Privacy Policy

effective from December 8, 2024.

Warning: This document has been translated to English for convenience. However, its binding form is Polish.

Scope of Collected Information and Data

User data is collected for the purpose of properly providing our services, including those related to website operation and properly informing users about available goods and services. Data is collected particularly in the following situations and within the indicated scope:

Registration in the online store, creating a customer profile, newsletter distribution

Contact through contact form or email message to the address indicated on the websites

  • Identification data (first and last name, company data), contact details (phone number, address or email address), other information provided during registration or in the form or email content, as well as information about actions taken through the customer profile;

Purchase of goods and services

  • Data as above and information regarding the user's purchases and payments, including in particular information about purchased goods and services, order value, payment method, invoice details, delivery address, data of the person authorized to collect;

Satisfaction surveys, market research

  • Identification and contact data and information about the user's purchases, including in particular information about purchased goods and services;

Use of social media etc., in case of content availability through external communities, forums, social media, as well as services, plugins and applications, including in particular browsing content shared by us, participation in contests, promotions, etc.

  • Data regarding accounts in social media, including name and surname, user ID, profile picture, posts and likes, viewed content, information about displayed advertisements and advertisements selected depending on cookie settings;

Technical information regarding service usage

  • Data regarding user's device (computer or mobile device), internet browser and operating system, internet service provider or mobile network operator, device identifier, physical MAC address, IP address, device and browser settings, our pages visited by the user, viewed content depending on cookie settings;

Cookies, depending on user's selected preferences

  • Technical information about user's device (including device ID, MAC address, IP address, operating system, device settings, particularly set language, screen resolution, type of internet browser), data regarding activity on our website (including time and length of visit on the site, visited subpages, goods or services added to cart), information about interactions with content we share (e.g., viewed advertisements, consents expressed by the user or about opening correspondence received from us, clicking on links contained therein, including information regarding strictly necessary cookies required for, among others, enabling payment for orders, remembering shopping cart, order stage, login data for customer profile);

Combining data from different sources within the scope indicated above, including supplementing or combining personal data with information from various external sources, including demographic data, geographical data, data on interactions with external service providers.

How We Use Collected Information and Data

User data is collected for purposes defined by national and European Union law, including in particular:

For contract conclusion and proper execution, as well as taking actions at user's request before contract conclusion, including in particular regarding distance purchase of goods and services (including delivery), provision of services related to our websites, responses to inquiries directed through forms and email messages ā€“ Art. 6(1)(b) GDPR;

For fulfillment of obligations provided by law, in particular tax and accounting law, consumer law, personal data protection, including in particular issuing invoices - Art. 6(1)(c) GDPR;

For the realization of our legitimate interests - Art. 6(1)(f) GDPR - including in particular such as:

  • Communication with the user and execution of contracts concluded with them;
  • Marketing of products and services and products and services of partners, in case of user's consent;
  • Maintaining user profiles in connection with account registration and services purchased by them;
  • Realization of our product deliveries;
  • Customer satisfaction research, based on, among others, customer service satisfaction survey or survey regarding our goods and services (including profiling-based);
  • Statistical analyses and market research (including profiling-based), including analyses of marketing and promotional activities effectiveness;
  • Improvement of goods and services (including profiling-based);
  • Linking devices and browsers used on them as belonging to the same user for the purpose of implementing one or more objectives indicated in this point;
  • Combining data from different sources (including offline) that were originally collected in contexts other than data collected online for the purpose of implementing one or more objectives described above;
  • Ensuring online services security;
  • Establishment, pursuit or defense against claims (also based on Art. 9(2)(f) GDPR).

In cases other than indicated above based on user's consent - Art. 9(2)(a) GDPR.

Controller

The controller of personal data provided by users is Jan Wilczek conducting business activity under the name WolfSound Jan Wilczek with headquarters in Katowice, ul. Huculska 28, 40-736 Katowice, NIP: 6343011851, VIES: 6343011851.
In certain cases, e.g., in case of online payments, the service provider will also be the controller of personal data, about which the user will be informed in advance.

Personal Data Retention Period

Users' data is stored for the period of the contract concluded with them, including service provision and for the period necessary to consider the inquiry, and then also for the period resulting from applicable law, including among others until the expiration of claims under the Civil Code or the Act of May 30, 2014, on consumer rights, or, in the case of tax documents, for the period resulting from tax and accounting documentation regulations, i.e., 5 years from the end of the calendar year in which the tax payment deadline expired. User data used based on their consent is stored until its withdrawal, and data used based on our legitimate interest, until objection is raised, which we consider justified.

Users' Rights Regarding Their Data and Provided Information

Users have the following demands and rights:

  • Request access to their personal data;
  • Request rectification of their personal data;
  • Request erasure of their personal data;
  • Request restriction of personal data processing;
  • Right to object to personal data processing;
  • Request personal data portability;
  • Right to lodge a complaint with the supervisory authority i.e., President of the Personal Data Protection Office (www.uodo.gov.pl).

All requests regarding user data can be submitted to the address: contact [ at ] thewolfsound [ dot ] com.

Each request will be considered by us, but we will not always be able to fulfill it, e.g., due to applicable legal regulations. Provision of personal data by the user is voluntary but necessary for our service provision to the extent that data is marked as mandatory.

Sharing Data with Other Entities

For proper implementation of contracts concluded with users and service provision, some user data must be transferred to other entities, including in particular:

  • Suppliers responsible for IT systems operation (IT support in online store operation, email hosting, service operations, server services);
  • Entities such as banks and payment operators - handling electronic payments or payment cards - in case of a client who uses electronic payment method or payment card in the internet service, the controller shares collected personal data with the selected entity handling the above payments in the internet service on controller's behalf to the extent necessary for payment processing;
  • Marketing agencies and IT system providers used to support marketing (in terms of marketing services);
  • Providers of accounting, legal, advisory services providing accounting, legal or advisory support (in particular accounting office, law firm or debt collection company), as well as their possible subcontractors.

Most of these entities, under appropriate agreements, are obliged to use the data entrusted to them only according to our guidelines and for the purpose strictly defined by us, thus ensuring proper protection of our clients' data.

Additionally, fulfilling legal obligations imposed on us, we may transfer user data to authorized state authorities acting within applicable law.

Recipients of user data may also be providers of services where we maintain our profiles (e.g., Facebook, Google), marketing service providers, providers of services for handling correspondence with users. Privacy policies of individual services can be found on their websites.

Data Transfer Outside the EEA (European Economic Area)

In case of transfer of user's personal data outside the European Economic Area, such transfer may take place only on terms specified in Art. 46, Art. 47 or 49 GDPR. We transfer personal data outside the EEA only when necessary and with ensuring an adequate level of protection and after prior notification to the user about the intention to transfer personal data outside the EEA at the stage of their collection.

Changes to Privacy Policy

The policy is regularly verified and updated if needed. In case of policy updates, we will inform users through appropriate information on the website or by sending an email message. User's use of the website, including among others the online store or newsletter, after privacy policy update means acceptance of changes introduced in it.

Ā