AS takes special care to respect the privacy of Users visiting the Website.

AS collects information regarding natural persons conducting business or professional activities on their own behalf, as well as natural persons representing legal entities or organizational units that are not legal entities but are granted legal capacity under the law, hereinafter collectively referred to as the Users.

The personal data of Users are collected in the following circumstances:

street address, including house/apartment number.

While using the Website, additional information may be collected, in particular: the IP address assigned to the User’s computer or the external IP address of the Internet service provider, domain name, browser type, access time, and operating system type.

Navigation data may also be collected from Users, including information about links and references they choose to click on or other actions taken within the Website. The legal basis for this processing is the legitimate interest (Article 6(1)(f) of the GDPR), aimed at facilitating the use of electronic services and improving the functionality of such services.

For the purpose of establishing, pursuing, and enforcing claims, certain personal data provided by the User in connection with the use of the Website’s functionalities may be processed, such as: first name, last name, data regarding the use of services (if claims arise from the manner in which the User uses the services), and other data necessary to prove the existence of a claim, including the extent of the incurred damage. The legal basis for this processing is the legitimate interest (Article 6(1)(f) of the GDPR), consisting in the establishment, pursuit, and enforcement of claims, as well as defense against claims in proceedings before courts and other state authorities.

Providing personal data to AS is voluntary in connection with the concluded sales agreements or the provision of services via the Website; however, failure to provide certain data required in the registration forms will prevent the registration and creation of a User Account, and in the case of placing an order without registering a User Account, will prevent the placement and fulfillment of the User’s order.

§ 2 To Whom Data Are Disclosed or Entrusted and How Long They Are Retained

The User’s personal data are disclosed to service providers used by AS in operating the Website. Depending on contractual arrangements and circumstances, these service providers either act on AS’s instructions regarding the purposes and methods of processing the data (processors) or independently determine the purposes and methods of processing (administrators).

Navigation data may be used to provide Users with better service, to analyze statistical data, to tailor the Website to Users’ preferences, as well as to administer the Website.

If the User subscribes to the newsletter (Newsletter) using their email address, AS will send electronic messages containing commercial information about discounts and new products available on the Website.

Upon request, AS discloses personal data to authorized state authorities, in particular to organizational units of the Prosecutor’s Office, Police, the President of the Personal Data Protection Office, the President of the Office of Competition and Consumer Protection, or the President of the Office of Electronic Communications.

§ 3 Cookies Mechanism and IP Address

The Website uses small files called cookies. These are stored by AS on the end device of the person visiting the Website, provided that the web browser allows it. A cookie typically contains the domain name from which it originates, its expiration time, and a unique, randomly generated identifier. The information collected through such files helps tailor the products offered by AS to the individual preferences and actual needs of visitors to the Website. They also enable the creation of general statistics regarding visits to the products presented on the Website.

The cookies mechanism is safe for the computers of the Website’s Users. In particular, it is not possible for viruses or other unwanted or malicious software to infiltrate Users’ computers via this method. Nevertheless, Users may, through their web browsers, restrict or disable cookies on their computers. If this option is used, it will still be possible to use the Website, except for functions that by their nature require cookies.

Below, we present how to change the settings of popular web browsers regarding the use of cookies:

AS may collect Users’ IP addresses. An IP address is a number assigned to the computer of a person visiting the Website by their Internet service provider. The IP address enables access to the Internet and, in most cases, is assigned dynamically, meaning it changes with each connection to the Internet. AS uses IP addresses to diagnose technical issues with the server, compile statistical analyses (e.g., to determine which regions generate the most visits), as information useful for administering and improving the Website, as well as for security purposes and the possible identification of undesirable automated programs overloading the server and browsing the Website’s content.

The Website contains links and references to other websites. AS bears no responsibility for the privacy practices in force on those websites.

§ 4 Rights of Data Subjects

Right to Withdraw Consent – Legal Basis: Article 7(3) of the GDPR.

Right to Object to Data Processing – Legal Basis: Article 21 of the GDPR.

Right to Erasure of Data (“Right to Be Forgotten”) – Legal Basis: Article 17 of the GDPR.

the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

the data subject has withdrawn the specific consent on which the processing was based, to the extent that the personal data were processed on the basis of such consent.

the data subject has objected to the processing of their personal data for direct marketing purposes.

the personal data have been processed unlawfully.

the personal data must be erased in order to comply with a legal obligation under European Union law or the law of a Member State to which AS is subject.

the personal data have been collected in connection with the provision of information society services.

Right to Restriction of Processing – Legal Basis: Article 18 of the GDPR.

when the data subject contests the accuracy of their personal data – in such cases, AS shall restrict the use of the data for the period necessary to verify their accuracy, but for no longer than seven days.

when the processing of personal data is unlawful, and the User requests the restriction of their use instead of their erasure.

when the personal data are no longer necessary for the purposes for which they were collected or used, but they are required by the User for the establishment, exercise, or defense of legal claims.

when the User has objected to the processing of their personal data – in such cases, the restriction applies for the period necessary to determine whether, due to the User’s particular situation, the protection of their interests, rights, and freedoms overrides the interests pursued by the Controller in processing the User’s personal data.

Right of Access – Legal Basis: Article 15 of the GDPR.

to obtain access to their personal data.

to obtain information regarding the purposes of processing, the categories of processed personal data, the recipients or categories of recipients of such data, the envisaged period for which the User’s data will be stored or, if it is not possible to determine, the criteria used to establish that period, the rights granted to the User under the GDPR and the right to lodge a complaint with a supervisory authority, the source of the data, the existence of automated decision-making, including profiling, and the safeguards applied in connection with the transfer of such data outside the European Union.

Right to Rectification – Legal Basis: Article 16 of the GDPR.

Right to Data Portability – Legal Basis: Article 20 of the GDPR.

If a User with an account on the Website has lost their password in any way, the Website allows for the generation of a new password. AS does not send password reminders. Passwords are stored in encrypted form, making them unreadable. To generate a new password, the User must provide their email address in the form available via the “Forgot your password” link located next to the login form on the Website. The User will receive an email, sent to the address provided during registration or last updated in the account profile, containing a link to a dedicated form available on the Website, where the User will be able to set a new password.

§ 6 Changes to the Privacy Policy