the consent includes the storage of cookies or access to information in the user's terminal device. The consent can be revoked at any time.
We have concluded a contract on order processing pursuant to Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions.
Google services
On this website, we may also use some function delivered by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google").
These functions are: reCAPTCHA, Google Ads, Google Tag Manager. They are used out in accordance with Art. 6 (1) lit. a GDPR on the basis of your consent, provided via the Consent banner. In the course of using Google services, some personal data may also be transmitted to the servers of Google LLC. in the USA. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Further information on Google's privacy policy can be viewed at: https://policies.google.com/privacy
Facebook Pixel
This website uses the visitor action pixel from Facebook for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. This allows the behavior of page visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The collected data is anonymous for us as the operator of this website. We cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Use Policy. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. We, as the site operator, cannot influence the way of usage the data.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Further information can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
To the extend that personal data is collected on our website with the help of the tool described here and transferred to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transferring to Facebook. The processing by Facebook that takes place after the onward transfer is not part of our joint responsibility. Our joint responsibility have been set out in a joint processing agreement. The text of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook. You can find further information on protecting your privacy in Facebook's data protection notices:
https://facebook.com/about/privacy/.
Hotjar
This website uses the analytics and marketing tools provided by Hotjar Limited, Dragonara Business Centre 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141 Malta, to optimize the user experience.
The use of Hotjar is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in being utmost user friendly for our Costomers. Details can be found here:
https://www.hotjar.com/legal/policies/privacy/
3.4 Contact Form
When contacting us (e.g. via contact form, email, phone or via social media), the data sent by the requesting person will be processed to the extent necessary to respond to the contact requests and any requested actions and stored on our servers in the course of data backup. Your data will only be used by us to process your request. Your data will be treated strictly confidential. It will not be transferred to third parties.Contact requests in the context of contractual or pre-contractual relationships are answered in order to fulfill our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of legitimate interests in responding to the inquiries.
- Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms).
- Data subjects: Communication partners.
- Purposes of processing: contact requests and communication.
- Legal grounds: contract performance and pre-contractual inquiries (Art. 6 para. 1 lit. b. GDPR), Legitimate Interests (Art. 6 para. 1 lit. f. GDPR).
3.5 Customer account
Contractual partners can create an account within our online offer (e.g. customer or user account, "customer account" for short). If registration of a customer account is required, contractual partners will be informed about it as well as of the information required for registration. Customer accounts are not public and cannot be indexed by search engines. In the course of registration and subsequent logins and use of the customer account, we store the IP addresses of the customers together with the access times in order to be able to prove registration and prevent any misuse of the customer account.
If customers have closed their customer account, the data relating to the customer account will be deleted, unless their retention is required for legal reasons. It is the responsibility of customers to back up their data when their customer account is closed.
3.6 Shop and e-commerce
We process the data of our customers to enable them to select, purchase or order the selected products, goods and related services, as well as their payment and delivery or execution of orders. If it is necessary for the execution of an order, we use service providers, in particular postal, forwarding and shipping companies, to carry out the delivery, or execution of orders for our customers. For the processing of payment transactions, we use the services of banks and payment service providers. The required information is marked as such in the context of the order or comparable purchase process and includes the information needed for delivery, or provision and billing, as well as contact information to be able to contact you if necessary.- Types of data processed: inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. e-mail, telephone numbers), contract data (e.g. subject matter of contract, term, customer category), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Interested parties, business and contractual partners, customers.
- Purposes of processing: provision of contractual services and customer service, contact requests and communication, office and organizational procedures, administration and response to requests, security measures, conversion measurement (measuring the effectiveness of marketing measures), interest-based and behavioral marketing, profiling (creating user profiles).
- Legal basis: Contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), Legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR).
3.7 Direct advertising
3.7.1 Information for customer
Unless you have any objections, we will use the e-mail address and cell phone number you provided when purchasing goods or services to send you electronic advertising for our own goods or services that are similar to those you have already purchased or used from us. For this purpose, based on your recent orders, we use your e-mail address, cell phone number, name and order history to send you information about products that may interest you based on your recent orders. The legal basis for data processing is Art. 6 (1) lit. f GDPR
You can object to this processing in accordance with Art. 21 (2) GDPR at any time, for example by contacting us via the corresponding link in the email you receive or by sending an email.
3.8 Evaluation requests
If you have ordered a product in our store, we may ask you by e-mail and SMS about your satisfaction with your order, unless you have previously objected to this. In order to send you this request, we use the email address and cell phone number you provide. We also process your name, IP address and the IP geolocation used, as well as information about your order. The customer satisfaction survey or the described data processing is carried out on the legal basis of Art. 6 para. 1 lit. f) GDPR. This processing serves the purpose of direct advertising.
You can have objections to the processing and in particular the use of your e-mail address and cell phone number for this purpose at any time pursuant to Art. 21 (2) GDPR by using the objection option in our e-mails or by sending an e-mail to the e-mail address given in our imprint, without incurring any costs other than the transmission costs according to the prime rates.
3.9 Economic analyses and market research
For business reasons and in order to be able to recognize market trends, wishes of contractual partners and users, we analyze the data we have on business transactions, contracts, inquiries, etc., whereby the group of persons concerned may include contractual partners, interested parties, customers, visitors and users of our online offer.
The analyses are carried out for the purpose of business evaluations, marketing and market research (e.g. to determine customer groups with different characteristics). In doing so, we may, if available, take into account the profiles of registered users together with their details, e.g. on services used. The analyses serve only for us and are not disclosed externally, unless they are anonymous analyses with summarized, i.e. anonymized values. Furthermore, we take into account the privacy of users and process the data for analysis purposes as pseudonymously as possible and, if it is possible, anonymously (e.g., as summarized data).
3.10 Payment service providers
In the context of contractual and other legal relationships, due to legal obligations or otherwise on the basis of our legitimate interests, we offer data subjects efficient and secure payment options and use other payment service providers in addition to banks and credit institutions for this purpose (collectively, "payment service providers").
The data processed by the payment service providers includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as the contract, total and recipient-related information. The information is required in order to carry out the transactions. However, the data entered is only processed by the payment service providers and stored with them. It means that, we do not receive any account or credit card related information, but only information with confirmation or negative information of the payment. Under certain circumstances, the payment service providers transmit the data to credit agencies. The purpose of this transmission is to check identity and creditworthiness. In this regard, we refer to the terms and conditions and the privacy notices of the payment service providers.
For payment transactions, the terms and conditions and data protection notices of the respective payment service providers apply, which can be accessed within the respective websites or transaction applications. We also refer to these conditions and notices for the purpose of further information and assertion of revocation, information and other data subject rights.
3.11 Transport service providers
For the purpose of delivering ordered goods, we work together with logistics service providers/transport companies and/or shipping partners to whom the following data is transmitted for the purpose of delivering the ordered goods or for the purpose of shipment notification: First name, last name, postal address and, if applicable, the e-mail address and, if applicable, the telephone number. The legal basis for the processing is Art. 6(1)(b) GDPR.
3.12 Security
We have provided technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees as well as service providers (processors) working for us are bound by the applicable data protection laws.
Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection statements are constantly being revised. Please make sure that you have the latest version of statement.
3.13 Data exchange within the group
Your order data will be made available to the group companies if necessary for the processing of the contract. The storage of customer data is company-related and separate, but our parent company or individual companies may act as service providers for the other individual participating companies (e.g. customer support or logistics).
4. Online presence on social media
Insofar as you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 p. 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on our social media channels, from which usage profiles are created using pseudonyms. These profiles can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as a contact option and your rights in this regard and setting options for protecting your privacy, please refer to the respective linked data protection notices of the providers on their websites. If you still require assistance in this regard, you can contact us.
5. Data subject rights
You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.-
Right to information:
You can request information from us as to whether and to what extent we process your data. -
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time. -
Right to erasure:
You can request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect. -
Right to restriction of processing:
You may request us to restrict the processing of your data if- you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
- the processing of the data is unlawful, but you refuse to delete it and instead request restriction of the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have objected to the processing of the data.
-
Right to data portability:
You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that- we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
- this processing is carried out with the aid of automated procedures.
-
Right to object:
If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons. -
Right of complaint:
If you think that we violate Polish or European data protection law when processing your data, please contact us to clarify any issues. Of course, you also have the right to contact data protecting authorities: Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa, email: kancelaria@uodo.gov.pl
If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.