Privacy policy

1. General information

This policy applies to the Website operating at the following URL: girlsandyoga.com.
The Website Operator and the personal data Controller is: GIRLS AND YOGA AGNIESZKA ŚCISŁOWSKA, UL. SĄSIEDZKA 6 B, APT. 3, 03-168, WARSAW.
The Operator’s contact e-mail address is girls@girlsandyoga.com.
The Operator is the Controller of your personal data with respect to data voluntarily provided on the Website.
The Website uses personal data for the following purposes:
- Operating the comments system;
- Handling enquiries via the form;
- Preparation, packaging and shipping of goods;
- Performance of ordered services.
The Website shall only carry out the functions of obtaining information on users and their behaviour in the following manner:
- Through data voluntarily entered into forms, which are entered into the Operator’s systems;
- By saving so-called “cookies” on terminal devices.

2. The selected methods of data protection applied by the Operator

The login and data entry places are protected in the data link layer (SSL certificate). Thanks to it, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
User passwords are stored in hashed form. The hashing function works one way — it is impossible to reverse it, which is currently the standard in terms of user password storage.
To protect the data, the Operator shall regularly create backup copies.
A crucial element of data protection is regular update of all software used by the Operator to process personal data, which shall mean in particular regular updates of programming components.

3. Hosting

The Website is hosted (technically maintained) on the server of the operator: WingsBridge Instytut Naukowo-Doradczy Sp. z o.o., Tax ID No (NIP) 5213736006.

4. Your rights and additional information on the manner of data use

In certain situations, the Controller shall have the right to transfer your personal data to other recipients where it is necessary to perform the agreement concluded with you or to perform the Administrator’s obligations. This applies to the following groups of recipients:
- the hosting company, by way of outsourcing;
- couriers;
- payment operators;
- authorised employees and collaborators, who use the data to achieve the objective of the party’s activity.
Your personal data shall not be processed by the Controller longer than necessary to perform the related tasks specified in separate regulations (e.g. on accounting). With respect to marketing data, the data shall not be processed for longer than 3 years.
You have the right to request the following from the Controller:
- access to personal data pertaining to you;
- their rectification;
- deletion;
- restriction of processing;
- and data portability.
You have the right to object within the scope of processing indicated in item 3.3 c) with respect to the processing of personal data to pursue legitimate interests of the Controller, including profiling; however, it shall be impossible to exercise the right to object in the case of existence of important, legitimate bases for processing that override your interests, rights and freedoms, in particular for the purpose of establishment, exercise or defence of legal claims.
The Controller’s actions can be complained against to the President of the Personal Data Protection Office at ul. Stawki 2, 00-193 Warsaw.
Provision of personal data is voluntary but necessary to operate the Website.
You may be subject to actions consisting in automated decision-making, including profiling, for the purpose of provision of services under the concluded agreement and for the purpose of direct marketing carried out by the Controller.
Personal data shall not be transferred to third countries within the meaning of the provisions on personal data protection. This means we do not send these data outside the territory of the European Union.

5. Information contained in forms

The Website collects information provided voluntarily by the users, including personal data, so long as they are provided.
The Website may save information on connection parameters (time stamp, IP address).
The Website may, in certain cases, save information which facilitates the association of data in the form with the e-mail address of the user completing the form. In such a case, the user’s e-mail address shall appear within the URL of the website containing the form.
The data provided in the form shall be processed for the purposes resulting from the function of the specific form, e.g. for the purpose of handling a service application or trade contact, registration of services, etc. The context and description of the form shall each time clearly indicate what the form is used for.

6. The Controller’s logs

Information on users’ behaviour on the Website may be logged. These data shall be used for Website administration purposes.

7. Significant marketing techniques

The Operator uses statistical analysis of traffic on the website via Google Analytics (Google Inc. with its registered office in the USA). The Operator shall not provide personal data to the operator of this service, but merely anonymised information. The service is based on the use of cookies on the user’s terminal device. In terms of information on user preferences collected by Google’s advertising network, the user may view and edit the information resulting from cookies using the following tool: https://www.google.com/ads/preferences/
The Operator uses Facebook Pixel. Due to this technology, Facebook (Facebook Inc. with its registered office in the USA) knows that a given person registered on Facebook is using the Website. In such a case, it uses the data with respect to which it is itself a controller; the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user’s terminal device.

8. Information on cookies

The Website uses cookies.
So-called “cookies” are IT data, in particular text files, which are stored on the Website User’s terminal device and are intended for using the Website’s online pages. Cookies typically contain the name of the website on which they originated, their storage time on the terminal device and a unique number.
The entity which places cookies on the Website User’s terminal device and which accesses them is the Website operator.
Cookies are used for the following purposes:
- maintenance of the Website user’s session (after login), thanks to which the user does not need to enter their login and password on every sub-page of the Website;
- fulfilment of the objectives specified above in the “Significant marketing techniques” section.
The Website uses two main types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files which are stored on the User’s terminal device until the User logs out, leaves the website or closes the software (web browser). “Persistent” cookies are saved on the User’s terminal devices for the time period specified in the cookies parameters or until they are removed by the User.
Software for browsing websites (web browser) typically allows for cookies to be saved on the User’s terminal device by default. Website Users may change settings in this regard. The web browser allows for deletion of cookies. It is also possible to block cookies automatically. For detailed information on this subject, see help or documentation of the web browser.
Restrictions on the use of cookies may affect certain functionalities available on the Website’s pages.
Cookies on the Website User’s terminal device may also be used by entities cooperating with the Website operator, in particular the following companies: Google (Google Inc. with its registered office in the USA), Facebook (Facebook Inc. with its registered office in the USA).

9. Cookies management — how to express and withdraw consent in practice?

If the users does not wish to receive cookies, they can change the browser settings. Please note that disabling cookies which are necessary for authentication processes, security and to remember the user’s preferences may impede and, in extreme cases, prevent the use of the web pages.
To manage cookie settings, select the web browser you are using from the following list and follow the instructions:
- - Edge
  - Internet Explorer
  - Chrome
  - Safari
  - Firefox
  - Opera
- Mobile devices:
  - Android
  - Safari (iOS)
  - Windows Phone

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement		This cookie, set by the GDPR Cookie Consent plug-in, is used to record user consent to cookies in the "Advertising" category.
cookielawinfo-checkbox-analytics		This cookie is set by the RODO Cookie Consent plugin. The cookie is used to store the user's consent to cookies in the "Analytics" category.
cookielawinfo-checkbox-functional		This cookie is set by the RODO Cookie Consent plugin. The cookie is used to store the user's consent to cookies in the "Functional" category.
cookielawinfo-checkbox-necessary		This cookie is set by the RODO Cookie Consent plugin. The cookie is used to store the user's consent to cookies in the "Necessary" category.
cookielawinfo-checkbox-others		This cookie is set by the RODO Cookie Consent plugin. The cookie is used to store the user's consent to cookies in the "Other" category.
cookielawinfo-checkbox-performance		This cookie is set by the RODO Cookie Consent plugin. The cookie is used to store the user's consent to cookies in the "Performance" category.
viewed_cookie_policy		The cookie is set by the RODO Cookie Consent plug-in and is used to store information about whether the user has consented to the use of cookies. It does not store any personal data.