Shopping Cart (0)
Cart is Empty
For free delivery are missing -,--
Free delivery!
Total 0,00 €
Price includes discounts
Proceed to Checkout
Puzzle Factory - Puzzle Manufacturer
Puzzle Factory - Puzzle Manufacturer

Privacy Policy

fabryka-puzzli-polityka-prywatnosci.jpg

Privacy Policy of www.personalised-jigsaw.com
(Original Polish version available at the Polish domain; the Polish version is the primary and legally binding document. This English version is provided for convenience only.)

  1. General Information
    This Privacy Policy sets out the principles for processing and protecting the personal data of users who use the website www.personalised-jigsaw.com (hereinafter: the “Service”). The Administrator takes all necessary measures to ensure that users’ data is processed in accordance with applicable regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”), national data protection laws, and other relevant legal provisions.

  2. Data Controller
    The Data Controller is Fabryka Puzzli Daniel Kołodziejczyk, ul. Pod Lasem 2, 34-100 Jaroszowice, NIP: 5512636229, REGON: 381023550 (hereinafter: the “Administrator”).
    For matters related to personal data protection, please contact us at: hello@fabrykapuzzli.eu.
    The Administrator has not appointed a Data Protection Officer, as it is not legally required to do so.

  3. Data Security
    The Administrator applies appropriate technical and organizational measures to ensure the security of processed data in accordance with GDPR requirements. Security measures are regularly reviewed and updated, taking into account the risk of violating the rights or freedoms of data subjects.

  4. Legal Bases for Data Processing
    Personal data is processed based on:

    • Art. 6(1)(b) GDPR (performance of a contract) – to process orders and provide services offered by the Service.
    • Art. 6(1)(c) GDPR (legal obligation) – to fulfill legal obligations, such as issuing invoices or retaining accounting documents.
    • Art. 6(1)(f) GDPR (legitimate interest of the Administrator) – to ensure Service security, pursue or defend claims, conduct direct marketing of own products, and verify product reviews (Omnibus Directive).
    • Art. 6(1)(a) GDPR (consent) – for marketing activities beyond legitimate interest, sending newsletters, and the use of analytical and marketing cookies.

  5. Methods of Data Collection
    Personal data is obtained:
    a) Directly from Users when they voluntarily fill out forms (e.g., orders, account registration, newsletter sign-up).
    b) Via cookies and similar technologies. Detailed information about the types, purposes, storage periods, and management of cookies can be found in the separate [Cookie Policy].

  6. Categories of Data and Recipients
    The Administrator processes, among others, the following data: name, surname, delivery address, email address, telephone number, invoicing data, order history. For marketing activities (e.g., newsletters) conducted with the User’s consent, the processed data includes the email address or other data provided at the time of consent.

    Data may be shared with trusted entities to the extent necessary to achieve the purposes, such as:

    • Courier or postal companies (to deliver products).
    • Payment operators (e.g., Blue Media S.A.) to process transactions.
    • IT service providers, hosting providers, accounting offices, law firms (if necessary).

    All these entities are obliged to process data lawfully and in accordance with data processing agreements concluded with the Administrator.

  7. Purposes of Data Processing
    Personal data is processed for the following purposes:

    • Fulfilling orders and providing services offered by the Service (basis: Art. 6(1)(b) GDPR).
    • Handling user inquiries, processing complaints, fulfilling the right of withdrawal in accordance with consumer rights directives (basis: Art. 6(1)(b) and (c) GDPR).
    • Marketing activities, including sending newsletters, if the User has given consent (basis: Art. 6(1)(a) GDPR) or if it derives from the Administrator’s legitimate interest (Art. 6(1)(f) GDPR).
    • Verifying product reviews (Omnibus Directive) to ensure their authenticity and reliability (basis: Art. 6(1)(f) GDPR).
    • Ensuring Service security, pursuing or defending against claims (Art. 6(1)(f) GDPR).

  8. Cookies, Analytics, and Remarketing
    The Administrator uses cookies (necessary, analytical, marketing) and similar technologies to:

    • Ensure proper functioning of the Service and facilitate its use.
    • Collect anonymous statistical data on traffic (e.g., via Google Analytics) to improve offerings and functionality.
    • Display tailored advertising content and conduct remarketing activities (e.g., Google Ads, Meta/Facebook Pixel) upon the User’s consent.

    Detailed information on how cookies are used, the analytical and remarketing tools employed, storage periods, and how to withdraw consent can be found in the [Cookie Policy].

  9. Data Retention Period
    Data is stored for as long as necessary to achieve the purposes for which it was collected.

    • Order and accounting data: stored for periods specified by applicable laws (e.g., 5 years for accounting documents).
    • Data processed based on consent (e.g., marketing, newsletters): until consent is withdrawn.
    • Data related to claims and pursuing rights: until claim limitation periods expire.

  10. Data Subject Rights
    Users have the right to:

    • Access their data.
    • Rectify data if it is incorrect or outdated.
    • Erase data (“right to be forgotten”) if there is no basis for further processing.
    • Restrict processing under certain circumstances.
    • Data portability when processing is based on consent or contract and performed by automated means.
    • Object to processing based on the legitimate interest of the Administrator.
    • Withdraw consent at any time (without affecting the lawfulness of prior processing).

    To exercise these rights, please contact the Administrator at hello@fabrykapuzzli.eu. The Administrator will consider the request promptly, within a maximum of one month, extendable by two months if justified.

    The User has the right to lodge a complaint with the President of the Personal Data Protection Office (UODO) if they believe that the data processing violates GDPR.

  11. Transfer of Data to Third Countries
    With the User’s consent for analytical and marketing cookies, User activity data may be transferred to external partners (e.g., Google LLC, Meta Platforms Inc.) located outside the European Economic Area, e.g., in the USA. The Administrator applies appropriate legal safeguards, such as standard contractual clauses, to ensure an adequate level of data protection. Details are provided in the [Cookie Policy].

  12. Profiling and Automated Decisions
    Data is not used for fully automated decision-making that produces legal effects for the User. Analytical and marketing tools may be used to create user preference profiles (profiling) to deliver personalized content and advertisements. Profiling occurs only after obtaining the User’s consent for marketing and analytical cookies.

  13. Changes to the Privacy Policy
    The Administrator reserves the right to amend this Privacy Policy in case of legislative changes, introduction of new services or technologies. Users will be informed of significant changes via a notice on the Service or, if possible, by email (for registered Users). The updated Privacy Policy will be available at a permanent URL. Continued use of the Service after changes have been introduced constitutes acceptance of the new content.

  14. Links to Other Sites
    The Service may contain links to other websites. The Administrator is not responsible for the privacy practices of those sites. It is recommended to review the privacy policy of each visited website.

  15. Contact
    If you have any questions regarding this Privacy Policy or the processing of personal data, please contact us at: hello@fabrykapuzzli.eu.