WE SHIP ALL OVER EUROPE

FREE EU SHIPPING OVER €100 AND FREE POLAND SHIPPING OVER 50 ZŁ.

ALL PRODUCTS SHIPPED FROM STOCK IN POLAND. EXPLORE

Privacy Policy

Privacy Policy

1. Data Controller and Definitions

The data controller of Customers/Users of the Online Shop, also known as the Seller, is ALTWAY(PL) Sp. z o.o., with NIP 5842745045, REGON 362883128. The data controller can be contacted at:

  • Address for letters: Aleja Grunwaldzka 212, 80-266 Gdańsk
  • Email: sklep@altwaylab.com

User – a natural person entering the website/websites of the Online Shop or using the services or functionalities described in this Policy.

Customer – a natural person having full legal capacity, a natural person who is a Consumer, a legal person, or an organizational unit without legal personality, to which the Act grants legal capacity, which concludes a Distance Selling Agreement with the Seller.

Online Shop – an Internet service run by the Seller, available at electronic addresses (websites): https://altwaylab.com, through which the Customer/User may obtain information about the Goods and their availability, buy the Goods, or order the service.

Newsletter – information, including commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services (Dz. U. z 2020 r. poz. 344) from the Seller, sent to the Customer/User by electronic means; its receipt is voluntary and requires the consent of the Customer/User.

Account – a set of data stored in the Online Shop and in the Seller’s IT system concerning the Customer/User and orders placed by the Customer/User and the agreements concluded by the Customer/User, which enables the Customer/User to place orders and conclude agreements.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

2. The Purposes, Legal Basis, and Period of the Processing

In order to perform the Distance Selling Agreement, the Seller processes:

  • Information concerning the User’s device to ensure the correct functioning of the services: IP address of the computer, information contained in cookies or other similar technologies, session data, web browser data, device data, data concerning activity on the website, including on individual subpages.
  • Geolocation data, if the User has consented to the service provider’s access to geolocation. The geolocation data provides more tailored offers of Goods and services.
  • Users’ personal data: name, surname, registered office address, correspondence address, email address, telephone number, Tax Identification Number (NIP), bank account number, or other personal data required by the Administrator in the purchasing process.

This information does not contain the users’ identity data but may constitute personal information in combination with other information. Therefore, the data controller extends full GDPR protection to them.

These data are processed in accordance with Article 6 section 1 letter b of the GDPR, for the purpose of providing a service, i.e., an agreement for the provision of services by electronic means in accordance with the Regulation, in accordance with Article 6 section 1 letter a of the GDPR, in accordance with consenting to the use of certain cookies or other similar technologies, as expressed by the appropriate settings of the Internet browser, in accordance with the Telecommunications Law, or in accordance with consenting to geolocation. The data are processed until the end of the User’s use of the Online Shop.

The Administrator undertakes to take all measures required under Article 32 of the GDPR, i.e., taking into account the state of the art, the cost of implementation, the nature, scope and purposes of the processing, and the risk of violation of the rights or freedoms of natural persons of varying probability and seriousness, the Administrator implements appropriate technical and organizational measures to ensure a level of security appropriate to that risk.

3. Marketing Activities of the Data Controller

The data controller may place marketing information about his/her Goods or services on the Online Shop’s website. Such content shall be displayed by the data controller in accordance with Article 6 section 1 letter f of the GDPR, in accordance with the legitimate interest pursued by the data controller, in publishing the content related to the services provided and the promotional content of the actions in which the data controller is involved. At the same time, the action does not infringe the rights and freedoms of the Customers/Users, the Customers/Users expect to receive similar content, or even expect it, or it is their direct purpose to visit the website(s) of the Online Shop.

4. Recipients of User’s Data

The data controller discloses the Users’ personal data only to the processors under the concluded contracts of entrustment of personal data processing, for the purpose of providing services to the Administrator, e.g., hosting and maintenance of the website, IT services, marketing, and PR services.

5. Transfer of Personal Data to Third Countries

Personal data will not be processed in third countries.

6. Withdrawal from the Contract – Electronic Return Form

Rights for the Data Subjects

  • Right of Access (Article 15 of the GDPR): To obtain confirmation from the data controller, whether his or her personal data are being processed. If the data about a person is processed, he or she is entitled to access it and to obtain the following information: about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, about the period of data storage or about the criteria used to determine that period, about the right to request rectification, erasure or restriction of processing of personal data and to object to such processing.
  • Right to Obtain a Copy of the Data (Article 15 section 3 GDPR): To obtain a copy of the data to be processed; the first copy being free of charge. For further copies, the data controller may charge a reasonable fee based on administrative costs.
  • Right to Rectification (Article 16 of the GDPR): To request the rectification of inaccurate or to supplement incomplete data concerning him or her.
  • Right to Erasure (Article 17 of the GDPR): To request the erasure of his/her personal data if the data controller has no legal basis for their processing or the data are not necessary for the purposes of processing anymore.
  • Right to Restriction of Processing (Article 18 of the GDPR): To request a restriction of processing of personal data when:
  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,
  • The processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead,
  • The data controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims,
  • The data subject has objected to processing pursuant to Article 21 section 1 pending the verification whether the legitimate grounds of the controller override those of the data subject.
  • Right to Data Portability (Article 20 GDPR): To receive the personal data concerning him or her, which he or she has provided to a data controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the data controller to which the personal data have been provided, where data are processed on the basis of the data subject’s consent or on a contract with him/her and where data are processed by automated means.
  • Right to Object (Article 21 of the GDPR): To object to the processing of his/her personal data for the legitimate purposes of the controller, on grounds related to his/her specific situation, including profiling. In such a case, the data controller shall assess the existence of important legitimate grounds for processing overriding the interests, rights, and freedoms of data subjects or grounds for establishing, pursuing, or defending claims. If according to the assessment the interests of the data subject will take precedence over the interests of the controller, the data controller shall be obliged to stop processing the data for these purposes.
  • Right to Withdraw Consent: To withdraw consent at any time and without giving any reason, but the processing of personal data carried out before withdrawal of consent will still remain lawful. Withdrawal of consent shall result in the data controller ceasing to process personal data for the purpose for which the consent was given.

In order to exercise the aforementioned rights, the data subject should contact the data controller using the contact details provided and inform the data controller which right and to what extent he/she wants to exercise it.

7. The President of the Personal Data Protection Office

The data subject has the right to complain to the supervisory authority, which, in Poland, is the President of the Personal Data Protection Office, and its seat is in Warsaw, ul. Stawki 2, which can be contacted as follows:

  • Address for letters: ul. Stawki 2, 00-193 Warsaw
  • Via the electronic mailbox available on the website: UODO Contact
  • Helpline: 606-950-000

8. Data Protection Officer

In any case, the data subject may also contact the Data Protection Officer of the data controller directly by e-mail or in writing to the address of the data controller given in section 1 point 2 of this Policy.

9. Changes to the Privacy and Cookie Policy

Privacy and Cookies Policy may be supplemented or updated according to the data controller’s current needs in order to provide current and reliable information to Customers/Users.

10. Cookies

The Online Shop performs the functions of obtaining information about Customers, Users, and their behavior in the following ways:

  • Information voluntarily entered on the forms, for purposes arising from the function of the form.
  • Storing cookies (so-called: “cookies”) on the final device.
  • Collecting web server logs by the Online Shop’s hosting operator (necessary for proper operation of the Online Shop).

Cookie files are IT data, in particular text files, which are stored in the Customer’s/User’s final device and are designed to use the Online Shop’s website. Cookies usually contain the name of the website from which they come from, the time of their storage on the final device, and a unique number.

The Online Shop uses cookies only after the Customer/User has given his/her prior consent in this regard. Consent to the use of all cookies by the Online Shop is given by clicking the button: “Close” when the announcement about the use of cookies by the Online Shop is displayed or by closing that announcement.

If the Customer/User does not agree to the use of cookies by the Online Shop, he/she may use the option: “I do not agree”, which is also available in the announcement about the use of cookies by the Online Shop or make changes to the settings of the Internet browser, which is currently being used by Customer/User (however, this may cause incorrect operation of the Online Shop).

To manage the cookie settings, Customer/User should select a web browser/system and follow the instructions: Internet Explorer, Chrome, Safari, Firefox, Opera, Android, Safari (iOS), Windows Phone.

The legal basis for the processing of personal data from cookies is the legitimate interests pursued by the Website’s Operator, consisting of providing high-quality services, ensuring the safety of services.

The Online Shop uses two basic types of cookies: session cookies and persistent cookies. Session cookies are temporary files, which are stored in the User’s final device until logging out, leaving the Online Shop, or switching off the software (web browser). Persistent cookies are stored in a User’s device for the time specified in the parameters of cookies or until their removal by the User.

Functional cookies (required):

  • altwaylab.com
    • monit_token: 365 days, cookie: Identifies the shop’s customer.
    • shop_monit_token: 30 minutes, cookie: Identifies the shop’s customer.
    • client: 1 day, cookie: Identifies the logged-in customer / basket of the non-logged-in customer.
    • affiliate: 90 days, cookie: It stores information about the partner ID from which the shop was entered.
    • ordersDocuments: cookie: Stores information about the print status of a document.
    • __idsui: 1095 days, cookie: File required for the so-called lightweight login function on the website.
    • __idsual: 1095 days, cookie: File required for the so-called lightweight login function on the website.
    • login: cookie: Stores information about whether the user has logged in to the site.
    • CPA: 28 days, cookie: Includes information on the variables for the CPA / CPS programmes in which the site participates.
    • basket_id: 365 days, cookie: The site user’s shopping cart identifier, assigned for the duration of the ongoing session.
    • page_counter: 1 day, cookie: Counter of pages visited.
    • LANGID: 180 days, cookie: Stores information about the language selected by the site user.
    • REGID: 180 days, cookie: Stores information about the site user’s region.
    • CURRID: 180 days, cookie: Stores information about the currency of the site selected by the user.

Analytics cookies:

  • Google Analytics
    • ga: 730 days, cookie: Used by Google Analytics to collect data on the number of times a user has visited the website, as well as dates for the first and most recent visit.
    • _gid: 1 day, cookie: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
    • _gat: 1 day, cookie: Used to throttle request rate. Analytics anonymizes the IP address.
    • __utma: 730 days, cookie: Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exist. The cookie is updated every time data is sent to Google Analytics.
    • __utmb: 30 minutes, cookie: Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exist. The cookie is updated every time data is sent to Google Analytics.
    • __utmc: cookie: Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
    • __utmz: 180 days, cookie: Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
    • AMP_TOKEN: 365 days, cookie: Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, in-flight request, or an error retrieving a Client ID from AMP Client ID service.
    • _gaexp: 90 days, cookie: Used to determine a user’s inclusion in an experiment and the expiry of experiments a user has been included in.
    • __gads: 395 days, cookie: To provide ad delivery or retargeting.

Advertising cookies:

  • altwaylab.com
    • RSSID: 180 days, cookie: IdoSell RS user ID, used for the purpose of displaying tailored product recommendations on the website.

The cookies are used for the following purposes:

  • Creating statistics that help to understand how Customers/Users of the Online Shop use the websites, which allows improving their structure and content.
  • Maintaining the Customer/User session (after logging in), thanks to which the Customer/User does not have to re-enter the login and password on each subpage of the Online Shop.
  • Defining the Customer’s profile in order to display product recommendations and matching materials in advertising networks, in particular, the Google network.

Software for web browsing (web browser) usually by default allows for storing cookies in the User’s final device. Customers/Users may change their settings in this area. The web browser allows removing cookies. It is also possible to automatically block cookie files. Restrictions on the use of cookies may affect some of the functionalities available on the Online Shop’s websites.

Cookie files placed in the Customer’s/User’s final device may also be used by the Online Shop’s advertisers and partners, cooperating with the Online Shop. Cookies may be used by the Google network to display advertisements tailored to the way the Customer/User uses the Online Shop. For this purpose, they can store information about the user’s navigation path or time spent on a given page: https://policies.google.com/technologies/partner-sites. We recommend that Customer/User should read these companies’ privacy policies in order to understand the cookies’ usage in the statistics: Privacy Policy – Google Analytics. In terms of information on the Customer’s/User’s preferences collected by the Google’s advertising network, the Customer/User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/.

11. Newsletter

The Customer/User may give his/her consent to receive commercial information electronically by ticking the appropriate option in the registration form or at a later date in the appropriate tab. In the case of such consent, the Customer/User shall receive information (Newsletter) of the Online Shop as well as other commercial information sent by the Seller to the Customer’s/User’s email address. The Customer/User may unsubscribe from the Newsletter at any time by unchecking the appropriate box on his/her Account page or by going to the form https://altwaylab.com/en/newsletter.html, clicking the appropriate link in the content of each Newsletter or through the Customer Service Office.

12. Account

The Customer/User may not place in the Online Shop or provide the Seller with content, including opinions and other data of an illegal nature. The Customer/User gets access to the Account after registration. When registering, the Customer/User provides the account type or gender, name, surname, company name, NIP number, data for issuing a sales document, shipping data, email address, and choose a password. The Customer/User assures that the data provided by him/her in the registration form are correct. Registration requires that Customer/User read the Regulations carefully and mark on the registration form that he/she has read the Regulations and fully accepts all provisions.

At the moment of granting the Customer/User access to the Account, an agreement for the provision of services by electronic means is concluded between the Seller and the Customer/User for an indefinite period of time. The Consumer may withdraw from this agreement on the terms specified in the Regulations. Registration of an Account on one of the websites of the Online Shop means at the same time registration allowing access to the other websites where the Online Shop is available.

The Customer/User may terminate the agreement for the provision of services by electronic means at any time with immediate effect, informing the Seller about it by e-mail or in writing to the address of the data controller given in section 1 point 2 of this Policy. The Seller has the right to terminate the agreement for the provision of services concerning the Account in the event of: cessation or transfer of the Online Shop service to a third party, violation by the Customer/User of the law or provisions of the Regulations, as well as in the event of inactivity of the Customer/User for a period of 6 months. The agreement is terminated with seven days’ notice. The Seller may stipulate that re-registration of the Account shall require the Seller’s permission.

Usercentrics Data Privacy Solutions

We utilize Usercentrics’ data privacy solutions to manage and ensure compliance with data protection regulations. This includes managing user consent for cookies and other tracking technologies, ensuring transparency and user control over their personal data. For more information about Usercentrics and their services, please visit Usercentrics.

Bestsellers:
SHOPPING BAG 0
RECENTLY VIEWED 0