Your Cart
0 item(s) - $0.00 0

Your Order

  • Your shopping cart is empty!

Privacy Policy

Privacy and Cookies Policy of the Online Store elastoring.eu

1. General Provisions

  1. This Privacy Policy defines the rules for the processing of personal data and the use of cookies within the online store elastoring.eu (and the additional domain lemming.shop).
  2. The data controller is Lemming Spółka z ograniczoną odpowiedzialnością, with its registered office in Rzeszów, Poland, ul. Hanasiewicza 10, 35-103 Rzeszów, entered into the National Court Register under number KRS: 0000532194, VAT ID PL8133698802, REGON 360173641.
  3. Contact details of the data controller:
    • e-mail: biuro@elastoring.eu
    • postal address: ul. Hanasiewicza 10, 35-103 Rzeszów, Poland
  4. The Controller makes every effort to ensure that personal data is processed in accordance with the applicable law, including Regulation (EU) 2016/679 (GDPR).

2. Scope and Purposes of Data Processing

  1. Personal data is processed for the following purposes:
    • processing and fulfillment of orders placed in the online store,
    • management of the user account,
    • customer communication and responding to inquiries,
    • handling of complaints, returns, and claims,
    • issuing accounting documents (invoices, receipts),
    • fulfilling legal obligations of the Controller,
    • marketing of products and services – only with prior consent.
  2. The data processed may include, among others: name, surname, company name, e-mail address, phone number, delivery address, tax identification number (NIP/VAT UE), payment details, and the IP address of the user’s device.

3. Legal Basis for Data Processing

  1. Personal data is processed based on the following legal grounds:
    • Article 6(1)(b) GDPR – processing necessary for the performance of a contract or steps prior to entering into a contract,
    • Article 6(1)(c) GDPR – processing necessary to comply with a legal obligation (e.g. accounting or tax),
    • Article 6(1)(f) GDPR – legitimate interests pursued by the Controller (e.g. customer contact, fraud prevention, claims),
    • Article 6(1)(a) GDPR – consent of the data subject (e.g. for marketing communication).

4. Data Recipients

  1. Personal data may be disclosed to third parties only to the extent necessary to perform the contract, including:
    • courier and logistics companies,
    • payment service providers (e.g. PayU, PayPal, Revolut),
    • hosting and IT service providers,
    • accounting firms,
    • legal and tax advisors (if required by law).
  2. All entities processing personal data act under data processing agreements and are bound by confidentiality obligations.

5. Transfer of Data Outside the EEA

  1. Personal data is generally not transferred outside the European Economic Area (EEA).
  2. If such transfer is necessary (e.g. for international payment or delivery), it will be carried out in accordance with GDPR requirements, using appropriate safeguards – in particular, EU Standard Contractual Clauses.

6. Data Retention Period

  1. Personal data will be stored for the following periods:
    • for the duration necessary to perform the contract and process the order,
    • for the time required by accounting and tax regulations (at least 5 years),
    • or until consent is withdrawn – in cases where processing is based on consent.
  2. After these periods, data may be stored only for the purpose of establishing, exercising, or defending legal claims.

7. Rights of Data Subjects

The Customer has the right to:

  1. access and obtain a copy of their data,
  2. rectify or update data,
  3. delete data (“right to be forgotten”),
  4. restrict processing,
  5. transfer data to another controller,
  6. object to processing,
  7. lodge a complaint with the supervisory authority – in Poland: President of the Personal Data Protection Office (UODO).

8. Cookies

  1. The online store uses cookies – small text files stored on the user’s device.
  2. Cookies are used to:
    • ensure proper functioning of the website,
    • maintain user sessions,
    • analyze traffic on the website (e.g. Google Analytics),
    • carry out marketing and remarketing activities (e.g. Meta Pixel, Google Ads).
  3. The user can manage cookies settings in their web browser at any time or delete stored cookies.
  4. Disabling or limiting cookies may affect some functionalities of the website.

9. Data Security Measures

  1. The Controller applies appropriate technical and organizational measures to ensure data protection, including:
    • encryption of data transmission using the SSL protocol,
    • restricted access to data only to authorized personnel,
    • regular system updates and data backups.
  2. Data is stored on secure servers compliant with GDPR standards.

10. Changes to the Privacy Policy

  1. The Controller reserves the right to amend this Privacy and Cookies Policy.
  2. The current version of the Policy is always available on the elastoring.eu website.
  3. Any changes become effective on the date of publication.