PRIVACY POLICY
1. Collection and Processing of Personal Data
The controller of your personal data is Patricia Renee Balboa, conducting business under the name “Patricia Writes Calligraphy” Patricia Renee Balboa, with its registered office at Osiedle Kosmonautów 15/20, 61-639 Poznań, Poland, NIP 9721373606, REGON 543534050 (hereinafter referred to as the “Data Controller”).
Personal data, i.e. information relating to an identified or identifiable natural person, provided by Customers via electronic forms available on the website of the online store operating Osiedle Kosmonautów 15/20, 61-639 Poznań, Poland (hereinafter referred to as the “Store”), including in particular first and last name, postal addresses, telephone numbers, e-mail addresses, and tax identification number (NIP), are collected and processed by the Data Controller solely for the purpose of performing contracts and taking necessary actions prior to entering into a contract, in particular for the purpose of:
* processing orders,
* performing concluded contracts,
* after-sales service (returns, complaints),
* responding to inquiries,
* issuing invoices,
* creating customer accounts and registering Store users,
* sending newsletters to registered subscribers,
* carrying out marketing activities, including sending personalised and automated messages based on analysis of completed purchases via e-mail, SMS, or other communication channels – provided that the Customer has given consent to receive commercial and marketing information.
You may contact the Data Controller directly by e-mail at info@patriciawritescalligraphy.com or by phone at +48 504 579 322.
The legal basis for processing your personal data is:
* the contract concluded between you and the Data Controller as a result of accepting the Store’s Terms & Conditions, where processing is necessary for its performance,
* your consent to data processing for marketing purposes or newsletter subscription,
* the legitimate interests pursued by the Data Controller or by a third party.
Providing data required for issuing invoices is a statutory obligation arising from the Polish Act on Value Added Tax.
Providing personal data is generally voluntary; however, failure to provide required data will make it impossible to conclude and perform the contract, in particular to process orders, contact you, or use certain Store functionalities. In other cases, providing personal data is voluntary and does not constitute a statutory or contractual requirement or a condition for concluding a contract.
Your personal data will be processed only where the Store or its cooperating entities have a valid legal basis for processing and only for purposes corresponding to that basis. Data will be processed for the duration of the relevant legal basis, i.e.:
* until consent is withdrawn, limited, or otherwise revoked,
* for the duration of the contract and the period necessary to pursue related claims,
* for as long as the legitimate interest of the Data Controller or a third party exists.
The Data Controller may disclose your personal data only where necessary to achieve the processing purposes, in particular to IT service providers (hosting providers, software providers), authorised employees and collaborators handling inquiries submitted via contact forms, as well as to advisory, auditing, and legal firms, postal and courier operators, banks, the Social Insurance Institution (ZUS), and tax authorities – insofar as required by law.
As a rule, personal data will not be transferred outside the European Economic Area (EEA). However, due to services provided by the Store’s software suppliers, data may be transferred outside the EEA. In such cases, data will be transferred only to countries ensuring an adequate level of protection pursuant to decisions of the European Commission or subject to appropriate safeguards, including standard contractual clauses or binding corporate rules.
Anyone who provides personal data in connection with using the Store has the right to access their data, rectify it, erase it, transfer it, and restrict its processing. You also have the right to lodge a complaint with the competent supervisory authority.
No automated decision-making, including profiling, will be carried out based on your personal data.
The Store uses cookies. Cookies are placed on the device used to browse the website. By default, only cookies necessary for the proper functioning of the website are enabled. Analytical, functional, and marketing cookies are enabled only with your consent. You may accept all cookies, reject them (except essential ones), or manage individual cookie settings via the cookie settings panel.
Consent to the processing of personal data for marketing purposes may be withdrawn at any time, e.g. by sending an e-mail to info@patriciawritescalligraphy.com or in the same manner in which consent was originally given. Withdrawal of consent may be expressed in any form, provided it reaches the Data Controller.
In the case of electronic payments, all data provided after being redirected to the payment operator’s website is stored exclusively by the payment operator and is neither accessed nor stored by the Store.
The Data Controller also collects information regarding interactions with the Store and its services, including system logs (date, time of visit, IP address) and website traffic statistics. This data is used solely to improve the Store and adapt it to Customers’ needs.
2. How Is Customers’ Personal Data Protected?
The Data Controller has implemented appropriate personal data protection measures to ensure effective protection of Customers’ data. Key elements include:
* SSL encryption certificate,
* compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),
* access to personal data limited to the Data Controller and authorized personnel bound by confidentiality obligations,
* disclosure of data to third parties only where necessary and subject to contractual safeguards ensuring data protection at least equivalent to that applied by the Data Controller,
* disclosure to public authorities only where required by law,
* IT systems meeting high data security standards,
* technical and organizational measures compliant with applicable data protection regulations and supervisory authority guidelines.
The Data Controller has fulfilled all statutory obligations related to personal data protection.
3. Right of Access, Rectification, Portability, Restriction, and Erasure
Each Customer who provides personal data is guaranteed the right to access, rectify, transfer, erase, and restrict the processing of their data.
Where services are automated, Customers may exercise these rights independently. In other cases, requests may be submitted by contacting the Data Controller at the address indicated in Section 4.
If erasure of personal data is requested, the data will be deleted or anonymised unless further processing is required under applicable law.
4. Changes to the Privacy Policy
The Data Controller reserves the right to amend this Privacy Policy where required by applicable law or due to changes in technological conditions of the Store’s operation.
The current version of the Privacy Policy is always available on the Store’s website. Amendments do not affect previously acquired rights and take effect prospectively from the date of introduction.
Customers who do not accept the amended Privacy Policy may discontinue use of the Store at any time.
5. Contact
If you have any questions or concerns regarding personal data protection in connection with using the Store, please contact the Data Controller at:
info@patriciawritescalligraphy.com