Privacy Policy

§ 1 Personal Data Administrator

The administrator of your personal data is TTM POLSKA SP. Z O.O., UL. WYŚCIGOWA 56C, 53-012 WROCŁAW, NIP: 8992847725, which provides electronic services and stores and accesses information on the User's devices.

You can contact the data administrator via email at info@my-velinda.com.

§ 2 General Information and Data Security

The Administrator processes personal data in compliance with applicable laws, particularly Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and the free movement of such data (General Data Protection Regulation, GDPR).

While processing personal data, the Administrator applies organizational and technical measures in compliance with relevant laws, including SSL certificate connection encryption.

§ 3 Basis and Purpose of Data Processing

The Administrator processes data:

  • based on the consent of the data subjects – Article 6(1)(a) GDPR,
  • to comply with legal obligations – Article 6(1)(c) GDPR,
  • to pursue legitimate interests, such as informational and marketing activities, and for analytical and statistical purposes – Article 6(1)(f) GDPR.

The processed data include:

  • Identification data (name, surname, company) – when using the contact form,
  • Contact details (email address, phone number) – as above,
  • Connection parameters (time, device type, resolution, operating system, and IP address).

Personal data are processed for purposes such as:

  • the functions of specific forms, e.g., generating and delivering orders (electronic publications),
  • establishing commercial contact and own marketing,
  • providing electronic services,
  • analytical and statistical purposes.

§ 4 Data Sharing

Data is shared with external entities only to the extent permitted by law.

Identifiable personal data are shared only with the individual's consent or when required by a legal obligation imposed on the Administrator.

Consent for data sharing is provided when personal data is first submitted.

The Administrator may transfer personal data to external entities whose services it uses, such as:

  • software providers for online store operation,
  • delivery services,
  • payment providers,
  • accounting firms,
  • software providers for business operations (e.g., accounting software),
  • technical support providers,
  • marketing service providers,
  • statistical service providers.

Except for entities covered by the consent of the data subject, data will not be shared with other businesses, private individuals, or international organizations.

§ 5 Data Processing Period

The Administrator processes personal data only for as long as a legal basis exists, i.e., until:

  • the legal obligation requiring data processing ceases (e.g., tax obligations, record-keeping requirements),
  • the possibility of determining, pursuing, or defending potential claims arising from a contract ceases,
  • the data subject withdraws consent if it was the basis for processing,
  • an objection to data processing is accepted – in cases where processing is based on the Administrator's legitimate interest or for direct marketing – whichever occurs last.

§ 6 Rights of Data Subjects

Every data subject has the right to:

  • access their data,
  • rectify, update, transfer, or restrict its processing.

In cases of processing based on the legitimate interests of the Administrator, the data subject has the right to object.

If processing is based on consent, it can be withdrawn at any time without affecting the legality of prior processing. Consent can be withdrawn by submitting a statement to the Administrator in any way that allows the identification and intent of the data subject.

Every data subject has the right to "be forgotten" by having their collected personal data completely erased, except for legally permitted exceptions.

If a data subject identifies a violation in processing, they have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office.

§ 7 Processing of Personal Data for Marketing Purposes

The Administrator processes Users' personal data for marketing purposes, which may include:

  • displaying marketing content that is not tailored to the User's preferences (contextual advertising),
  • displaying marketing content matching the User's interests (behavioral advertising),
  • sending email notifications about offers or content, including commercial information,
  • other activities related to direct marketing of goods and services.

For marketing purposes, the Administrator may use profiling, which involves analyzing User behavior to create forecasts.

§ 8 Cookies

The website uses cookies.

Cookies are IT data, particularly text files, stored on the User's device to use the Website. Cookies typically contain the name of the originating website, their storage duration, and a unique number.

Cookies are used for:

  • statistics to improve the website,
  • maintaining User sessions,
  • profiling User preferences for advertising, particularly in the Google network.

§ 9 Changes to the Privacy Policy

The Administrator reserves the right to amend this privacy policy if required by law or technological changes.