1. From owner of this website considers the protection of users’ personal data is a top priority. Every effort is made to ensure that Users feel safe when entrusting their personal data while using the website.
  2. A user is defined as a natural person, legal entity, or organisation without legal personality but with legal capacity under the law, who accesses and uses the electronic services provided on its website.
  3. This privacy policy explains the principles and scope of the processing of users’ personal data, the rights users are entitled to, the obligations of the data controller, and provides information about the use of cookies.
  4. The administrator applies the latest technical and organisation measures to ensure a high level of protection for processed personal data and safeguards against unauthorised access.
I. PERSONAL DATA CONTROLLER

The controller of personal data is TORTOWNIA NA BEMA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ,
ul. Bolesława Prusa 1/34, 50-319 Wrocław, NIP: 8982315056 (hereinafter referred to as the “Owner”).

II. PURPOSE OF PERSONAL DATA PROCESSING
  1. The administrator processes users’ personal data to properly fulfill sales contracts and provide information about the status of order fulfillment.
  2. This means the data is particularly needed for: a. registering on the website; b. concluding a contract; c. processing payments; d. delivering the ordered goods or services; e. allowing the User to exercise any consumer rights (e.g., withdrawal, warranty).
  3. Users may also give consent to receive updates and promotions. In such cases, the data controller will process personal data to send commercial information – for example, about new products, services, promotions, or sales.
  4. Personal data is also processed in fulfilling the legal obligations of the data controller and public interest tasks, such as security, defense, or tax record keeping.
  5. Personal data may also be processed for direct marketing, to secure and assert claims, protect against User or third-party claims, as well as the Owner’s own general marketing or third-party marketing, provided the User has given explicit consent.
III. TYPES OF PERSONAL DATA
  1. The administrator processes the following personal data for the following purposes: a. website registration: – first and last name; – email address; b. making purchases via the website: – first and last name; – gender; – delivery address; – phone number; – email address; c. Optional data provided by the user: – date of birth; – PESEL number (if an invoice is requested); – NIP number (for business invoices).
  2. In case of withdrawal from the contract or approved complaint resulting in a refund directly to the user’s bank account, the bank account number is also processed.
IV. LEGAL BASIS FOR PROCESSING PERSONAL DATA
  1. Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 the General Data Protection Regulation (GDPR).
  2. The administrator processes personal data only after obtaining the user’s consent while registration or confirming a transaction.
  3. Consent is voluntary, but its absence prevents registration or purchases via the website.
V. USER RIGHTS
  1. The User may request information about the processing of personal data at any time.
  2. The User may request correction of their data or make changes themselves after logging in.
  3. The User may withdraw consent at any time, for any reason or no reason. Withdrawal can apply to specific or all purposes and will result in account deletion and data removal. Previous actions remain valid.
  4. The User may request data deletion at any time, which will result in account deletion.
  5. The User may object to the processing of data—either all or for specific purposes—which will result in data and account deletion.
  6. The User may request limitation of data processing for a specific or indefinite period.
  7. The User may request transfer of their personal data to another entity by providing its name and address. The data will be transferred only after the User confirms the request.
  8. The Administrator informs the User of actions taken within a month of receiving the request.
VI. DATA RETENTION PERIOD
  1. Personal data is retained only as long as necessary for contractual or legal obligations. Data is deleted when no longer required, including for legal evidence purposes.
  2. Contractual information is retained for three years after the end of the business relationship. It may be kept longer — for example, up to six years — if required by accounting, tax, or legal regulations, to allow for proper documentation and limitation of claims.
  3. Archived transaction data may be kept due to claims under warranty, for example.
  4. If no contract is concluded, personal data is retained until the account is deleted following a User request, consent withdrawal, or objection.
VII. DATA SHARING WITH OTHER ENTITIES
  1. The administrator may delegate data processing to trusted partners (e.g., for order delivery or commercial communication).
  2. Apart from the purposes stated, data will not be shared with third parties for marketing purposes.
  3. Users’ personal data is not transferred outside the European Union.
  4. This privacy policy complies with Article 13 (1) and (2) of the GDPR.
VIII. COOKIES
  1. The website uses cookies (or similar technologies) to collect information about how the user accesses the site and their preferences – for advertising, statistics, and personalization.
  2. Cookies are small text files containing a unique reference code, sent to the user’s device to store and sometimes track usage information. Usually, they do not identify the user. Their main purpose is to help tailor the website to individual preferences.
  3. Some cookies are session-based and expire upon browser closure. Others remember the User for longer periods.
  4. The website uses two types of cookies: marketing cookies and performance cookies
  5. All cookies on the website are set by the administrator.
  6. All cookies used on this website comply with current EU legislation.
  7. Most devices and browsers accept cookies automatically. Unless settings are changed, cookies will be stored by default.
  8. Users can change cookie preferences or set browsers to notify about cookies.
  9. Blocking/deleting cookies may restrict website functionality.
  10. Cookies are also used for session management, including: a. Creating login sessions to securely and consistently process user request; b. Recognising returning users to help with capacity planning; c. Identifying registered users; d. Logging device information (such as cookies, IP address, and browser details) for diagnostics and tracking; e. Customising website layout and content; f. Collecting usage statistics to improve the site and highlight popular content.
IX. RETURN POLICY

If the product is spoiled, damaged, or past its expiration date, we will either refund your money or replace the item. In case of any issues, please contact us by phone or email.