PRIVACY POLICY

1. General information

1. This policy applies to the Website operating at the url: darklala.com
2. The website operator and the personal data administrator is: Filip Stachura
3. The operator's e-mail contact address: sklep@darklala.com
4. The operator is the Administrator of your personal data in relation to the data provided voluntarily on the Website.
5. The website uses personal data for the following purposes:

• Keeping the newsletter
• Conducting online chat conversations
• Viewing user announcements
• Handling of queries via the form
• Preparation, packaging, shipment of goods
• Realization of ordered services
• Presentation of the offer or information

The website obtains information about users and their behavior in the following way:

1. Through data entered voluntarily in forms, which are entered into the Operator's systems.
2. By saving cookie files in end-devices (so-called "cookies").

2. Selected data protection methods used by the Operator

1. The places of logging in and entering personal data are protected at the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user's computer and can only be read on the target server.
2. Personal data stored in the database are encrypted in such a way that only the operator with the key can read it. Thanks to this, the data is protected in the event of the database being stolen from the server.
3. User passwords are stored in a hashed form. The hash function works in one direction - it is not possible to reverse its operation, which is now the modern standard for storing user passwords.
4. The operator changes his administrative passwords periodically.
5. In order to protect data, the Operator regularly makes backup copies.
6. An important element of data protection is regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. Hosting

1. The website is hosted (technically maintained) for the operator's server: godaddy.com

4. Your rights and additional information on how the data is used

1. In some situations, the Administrator has the right to transfer your personal data to other recipients, if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to such groups of recipients:
   • couriers
   • postal operators
   • banks
   • payment operators
   • operators of online chat solutions
   • authorized employees and associates who use the data to achieve the purpose of the website
   • companies providing marketing services to the Administrator
2. Your personal data processed by the Administrator for no longer than it is necessary to perform related activities specified in separate regulations (e.g. on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
3. You have the right to request the Administrator:
   • access to personal data concerning you,
   • rectify them,
   • deletion,
   • processing restrictions,
   • and data portability.
4. You have the right to object to the processing indicated in point 3.3 c) to the processing of personal data in order to perform the legitimate interests pursued by the Administrator, including profiling, but the right to object may not be exercised if there are legally valid legitimate grounds for processing, interests, rights and freedoms overriding you, in particular for establishing, investigating or defending claims.
5. The Administrator's actions may be appealed against to the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
6. Providing personal data is voluntary, but necessary to operate the Website.
7. You may be subject to automated decision-making, including profiling, to provide services under the concluded contract and for the purpose of conducting direct marketing by the Administrator.
8. Personal data is not transferred