Privacy, GDPR and Cookies

Here you can find out what data is collected by us, why we need it and what we do with it.

We take your privacy seriously, that's why we encrypt our whole website with SHA256 TLS1.2 SSL technology (https and green lock icon at the beginning of webpage address). Our e-commerce solution provider - Shopify - is a certified Level 1 PCI DSS compliant. If you have further questions, contact us.

Shopify secure badge

What data is collected, how, and what for?

  • When you place an order, you provide us with personal information: email address, name, address, phone number. We use this information to fulfill your order. We also use this information for legal obligations (like issuing invoices or paying taxes) and sending you one email message about your shopping cart content (if you didn't decide to complete your purchase yet). We may also use this information to contact you regarding your order (like asking for more information about your device or specific requirements). We may use your email address to send you a message asking for a review of ordered products.
  • We collect your email address if you sign up for our newsletter and we may send you occasional promotional messages then. 
  • When you send us a message through our contact form, we will use your email address to contact you back. We may also track if you have seen our message and when in order to improve our communications.
  • We use a little widget on our website to show recent purchases. If you placed an order - your city, country, and ordered items will be visible there for a couple of days.
  • If you pay for your order with credit card, Shopify temporarily stores your credit card information. It's encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as it's necessary to complete it. After completion, it is permanently deleted.
  • We use Google Analytics to analyze traffic in the store. This service collects some data from your visit, such as city/region, IP address, screen size, web browser and operating system. None of this data, standalone or combined, can identify you personally. We use this data to improve our website and products.
  • We use your information for the purpose of our legitimate interests if those legitimate interests are not overridden by your rights or interests, such as providing and improving our services.

Data transfers and automated decision-making

To operate efficiently, we use various online services. While we use these services, certain information will be transferred to these services, sometimes in different jurisdictions and data protection laws than yours. We use the following services with data transfer based on Privacy Shield Agreement:

We may also transfer data to the following third parties, which store data in EU: InFakt, Apaczka, Heroku (a subsidiary of Salesforce), and Poczta Polska. We will share data with these third parties only to the extent necessary to perform services offered by these third parties (accounting, order management, shipping).

We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: respond to legal process or to government requests; enforce our agreements, terms and policies; prevent, investigate, and address fraud and other illegal activity, security, or technical issues; protect the rights, property, and safety of our customers or others.

Shopify might use your personal information to check transaction and block it - if it appears to be fraudulent - through automated decision-making.

Data retention

We collect and retain personal data in an identifiable format for the amount of time necessary to meet your request (order fulfillment) or fulfill our legal obligations, but no longer than 10 years.

Cookies

Cookies are small text files saved on your computer or mobile device by a web browser. We use about a dozen different cookies, either transactional (makes placing an order and remembering items in your cart possible), temporary (like small settings) and statistical (like Google Analytics cookies that store session identifiers, so that Google will know certain page views were made by one visitor).
In many cases, browsers allow storing cookies by default. If you want to change that, you can manage cookies on a per-website basis and block all or some of them. In that case, we cannot guarantee that our website will function correctly, as some cookies are essential for online cart/store functionalities.

    Your rights

    If you live in the European Economic Area (EEA) and Switzerland, you have a right to:
    • access a copy of your personal information
    • information about processing of your data
    • object to processing that is likely to cause or is causing damage or distress
    • prevent processing for direct marketing
    • transfer your data to a third party
    • object to decisions being taken by automated means and to be profiled
    • have inaccurate personal data rectified, blocked, erased or destroyed (in certain circumstances)
    • claim compensation for damages caused by a security breach

    Security

    We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your information against loss, misuse, unauthorized access, disclosure, and alteration. 

    Contact

    Keyshorts Sebastian Kończak company is your data administrator.

    If you have general questions about our Privacy Policy and practices or questions about your personal data, you may contact us here.

    If you live in the European Economic Area (EEA) and Switzerland, you have the right to lodge a complaint with the supervisory authority for data protection in your country, should you find that we did not appropriately address your question or concern.

    You can also reach us by mail at Keyshorts Sebastian Kończak, Gdańska 141/125, 90-536 Łódź, Poland, EU.