Product has been added to your cart.

Privacy Policy

1. General information

 

This policy applies to the website operating at the following url: kubala.com
The website operator and personal data controller is: KUBALA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ Przemysłowa 5, 43-440 Goleszów 5482460664
Operator's email contact address: kontakt@kubala.com
The Operator is the Administrator of your personal data in relation to the data provided voluntarily on the Website.
The website uses personal data for the following purposes:
Running a newsletter
Preparation, packaging, shipment of goods
Handling inquiries via the form
Implementation of ordered services
The website performs the functions of obtaining information about users and their behavior in the following way:
Through data entered voluntarily in forms, which are entered into the Operator's systems.
By saving cookie files (so-called "cookies") in end devices.

2. Selected data protection methods used by the Operator

 

The areas where you log in and enter personal data are protected at the transmission layer (SSL certificate). This means that personal data and login information entered on the website are encrypted on the user's computer and can only be read by the target server.
User passwords are stored in a hashed format. The hash function is one-way and cannot be reversed, which is currently the modern standard for storing user passwords.
The operator periodically changes its administrative passwords.
In order to minimize the risk of unauthorized access to data, the Operator uses complex passwords, containing lowercase and uppercase letters, numbers and special characters, no shorter than 8 characters.
An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. Hosting

 

The website is hosted (technically maintained) on the operator's server: cyberFolks.pl
To ensure technical reliability, the hosting company maintains server-level logs. The following may be recorded:
resources specified by the URL identifier (addresses of requested resources – pages, files),
time of arrival of the request,
time of sending the response,
name of the client station – identification performed via the HTTP protocol,
information about errors that occurred during the execution of the HTTP transaction,
URL address of the page previously visited by the user (referrer link) – if the Website was accessed via a link,
information about the user's browser,
IP address information,
diagnostic information related to the process of self-ordering services via the website's registers,
information related to the handling of e-mail addressed to the Operator and sent by the Operator.

4. Your rights related to the processing of personal data

 

Under the GDPR, you have a number of rights in connection with our processing of your personal data. We guarantee the exercise of these rights – to exercise them, simply contact us at kontakt@kubala.com.

You have the following rights:

Right of access to data (Article 15 GDPR): You have the right to obtain confirmation from us as to whether we are processing your personal data and, if so, you have the right to obtain access to it and information, including information on the purposes of processing and categories of recipients.

Right to rectification (Article 16 GDPR): If you notice that your data is incorrect or incomplete, you have the right to request its immediate correction.

Right to erasure/"right to be forgotten" (Article 17 GDPR): You have the right to request the deletion of your data, for example, if it is no longer necessary for the purposes for which it was collected or if you withdraw your consent to its processing. Note: This right is not absolute. We will not be able to delete data that we are required to retain under other legal provisions (e.g., data on VAT invoices for tax and accounting purposes) or to defend against legal claims.

Right to restriction of processing (Article 18 GDPR): In certain situations (e.g. if you contest the accuracy of your data), you can request that we temporarily suspend the processing of your data (apart from storing it).

Right to data portability (Article 20 GDPR): You have the right to receive your personal data from us in a structured, commonly used and machine-readable format in order to transmit it to another controller.

Right to object (Article 21 GDPR): You may object at any time to processing of your data based on our legitimate interests (e.g., profiling or direct marketing). After you object, we will no longer process your data for these purposes.

Right to withdraw consent (Article 7(3) GDPR): If we process your data based on consent (e.g., newsletter delivery, cookies for marketing purposes), you may withdraw your consent at any time. However, withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

Complaint to the supervisory authority
If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority. In Poland, this is the President of the Personal Data Protection Office (PUODO), located at ul. Stawki 2, 00-193 Warsaw.

5. Information in forms

 

The website collects information provided voluntarily by the user, including personal data, if provided.
The website may save information about connection parameters (time stamp, IP address).
In some cases, the website may store information to facilitate linking the data in a form with the email address of the user completing the form. In such cases, the user's email address appears within the URL of the page containing the form.
The data provided in the form is processed for the purpose resulting from the function of a specific form, e.g. to process a service request or sales contact, register services, etc. In each case, the context and description of the form clearly indicate its purpose.

6. Administrator Logs

 

Information about user behavior on the website may be subject to logging. This data is used for website administration purposes.

7. Cookies and tracking technologies

 

Our Website, like almost all other websites, uses cookies and similar tracking technologies.

1. Classification of cookies and legal basis:
Cookies used in our store are divided into three main categories:

Essential cookies: These are critical for the proper functioning of the store (e.g., maintaining your login session, remembering your shopping cart, privacy settings). These cookies are installed by default, as the store cannot function without them. The legal basis for this is the provision of services electronically (Article 6, paragraph 1, letter b of the GDPR and the provisions of the Telecommunications Law).

Analytical and statistical cookies: These cookies allow us to measure website traffic and analyze how users use the site (e.g., time spent on the site, most popular products). We install them only after obtaining your voluntary consent (Article 6, paragraph 1, letter a of the GDPR).

Marketing cookies: These cookies are used to tailor advertising content to your interests and measure the effectiveness of our advertising campaigns. We only use these cookies with your voluntary consent (Article 6, Section 1, Letter a of the GDPR).

2. Consent management (Cookie Banner):
When you first visit our website, we display a banner informing you about cookies. You have the right to accept all cookies, reject non-essential cookies, or configure your preferences yourself.
You can withdraw or change your consent at any time by clicking the privacy settings icon (or the "Manage cookies" link) in the footer of our website. You can also change your browser settings, but we recommend using our cookie management panel for maximum precision.

3. Third-party tools and data transfer outside the EEA:
In connection with the use of analytical and marketing cookies, we work with third-party providers. In some cases, this may involve transferring your data (e.g., IP address, device identifier) outside the European Economic Area (EEA), for example, to the USA. We assure you that we only work with companies that guarantee an adequate level of data protection (e.g., by participating in the Data Privacy Framework or using Standard Contractual Clauses approved by the European Commission).

We use the following tools:

Google Analytics and Google Ads (provider: Google Ireland Limited / Google LLC) – to analyse website statistics and run advertising campaigns.

Meta Pixel (Facebook) (provider: Meta Platforms Ireland Limited / Meta Platforms Inc.) – to measure the effectiveness of advertisements and to send personalised messages to Facebook users.