DATA PRIVACY POLICY OF WITTCHEN S.A.

        1. GENERAL PROVISIONS

        The provisions of this privacy policy (hereinafter: Privacy Policy or Policy) define the legal basis for the processing and use of personal data by WITTCHEN S.A., having its registered office in Palmiry, ul. Gdańska 60, 05-152 Czosnów, NIP (Tax ID): 9511022154, REGON (Business ID): 011664266, KRS No.: 0000352760 (hereinafter: WITTCHEN or Controller). The Privacy Policy is an integral part of the Terms and Conditions of the WITTCHEN Online Shop. Before using the Online Store website, the Buyer should read this Privacy Policy.


        WITTCHEN uses personal data for the purposes specified in this Privacy Policy as well as for other purposes, each time clearly defined in the Information Clauses presented to Customers.


        The Controller takes special care to protect the interests of the data subjects whose data is processed by the Controller. The Controller collects and processes personal data:

        • according to universally applicable laws;
        • for the purposes strictly defined in this Privacy Policy as well as for other purposes, each time clearly defined in the Information Clauses;
        • adequately for the fulfilment of purposes and obligations;
        • according to the applicable retention periods, but no longer than necessary to ensure the performance of individual processes, rights and obligations, and according to the deadlines specified by law;
        • according to the applicable data processing security standards; in particular, the Controller protects the data against unauthorised and unlawful processing, loss, damage, destruction or distortion by taking any necessary technical, organisational and procedural measures.


        2. DEFINITIONS

        ‘Controller’ means the party which determines the purposes and means of the processing of personal data. The Controller of your personal data is WITTCHEN S.A., based in Palmiry.

        ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

        ‘Information clause’ means any information provided in the case of data collection by the Controller under Article 13 or 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR).

        ‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.

        ‘Profiling’ means any form of automated processing of Personal Data. Profiling enables an individual, specific and customised offer to be attributed to a given Customer.

        ‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

        ‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject.

        ‘Online Shop’ means the Controller’s online shop under the address www.wittchen.com, which facilitates the electronic sale of WITTCHEN brand products.

        ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.



        3. LEGAL BASIS

        All personal data is processed in compliance with Polish and EU laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as ‘GDPR’.


        The Controller collects and processes personal data when:

        • the data subject has given consent to data processing (for a specific purpose) according to Article 6(1)(a) GDPR;
        • the data subject and WITTCHEN have concluded a contract (in particular, a sales or trade contract) or are taking steps aimed at concluding, terminating or performing the provisions of a contract or any other activities related to such contract, according to Article 6(1)(b) GDPR;
        • processing is necessary for the Controller to fulfil a legal obligation according to Article 6(1)(c) GDPR;
        • processing is necessary for the purposes of the legitimate interests pursued by WITTCHEN or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Data, in particular where the data subject is a child, according to Article 6(1)(f) GDPR;

        The Controller processes Personal Data only based on the above legal basis. Specific examples (with legal basis) of the processing of Personal Data are provided in this Privacy Policy below in respect of a given purpose of data processing by the Controller. For example, if the Customer decides to make a purchase in the Online Shop and chooses to collect the purchased Product in person instead of opting for delivery by courier, their personal data will be processed in order to perform the concluded Sales Agreement, but they will not be made available to the carrier commissioned by the Controller to handle the shipment.



        4. CONTROLLER’S CONTACT DETAILS

        In order to contact the Controller to exercise your rights to personal data protection and obtain information in connection with the processing of personal data by WITTCHEN, please send your request:

        • in writing to: Palmiry, ul. Gdańska 60, 05-152 Czosnów, with a note reading ‘do Administratora Danych Osobowych’ (to the Controller);
        • in electronic form to: ado@wittchen.com;


        5. DISPLAY OF THE WITTCHEN WEBSITE

        Please be informed that when the WITTCHEN website under the address www.wittchen.com is displayed in available browsers, information is exchanged between your mobile device, computer or similar device, and WITTCHEN’s servers. All information obtained in connection with displaying the website is used to ensure efficient functioning of IT processes on WITTCHEN’s website or other processes in your browser. When the website www.wittchen.com is being displayed, your browser may send the following information: your IP address, time when the website was accessed and left, name and URL of the file being displayed, page or application from which the website was accessed. This data is sent to ensure security and stability as well as convenient and uninterrupted use of the Website. The above data is processed according to Article 6(1)(f) GDPR – for the above purposes.


        The above data is stored only during your visit in the WITTCHEN Online Shop, and when you close the website they are automatically erased, unless you have purchased one or more products in the Online Shop. If you have purchased one or more products, your data may be stored for one year, for the duration of the contract, for the time resulting from tax and accounting laws, and for the time necessary for WITTCHEN to pursue any claims (in accordance with applicable law).


        If you use our search engine to find stationary shops of the WITTCHEN brand (available at: https://www.wittchen.com/pl-PL/sklepy-i-salony), your browser, based on Consent to disclose your geolocation data, can process such data in order to find the closest shop in your area. This type of data is not stored by WITTCHEN in any way and is automatically erased when the website is closed.



        6. PURPOSE OF DATA PROCESSING

        Each time, your Personal Data is Processed for a strictly defined purpose, according to a specific legal basis. Presented below is a description of selected operations related to the Processing of Personal Data:


        Purpose of data processing Legal basis for processing and data storage period Scope of data processing
        Conclusion, performance and processing of contracts (e.g. purchase and sale contracts), or taking action at the request of the data subject before concluding a contract. Article 6(1)(b) GDPR (performance of a contract) The data is stored for a period necessary for the performance, termination or expiry of an otherwise concluded contract.

        The data in a bill or an invoice for the purchases made will be stored until the expiry of the tax liability or until the period of limitation for possible claims has expired or until the end of the warranty period.
        Maximum scope: given name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For service recipients or customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a service recipient or customer. This is the maxim scope. If a product is collected in person, it is not necessary to provide a delivery address.
        Conclusion and performance of an Agreement for the Provision of Services (Account in the online shop) Article 6(1)(f) GDPR (for the purposes of the legitimate interests pursued by the controller)

        If an account is deleted, the personal data will be stored until the period of limitation for possible claims has expired.
        Maximum scope: given name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For Service Recipients or Customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a Service Recipient or Customer. This is the maxim scope. If a product is collected in person, it is not necessary to provide a delivery address.
        Direct marketing Article 6(1)(f) GDPR (for the purposes of the legitimate interests pursued by the controller)

        The Controller processes data for the purpose of direct marketing until the data subject has effectively objected.
        Name, e-mail address
        Marketing Article 6(1)(a) GDPR (consent)

        The data is processed until the data subject has withdrawn consent.
        Name, e-mail address
        Customer’s opinion on a concluded Sales Agreement Article 6(1)(a) GDPR Name, e-mail address
        Book-keeping or accounting Article 6(1)(c) GDPR in connection with Article 74(2) of the Accounting Act, complete text of 30 January 2018 (Journal of Laws of 2018, item 395). The data is stored for the period required by law obligating the Controller to store accounting books (5 years from the beginning of the year following the financial year which the data concerns). Given name and surname; address of residence/business/headquarters (if different from the delivery address), company name and tax identification number (NIP) of a Service Recipient or Customer.
        Establishing, pursuing or defending claims by or against the Controller Data is stored for the duration of a legitimate interest pursued by the Controller, but not longer than for the limitation period of claims in respect of the data subject in connection with the Controller’s business activity. Given name and surname; contact phone number; e-mail address; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For Service Recipients or Customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a Service Recipient or Customer.
        Other: The Controller may process any other data in connection with other legal acts and other specifically defined legitimate purposes, but each time the data subject will be informed of such purposes in information clauses.
        Purpose of data processing Conclusion, performance and processing of contracts (e.g. purchase and sale contracts), or taking action at the request of the data subject before concluding a contract.
        Legal basis for processing and data storage period Article 6(1)(b) GDPR (performance of a contract) The data is stored for a period necessary for the performance, termination or expiry of an otherwise concluded contract.

        The data in a bill or an invoice for the purchases made will be stored until the expiry of the tax liability or until the period of limitation for possible claims has expired or until the end of the warranty period.
        Scope of data processing Maximum scope: given name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For service recipients or customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a service recipient or customer. This is the maxim scope. If a product is collected in person, it is not necessary to provide a delivery address.

        Purpose of data processing Conclusion and performance of an Agreement for the Provision of Services (Account in the online shop)
        Legal basis for processing and data storage period Article 6(1)(f) GDPR (for the purposes of the legitimate interests pursued by the controller)

        If an account is deleted, the personal data will be stored until the period of limitation for possible claims has expired.
        Scope of data processing Maximum scope: given name and surname; e-mail address; contact phone number; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For Service Recipients or Customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a Service Recipient or Customer. This is the maxim scope. If a product is collected in person, it is not necessary to provide a delivery address.

        Purpose of data processing Direct marketing
        Legal basis for processing and data storage period Article 6(1)(f) GDPR (for the purposes of the legitimate interests pursued by the controller)

        The Controller processes data for the purpose of direct marketing until the data subject has effectively objected.
        Scope of data processing Name, e-mail address

        Purpose of data processing Marketing
        Legal basis for processing and data storage period Article 6(1)(a) GDPR (consent)

        The data is processed until the data subject has withdrawn consent.
        Scope of data processing Name, e-mail address

        Purpose of data processing Customer’s opinion on a concluded Sales Agreement
        Legal basis for processing and data storage period Article 6(1)(a) GDPR
        Scope of data processing Name, e-mail address

        Purpose of data processing Book-keeping or accounting
        Legal basis for processing and data storage period Article 6(1)(c) GDPR in connection with Article 74(2) of the Accounting Act, complete text of 30 January 2018 (Journal of Laws of 2018, item 395). The data is stored for the period required by law obligating the Controller to store accounting books (5 years from the beginning of the year following the financial year which the data concerns).
        Scope of data processing Given name and surname; address of residence/business/headquarters (if different from the delivery address), company name and tax identification number (NIP) of a Service Recipient or Customer.

        Purpose of data processing Establishing, pursuing or defending claims by or against the Controller
        Legal basis for processing and data storage period Data is stored for the duration of a legitimate interest pursued by the Controller, but not longer than for the limitation period of claims in respect of the data subject in connection with the Controller’s business activity.
        Scope of data processing Given name and surname; contact phone number; e-mail address; delivery address (street, house number, apartment number, postal code, city/town, country), address of residence/business/headquarters (if different from the delivery address). For Service Recipients or Customers who are not consumers, the Controller may also process data such as company name and tax identification number (NIP) of a Service Recipient or Customer.

        Other: The Controller may process any other data in connection with other legal acts and other specifically defined legitimate purposes, but each time the data subject will be informed of such purposes in information clauses.


        7. DATA RETENTION

        Depending on the purpose and legal basis, we store your data for the following period of time:

        • for the purpose of concluding performing a contract: we store your data for the duration of a contract (e.g. purchase and sale, trade and other contracts);
        • for direct marketing: we store your data until an effective and legally justified objection has been expressed;
        • for marketing purposes: we store your data until you have withdrawn your marketing Consent;
        • for the purpose of exercising or defending claims: we store your data until the end of the limitation period for a claim (as prescribed by the law);
        • for the purpose of examining a complaint or other notice: we store your data until the complaint has been examined, and for the limitation period of claims (depending on the case);
        • for tax and accounting purposes: for the time prescribed by the law;
        • for other purposes: we may store your data for other purposes for a strictly defined retention time (for a specific processing purpose), but each time we will inform you of your rights and obligations in Information Clauses as required.

        We process your data no longer is necessary to achieve a specific purpose or for a time prescribed by the applicable law. The Controller regularly verifies all databases and data media and erases unnecessary data, or such data is erased automatically.



        8. VIDEO SURVEILLANCE

        During your visit in WITTCHEN's official stationary shops (for a list of the shops, visit: https://www.wittchen.com/pl-PL/sklepy-i-salony) and at the Controller office, we process your data (image), which is recorded by means by video surveillance. The above data is obtained directly from you during your visit in WITTCHEN’s stationary shops or during a business meeting with the Company's partners or job candidates (and in all other situation when an individual is present on the premises of WITTCHEN). The recorded data is processed in order to keep individuals safe and protect property, and to keep secret any confidential and business information on the premises. Your personal data will be processed for no longer than 90 days or until the end of proceedings in which the data serves as evidence in court, enforcement, mediation and other cases (in accordance with the law). The data recipients are our employees, associates and other authorised entities (public authorities and entities working with the Company under separate contracts). For details on the processing of data by means of video surveillance, see the information clauses available at WITTCHEN’s official shops and at the reception area in the Controller’s office.



        9. NEWSLETTER

        You can subscribe for our newsletter at www.wittchen.com by giving a voluntary Consent. With this Consent, WITTCHEN will process your e-mail address in order to provide you with information on products, promotions and news (by sending our newsletter to your e-mail address). The legal basis for data processing in connection with sending the newsletter is Article 6(1)(a) GDPR. You can withdraw your consent to receive the newsletter at any time, but doing so will not affect the lawfulness of data processing by WITTCHEN prior to such withdrawal. The data will be processed for the above purpose until the consent is withdrawn, after which your e-mail address will be removed from the newsletter mailing list.



        10. BUSINESS PARTNERS

        These provisions also apply to individuals who have concluded a cooperation agreement with WITTCHEN, contact the company to enter into a partnership relationship or are in the process of negotiating a contract between the parties. The scope of the processed data depends on the individual case and nature of the contract. Data collected for the purposes of such contracts includes: given name, surname, position, address of residence, e-mail address, correspondence address, date and place of birth, citizenship, ID card number and series, specimen signature, KRS number, tax ID (NIP), statistical number (REGON) and payment data. The legal basis for data processing is Article 6(1)(b), (c) and/or (f) GDPR. At WITTCHEN, this type of contracts can be accessed by departments which process and negotiate such contracts as well as by the legal and accounting departments and other departments with a legitimate interest, including other parties working with WITTCHEN (service providers and subcontractors), but they perform their activities only in the scope provided for in data processing agreements.



        11. CONTESTS

        WITTCHEN organises many contests to promote the WITTCHEN brand. For contest details, see the respective contest's terms and conditions on WITTCHEN’s website, and visit Facebook and Instagram. Unless the contest terms and conditions stipulate otherwise and if you have not given consent to data processing for another purpose not related to a contest, your data will only be used for the contest.



        12. LOYALTY CARD

        If you make a purchase for a total amount of PLN 300 or more, you will receive information on how to join WITTCHEN's loyalty programme to your e-mail address provided when placing the order. The message you will receive is for information purposes only, and its legal basis is the Controller’s legitimate interest as per Article 6(1)(f) GDPR. If you are not interested in joining our loyalty programme, please ignore the message. It is only sent on a one-time basis and you will not receive similar messages in the future. For full information on the processing of personal data in connection with joining the loyalty programme, see the loyalty programme terms and conditions at: https://www.wittchen.com/karta-stalego-klienta.



        13. SOCIAL MEDIA

        WITTCHEN provides full information on new products, promotions or contests via Facebook and Instagram.


        The Information Clause for the processing of your data in connection with the above-mentioned social networking sites, with detailed information on the protection of your Personal Data, is available on Facebook in the Notes tab.



        14. PERSONAL DATA OF JOB CANDIDATES

        You can find full information on the processing of personal data of job candidates at http://www.kariera.wittchen.com/ and in information clauses provided in every recruitment phase.



        15. DATA RECIPIENTS

        In order to be able to ensure proper functioning of the Online Shop and perform any concluded Sales Agreements, the Controller uses services provided by third parties (e.g. software providers, couriers and payment processors). The Controller only uses services rendered by processors who provide sufficient guarantees to implement technical and organisational measures so that the processing meets the requirements of the GDPR and protects the rights of data subjects.


        The Controller does not provide data in every case and to every recipient or category of recipients specified in the Privacy Policy. The Controller only transfers data when it is necessary to achieve a specific purpose of data processing and only to the extent necessary for such purpose. For example, if the Customer has chosen to collect a product in person, their data will not be transferred to any carrier used by the Controller.


        Personal data may be transferred to the following recipients or categories of recipients:

        • carriers/forwarders/courier brokers: if the Customer selects delivery by courier in the Online Shop, the Controller will transfer the Customer's personal data to a selected carrier, forwarder or intermediary commissioned by the Controller to handle the shipment, to the extent necessary to deliver the Product to the Customer;
        • electronic or card payment processors: if the Customer selects electronic or card payment, the Controller will transfer the Customer's personal data to a selected entity commissioned by the Controller to process payments in the Online Shop, to the extent necessary to process the Customer’s payments;
        • entities performing audits (financial, legal or other audits) at the Controller’s premises;
        • entities that provide legal advice, participate in court, mediation, enforcement and other proceedings for and on behalf of the Controller as well as civil law notary offices or tax advisors;
        • providers of information systems (IT, payment and other systems);
        • authorities authorised under the law, in particular: offices (e.g. Tax Office, during a tax audit), the police, courts and other, as provided for in the respective act;
        • other member companies of the Capital Group of Wittchen S.A.


        16. TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

        Your personal data processed by WITTCHEN is not transferred outside the European Economic Area (EEA).



        17. RIGHTS OF DATA SUBJECTS

        In any case, every Customer has the following rights:

        • right of access by the data subject: you have the right to access information on your personal data being processed by us (Article 15 GDPR);
        • right to rectification: you have the right to update your data transferred to WITTCHEN (Article 16 GDPR);
        • right to erasure (‘right to be forgotten’): you have the right to have your data erased if it has been processed unlawfully or is no longer necessary for the purposes for which it was collected (Article 17 GDPR);
        • right to restriction of processing: you have the right to obtain restriction of data processing if the controller no longer needs the data for the purposes for which it was processed, the data is inaccurate or processed unlawfully (Article 18 GDPR);
        • right to data portability: you have the right to transmit your data to another controller and to receive your data in a structured, commonly used and machine-readable format (Article 20 GDPR);
        • right to withdraw consent: you have the right to withdraw your voluntary consent at any time, and the withdrawal of consent shall not affect the lawfulness of processing by the Controller based on consent before its withdrawal (Article 7(3) GDPR);
        • right to object: you have the right to object when the processing of data is done for the purpose of legitimate interests pursued by the Controller or a third party, in particular processing for marketing purposes, including profiling, if there are no other valid, legitimate grounds for processing overriding the Customer’s interests (Article 21 GDPR);
        • right to lodge a complaint with the competent supervisory authority: the data subject whose data is being processed by the Controller has the right to lodge a complaint with the competent supervisory authority according to the procedure and mode set out in the provisions of the GDPR and the Polish law, in particular the Personal Data Protection Act. The competent supervisory authority in Poland is the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych).

        In order to exercise the rights referred to above, please contact the Controller in writing or by e-mail to the address provided in section 4 of the Privacy Policy.



        18. VOLUNTARY PROVISION OF DATA

        The provision of your data is always voluntary. To the extent specified in the Online Shop Terms and Conditions, the provision of your data may be required for the conclusion of an Agreement (e.g. a Purchase and Sale Agreement, an Agreement for the Provision of Services). When placing an order at www.wittchen.com, you can provide your data without consenting to their processing for the purpose of receiving our newsletter, expressing an opinion on the purchase made, receiving e-mails about current promotions (marketing), receiving text messages (SMS) with your order’s status. If you give Consent to the processing of your data for the above purposes, you may withdraw your Consent at any time using the contact details provided in section 4 of the Privacy Policy, but the withdrawal of Consent will not affect the lawfulness of data processing before its withdrawal.



        19. PROFILING

        The Controller may use profiling in order to present an optimal and customised offer to its Customers and Users being data subjects and if the data subject has given consent to the use of profiling.

        Profiling in the Online Shop involves an automated analysis or forecast of an individual’s behaviour on the Online Shop website, such as adding a Product to the cart, browsing a specific Product page, or analysing their history of purchases in the Online Shop. For the profiling to take place, the Controller is required to obtain consent from the data subject (e.g. to be able to send them a discount code). The effects of using profiling in the Online Shop may include, for example, granting a discount to a specific person, reminding them about unfinished purchases, suggesting a Product that may correspond to their interests or preferences, proposing better conditions compared to the standard offer of the Online Shop. Even when profiling is used, it is the Customer who will ultimately decide on whether to use from a discount or better conditions, or make a purchase in the Online Shop.



        20. COOKIES

        WITTCHEN’s websites use cookies and similar technologies. Cookies are text files saved by your browser on your end device (laptop, smartphone, etc.). Cookies are essential for correct functioning of WITTCHEN's website and improving website performance by saving information on how the users use the website.


        Cookies are used to:

        • keep the Customer logged in, as a result of which the Customer is not required to re-enter the login and password on every page of the site,
        • adapt and optimise the site to the needs of the Customers and other individuals using the site,
        • create page traffic statistics,
        • personalise the marketing communications,
        • ensure the security and reliability of site operation.

        The website uses Session Cookies (temporary files stored from the moment WITTCHEN’s website is accessed to the moment when the browser is closed or the session ends) and Persistent Cookies (files stored for a longer period of time, facilitating use of the website).


        The WITTCHEN Online Shop at www.wittchen.com uses the following cookies (as described below):

        Name Description Expiry
        floatingNewsletterDisabled It stores information on whether a Newsletter subscription window should be displayed to the user. The data is erased after 365 days.
        floatingNewsletterPageCounter It stores information on the number of pageviews for a Newsletter subscription window to be displayed. The data is erased after 365 days.
        privacyAgreement It is created when the User reads the information on the use of Cookies on the website. The data is erased after 365 days.
        pageToken It stores address information of the product page being viewed. This information is necessary when returning to the list of products. The data is erased when the browser is closed (end of session).
        initialSlide It stores a setting for the photo gallery mechanism on a product page. The data is erased when the browser is closed (end of session).
        isMobile It stores information on whether the user is using a mobile device. The data is erased when the browser is closed (end of session).
        APPEXT_WITTCHEN_PL It stores the session ID. The data is erased when the browser is closed (end of session).
        __epv PIt stores a key for caching through varnish-cache. The data is erased when the browser is closed (end of session).
        toplayerOK It stores the date and time when products are added to the cart. Used to display a reminder that there are items in the cart and encourage the user to finalise the purchase. The data is erased after 365 days.
        colorid It stores information on the recently clicked colour variant of a product. The data is erased when the browser is closed (end of session).
        basketActionType It contains information on the recent user operation on the cart, deleting or adding a product. The data is erased when the browser is closed (end of session).
        basketChecksum It contains a cart checksum to confirm data conformity. The data is erased when the browser is closed (end of session).
        last_sort_list It contains parameters and the recently displayed list of products. The data is erased when the browser is closed (end of session).
        lastOrderId It contains the ID of the recent order. The data is erased after 60 seconds.
        Name: floatingNewsletterDisabled
        Description: It stores information on whether a Newsletter subscription window should be displayed to the user.
        Expiry: The data is erased after 365 days.
        Name: floatingNewsletterPageCounter
        Description: It stores information on the number of pageviews for a Newsletter subscription window to be displayed.
        Expiry: The data is erased after 365 days.
        Name: privacyAgreement
        Description: It is created when the User reads the information on the use of Cookies on the website.
        Expiry: The data is erased after 365 days.
        Name: pageToken
        Description: It stores address information of the product page being viewed. This information is necessary when returning to the list of products.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: initialSlide
        Description: It stores a setting for the photo gallery mechanism on a product page.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: isMobile
        Description: It stores information on whether the user is using a mobile device.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: APPEXT_WITTCHEN_PL
        Description: It stores the session ID.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: __epv
        Description: PIt stores a key for caching through varnish-cache.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: toplayerOK
        Description: It stores the date and time when products are added to the cart. Used to display a reminder that there are items in the cart and encourage the user to finalise the purchase.
        Expiry: The data is erased after 365 days.
        Name: colorid
        Description: It stores information on the recently clicked colour variant of a product.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: basketActionType
        Description: It contains information on the recent user operation on the cart, deleting or adding a product.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: basketChecksum
        Description: It contains a cart checksum to confirm data conformity.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: last_sort_list
        Description: It contains parameters and the recently displayed list of products.
        Expiry: The data is erased when the browser is closed (end of session).
        Name: lastOrderId
        Description: It contains the ID of the recent order.
        Expiry: The data is erased when the browser is closed (end of session).


        In addition, WITTCHEN's websites also uses Third-Party Cookies, which are used for collecting statistical data and data for verifying the use of websites by the users.

        Google Analytics is used for the above purposes. It is a widely available tool for analysing the use of websites and preparing reports on user activity. Google Analytics generates information on the URL, type of browser used by the user, their IP address and operating system used. The tool determines the data on the number of server visits and their length, and collects data on which parts of the website are most often used by users (by analysing their functionality). Having analysed the collected data, it is possible to determine the performance and usefulness of WITTCHEN's websites and their parts, driving the development of new services and functionalities.

        For details on Google Analytics, visit: https://developers.google.com/analytics/devguides/collection/gajs/cookie-usage.


        WITTCHEN’s websites and webpages can also use Personalised Retargeting RTB technology With this technology, anonymised statistical data is collected on the interests of users who visit WITTCHEN’s websites and webpages. Once the data obtained through retargeting has been analysed, changes may be introduced to the offer of the WITTCHEN Online Shop to meet the current needs of its users. This data is processed in an anonymised way, preventing the identification of users visiting WITTCHEN’s websites, and in particular the above data is not combined with any other user data such as name or address. All users can disable cookies used for retargeting at: http://www.rtbhouse.com/privacy/


        WITTCHEN’s websites use Advertising Cookies, which enable the customisation of advertising during marketing campaigns and when evaluating the effects of such campaigns (for entities working with the Company – in the above scope). Google Adwords is used for the above purposes.


        By default, your web browser allows files to be stored on your end devices, which enables the processing of data obtained in this way.


        Users can change their Cookie settings at any time, specifying the conditions for storage and access to their end devices by Cookies. To change the settings referred to in the previous sentence, the User can use the browser settings or the service configuration. Presented below are links to web browsers (information on how to change browser settings on your end devices):


        These settings can be changed, in particular, in such a way so as to block the automatic handling of Cookies in the browser settings or to receive a prompt each time when Cookies are saved on the User’s device. Restricting the use of Cookies may affect certain functionalities available on WITTCHEN’s webpage. Details on the options and modes of handling Cookies can be found in the software (browser) settings.



        21. CHANGES TO THE PRIVACY POLICY

        Please be advised that in order to ensure security of your personal data as well as up-to-date and transparent procedures and policies at WITTCHEN S.A., this document will be regularly reviewed and changed in connection with changes in universally applicable laws and any measures taken to ensure appropriate protection of your Personal Data.



        This Policy takes effect as of 22/01/2021




        Close
        Compare products ()