PRIVACY POLICY WITH INFORMATION ON COOKIES

PREAMBLE:

This Privacy Policy sets out the rules for the processing and protection of personal data of customers of the online store operating under the www.orientfashion.pl website, as well as information about these customers collected through cookies, for the provision of services provided electronically, as well as for legally permissible and non-legally permitted purposes bad faith towards Customers whose data is processed in the Store.

The owner and also the administrator of the online store available under the domain www.orientfashion.pl is the ORIENT FASHION Manish Rajpal company with its registered office in Pabianice, at ul. Rzgowska 72, postal code 95-200, NIP number: 7251807726, REGON: 100634492, telephone number +48 42 211 66 85, e-mail address: sklep@orientfashion.pl;

In addition, this Privacy Policy serves as an information and warranty tool for shop customers and guidelines for the Data Administrator, which he is guided in the collection, processing and permitted use of the personal data of the clients made available to him.

I. DEFINITIONS

Administrator - means the ORIENT FASHION Manish Rajpal company, which provides electronic services, and stores and gains access to information on User devices.

Cookies - means IT data, in particular small text files, saved and stored on devices through which the Customer uses the Store's websites.

Administrator's Cookies - means Cookies posted by the Administrator, related to the provision of electronic services by the Administrator via the Store.

External Cookies - means Cookies placed by the Administrator's partners via the Store's website.

Shop - here is the website where the Administrator runs an online store. The address of the store's website, operating at www.orientfashion.pl.

Device - means an electronic device through which the Customer gains access to the Store.

Client - means an entity to which electronic services may be provided in accordance with the Regulations and legal regulations or with which an Agreement for the provision of electronic services may be concluded

II. GENERAL INFORMATION

1. In the interests of security of entrusted data, the Administrator has developed internal procedures and recommendations to prevent unauthorized access to data. The administrator controls their performance and constantly verifies their compliance with the relevant legal acts - the Act on personal data protection, the Electronic Services Provision Act, and all types of executive acts and Community legislation, especially regarding changes resulting from entering into force in 2018 RODO.

2. Personal Data are processed on the basis of the consent expressed by the Customer and in cases where the law authorizes the Administrator to process personal data on the basis of law or to implement the contract concluded between the parties.

3. The store performs the functions of obtaining information about users and their behaviors in the following way:

a) by voluntarily entered information in forms

b) by collecting "cookies"

c) by collecting server logs through the hosting operator.

4.The store collects information voluntarily provided by the customer, by means of consents given when placing the order or when registering at the Store. Consent may be granted in the form of accepting a ready statement prepared by the Administrator. The information collected in this way is processed only for purposes of improving the Store's operation, as well as improving the quality of customer service. Under no circumstances does the Administrator process the information obtained for purposes that go beyond the legitimate marketing of its services, improve the operation of the Store and improve quality and speed customer service.

5.The data provided in the form is processed for the purpose resulting from the function of a specific form. The Administrator does not directly or implicitly consent to the processing of the Customer's personal data in a manner that is not anticipated or unauthorized.

6. The personal data left on the website will not be sold or made available to third parties, in accordance with the provisions of the Personal Data Protection Act.

7. The data contained in the form may be viewed by the natural person who placed it there. This person also has the right to modify and cease the processing of his data at any time.

8. Shop reserves the right to change the privacy policy, which may be influenced by the development of Internet technology, possible changes in the law in the field of personal data protection and the development of the Online Store. The Store will inform about any changes in a visible and understandable way.

9. Links to other websites may appear on the Store's website. Such websites operate independently of the Store and are in no way supervised by the Online Store. Address of the store website. These websites may have their own privacy policies and regulations that Customer is advised to read.

10. The Administrator informs Users that he entrusts the processing of personal data to the following entities:

a) nazwa.pl sp. z o.o., ul. Mieczysława Medweckiego 17, 31-870 Kraków, NIP: 6751402920, REGON: 120805512, KRS: 0000594747, District Court for Kraków-Śródmieście w Krakowie, Division XI of the National Court Register, Share capital: PLN 114 384 000 - to store personal data on the server where the store is installed,

b) Pay Pal Polska sp. O.o. with headquarters in Warsaw, 00-113, ul. Emilii Plater 53, NIP number: 5252406419, KRS: 0000289372, REGON: 141108225, T Pay S.A. with registered office in Poznań, 61-808, ul. St. Marcin 73/6, NIP numbers: 7773061579, REGON: 300878437, KRS: 0000412357, DialCom24 Sp. z o.o. with headquarters in Poznań, 60-327 Poznań, ul. Kanclerska 15, NIP 781-173-38-52, REGON: 634509164, KRS: 0000306513, Pay Pro S.A., based in Poznań, 60-327, ul. Kanclerska 15. NIP: 779-236-98-87, REGON: 301345068, KRS: 0000347935- in order to enable making electronic payments for the ordered Goods,

c) Accounting Office Solido Dorota Celuch, ul. Cynarskiego 5/39, 92-447 Łódź, NIP 796-118-52-34, REGON 100975572 - in order to conduct accounting of the business activity of the owner of the Website,

d) DHL PARCEL POLSKA SP Z O. O. KRS: 0000631916, NIP: 9512417713, REGON: 365170883, ul. Osmańska 2, 02-823 Warsaw; In Post S.A., ul. Malborska 130, 30-624 Kraków; DPD POLSKA SP. Z O.O., ul. MINERALNA 15, 02-274 WARSAW; EUROHERMES SP Z O. O. KRS: 0000607049, NIP: 6443515752, REGON: 363929192, ul. Żytnia 8, Sosnowiec; Poczta Polska Spółka Akcyjna, ul. Rodziny Hiszpańskich 8, 00-940 Warsaw, NIP: 525-000-73-13, KRS: 0000334972 Registry Court: District Court for the Capital City of Warsaw share capital: 774,140,000, fully paid-in order to fulfill orders for an online store and delivery of ordered goods,

e)ADMIN.NET.PL Tomasz Rzepka Arkadiusz Nowara S.C., ul. Bitwy Pod Monte Cassino 5/198, 33-100 Tarnów, NIP: 8733250257, REGON: 122662465, VAT EU: PL8733250257 - to manage the store's website

III. TYPES OF COOKIES USED

1. Cookies used by the Administrator are safe for the Client's Device. In particular, it is not possible to get viruses or other unwanted software or malicious software onto the Client's Devices. These files allow to identify the software used by the Customer and customize the Shop individually for each User. Cookies usually contain the name of the domain from which they originate, their storage time on the Device and the assigned value.

2. The administrator uses two types of Cookies:

a. Session cookies (temporary): they are stored on the Customer's Device and remain there until the end of the browser session. The saved information is then permanently removed from the Device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the Customer's Device.

b. Persistent cookies: they are stored on the User's Device and remain there until they are deleted. Ending the session of a given browser or turning off the Device does not delete them from the Client's Device. The persistent cookies mechanism does not allow the collection of any personal data or any confidential information from the Customer's Device.

3. The customer has the ability to limit or disable access of cookies to his device. If you use this option, the use of the Website will be possible, in addition to functions that, by their nature, require cookies. The Customer may at any time change the settings of his Cookies, he may also permanently cancel their collection, bearing in mind that some information generated in this way may be indispensable for the performance of the contract, which he entered into with the Seller at a distance.

4. The customer has the possibility to control the scope of using cookies at any time using the web browser settings. Depending on your browser model, available options may include:

- accept only temporary cookies,

- accept only selected cookies,

- accept only your own cookies (external cookies will not be placed when you use the site),

- refusal to accept all cookies.

IV. OBJECTIVES THAT COOKIES ARE USED FOR

1. The Administrator uses Cookies for the following purposes:

A. site configuration,

B. adjusting the content of the Store websites to the Customer's preferences and optimizing the use of the Store's websites,

C. recognize the Shop Customer's device and its location and properly display the website, tailored to its individual needs,

D. remember the settings selected by the client and the personalization of its interface, e.g. in the scope of the chosen language or region from which the client comes from,

E. remember the history of visited pages on the site to recommend the content,

F. font size, website layout, etc.

2. Client authentication in the Store and ensuring Customer's session in the Store:

A. maintaining the Shop Customer session (after logging in), thanks to which the Customer does not have to enter the login and password on each subpage of the Store,

B. correct configuration of selected functions of the Store, allowing in particular verification of the authenticity of the browser session,

C. optimizing and increasing the efficiency of services provided by the Administrator.

3. Implementation of processes necessary for the full functionality of websites:

A. adjusting the content of the Shop websites to the Customer's preferences and optimizing the use of the Store's websites. In particular, these files allow to recognize the basic parameters of the Client's Device and properly display the website, adapted to his individual needs,

B. correct operation of the affiliate program, allowing in particular to verify the sources of customer redirects to the websites of the Store.

4. Remembering the Customer's location - correct configuration of selected functions of the Store, allowing in particular adjusting the information provided to the Customer, including its location.

5. Analyzes and surveys as well as audience audit - creating anonymous statistics that help to understand how the Shop's customers use the Store's websites, which allows improving their structure and content.

6. Provision of advertising services - adjustments of advertisements of third-party services and products presented via the Store.

7. Ensure the safety and reliability of the Store.

8. The administrator undertakes to obtain each time the consent of the customer to use cookies in each of the listed functionalities, especially after the entry into force of the GDPR. The customer will always have the option to stop using his peaks Cookies in any or one or a few of the above mentioned forms, and any form of information collection (profiling) of the client will be presented to him and properly communicated.

9. The service administrator uses external cookies for the following purposes:

A. Collect general and anonymous static data via analytical tools: Google Analytics [cookies administrator: Google Inc. based in the USA],

B. The use of interactive features to popularize the Store using social networking sites: Facebook.com [cookies administrator: Facebook Inc. based in the USA or Facebook Ireland based in Ireland].

10. The SSL protocol (Secure Socket Layer v3) used by the online store Oriental Fashion is a transmission protocol that ensures the security of data transmission on the Internet. It is a type of security consisting in coding data before they are sent from the client's browser and decoding after safely arriving at the store's server. Information sent from the server to the client is also encoded, and after reaching the destination, it is decoded.

11. SSL performs encryption, authentication and ensuring the integrity of messages. At the moment of establishing the connection with the secure (using SSL protocol) web page, the encryption keys are used, which are then used when transferring data between the browser on the client's computer and the store's server. Both key matching and transmission itself are very difficult to break. After connecting to a secure website, the user is informed about it.

12. SSL uses identity certificates to check the rights of servers and users. These certificates are issued and "digitally signed" by one of the certificate publishers - Certification Authorities (CA).

V. POSSIBILITIES OF DETERMINING THE CONDITIONS OF STORAGE OR ACCESSING COOKIES

1. The Customer may change the Cookie settings at any time and specify the conditions for their storage and access to the Client's Device via Cookies. Changes to the settings referred to in the previous sentence, the Customer can make using the web browser settings or by using the service configuration. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser's settings or to inform them whenever Cookies are placed on the Customer's device. Detailed information about the possibilities and ways of handling cookies are available in the software (web browser) settings.

2. The customer can delete cookies at any time using the features available in the browser he / she uses.

3. Limiting the use of Cookies may affect some of the functionalities available on the Store's website.

VI. COLLECTION AND ACCESS DATA

1. Data is made available to third parties only within legally permitted limits.

1.1. The Administrator does not entrust processing of data and does not make the collected personal data of Customers available to unrelated entities without the consent of the interested parties, unless the following circumstances exist:

a) The Administrator may use the support of external entities to provide the services they provide, however, these entities are not authorized to use personal data processed on behalf of the Online Store independently, and all their activities are subject to the provisions of the Online Store Privacy Policy,

b) The Administrator retains the right to share data with public authorities in conducting proceedings for possible violations of law or in combating possible violations of the Online Store Regulations.

2. Data enabling the identification of a natural person is made available only with the consent of that person. The customer has the right to access their personal data at any time, and collected by the Administrator. This right includes the possibility of verification, modification, supplementation, deletion, limitation of data processing, opposition to processing, transfer of data, cessation of personal data processing, as well as the right to withdraw consent to the processing of data for a specific purpose, if the customer previously agreed and the right to submit a complaint to the supervisory body. These rights are available without giving a reason.

3. The operator may be required to provide information collected by the Store to authorized bodies on the basis of lawful requests in the scope of the request and without going beyond them.

4. The Customer who uses the services and tools provided as part of the Store, confirms that he has read the Privacy Policy and the Online Store Regulations, and consents to the use of his personal data in accordance with the Store Regulations and its Privacy Policy.

5. All data collected by the Administrator are protected using reasonable technical and organizational measures and security procedures in order to protect them against unauthorized access or unauthorized use.

6. The Administrator processes Customer's personal data necessary for the correct implementation of services available in the Online Store and is entitled to use the data collected and stored as part of the Online Store for the following purposes:

a) place an order in the Online Store,

b) conclusion and implementation of the Sales Agreement or the Contract for the provision of Electronic Services,

c) direct marketing of your own products or services,

d) provide full service to the User, including setting up and managing the User's account / accounts, solving technical problems and providing relevant functions,

e) adjusting the offer and the User's experience, including advertisements, in the Store's properties,

f) monitor the activity of all and specific Users,

g) contacting Users, in particular for purposes related to the provision of services, User support, permitted marketing and advertising activities,

h) carry out research and analysis to improve the performance of available services,

i) enforce compliance with the Online Store Regulations,

j) evaluate some of the client's personal circumstances.

7. The administrator collects, processes and stores the following Customer data:

a) e-mail address (e-mail address),

b) first and last name,

c) company name (in the case of non-consumer customers),

d) NIP (in the case of non-consumer customers),

e) delivery address of the Goods (street, house number, apartment number, zip code, city, country),

f) address of residence / business / registered office (if different from the delivery address),

g) phone number.

8. Customers who have registered in the Store have the right to view, edit and delete the data they have provided. The customer ensures that the data provided or published by him in the Online Store is correct. Customers who have decided to delete an Account in the Store, have the right to request the deletion of their personal data permanently from the Administrator's resources. This entitlement ("the right to be forgotten") results directly from the entering into force of the RODO.

9. Customers' personal data are collected (or will be) using the following functionalities of the online store: contact form, subscription to the Newsletter, email contact with the customer, order form, data provided on the Customer Account, login details and registration details.

10. The Administrator, on the basis of a separate consent given by the Store Customer, to express an opinion on the concluded Sales Agreement, provides the Customer's personal data collected to a selected entity servicing the system of surveys expressing the concluded Sales Agreement in the Online Store. The Administrator undertakes each time to have signed a relevant agreement for entrusting the processing of personal data to such a third party. The operator of the survey system is obliged to keep confidentiality and processing only in the entrusted scope of the Customer's personal data obtained.

11. The Administrator informs that it applies (or will apply) the following technologies that track the actions taken by the user / customer within the Website's website: Google Analytics tracking code - to analyze the Website's website statistics and for remarketing and advertising purposes.

This Privacy Policy along with information on Cookies files comes into force on the day of its publication on the store's website available at www.orientfashion.pl. Possible changes in this document will be communicated to Customers at least 14 days in advance, using the generally available on the Store website information about changes and the possibility of changing the configuration of their Cookie settings in this regard. Changes to the Privacy Policy and information about cookies may in particular be the effect of the development of technology on which the Store is built, changes in legislation in this area, or result from internal, justified needs of the Administrator.