Here you can find out what data is collected by us, why we need it and what we do with it.
We take your privacy seriously, that's why we encrypt our whole website with SHA256 TLS1.2 SSL technology (https and green lock icon at the beginning of webpage address). Our e-commerce solution provider - Shopify - is a certified Level 1 PCI DSS compliant. If you have further questions, contact us.
What data is collected, how, and what for?
- When you place an order, you provide us with personal information: email address, name, address, phone number. We use this information to fulfill your order. We also use this information for legal obligations (like issuing invoices or paying taxes) and sending you one email message about your shopping cart content (if you didn't decide to complete your purchase yet). We may also use this information to contact you regarding your order (like asking for more information about your device or specific requirements). We may use your email address to send you a message asking for a review of ordered products.
- We collect your email address if you sign up for our newsletter and we may send you occasional promotional messages then.
- When you send us a message through our contact form, we will use your email address to contact you back. We may also track if you have seen our message and when in order to improve our communications.
- We use a little widget on our website to show recent purchases. If you placed an order - your city, country, and ordered items will be visible there for a couple of days.
- If you pay for your order with credit card payment option, Shopify temporarily stores your credit card information. It's encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as it's necessary to complete it. After completion, it is permanently deleted.
- We use Google Analytics to analyze traffic in the store. This service collects some data from your visit, such as city/region, IP address, screen size, web browser, and operating system. None of this data, standalone or combined, can identify you personally. We use this data to improve our website and products.
- We use your information for the purpose of our legitimate interests if those legitimate interests are not overridden by your rights or interests, such as providing and improving our services.
Data transfers and automated decision-making
- Shopify Inc. (Canada and US) - e-commerce software
- Google Inc. (US) - analytics
- MailChimp (US) - newsletter automation
- HelpScout (US) - customer service management
- Braintree (US) - credit card processing
- PayPal (US) - payments
We may also transfer data to the following third parties, which store data in EU: InFakt, Apaczka, Heroku (a subsidiary of Salesforce), PayLane, and Poczta Polska. We will share data with these third parties only to the extent necessary to perform services offered by these third parties (accounting, order management, shipping, handling payments).
Transaction data, in that personal data, can be transferred for the benefit of PayLane Sp. z o.o. located in Gdańsk at Norwida 4, zip code: 80-280, Poland, KRS: 0000227278, on the terms that it will be beneficial on in-service connected to order payments. A customer has the right to see the content of his data and any corrections made to it. Sharing of information is voluntary, however, at the same time, it is crucial to using the PayLane Polskie ePłatności payment method in the checkout.
We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: respond to legal process or to government requests; enforce our agreements, terms and policies; prevent, investigate, and address fraud and other illegal activity, security, or technical issues; protect the rights, property, and safety of our customers or others.
- access a copy of your personal information
- information about the processing of your data
- object to processing that is likely to cause or is causing damage or distress
- prevent processing for direct marketing
- transfer your data to a third party
- object to decisions being taken by automated means and to be profiled
- have inaccurate personal data rectified, blocked, erased or destroyed (in certain circumstances)
- claim compensation for damages caused by a security breach
We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your information against loss, misuse, unauthorized access, disclosure, and alteration.
Keyshorts Sebastian Kończak company is your data administrator.
If you live in the European Economic Area (EEA) and Switzerland, you have the right to lodge a complaint with the supervisory authority for data protection in your country, should you find that we did not appropriately address your question or concern.
You can also reach us by mail at Keyshorts Sebastian Kończak, Gdańska 141/125, 90-536 Łódź, Poland, EU.