Privacy Policy
§ 1 [Definitions]
User/Customer – every natural person visiting the Service or using one or more services offered by the Administrator.
Service – the neuralcosmetics.com website operated by the Administrator.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Administrator – SkyShipping company with its registered office in Wadowice, Poland at the following address: Spółdzielców 6, 34-100 Wadowice, Poland, NIP:5512580871
Policy – this Privacy Policy.
§ 2 [Privacy Policy]
We place great emphasis on maintaining the confidentiality of data and protecting the privacy of our Customers. Therefore, we adhere to the applicable legal provisions and have established a policy that sets out the principles for the collection, processing, and use of personal data in a secure and legal manner. We are aware of the importance of protecting the privacy of our customers, so we take all measures to secure their personal data and provide them with peaceful and safe use of our services.
§ 3 [What is personal data?]
In accordance with the GDPR, personal data is information about a specific or identifiable natural person. In the case of using our service, examples of personal data are e-mail address, IP address, and information contained in an e-mail account. To ensure the full functionality of our services, personal data may be stored in cookies or other technologies, which are implemented by the Administrator on devices or websites used by the Customer to use the services. We care about the safety and privacy of our Customers and we take all necessary actions to provide an appropriate level of protection for their personal data.
§ 4 [Basis and purpose of processing]
To process personal data, there must be a suitable legal basis. According to the GDPR, there are several types of such legal bases for data processing. In the case of using the services of neuralcosmetics.com, there are three basic types:
Processing of data on the basis of Art. 6(1)(b) and (c) of the GDPR, for the purpose of: performing actions at the request of the person to whom the data relates or entering into a contract, the party to which is this person, fulfilling a legal obligation incumbent on the Administrator, handling complaints. Processing of data on the basis of a legitimate interest of the Administrator (Art. 6(1)(f) of the GDPR), for the purpose of: offering and servicing own products or services, pursuit or securing claims due to the Administrator, analysis and statistics, marketing of the Administrator and other entities, especially related to behavioral advertising. Processing of data on the basis of explicit consent of the person to whom the data relates (Art. 6(1)(a) of the GDPR), for the purpose of: transmitting information about changes in the Agreement, Regulations, name, address, or seat, confirming the acceptance of the complaint and responding to it at the indicated e-mail address, conducting direct marketing of the Administrator’s own products or services. Direct marketing may be carried out using electronic means such as e-mail, or telecommunications devices such as decoders, phones, tablets etc.
All personal data will be processed only when there is one of the bases allowed by the GDPR, and the purpose of processing will be appropriately adjusted to the given basis, in accordance with the description above.
§ 5 [Scope of Collected Personal Data]
The Administrator collects and processes the following personal data:
– User’s authentication and identification information, for the purpose of concluding or performing a contract, as well as providing services.
– Login data, including username and password, for the purpose of user authentication and secure access to the user’s account.
– Payment data (e.g., credit card data or payment tokens from external payment service providers),
– Payer identifying data (name, adress, e-mail address, and payment data), order identification number, and details of products selected by the user.
These data are collected for the purpose of processing and fulfilling orders, post-sales service, and potential internal analysis and reporting.
§ 6 [Retention period of personal data]
Personal data that is processed for the purpose of concluding or performing a contract and fulfilling a legal obligation by the Administrator will be stored for the duration of the contract and for the period necessary to:
– Provide post-sales customer service,
– Ensure security or pursue claims due to the Administrator,
– Fulfill the Administrator’s legal obligation.
Personal data processed for marketing purposes related to the products or services on the basis of a legitimate interest will be processed until an objection is raised by the person concerned.
Personal data processed based on separate consent will be stored until it is revoked by the person concerned.
§ 7 [User’s Rights]
Persons to whom the data relate have the following rights:
– The right of access to their personal data, i.e., the right to obtain confirmation whether the Administrator processes data and information about such processing.
– The right to rectify data if the processed data is incorrect or incomplete.
– The right to request deletion of data or restriction of their processing.
– The right to object to the processing of data based on the legitimate interest of the Administrator or to the processing of data for direct marketing purposes.
– The right to lodge a complaint with the supervisory authority or a supervisory authority of another EU Member State, which is competent due to the usual place of residence or work of the person concerned or due to the place of the alleged violation of the GDPR.
– The right to withdraw consent at any time (without affecting the legality of the processing, which was made based on consent before its withdrawal).
All of the above rights can be exercised by contacting the Administrator via the email address provided at the bottom of the page.
§ 8 [Activity data]
During the visit to the Service, data on the User’s activity is automatically recorded, including IP address, type of browser, type of operating system. This data is used solely for safety, administrative, and statistical purposes.
Transmission of personal data and communication with our servers are encrypted and take place using the SSL (Secure Socket Layer) protocol.
§ 9 [Cookies]
The Service Administrator uses Cookies. Cookies are small pieces of data stored on the User’s device by the Service, which typically contain information corresponding to the purpose of the file, by which the User uses the Service. The Administrator uses two types of Cookies: Session Cookies – which are permanently deleted at the end of the User’s browser session, and Persistent Cookies – which remain on the User’s device after the end of the browser session until they are deleted. Cookies, both session and persistent, do not enable the identification of the User. The Cookies mechanism does not collect any personal data. Users have the option to change their Cookies settings at any time, determining the conditions of their storage, through their web browser settings or by configuring the service. However, changing these settings may affect the availability of some or all functions of the Service. The Service uses Cookies to authenticate the User on the Service page, maintain the session, tailor the content of the pages to the User’s preferences, and create anonymous statistics to optimize the Service’s usefulness.
§ 10 [Data recipients]
In connection with the provision of services, Users’ personal data may be disclosed to external entities, such as providers responsible for IT system services, banks, payment operators, and other entities necessary to ensure the proper functioning of the Service.
With the User’s consent, their personal data may also be disclosed to other entities for their own purposes, including marketing purposes.
The Administrator reserves the right to disclose selected information concerning the User to the appropriate authorities or third parties who request such information, based on an appropriate legal basis and in accordance with applicable law.
§ 11 [Contact concerning personal data]
Any notifications or requests concerning personal data can be reported to the Administrator by sending an e-mail to help@neuralcosmetics.com