My account

PRIVACY POLICY
OF THE WRZECIONO CZASU ONLINE STORE

1. General Information

This Privacy Policy defines the rules for processing personal data of users of the Wrzeciono Czasu website, available at https://wrzecionoczasu.pl, including online store customers, account users, and individuals contacting the Seller.

The Administrator takes special care to protect user privacy and the security of processed personal data.

2. Personal Data Administrator

The joint personal data administrators are:

  1. Dariusz Kocięcki, conducting business under the name Wrzeciono Czasu Dariusz Kocięcki,
    ul. Szlachecka 110, 09-410 Nowe Gulczewo,
    NIP: 7741701277, REGON: 611409160

  2. Montresor sp. z o.o. ,
    ul. Mokotowska 71/101, 00-530 Warszawa

Contact regarding personal data protection:
e-mail: wrzeciono_czasu@wp.pl

3. Scope of Personal Data Processing

The Administrator may process, in particular, the following personal data:

  • name and surname,

  • residential address or shipping address,

  • email address,

  • phone number,

  • invoice data (company name, NIP, address),

  • data regarding orders, payments, and deliveries,

  • data regarding service, complaints, and returns,

  • purchase and service history,

  • data provided in contact forms,

  • data contained in email or telephone correspondence,

  • data regarding activity on the website (e.g., login, account usage, contact history).

4. Purposes and Legal Bases for Data Processing

Personal data is processed for the following purposes:

  1. Conclusion and performance of sales contracts and service provision contracts
    (Art. 6(1)(b) GDPR)

  2. Maintaining a user account in the online store
    (Art. 6(1)(b) GDPR)

  3. Contact with the user, handling inquiries, orders, complaints, and returns
    (Art. 6(1)(b) and (f) GDPR)

  4. Fulfillment of legal obligations arising from legal provisions (accounting, taxes, archiving)
    (Art. 6(1)(c) GDPR)

  5. Conducting internal customer service processes, including using CRM-type IT systems
    (Art. 6(1)(f) GDPR – legitimate interest of the Administrator)

  6. Marketing of own products and services – only with separate consent
    (Art. 6(1)(a) GDPR)

5. Voluntariness of Data Provision

The provision of personal data is voluntary, but necessary for:

  • conclusion and performance of a sales contract,

  • creation and maintenance of a user account,

  • provision of service,

  • handling complaints and returns.

Failure to provide data may prevent the performance of the above actions.

6. Data Recipients

Personal data may be transferred to entities cooperating with the Administrator solely to the extent necessary for the provision of services, in particular:

  • accounting firms,

  • payment operators,

  • courier and logistics companies,

  • providers of IT, hosting, and CRM systems,

  • entities providing service and warranty services.

Data is not transferred to third countries or international organizations, unless required by the nature of the service (e.g., IT infrastructure), while ensuring appropriate safeguards required by GDPR.

7. Data Retention Period

Personal data is stored for the period of:

  • the duration of the contract and after its termination for the time required by law,

  • necessary for the fulfillment of accounting and tax obligations,

  • until the statute of limitations for potential claims expires,

  • until consent is withdrawn – in the case of data processed based on consent.

8. Rights of the Data Subject

The data subject has the following rights:

  • right of access to data,

  • right to rectification,

  • right to erasure of data,

  • right to restriction of processing,

  • right to data portability,

  • right to object to data processing,

  • right to withdraw consent at any time (if processing is based on consent),

  • right to lodge a complaint with the President of the Personal Data Protection Office.

9. Automated Data Processing and Profiling

Personal data may be processed automatically in the Administrator’s IT systems, including CRM systems, to improve customer service.

The Administrator does not make decisions producing legal effects concerning users solely based on automated data processing.

10. Cookies

The website uses cookies for the purpose of:

  • ensuring the proper functioning of the site,

  • improving website usability,

  • conducting statistics.

The user can manage cookies independently through their web browser settings.

11. Data Security

The Administrator applies appropriate technical and organizational measures to ensure the protection of personal data, in particular, protection against unauthorized access, data loss, or unauthorized modification.

12. Changes to the Privacy Policy

The Administrator reserves the right to introduce changes to the Privacy Policy in the event of changes in legal provisions, the scope of services provided, or the method of data processing.

The current version of the Privacy Policy is always available on the website.

Last updated:

22.01.2026