Privacy Policy

Privacy Policy

Online store Numoco.pl GDPR

§ 1 General Provisions

1. This Privacy Policy defines the principles of processing personal data obtained through the online store www.numoco.pl (hereinafter referred to as: "Online Store").

2. The owner of the Online Store and at the same time the data controller is DONACO SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (DONACO LIMITED LIABILITY COMPANY) with its registered office in Racibórz (47-400), ul. Bartka Lasoty 19, entered in the register of entrepreneurs of the National Court Register kept by the District Court in Gliwice, 10th Commercial Division of the National Court Register under number KRS 0000334643, with share capital of PLN 10,000, Tax ID: 5252459775, REGON: 141960446, hereinafter referred to as DONACO SP. Z O.O.

3. Personal data collected by DONACO SP. Z O.O. through the Online Store is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), also known as GDPR.

4. DONACO SP. Z O.O. takes particular care to respect the privacy of Customers visiting the Online Store.

§ 2 Types of Processed Data, Purposes and Legal Basis

1. DONACO SP. Z O.O. collects information regarding natural persons performing legal acts not directly related to their business activity, natural persons conducting business or professional activity in their own name, and natural persons representing legal persons or organizational units that are not legal persons but have legal capacity under the law, hereinafter collectively referred to as Customers.

Personal data of Customers is collected in the case of:

  • account registration in the Online Store, for the purpose of creating an individual account and managing that account. Legal basis: necessity to perform the account service agreement (Art. 6(1)(b) GDPR)
  • placing an order in the Online Store, for the purpose of performing the sales agreement. Legal basis: necessity to perform the sales agreement (Art. 6(1)(b) GDPR)
  • newsletter subscription, for the purpose of performing an agreement for services provided electronically. Legal basis - consent of the data subject to perform the Newsletter service agreement (Art. 6(1)(a) GDPR)
  • using the contact form service in the Online Store for the purpose of performing an agreement for services provided electronically. Legal basis: necessity to perform the contact form service agreement (Art. 6(1)(b) GDPR)

Scope of collected data:

In case of account registration in the Online Store, the Customer provides:

  • email address
  • first and last name
  • phone number

In case of placing an order in the Online Store, the Customer provides the following data:

  • email address
  • address data: postal code and city, country (state), street with house/apartment number
  • first and last name

In case of Entrepreneurs, the above scope of data is additionally extended to include:

  • company name of the Entrepreneur
  • Tax ID number

Technical data: When using the Online Store Website, additional information may be collected, in particular: IP address assigned to the Customer's computer or external IP address of the Internet provider, domain name, browser type, access time, operating system type.

§ 3 To Whom Data is Disclosed or Entrusted and How Long is it Stored?

1. Customer's personal data is transferred to service providers used by DONACO SP. Z O.O. in operating the Online Store.

Data Processors:

DONACO SP. Z O.O. uses providers who process personal data exclusively on the instructions of DONACO SP. Z O.O. These include, among others, providers offering hosting services, accounting services, providing marketing systems, systems for analyzing traffic in the Online Store, systems for analyzing the effectiveness of marketing campaigns.

Controllers:

DONACO SP. Z O.O. uses providers who independently determine the purposes and methods of using Customers' personal data. They provide electronic payment and banking services.

Data retention periods:

  • Data based on consent: until consent is withdrawn, and then for the limitation period of claims (6 years, for business activity - 3 years)
  • Data based on contract: until contract performance, and then for the limitation period of claims

Przelewy24 Payments: If the Customer chooses payment through the przelewy24.pl system, their personal data is transferred to the extent necessary for payment processing to PayPro S.A. with its registered office in Poznań.

§ 4 Cookies Mechanism, IP Address

1. The Online Store uses small files called cookies. They are stored by DONACO SP. Z O.O. on the end device of the person visiting the Online Store, if the web browser allows it.

Types of cookies:

  • Session cookies: deleted after the browser session ends
  • Persistent cookies: stored until they are deleted or expire

Own cookies used for:

  • authenticating the Customer in the Online Store
  • analysis and research and audience auditing

External cookies used for:

  • promoting the Online Store through Instagram service
  • promoting the Online Store through Facebook service
  • collecting statistical data through Google Analytics

Cookie management: Customers have the ability to limit or disable access of cookies files in their browsers. If cookies are disabled, using the Online Store will be possible, except for functions that inherently require cookies files.

§ 5 Rights of Data Subjects

Your rights:

  • Right to withdraw consent - at any time
  • Right to object to data processing
  • Right to data erasure ("right to be forgotten")
  • Right to restriction of processing of data
  • Right of access to data - receiving a copy of data
  • Right to rectification of data - correction of incorrect data
  • Right to data portability - receiving data in CSV format

Request processing time: DONACO SP. Z O.O. fulfills requests without delay, but no later than within one month of receiving it. In case of complex requests, the deadline may be extended by an additional two months.

Complaints: The Customer has the right to lodge a complaint with the President of the Office for Personal Data Protection regarding violations of their personal data protection rights.

§ 6 Security Management - Password

1. DONACO SP. Z O.O. provides Customers with a secure and encrypted connection when transmitting personal data and when logging into the Customer Account. DONACO SP. Z O.O. uses SSL certificate.

2. In case of loss of access password, the Online Store enables generation of a new password. DONACO SP. Z O.O. does not send password reminders - passwords are stored in encrypted form.

Important: DONACO SP. Z O.O. never sends any correspondence requesting login credentials, especially the Customer account access password.

§ 7 Privacy Policy Changes

1. The Privacy Policy may be changed, about which DONACO SP. Z O.O. will inform Customers 7 days in advance.

2. Date of last modification: July 8, 2025

Do you have questions about the Privacy Policy?

Contact us: biuro@numoco.com

© 2025 Numoco.pl - All rights reserved | Privacy Policy compliant with GDPR