1. General information
    1. This policy applies to the website at the following URL: www.aldestine-official.com
    1. The websiteoperator and the personal data administrator is: ALDESTINE Aleksandra Ziemińska, ul Kowalskiego 5/48, 03-288 Warsaw, Poland, NIP 5242951776
    1. Theoperator’s e-mail: office@aldestine.com
    2. The operator is the administrator of your personal data provided voluntarily on the website.
    1. The website uses personal data for the following purposes:
      • Running a newsletter,
      • Running a comment system,
      • Handling online chat conversations,
      • Handling queries via the form,
      • Preparation, packing, shipping of goods,
      • Implementation ofthe services ordered,
      • Presentation of the offer or information.
    2. The website obtainsdata about the users and their actions in the following manner:
      • Through data provided voluntarily in forms, which are entered into the Operator’s systems.
      • By saving cookie files in end devices (so-called “cookies”).
  1. Selected data protection methods used by the Operator
    1. The sites forlogging in and entering personal data are protected in the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
    1. Personal data stored in the database are encrypted in such a manner that only the Operator holding the key can read them. As a result, the data is protected in the event of the database being stolen from the server.
    1. User passwords are stored in a hashform. The hash works one-way, so it is not possible to reverse its operation, which is now a modern standard in the field of storing user passwords.
    1. The website uses two-factor authentication, which is an additional form of protection for logging into the website.
    1. The operator periodically changes its administrative passwords.
    1. In order to protect data, the Operator regularly makes backup copies.
    1. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. Hosting

    1. The website is hosted (technically maintained) on the operator’s server: CYBERFOLKS
  1. Your rights and additional information on how the data is used
    1. In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the agreement concluded with you or to fulfil the obligations incumbent on the Administrator. This applies to groups of recipients such as:
      • hosting company on an entrustment agreement,
      • couriers,
      • postal operators,
      • insurers,
      • banks,
      • payment operators,
      • comment system operators,
      • online chat solution operators,
      • authorized employees and associates who use the data to achieve the purpose of the website,
      • companies providing marketing services to the Administrator.
    1. Your personal data processed by the Administrator for no longer than it is necessary to perform the related activities specified in separate regulations (e.g. on keeping accounts). With regard to marketing data, the data will not be processed for more than 3 years.
    1. You have the right to request from the Administrator:
      • access to your personal data,
      • rectification ofyour data,
      • deletion,
      • restricting the processing,
      • and data portability.
    1. You are entitled to object to the processing indicated in point 3.3 c) – processing of personal data in order to perform the legitimate interests pursued by the Administrator, including profiling, whereas the right to object may not be handled if there are valid legally justified grounds for processing, overriding interests, rights and freedoms, in particular for establishing, investigating or defending claims.
    1. The Administrator’s actions may be appealed againstto the Managing Director of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
    1. Providing personal data is voluntary, but necessary to operate the Website.
    2. In relation to you, actions may be taken consisting in automated decision making, including profiling in order to provide services under the concluded agreement and for the purpose of conducting direct marketing by the Administrator.

8.Personal data cannot be transferred from third countries within the meaning of the regulations on the protection of personal data. This means that we do not send them outside the European Union.

  1. Information in forms
    1. The website collects information provided voluntarily by the user, including personal data, if provided.
    2. The website may save information about connection parameters (time, IP address).
    1. In some cases, the website may save information to help link data to the form with the e-mail address of the user filling out the form. In this case, the user’s e-mail address appears inside the URL of the page containing the form.
    1. The data provided in the form are processed for the purpose resulting from the function of a specific form, e.g. to process a service request or commercial contact, service registration, etc. The context and description of the form each time clearly indicates the purpose of its use.
  1. Administrator logs
    1. Information on the users’ actions on the website may be subject to login. These data are used to administer the website.
  2. Essential Marketing Techniques
    1. The operator uses statistical analysis of site traffic through Google Analytics (Google Inc. based in the USA). The operator does not provide personal data to the operator of this service, but only anonymized information. The service is based on the use of cookies on the user’s end device. In terms of information about user preferences collected by the Google advertising network, the user can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/
    1. The operator uses remarketing techniques that allow for adjusting advertising messages to the user’s actions on the website, which may give the illusion that the user’s personal data is used to track him, but in practice no personal data is transferred from the operator to advertising operators. The technological condition for such activities is enabling of cookies.
    1. The operator uses the Facebook pixel. This technology causes Facebook (Facebook Inc. based in the USA) to know that the person registered with Facebook uses the Website. In this case, it is based on data administrated by it, the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s end device.
    1. The operator uses a solution that tests user behaviour by creating heat maps and recording behaviour on the website. This information is anonymized before it is sent to the service operator so that he does not know to whom it refers.

In particular, the entered passwords and other personal data are not recorded.

    1. The Operator uses a solution that automates the operation of the Website for

users, e.g. that can send an e-mail to the user after visiting a particular subpage, provided that he has consented to receive commercial correspondence from the Operator.

  1. Information about cookies
    1. The website uses cookies.
    1. Cookie files (so-called “cookies”) are IT data, in particular text files, which are stored on the Website User’s end device and are intended for using the Website’s pages. Cookies usually contain the name of the website from which they come, the storage time on the end device and a unique number.
    1. The entity placing cookies on the Website User’s end device and accessing them is the Website operator.
    1. Cookies are used for the following purposes:
      1. maintaining the Website user’s session (after logging in), thanks to which

the user does not have to re-enter the login and password on each subpage of the Website;

      1. achieving the goals set out above in the section “Important Marketing Techniques”;
    1. The Website uses two basic types of cookies: session cookiesand persistent cookies. Session cookies are temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser). Permanent cookies are stored on the User’s end device for the time specified in the parameters of cookies or until they are deleted by the User.
    1. Software for browsing websites (web browser) allows the storage of cookies on the User’s end device by default. Website users can change the settings in this regard. The web browser enables thedeletion of cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.
    1. Restrictions on the use of cookies may affect some of the functionalities available on the Website pages.
    1. Cookies placed on the Website User’s end device may also be used by entities cooperating with the Website operator, in particular the following companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).
  1. Managing cookies – how to practically approve and disapprove?

1.Whenthe user does not want to receive cookies, he may change the browser settings. However, weinform that disabling cookies necessary for authentication, safety, and maintaining user’s preferences may disturb, and in certain cases prevent the use of www pages.

  1. To manage cookie settings, select the web browser you use from the list below and follow the instructions:
  1. Mobile devices: