Privacy Policy
Effective from: 09.10.2024
WHAT IS THE PRIVACY POLICY?
We would like to inform you about the details of how we process your personal data to provide you with full transparency and comfort while using our website.
Since we operate in the online industry ourselves, we understand the importance of protecting your personal data. That is why we take special care to safeguard your privacy and the information you share with us.
We carefully select and apply appropriate technical measures, particularly programming and organizational safeguards, to ensure the security of the personal data we process. Our website uses encrypted data transmission (SSL), which provides protection for your identifying information.
In our Privacy Policy, you will find all the essential details about how we process your personal data. We kindly ask you to read it—we promise it won’t take more than a few minutes.
WHO IS THE ADMINISTRATOR OF THE WEBSITE www.nature.pro?
The administrator of the website is Natsella sp. z o.o., located at Towarowa 20B, 10-417 Olsztyn, NIP: 7393970910, KRS: 0000984456, with a share capital of 5,000.00 PLN (i.e., us).
PERSONAL DATA
What legal act governs the processing of your personal data?
Your personal data is collected and processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, commonly known as GDPR) (Official Journal of the EU L 119, p. 1).
For matters not regulated by the GDPR, the processing of personal data is governed by the Polish Personal Data Protection Act of 10 May 2018.
Who is the administrator of your personal data?
The administrator of your personal data is:
Natsella sp. z o.o.
Towarowa 20B, 10-417 Olsztyn
NIP: 7393970910
KRS: 0000984456
Share capital: 5,000.00 PLN
Email: biuro@nature.pro
Phone number: +48 530 331 311
For matters related to your personal data, you can contact us via:
- Email: biuro@nature.pro
- Traditional mail: ul. Wojska Polskiego 21C, 78-122 Charzyno
- Phone: +48 530 331 311
HOW DO WE PROCESS THE PERSONAL DATA YOU PROVIDE TO US?
What personal data do we process, and for what purposes?
On our website, we offer you various services that require us to process different types of personal data based on different legal grounds.
| Purpose | Personal Data | Legal Basis for Processing | Data Retention Period |
|---|---|---|---|
| Conclusion and performance of the contract | First name, last name, correspondence address, NIP, email address, phone number | Art. 6(1)(b) GDPR – processing is necessary to take action at your request before concluding the contract and to perform the contract to which you are a party | Until the limitation period for claims related to contract performance expires |
| Account creation and management | First name, last name, email address, phone number, correspondence address | Art. 6(1)(b) GDPR – processing is necessary to take action at your request before concluding the contract and to perform the contract to which you are a party | Until the limitation period for claims related to contract performance expires |
| Adding reviews | Nickname, first name, email address | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in displaying reviews on the online store | Until an objection to data processing is raised |
| Newsletter | Email address, first name, last name | Art. 6(1)(a) GDPR – processing based on your consent | Until consent for data processing is withdrawn |
| Contact form | First name, last name, email address, phone number | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in maintaining communication continuity and enabling contact regarding business operations | Until an objection to data processing is raised |
| Interactive chat | Data provided during conversation, phone number, first name, email address | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in maintaining communication continuity and enabling contact regarding business operations | Until an objection to data processing is raised |
| Transfer of payment data to ING Bank Śląski S.A. | Payment data provided when placing the order | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in handling, settling, and verifying payments | Until an objection to data processing is raised |
| Organization of contests | First name, last name, email address, phone number | Art. 6(1)(a) GDPR – processing based on your consent | Until consent for data processing is withdrawn |
| Analysis of website traffic | First name, IP address, browser data | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in analyzing website traffic | 3 years or until consent for data processing is withdrawn |
| Direct marketing of own goods and services, including remarketing | First name, IP address, browser data | Art. 6(1)(f) GDPR – processing is based on our legitimate interest in direct marketing of own services, including remarketing | 3 years or until consent for data processing is withdrawn |
| Fulfillment of legal obligations arising from legal regulations, particularly tax and accounting regulations | First name, last name, company name, PESEL number, NIP or REGON, email address, phone number, correspondence address, payment card number | Art. 6(1)(c) GDPR – processing is necessary to fulfill legal obligations, particularly tax and accounting regulations | Until the expiration of legal obligations justifying data processing |
Voluntariness of Providing Personal Data
Providing the required personal data is voluntary but constitutes a condition for us to provide services to you (e.g., sending a newsletter or creating an account).
Recipients of Personal Data
The current list of entities to whom we disclose your personal data can be found here.
Automated Decision-Making (Including Profiling)
We do not make decisions about you in an automated manner, nor do we engage in profiling.
Will We Transfer Your Personal Data Outside the EEA or to an International Organization?
To use Google's tools, your personal data may be transferred to the United States, where Google LLC servers are located.
Google LLC is listed as a participant in the Data Privacy Framework program (link: https://www.dataprivacyframework.gov/s/participant-search), meaning that the level of data protection is adequate under the regulations in force in the European Union, in accordance with the European Commission's Implementing Decision (EU) C(2023) 4745 of July 10, 2023, on the adequate level of protection of personal data under the EU-USA Data Privacy Framework (link: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32023D1795).
To use Facebook's tools, your personal data may be transferred to the United States, where Meta Platforms Inc. servers are located.
Meta Platforms Inc. is listed as a participant in the Data Privacy Framework program (link: https://www.dataprivacyframework.gov/s/participant-search), meaning that the level of data protection is adequate under the regulations in force in the European Union, in accordance with the European Commission's Implementing Decision (EU) C(2023) 4745 of July 10, 2023, on the adequate level of protection of personal data under the EU-USA Data Privacy Framework (link: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32023D1795).
WHAT ARE YOUR RIGHTS REGARDING THE PROCESSING OF YOUR PERSONAL DATA?
Under the GDPR, you have the right to:
- Request access to your personal data
- Request correction of your personal data
- Request deletion of your personal data
- Request restriction of processing of your personal data
- Object to the processing of your personal data
- Request data portability
If you submit any of the above requests, we will provide you with information on the actions taken in response to your request without undue delay—within one month of receiving your request at the latest.
If necessary, we may extend the one-month period by another two months due to the complexity of the request or the number of requests.
In any case, we will inform you within one month of receiving your request about the extension of the deadline and the reasons for the delay.
Right to Access Personal Data (Article 15 GDPR)
You have the right to obtain information about whether we process your personal data. If we do, you have the right to:
- Access your personal data
- Obtain information about the purposes of processing, the categories of processed personal data, the recipients or categories of recipients of such data, the planned storage period of your data or the criteria for determining this period, the rights available to you under the GDPR, the right to lodge a complaint with the President of the Personal Data Protection Office, the source of the data, automated decision-making (including profiling), and the safeguards applied in connection with the transfer of data outside the European Union
- Obtain a copy of your personal data
If you wish to request access to your personal data, please send your request to: biuro@nature.pro.
Right to Rectification of Personal Data (Article 16 GDPR)
If your personal data is incorrect, you have the right to request immediate correction. You also have the right to request that we complete any incomplete personal data.
If you wish to request correction or completion of your personal data, please send your request to: biuro@nature.pro.
Right to Erasure of Personal Data – "Right to Be Forgotten" (Article 17 GDPR)
You have the right to request the deletion of your personal data if:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed
- You have withdrawn specific consent to the extent that the processing was based on your consent
- Your personal data was processed unlawfully
- You have objected to the processing of your personal data for direct marketing purposes, including profiling, to the extent that the processing is related to direct marketing
- You have objected to the processing of your personal data in connection with processing necessary for the performance of a task carried out in the public interest or for purposes arising from our or a third party’s legitimate interests
Despite a request for data deletion, we may continue to process your data to establish, assert, or defend claims, of which you will be informed.
If you wish to request the deletion of your personal data, please send your request to: biuro@nature.pro.
Right to Restriction of Processing (Article 18 GDPR)
You have the right to request the restriction of the processing of your personal data if:
- You dispute the accuracy of your personal data – in this case, we will restrict processing for a period that allows us to verify the accuracy of the data
- The processing is unlawful, and instead of deleting your personal data, you request a restriction of its processing
- Your personal data is no longer needed for processing purposes, but you need it to establish, assert, or defend claims
- You have objected to the processing of your personal data – pending verification of whether our legitimate interests override the grounds for your objection
If you wish to request a restriction on the processing of your personal data, please send your request to: biuro@nature.pro.
Right to Object to Personal Data Processing (Article 21 GDPR)
You have the right to object at any time to the processing of your personal data, including profiling, in connection with:
- Processing necessary for the performance of a task carried out in the public interest or processing necessary for purposes arising from the legitimate interests pursued by the Data Controller or a third party
- Processing for direct marketing purposes
If you wish to object to the processing of your personal data, please send your request to: biuro@nature.pro.
Right to Data Portability (Article 20 GDPR)
You have the right to receive your personal data from us in a structured, commonly used, machine-readable format and to transmit it to another data controller.
By default, we will provide your personal data in CSV format. If you prefer another format, please indicate your preferred format in your request. We will strive to provide the data in your preferred format if possible.
You may also request that we transfer your personal data directly to another controller (if technically feasible).
If you wish to request data portability, please send your request to: biuro@nature.pro.
Can You Withdraw Consent to Data Processing?
You can withdraw your consent to the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of processing carried out based on your consent before its withdrawal.
If you wish to withdraw consent, please send your request to: biuro@nature.pro.
If you want to withdraw consent for processing personal data related to the "Newsletter" service, you can unsubscribe here.
Complaint to the Supervisory Authority
If you believe that the processing of your personal data violates data protection laws, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or where the alleged violation occurred.
In Poland, the supervisory authority under the GDPR is the President of the Personal Data Protection Office (UODO).
More information can be found here.
Cookies
General Information
When browsing the pages of the Online Store, "cookies" (hereinafter referred to as Cookies) are used. These are small text files stored on your device in connection with the use of the Online Store. Their purpose is to ensure the proper functioning of the Online Store's web pages.
These files allow us to identify the software you use and tailor the Online Store individually to your needs.
Cookies usually contain the domain name from which they originate, the time they are stored on your device, and an assigned value.
Security
The Cookies we use are safe for your devices. In particular, it is not possible for viruses or other unwanted or malicious software to enter your devices through Cookies.
Types of Cookies
We use two types of Cookies:
- Session Cookies: These are stored on your device and remain there until the session of a given browser ends. The stored information is then permanently deleted from your device’s memory. The mechanism of session Cookies does not allow the collection of any personal data or confidential information from your device.
- Persistent Cookies: These are stored on your device and remain there until they are deleted. Ending the session of a given browser or turning off the device does not remove them from your device. The mechanism of persistent Cookies does not allow the collection of any personal data or confidential information from your device.
Purposes
We also use third-party Cookies for the following purposes:
- Configuring the Online Store;
- Promoting the Online Store using the YouTube.com service, administered by Google Ireland Ltd. based in Ireland. The privacy policy is available at the following link: https://policies.google.com/privacy?hl=en;
- Creating statistics that help us understand how users interact with the Online Store's pages, which enables us to improve their structure and content using the Google Analytics analytical tools, administered by Google Ireland Ltd. based in Ireland. Google’s privacy policy is available at: https://policies.google.com/privacy?fg=1;
- Determining the Customer’s profile to display tailored content in advertising networks using the Google Ads online advertising tool, administered by Google Ireland Ltd. based in Ireland. Google's privacy policy is available at: https://policies.google.com/privacy?fg=1;
- Displaying reviews on the Online Store's websites, which are retrieved from the external website Opineo.pl, administered by Opineo.pl sp. z o.o. based in Wrocław. The cookies policy is available at: http://www.opineo.pl/i/informacje-o-ciastkach;
- Presenting and expressing opinions on the external website Ceneo.pl, administered by Ceneo.pl sp. z o.o. based in Poznań. The cookies policy is available at: http://info.ceneo.pl/polityka_plikow_cookies.
To learn more about the principles of using Cookies, we recommend reviewing the privacy policies of the companies mentioned above.
Cookies may be used by advertising networks, particularly the Google network, to display ads tailored to your preferences. For this purpose, information about how you navigate the web or your visit duration on a website may be stored.
To view and edit information about your preferences collected by Google’s advertising network, you can use the tool available at: https://www.google.com/ads/preferences/.
Using your web browser settings or service configuration, you can independently change the Cookies settings at any time, specifying the conditions of their storage and access to your device. You can modify these settings to block automatic handling of Cookies in your web browser settings or to notify you each time they are placed on your device. Detailed information on the possibilities and ways of handling Cookies is available in your software settings (web browser settings).