Privacy policy

PRIVACY POLICY
OF THE WEBSITE WWW.MIGACOFFEE.PL

For the Owner and administrator of this website, the protection of User personal data is of the utmost importance. They make great efforts to ensure that Users feel safe when entrusting their personal data during their use of the website.

A User is a natural person, a legal entity, or an organizational unit without legal personality, to whom the law grants legal capacity, using electronic services available through the website.

This privacy policy explains the principles and scope of personal data processing, the rights of Users, as well as the obligations of the data administrator. It also informs about the use of cookies.

The Administrator uses the latest technical measures and organizational solutions that ensure a high level of protection of the processed personal data and safeguards against unauthorized access.

DATA ADMINISTRATOR

The administrator of personal data is miga coffee sp. z o.o. with its registered office at Ocicka 7, entered into the business register maintained by the District Court in Gliwice, X Commercial Division, under KRS number: 0000583777, NIP: 6392008725 (hereinafter referred to as "Administrator").

The owner of the website is miga coffee sp. z o.o. with its registered office at Ocicka 7, entered into the business register maintained by the District Court in Gliwice, X Commercial Division, under KRS number: 0000583777, NIP: 6392008725 (hereinafter referred to as "Owner").

PURPOSE OF PERSONAL DATA PROCESSING

The Administrator processes the User's personal data for the following purposes:

  • To properly execute sales contracts concluded through the online store via the website http://migacoffee.pl

This means that the data is necessary, in particular, for:

  • registering on the website;
  • concluding a contract;
  • performing settlements;
  • delivering the ordered goods or providing services;
  • using any consumer rights (e.g., withdrawal from the contract, warranty).

ANALYTICAL ACTIVITIES

  • opening subpages,
  • time spent on a particular subpage,
  • viewed products,
  • clicks on the website,
  • information about purchases.

The User may also consent to receive information about new products and promotions, which will result in the Administrator also processing personal data to send the User marketing communications regarding new products or services, promotions, or sales.

Personal data is also processed for the fulfillment of legal obligations imposed on the data administrator and the performance of tasks in the public interest, such as tasks related to security, defense, or tax documentation storage.

Personal data may also be processed for direct marketing purposes of products, securing and pursuing claims, or protecting against claims of the User or third parties, as well as marketing the services and products of third-party entities or internal marketing not related to direct marketing.

TYPES OF DATA

The Administrator processes the following personal data, which is necessary for:

  • Registering on the website:

    • Name and surname;
    • Email address;

  • Making purchases via the website:

    • Name and surname;
    • Gender;
    • Delivery address;
    • Phone number;
    • Email address;

Optional data provided by the User:

  • Date of birth;
  • PESEL number (if requesting an invoice);
  • NIP number (if requesting an invoice for a business).

In the event of withdrawal from the contract or claim recognition, when the refund is made directly to the User's bank account, the User's bank account number will also be processed.

LEGAL BASIS FOR PERSONAL DATA PROCESSING

Personal data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals concerning the processing of personal data and on the free movement of such data (General Data Protection Regulation - GDPR), OJ L 119, 4.5.2016, p. 1-88.

The Administrator processes personal data only after obtaining the User's consent, expressed during registration on the website or when confirming a transaction made on the website.

Consent to the processing of personal data is entirely voluntary, however, failure to provide consent will prevent registration on the website and making purchases via the website.

RIGHTS OF THE USER

The User may, at any time, request information from the administrator regarding the scope of personal data processing.

The User may request to correct or rectify their personal data at any time. The User can also do this independently after logging into their account.

The User may withdraw their consent to the processing of their personal data at any time, without giving a reason. The request for non-processing of data may relate to a specific purpose of processing, e.g., withdrawing consent to receive commercial information, or relate to all purposes of data processing. Withdrawal of consent for all purposes of data processing will result in the deletion of the User's account on the website, along with all previously processed personal data. Withdrawal of consent will not affect actions already taken.

The User may request, at any time, without giving a reason, that the administrator deletes their data. The request for data deletion will not affect actions already taken. Data deletion means the simultaneous deletion of the User's account, along with all previously saved and processed personal data.

The User may object to the processing of personal data at any time, either with respect to all processed data or a specific purpose. The objection will not affect actions already taken. Filing an objection will result in the deletion of the User's account, along with all previously saved and processed personal data.

The User may request a restriction on the processing of personal data, either for a specific time or without time limitation but in a specific scope, which the administrator will be obligated to fulfill. This request will not affect actions already taken.

The User may request that the administrator transfers their personal data to another entity. To do so, the User should write a request to the administrator, indicating the entity (name, address) to which the personal data should be transferred and the specific data the User wishes to be transferred. After confirming the User's request, the administrator will provide the requested personal data to the indicated entity in electronic form. Confirmation of the User's request is necessary for the security of the User's personal data and to ensure that the request is made by the authorized person.

The Administrator informs the User of the actions taken before the expiration of one month from receiving one of the requests mentioned in the previous points.

DATA RETENTION PERIOD

In principle, personal data is stored only as long as necessary to fulfill contractual or legal obligations for which it was collected. These data will be deleted immediately when their storage is no longer necessary for evidentiary purposes, in accordance with civil law, or due to legal obligations to store data.

Information about the contract is kept for evidentiary purposes for a period of three years, starting from the end of the year in which the commercial relationship with the User ended. Data will be deleted after the statutory period for claiming contractual claims expires.

Furthermore, the administrator may retain archival information about concluded transactions, as the storage of such information is related to the User's claims, e.g., under warranty.

If no contract was concluded between the User and the Owner, the User's personal data will be stored until the User's account is deleted from the website. Deletion of the account may occur at the User's request, withdrawal of consent for the processing of personal data, or by filing an objection to the processing of such data.

TRANSFER OF DATA TO OTHER ENTITIES

The Administrator may delegate personal data processing to entities cooperating with the administrator, to the extent necessary for transaction execution, e.g., for preparing the ordered goods, delivering shipments, or sending marketing information, from the administrator (this applies to Users who consented to receive marketing information).

Apart from the purposes stated in this Privacy Policy, the personal data of Users will not be shared with third parties or transferred to other entities for the purpose of sending marketing materials from third parties.

Personal data of Users of the website is not transferred outside the European Union.

This Privacy Policy complies with the provisions of Article 13 (1) and (2) of the GDPR.

COOKIES

The website uses cookies or similar technologies (collectively referred to as "cookies") to collect information about User access to the website (e.g., via a computer or smartphone) and their preferences. They are used, among other things, for advertising, statistical, and customizing the website to the User's individual needs.

Cookies are fragments of information containing a unique reference code that the website sends to the User's device to store and sometimes track information about the device being used. Usually, they do not allow identifying the User personally. Their main purpose is to better match the website to the User.

Some cookies are available only during a specific session and expire after closing the browser. Other cookies are used to remember the User, who is recognized when returning to the website. These cookies are stored for a longer period.

The cookies used on this website include:

  • Necessary for session management;
  • Statistical information about website usage;
  • Customizing the appearance or layout of the website.