Here you can find out what data is collected by us, why we need it and what we do with it.
We take your privacy seriously, that's why we encrypt our whole website with SHA256 TLS1.2 SSL technology (https and green lock icon at the beginning of webpage address). Our e-commerce solution provider - Shopify - is a certified Level 1 PCI DSS compliant. If you have further questions, contact us.
What data is collected, how, and what for?
- When you place an order, you provide us with personal information: email address, name, shipping/billing address, phone number. We use this information to fulfill your order. We also use this information for legal obligations (like issuing invoices or paying taxes) and sending you one email message about your shopping cart content (if you didn't decide to complete your purchase yet). We may also use this information to contact you regarding your order (like asking for more information about your device or specific requirements). We may use your email address to send you a message asking for a review of ordered products.
- When you send us a message through our contact form, we will use your email address to contact you back.
- If you pay for your order with credit card payment option, Shopify temporarily stores your credit card information. It's encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as it's necessary to complete it. After completion, it is permanently deleted.
- We use your information for the purpose of our legitimate business interests (such as providing and improving our services), if those legitimate interests are not overridden by your rights or interests.
Data transfers and automated decision-making
- Shopify Inc. (Canada and US) - e-commerce software
- HelpScout (US) - customer service management
- Stripe (US) - credit card processing
- PayPal (US) - payments
- Yotpo (US) - reviews
We may also transfer data to the following third parties, which store data in the EU: InFakt, Apaczka, Heroku (a subsidiary of Salesforce), Poczta Polska, Mollie. We will share data with these third parties only to the extent necessary to perform services offered by these third parties (accounting, order management, shipping, handling payments).
We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: respond to legal process or to government requests; enforce our agreements, terms and policies; prevent, investigate, and address fraud and other illegal activity, security, or technical issues; protect the rights, property, and safety of our customers or others.
Data retention
Cookies
Your rights
- access a copy of your personal information
- information about the processing of your data
- object to processing that is likely to cause or is causing damage or distress
- prevent processing for direct marketing
- transfer your data to a third party
- object to decisions being taken by automated means and to be profiled
- have inaccurate personal data rectified, blocked, erased or destroyed (in certain circumstances)
- claim compensation for damages caused by a security breach
Security
We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your information against loss, misuse, unauthorized access, disclosure, and alteration.
Contact
Keyshorts Sebastian Kończak company is your data administrator.
If you have general questions about our Privacy Policy and practices or questions about your personal data, you may contact us here.
If you live in the European Economic Area (EEA) and Switzerland, you have the right to lodge a complaint with the supervisory authority for data protection in your country, should you find that we did not appropriately address your question or concern.
You can also reach us by mail at Keyshorts Sebastian Kończak, Gdańska 141/125, 90-536 Łódź, Poland, EU.
