Privacy Policy

1. This Privacy Policy defines rules for the processing of personal data obtained via the Internet Shop www.Distance.eu (hereinafter referred to as: "Internet Shop").

2. The owner of the Internet Shop and at the same time data controller is Distance S.A. with its seat in Poznań (61-886), ul. Półwiejska 33, entered in the register of entrepreneurs of the National Court Register kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, VIII Commercial Department of the National Court Register under KRS number 0000650368, with share capital of 7,000,000 PLN, fully paid up, tax identification number NIP: 7781406159, statistical identification number REGON: 63445350600000, hereinafter referred to as Distance.eu or the Controller.

3. The Controller appointed the Data Protection Supervisor (hereinafter referred to as “the Supervisor”): Contact with the Inspector is possible by e-mail: [email protected]

4. Personal data collected by Distance.eu via the Internet Shop are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free transfer of such data and repealing Directive 95/46/EC (General Data Protection Regulation), also known as the GDPR.

5. Distance.eu takes special care to respect the privacy of its Customers visiting the Internet Shop.

6. In case of processing data related to the activity in the network using cookies and other similar technologies, the Controller may also be one or more entities cooperating with the Controller.

§ 1 Type of data processed, purposes and legal basis

1. Distance.eu collects information concerning natural persons performing a legal transaction not directly related to their activity, natural persons conducting business or professional activity on their own behalf and natural persons representing legal persons or organisational units which are not legal persons to whom the Act grants legal capacity, conducting business or professional activity on their own behalf, hereinafter jointly referred to as Customers.

2. Personal data of the Customers are collected in case of: a. register an account in the Internet Shop in order to create an individual account and manage this account, as well as take action at the request of the prospective Customer before concluding it. Legal basis: necessity to perform the contract for the provision of the Customer Account service (Article 6 (1) (b) of the GDPR); b. placing an order in the Internet Shop in order to perform the sales contract. Legal basis: necessity to perform the sales contract (Article 6 (1) (b) of the GDPR); c. the Customer sends a query via the contact form in the Internet Shop in order to respond to the message sent. Legal basis: necessity to perform the contract for the provision of the Contact form service (Article 6 (1) (b) of the GDPR); d. evaluation and analysis of the activity and information about the Customer, including as part of automated processing of personal data (profiling), in order to present general advertisements, offers or promotions regarding the Controller's and its partners' products, in a manner tailored to the interests of a given Customer (without significantly affecting on his/her decisions). Legal basis: our legitimate interest (Article 6 (1) (f) of the GDPR); e. subscription to the newsletter (Newsletter) in order to perform the contract the subject of which is the service provided electronically. Legal basis - consent of data subject to perform the contract for the provision of the Newsletter service (Article 6 (1) (a) of the GDPR).

3. In case of registration of an account in the Internet Shop, the Customer provides: a. email address; b. name and surname.

4. When registering an account in the Internet Shop, the Customer sets an individual password to access his or her account. The customer may change the password, at a later time, according to the rules described in § 5.

5. In case of placing an order in the Internet Shop, the Customer provides: a. email address; b. address details: a. postal code and town; b. country; c. street with the house/apartment number; c. name and surname; d. telephone number.

6. In case of Entrepreneurs, the extent of data necessary to indicate when placing an order from the Internet Shop also include, in addition to data referred to in paragraph 5 above: a. name of the Entrepreneur; b. tax identification number NIP.

7. In case of using the Newsletter service, the Customer only provides his or her e-mail address.

8. In case of using the service of the contact form, the Customer provides the following data: a. email address; b. name.

9. In case of using the "post an opinion" service, the Customer provides only his pseudonym, nickname or first name.

10. In case of customer service in connection with a question submitted by the Customer concerning services, products or an order placed, as well as possible comments or complaints about an order already completed, the Controller processes the Customer's data necessary for the provision of proper customer service. In this regard, both the necessity to provide data to provide customer service should be considered the legal basis for processing (Article 6 (1) (b) of the GDPR), as well as the consent of data subject (Article 6 (1) (a) of the GDPR).

11. If the Customer makes an online payment for an order or adds a card to his/her Internet Shop account, the Controller also processes payment and credit or debit card data. In such situation, the legal basis for processing data is data subject's consent to payment in the chosen form or to Shop the card or payment cards data within the Customer's account (Article 6 (1) (a) of the GDPR).

12. With regard to the account data related to the payments made by the Customer, the basis for the processing of such data is also the statutory obligation incumbent on the Controller (Article 6 (1) (c) of the GDPR).

13. When using the Shop's Website, additional information may be collected, in particular: the IP address assigned to the Customer's computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system (more information in this regard, see § 3 of the Privacy Policy).

14. Navigation data may also be collected from Customers, including information about the links and reference links they choose to click on or other actions taken in our Internet Shop. Legal basis - legally justified interest (Article 6 (1) (f) of the GDPR), consisting in facilitating the use of services provided by electronic means and improving the functionality of these services (for more information in this regard, see § 3 of the Privacy Policy).

15. For the purpose of determining, asserting and enforcing claims, certain personal data provided by the Customer in the course of using the functionality in the Internet Shop may be processed, such as: name, surname, data concerning the use of services, if the claims result from the way the Customer uses the services, other data necessary to prove the existence of the claim, including the extent of damage suffered. Legal basis - legally justified interest (Article 6 (1) (f) of the GDPR) to establish, pursue and enforce claims and to defend against claims in proceedings before the courts and other state bodies.

16. The transfer of personal data to Distance.eu is voluntary, in connection with concluded contracts of sale or performance of services via the Shop's Website, with the proviso that failure to provide data specified in the forms during the Registration process prevents the Registration and establishment of a Customer Account, and in case of placing an order without the Registration of a Customer Account, failure to provide the necessary data prevents the submission and execution of Customer's order.

17. Distance.eu processes personal data including: name, surname, e-mail address, as well as answers to prepared questions within the satisfaction survey and forms used for the satisfaction survey. Participation in such actions is voluntary. If the Customer does not agree to participate in them, he/she may at any time inform the Controller at the address in accordance with § 6, and then the Controller will block the relevant data. Legal basis - legally justified interest (Article 6 (1) (f) of the GDPR) to improve the functionality of services provided by electronic means and to assess the satisfaction of our services.

18. Furthermore, the Controller also processes data for statistical purposes relating to with the survey of the services provided, especially their coverage. The legal basis for this is our legally justified interest (Article 6 (1) (f) of the GDPR).

19. The Controller underline that he/she ensures full security of personal data processed within the IT system used to operate the Internet Shop. The system used allows: automatic registration of the date of the first entry of personal data into the system, the source of personal data, the user ID that entered data.

§ 2 To whom is data shared or entrusted and how long is it stored?

1. The Customer's personal data is transferred to the providers of services used by Distance.eu to operate the Internet Shop. The service providers to whom personal data are transferred, depending on the contractual arrangements and circumstances, either are subject to instructions from Distance.eu as to the purposes and methods of processing data (processors) or they determine the purposes and methods of processing data themselves (controllers). a. Processors. Distance.eu uses suppliers who process personal data only at the request of the Controller. These include: hosting service providers, accounting services, legal services, postal or courier services, site positioning services, providing marketing systems, systems for analysing traffic in the Internet Shop, systems for analysing the effectiveness of marketing campaigns, systems for creating and sending newsletters, systems for collecting statistics and advertising (e.g. Google); b. Controllers. Distance.eu uses suppliers who do not act solely on request and set the purposes and methods of using the Customers' personal data themselves. They provide electronic and banking payment services.

2. In this regard, including in particular the fact of cooperation with Google, data provided to the Controller may be transferred outside the European Economic Area. Appropriate security of transferred data has been ensured by the Controller by applying the standard data protection clauses adopted under the European Commission decision. You can obtain a copy of our data transfer security for countries outside the EEA, in particular by contacting our Inspector.

3. Personal data of the Customers are stored until: a. withdrawal of the Customer's consent to data processing, b. the statute of limitations on the claims to which the Controller is entitled against the Customer or the Customer against the Controller; c. the statute of limitations for claims by cooperating entities with respect to the Controller in connection with the provision of services relating directly or indirectly to the Customer's data; d. the Customer's objection to data processing; depending on which of the events described above comes later.

4. If the Customer chooses to make a payment through the dotpay.pl system, his or her personal data is transferred to the extent necessary to make the payment to Dotpay S.A. with its registered office in Krakow (30-552), ul. Wielicka 72, entered in the register of entrepreneurs kept by the District Court Kraków-Śródmieście in Kraków, XI Economic Department of the National Court Register under the number KRS 0000296790.

5. Navigation data may be used to provide better service to Customers, analyse statistical data and adjust the Internet Shop to their preferences, as well as to administer the Internet Shop.

6. If the Customer subscribes to the Newsletter, Distance.eu will send electronic messages containing commercial information about promotions and new products available in the Internet Shop to his/her e-mail address.

7. In case of submitting a request, Distance.eu makes personal data available to authorized state authorities, in particular to organizational units of the Prosecutor's Office, the Police, the President of the Office for Personal Data Protection, the President of the Office for Competition and Consumer Protection or the President of the Office for Electronic Communications

8. The service uses TrafficWatchDog application offered by Spark DigitUP sp. z o.o., based at Plac Wolnica 13/10, 31-060 Krakow. The application monitors visits and collects information on how to use the monitored website. In cookies and parameters collected by JavaScript codes and pixels information such as IP address (Internet Protocol), end device identifier, type of end device, end device parameters, operating system parameters, browser parameters, how the user interacts with the monitored site and activity data, site time, HTTP header parameters, marketing campaign parameters are stored. The above data is collected for the purpose of identifying ad fraud (Article 6 (1) (f) of the GDPR) and will be deleted after 3 months at the latest. The TrafficWatchdog application may use cookies of other entities, e.g. Google. More information on the terms of use and data protection, please visit the following website https://trafficwatchdog.pl/pl/docs/privacy-policy and https://trafficwatchdog.pl/pl/docs/cookie-policy

9. The website uses Google reCAPTCHA v.3 offered by Google Ireland Limited ("Google"), a company registered and operating in accordance with Irish law (registration number: 368047), located at Gordon House, Barrow Street, Dublin 4, Ireland - to monitor user interactions on the website. For more information on the terms of use and data protection, please visit the following website https://policies.google.com/terms?hl=en and https://policies.google.com/privacy?hl=en

§ 3 The mechanism of cookies, data processing in an automated manner, IP address

1. The Internet Shop uses small files called cookies. They are saved by Distance.eu on the end device of the visitor to the Internet Shop, if allowed by the web browser. A cookie file usually contains the name of the domain it comes from, its "expiry time" and an individual, randomly selected number identifying this file.

2. Information collected using this type of files helps to adjust the products offered by Distance.eu to the individual preferences and real needs of visitors to the Internet Shop. They also enable the development of general statistics of visits to the presented products in the Internet Shop.

3. Distance.eu uses two types of cookies: a) session cookies: after the end of a browser session or turning off the computer, the saved information is removed from the device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from Customers' computers; b) persistent cookies: they are stored in the memory of the Customer's end device and remain there until they are deleted or expired. The persistent cookie mechanism does not allow the collection of any personal data or any confidential information from the Customers' computer.

4. Distance.eu uses its own cookies for the purpose of: a) saving goods in the shopping cart, thanks to which the Customer does not have to add them after each page reload or on each subpage; b) Customer authentication in the Internet Shop and ensuring the Customer's session in the Internet Shop (after logging in), thanks to which the Customer does not have to re-enter the login and password on each subpage of the Internet Shop; c) analysis and research as well as audience audit, and in particular to create anonymous statistics that help to understand how customers use the Shop Website, which allows improving its structure and content; d) presenting general advertisements, offers or promotions intended for all Customers in a manner tailored to the interests of the customer, learning about the customer's preferences, e.g. by analysing how often he/she visits the Internet Shop and what products he/she buys, which allows a better understanding of the Customer's expectations and adapting to his/her needs, without significantly affecting his/her decisions. Thanks to the use of advanced technologies, these activities will often be performed by the system in an automated manner, which will allow the sent content to be up-to-date.

5. Distance.eu uses external cookies for the purpose of: a) presenting advertisements tailored to the Customer's preferences using the Google AdSense online advertising tool (external cookie controller: Google Inc with its registered office in the USA); b) the presentation of the Reliable Certificate Regulations via the rzetelnyregulamin.pl website (external cookie controller: Rzetelna Grupa sp. z o.o. with its registered office in Warsaw).

6. The cookie mechanism is safe for the computers of the Customers of the Internet Shop. In particular, it is not possible for viruses or other unwanted software or malicious software to get into Customers' computers. However, in their browsers, Customers have the option of limiting or disabling access of cookies to their computers. If you use this option, the use of the Internet Shop will be possible, except for functions that, by their nature, require cookies.

7. Below is how you can change the settings of popular web browsers regarding the use of cookies: a) Internet Explorer browser (https://support.microsoft.com/pl-pl/help/278835/how-to-delete-cookie-files-in-internet-explorer); b) Microsoft EDGE browser (https://privacy.microsoft.com/pl-PL/windows-10-microsoft-edge-and-privacy); c) Mozilla Firefox browser (https://support.mozilla.org/pl/kb/ciasteczka); d) Chrome browser (https://support.google.com/chrome/answer/95647?hl=pl); e) Safari browser (https://support.apple.com/pl-pl/HT201265); f) Opera browser (http://help.opera.com/Linux/9.22/pl/cookies.html).

8. Distance.eu may collect Customers' IP addresses. An IP address is a number assigned to the computer of a person visiting the Internet Shop by the Internet service provider. The IP number allows access to the Internet. In most cases, it is assigned to the computer dynamically, i.e. it changes with each connection to the Internet, and for this reason it is commonly treated as non-personal identifying information.

9. The IP address is used by the Controller in diagnosing technical problems with the server, creating statistical analyses (e.g. determining from which regions we record the highest number of visits), as information useful in administering and improving the Internet Shop, as well as for security purposes and possible identification of unwanted automatic programs for viewing the content of the Internet Shop that burden the server.

10. The Internet Shop contains links and reference links to other websites. Distance.eu is not responsible for the privacy policies that apply to them.

§ 4 Rights of data subject

1. Right to withdrawal of consent - legal basis: Article 7(3) of the GDPR. a) The Customer has the right to withdraw any consent granted to Distance.eu. b) Withdrawal of consent has effect from the moment of withdrawal of consent. c) Withdrawal of consent does not affect the processing carried out by Distance.eu in accordance with the law prior to its withdrawal. d) Withdrawal of consent will not entail any negative consequences for the Customer, but may prevent further use of the services or functionalities which, in accordance with the law, Distance.eu can only provide with consent.

2. The right to object to data processing - legal basis: Article 21 of the GDPR. a) The Customer has the right to object at any time - for reasons related to his/her special situation - to the processing of his/her personal data, including profiling, if Distance.eu processes his/her data on the basis of a legitimate interest, e.g. marketing of Distance.eu products and services, keeping statistics on the use of individual functionalities of the Internet Shop and facilitating the use of the Internet Shop, as well as a satisfaction survey. b) Resignation in the form of an e-mail from receiving marketing messages regarding products or services will mean the Customer's objection to the processing of his/her personal data, including profiling for these purposes. c) If the Customer's objection turns out to be justified and the Controller has no other legal basis to process personal data, the Customer's personal data will be deleted, the processing of which has been objected by the Customer.

3. The right to delete data ("the right to be forgotten") - legal basis: Article 17 of the GDPR. a) The Customer has the right to request the deletion of all or some personal data. b) The Customer has the right to request the deletion of personal data if: a. personal data are no longer necessary for the purposes for which they were collected or processed; b. withdrew a specific consent to the extent to which personal data were processed based on his/her consent; c. he/she objected to the use of his/her data for marketing purposes; d. personal data are processed unlawfully; e. personal data must be removed in order to comply with the legal obligation provided for in the Union law or the law of the Member State to which the Controller is subject to; f. personal data has been collected in relation to the offering of information society services. c) Despite the request to delete personal data, in connection with the objection or withdrawal of consent, Distance.eu may retain certain personal data to the extent that processing is necessary for the establishment, exercise or defence of claims, as well as for compliance with a legal obligation requiring processing under EU law or the law of the Member State to which Distance.eu is subject to. This applies in particular to personal data including: name, surname, e-mail address, which are stored for the purpose of handling complaints and claims related to the use of Distance.eu services, or additionally the address of residence/correspondence address, order number, which data is kept for the purpose of considering complaints and claims related to concluded sales contracts or the provision of services.

4. The right to limit data processing - legal basis: Article 18 of the GDPR. a) The Customer has the right to demand that the processing of his/her personal data be limited. Submitting a request, pending its consideration, prevents the use of certain functionalities or services, the use of which will involve the processing of data covered by the request. Distance.eu will also not send any messages, including marketing ones. b) The Customer has the right to request limitation of the use of personal data in the following cases: a. if he/she questions the correctness of his/her personal data - then Distance.eu limits their use for the time needed to verify the correctness of data, but no longer than for 7 days; b. when the processing of data is unlawful, and instead of deleting data, the Customer requests the limitation of their use; c. when personal data are no longer necessary for the purposes for which they were collected or used, but they are needed by the Customer in order to establish, assert or defend claims; d. when he/she objected to the use of his/her data - then the limitation takes place for the time needed to consider whether - due to the special situation - the protection of the Customer's interests, rights and freedoms outweighs the interests pursued by Distance.eu when processing the Customer's personal data.

5. The right to access data - legal basis: Article 15 of the GDPR. a) The Customer has the right to obtain from Distance.eu a confirmation as to whether it is processing personal data, and if so, the Customer has the right to: a. access his/her personal data; b. obtain information about the purposes of processing, categories of personal data being processed, recipients or categories of recipients of these data, the planned period of storage of the Customer's data or the criteria for determining this period (when it is not possible to specify the planned period of data processing), about the rights of the Customer under GDPR and the right to file a complaint with the supervisory authority, about the source of this data, about automated decision making, including profiling, and about the security measures applied in connection with the transfer of this data outside the European Union; c. obtain a copy of his/her personal data.

6. The right to rectify data - legal basis: Article 16 of the GDPR. a) The Customer has the right to request from Distance.eu the immediate rectification of his/her personal data that is incorrect. Taking into account the purposes of processing, data subject has the right to request supplementing incomplete personal data, including by submitting an additional statement, directing the request to the e-mail address in accordance with § 6 of the Privacy Policy.

7. The right to data portability - legal basis: Article 20 of the GDPR. a) The Customer has the right to receive his/her personal data provided by Distance.eu, and then send it to another personal data Controller of his/her choice. The Customer also has the right to request that the personal data be sent by Distance.eu directly to such Controller, if it is technically possible. In this case, Distance.eu will send the Customer's personal data in the form of a csv file, which is a commonly used, machine-readable format that allows received data to be sent to another personal data controller.

8. In case of the Customer exercising his or her rights under the above rights, Distance.eu will fulfil the request or refuse to fulfil it immediately, but no later than within one month after receiving it. However, if - due to the complicated nature of the request or the number of requests - Distance.eu will not be able to fulfil the request within one month, it will fulfil it within the next two months, informing the Customer earlier within one month of receiving the request - about the intended extension of the deadline and its reasons.

9. The Customer may submit to Distance.eu complaints, enquiries and requests concerning the processing of his/her personal data and the exercise of his/her rights.

10. The Customer has the right to demand from Distance.eu to provide copies of standard contractual clauses by submitting an enquiry in the manner specified in § 6 of the Privacy Policy.

11. The Customer has the right to file a complaint with the President of the Personal Data Protection Office regarding the violation of his/her rights to the protection of personal data or other rights granted under the GDPR.

§ 5 Security management - password

1. Distance.eu provides Customers with a secure and encrypted connection when transferring personal data and when logging into the Customer Account on the Website. The Controller uses an SSL certificate issued by one of the world's leading companies in the field of security and encryption of data sent over the Internet.

2. In case that the Customer who has an account in the Internet Shop has lost the access password in any way, the Internet Shop allows him/her to generate a new password. Distance.eu does not send a password reminder. The password is stored in an encrypted form in a way that prevents its reading. In order to generate a new password, please provide your e-mail address in the form available under the link "Forgot my password", provided next to the account login form in the Internet Shop. The new password will be automatically sent to the e-mail address provided during registration or saved in the last change of the account profile.

3. Distance.eu never sends any correspondence, including e-mails asking for login details, in particular the access password to the Customer's account.

§ 6 Amendments to the Privacy Policy

1. The Privacy Policy may be subject to change, of which Distance.eu will inform the Customers.

2. Please send your questions regarding the Privacy Policy to the following address: [email protected]

3. Date of last modification: September 04, 2020

To Top