Privacy

policy

PRIVACY POLICY FOR PERSONAL DATA

www.luon.eu

Effective from: June 3, 2022

 

1 The identity of the data controller

  1. The data controller for personal data provided when using the online service operated under the name LuON, available at the address luon.eu, is LuON Spółka Akcyjna, with its registered office at al. Jana Pawła II 27 00-867 Warszawa, Tax Identification Number (NIP) 7010219301, National Official Business Register Number (REGON) 142193055, and email address hello@luon.eu.
  2. The processing of data is carried out in accordance with the currently applicable legal regulations, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), the Act of 10 May 2018 on the protection of personal data, and the Act of 18 July 2002 on the provision of electronic services.

 

2 Used definitions

  1. In this policy, the follwing definitions apply:
  2. Service – an internet service available at the address luon.eu, through which the User can: browse its content, contact the data controller, request commercial and marketing information.
  3. Administrator of personal data – the entity that determines the purpose and means of processing data, in this policy, it is understood to be:
  4. LuON Spółka Akcyjna, with its registered office at al. Jana Pawła II 27 00-867 Warszawa, Tax Identification Number (NIP) 7010219301, National Official Business Register Number (REGON) 142193055.
  5. User – a person whose data is concerned and who uses the services available on the Service.
  6. Personal data – any information that, without excessive time and cost, can lead to the identification of a natural person, including their identification, address, and contact data.

 

3 Purposes of data processing

  1. The administrator of personal data processes personal data for the following purposes:
    1. registration and creating an account in a Service,
    2. providing a response to questions submitted through the contact form or via contact data available on the Service,
    3. marketing the administrator’s own products and services through traditional means,
    4. sending commercial and marketing information from the data controller to the email address provided by the User during newsletter subscription, with the consent of the individual whose data is concerned,
    5. pursuing the rights and claims of the data controller or the individual whose data is concerned.
  2. Providing data is necessary for order processing, issuing sales documents, and pursuing claims, as well as responding to questions.
  3. Providing additional data is voluntary.
  4. Failure to provide the required data will prevent the provision of services, including orders and contact.

 

4 Ways of obtaining data

  1. User’s personal data is collected directly from individuals whose data it concerns, which includes:
    1. filling out a contact data form when submitting an inquiry through the form on the website,
    2. completing the newsletter subscription form,
    3. registering an account on the Service,
    4. direct contact with the data controller through contact data available on the website or through traditional means at the place of business.

 

5 Scope of processed data

  1. The scope of processed personal data has been limited to the minimum necessary for the provision of services, including:
    1. submitting an inquiry through the contact form or using the contact data available on the website: email address, phone number, email address, first and last name, and any other data voluntarily provided by the person whose data it concerns,
    2. subscribing to the newsletter: first name, email address,
    3. registering an account on the Service or online store: first name, last name, email address, password, and username.

 

6 Data processing period

  1. Personal data is processed for the period necessary to achieve the purpose for which it was collected, including:
    1. for the duration of the concluded contract,
    2. for the period necessary to respond to an inquiry submitted through the contact form or by phone,
    3. until the consent is revoked if data processing is based on the consent of the person whose data it concerns.

 

7 Recipients of data

  1. User’s personal data may be entrusted to other entities to perform services on behalf of the data controller, in particular to entities in the scope of:
  2. hosting of the website,
  3. servicing and maintenance of the IT systems in which data is processed, including the automation of newsletters, invoicing, order processing, etc.
  4. user’s personal data is not transferred to third countries or international organizations.

 

8 Rights of data subjects

  1. The person whose data is being processed has the following rights:
    1. the right to access the data’s contents and correct them,
    2. the right to delete data, unless there are other legal provisions that oblige the data controller to archive the data for a specified period,
    3. the right to data portability if the processing of data is based on a contract or the consent of the person whose data is being processed, and the data is processed automatically,
    4. the right to object to the processing of data for direct marketing purposes, carried out by the data controller within the legitimate legal interest, as well as the right to limit processing,
    5. the right not to be subject to automated profiling if the data controller would make decisions based solely on automated profiling and those decisions would have legal consequences for the person whose data is being processed or similarly affect them,
    6. the right to control the processing of data and information about who the data controller is, as well as obtain information about the purpose, scope, and method of processing data, the content of the data, the source of the data, and the method of sharing, including recipients or categories of recipients of the data,
    7. the right to withdraw consent at any time if the processing of data was based on the consent of the person whose data is being processed. The withdrawal of consent does not affect the legality of the processing carried out on its basis before its withdrawal,
    8. the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO) if a person believes that the processing of their data is not in compliance with the currently applicable regulations in this regard.
  2. To exercise the right to control data, access data content, correct data, and other rights, please contact the data controller.

 

9 Final provisions

  1. The data controller reserves the right to change this privacy policy, especially in situations where changes in technical solutions, changes in privacy regulations applicable to individuals whose data is being processed, or other significant changes affecting the content of information provided to users require such modifications.
  2. In the event of a change to the current privacy policy, appropriate modifications will be made to the above provision, which will take effect on the day of their publication on the Service/Store website.