general provisions
  • The administrator of the personal data of the users of the website located under the domain www.nowo-nowo.pl is Oliwia Ledzińska Studio Projektowe, with its registered office: 13 Dąbrowska Street, 86-100 Świecie, NIP 5592059365 (hereinafter: “Administrator”).
  • The Service has designated an electronic point of contact for direct communication with Member State authorities, the Commission, the Digital Services Board: info@nowo-nowo.pl. The same contact point can be used by any customer to communicate directly and quickly with the Service. The Service can also be contacted in writing, at its address: 13 Dabrowska Street, 86-100 Swiecie or by using the contact form located on the Site. Communication may be conducted in Polish or English.
  • The Policy specifies the activities related to the collection of personal data through the Administrator’s website and related services and tools used by users, as well as in the conclusion and execution of contracts outside the website.
  • If necessary, the provisions of this Policy may be amended. Information about the changes will be communicated to users through the publication of the new version of the Policy, and those who have consented to the processing of data by e-mail or who have provided an e-mail address when executing contracts will additionally be notified of the changes by e-mail.
  • 2 Basis for Processing, Purposes and Storage of Personal
  • Data Users’ personal data is processed in accordance with the General Data Protection Regulation, the Law on Personal Data Protection of May 10, 2018, and the Law on Provision of Electronic Services of July 18, 2002, as amended by these laws.
  • The administrator may collect the following data for the following purposes:
  • Performing a contract with the customer or taking action at the request of the data subject prior to the conclusion of the aforementioned contracts
  • Legal basis: Article 6(1)(b) of the RODO Regulation (performance of a contract).
  • Data retention period: for the duration of the contract until the expiration of the legal obligation related to accounting and until the expiration of the period during which claims can be asserted.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Company name; Tax Identification Number (NIP).
  • Direct marketing
  • Legal basis: Article 6(1)(f) of the RODO Regulation (legitimate interest of the administrator).
  • Data retention period: until consent is withdrawn, with data being processed lawfully until consent is withdrawn and until the expiration of the period during which claims can be asserted.
  • Data processed: Email address; Phone number.
  • Marketing
  • Legal basis: Article 6(1)(a) of the RODO Regulation (consent).
  • Data retention period: until you withdraw your consent or unsubscribe from the newsletter, whereby data will be lawfully processed until you withdraw your consent and until the expiration of the period during which claims can be asserted.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country).
  • Customer’s expression of opinion
  • Legal basis: Article 6(1)(a) of the RODO Regulation.
  • Data retention period: in the absence of an opinion for 30 days after purchase or until an objection is taken into account; in the case of an opinion, until it is deleted or until an objection is taken into account, and until the expiration of the period during which claims can be asserted.
  • Data processed: Name; Email address; Phone number.
  • Bookkeeping
  • Legal basis: Article 6(1)(c) of the RODO Regulation in conjunction with Article 86 § 1 of the Tax Ordinance or Article 74(2) of the Accounting Act.
  • Data retention period: for the period required by law mandating the retention of tax or accounting books (until the expiration of the statute of limitations on tax liability, unless otherwise provided by tax laws) or for 5 years, counting from the beginning of the year following the fiscal year to which the data relate.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Tax Identification Number (NIP); Company name.
  • Making a refund
  • Legal basis: Performance of the Contract or taking action at the request of the data subject prior to entering into the Contract (Article 6(1)(b) RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Name; Email address; Phone number; PESEL; Address (street, house number, apartment number, postal code, city, country); Business entity data.
  • Determining, asserting or defending claims that the Administrator may assert or that may be asserted against the Administrator
  • Legal basis: Article 6(1)(f) of the RODO Regulation.
  • Data retention period: for the period of existence of the legitimate interest, but no longer than the statute of limitations for claims against the data subject for business activities.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Tax Identification Number (NIP); Company name.
  • Conduct research and analysis to improve the performance of available services
  • Legal basis: Article 6(1)(f) of the RODO Regulation.
  • Data retention period: until the expiration of the period during which claims can be asserted or until the expiration/deletion of cookies used for analytical purposes.
  • Data processed: Company name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Computer components; Settings; Installed software.
  • Customer account registration
  • Legal basis: Performance of the Contract or taking action at the request of the data subject prior to entering into the Contract (Article 6(1)(b) RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Name; Email address; Phone number; PESEL; Address (street, house number, apartment number, postal code, city, country); Business entity data.
  • Sending notifications to the customer
  • Legal basis: Performance of the Contract or taking action at the request of the data subject prior to entering into the Contract (Article 6(1)(b) RODO) and fulfillment of a legal obligation of the Controller (Article 6(1)(c) RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Name; Email address; Phone number; PESEL; Address (street, house number, apartment number, postal code, city, country); Business entity data.
  • Providing customer service
  • Legal basis: Performance of the Contract or taking action at the request of the data subject prior to entering into the Contract (Article 6(1)(b) RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the Customer or for 2 years after the last update of the Customer’s inquiry.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Business entity data.
  • Proper functioning of the service
  • Legal basis: To maintain the performance of the Service and improve it (Article 6(1)(f) of the DPA).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Name; Email address; Phone number; Address (street, house number, apartment number, postal code, city, country); Information about activities performed on the website (button clicks, duration of visit, reading notifications, other information depending on the specific business case).
  • Tracking site visits for security reasons
  • Legal basis: Protecting and securing the service, customers’ interests, safeguarding the customer’s security (Article 6(1)(f) of the RODO).
  • Data retention period: for 3 years.
  • Data processed: User ID; IP address; Browser; Content and URLs accessed by the user; Date and time of connection.
  • Protecting customers from using a disclosed login password
  • Legal basis: Protecting and securing the service, customers’ interests, safeguarding the customer’s security (Article 6(1)(f) of the RODO).
  • Data retention period: for the time necessary for the Administrator to check the password.
  • Data processed: User ID; Customer password.
  • Allowing the customer to reset the password
  • Legal basis: Protecting and securing the service, customers’ interests, safeguarding the customer’s security (Article 6(1)(f) of the RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Name; Email address; Business entity data; Customer password; User ID.
  • Oversee compliance with regulations, contracts, privacy policies
  • Legal basis: Protecting and securing the service, customers’ interests, safeguarding the customer’s security (Article 6(1)(f) of the RODO).
  • Data retention period: for 5 years after the termination of the business relationship with the customer.
  • Data processed: Transaction data; Business entity data.
  • Processing of requests for personal data
  • Legal basis: Article 6 (1) (c) RODO.
  • Data retention period: for the period of the existence of the legitimate interest of the Controller, no longer than the period of the statute of limitations for claims against the data subject for business activities.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Tax Identification Number (NIP); Company name.
  • Provide information to law enforcement agencies and other state institutions
  • Legal basis: Article 6 (1) (c) RODO.
  • Data retention period: for the period of the existence of the legitimate interest of the Controller, no longer than the period of the statute of limitations for claims against the data subject for business activities.
  • Data processed: Name; E-mail address; Phone number; Address (street, house number, apartment number, postal code, city, country); Tax Identification Number (NIP); Company name.
    Users’ personal data are kept only as long as necessary to fulfill the purposes of processing, i.e. until the consent is withdrawn, if the processing is based on that consent, until the statute of limitations for the Administrator’s and the other party’s claims (in the case of sales/service contracts, 2 years, counting to the end of the year), and until an email inquiry is fulfilled or the processing of a complaint is completed. After that time, the Customer’s personal data will be processed by the Administrator on the basis of Article 6(1)(f) of the RODO, i.e. for purposes related to legitimate interests, such as marketing campaigns.
    In order for the website to function properly and perform payment operations, the site uses user metadata. Metadata is information about the configuration and components of a user’s computer, read by the site’s computer system to match the site to the computer’s capabilities and provide a secure connection. Metadata cannot identify the user, nor is it harmful to the data on the computer. The user can withdraw consent to the processing of metadata at any time through appropriate browser settings or by installing a plug-in.
    Users’ personal data related to the maintenance of a user’s account is kept for 2 years from the last purchase made through it, but no longer than 3 years from the last activity. The administrator may use profiling for direct marketing purposes, but decisions based on it do not affect the possibility of concluding a contract or using services. Profiling may result in the granting of discounts or the sending of product suggestions in line with the user’s interests. Decisions to take advantage of discounts or better terms are at the user’s discretion. Profiling involves analyzing a user’s behavior on the site, such as adding products to a shopping cart or browsing specific pages.
    The website may collect information such as IP address, device and software information (e.g. hardware IDs, mobile device IDs), platform type, approximate geolocation data, browser data, including browser type and preferred language. The Administrator implements appropriate technical and organizational measures to ensure that data processing is carried out in accordance with regulations, and these measures are regularly reviewed and updated. The Administrator uses technologies to protect personal data from unauthorized access and modification.
  1. data sharing
    The administrator ensures that the collected personal data is used to fulfill obligations to users. The data will not be shared with third parties, except in the following cases:
  • The user expressly agrees to this,
  • the transfer of data is due to applicable laws, such as law enforcement agencies.
    Personal data may be transferred to the following recipients:
  • providers of technical, IT and organizational services that enable the Administrator to conduct business, including the website and electronic services provided,
  • providers of accounting, legal and consulting services that support the Administrator (e.g., accounting firms, law firms).
    The administrator may share anonymized data with third-party service providers to analyze the attractiveness of advertisements and services. Data may be transferred to third countries that meet appropriate data protection standards. Entities to which data may be transferred include:
  • Google LLC,
  • Meta Platforms, Inc,
  • TikTok Technology Limited,
  • Pinterest Inc,
  • Hotjar Limited,
  • Microsoft Corporation,
    The controller will inform users of its intention to transfer data outside the EEA. EU standard contractual clauses and other safeguards will be applied where applicable. For data transferred to the United States, the Administrator shall ensure compliance with the new “EU-US Data Privacy Framework.”
    The Administrator continuously analyzes risks and ensures the secure processing of personal data, including recording data operations and access permissions for employees and associates. Third-party analytics technologies may combine data collected during use of the Administrator’s website with other information collected over time. The Administrator encourages you to familiarize yourself with the data protection policies of these companies.
    The Administrator’s website may use Google Analytics to analyze page views, with IP addresses abbreviated. The information generated by the cookies is transmitted to Google and stored on servers in the US. Users can install a browser plug-in to prevent Google from collecting data.
    The controller shares data with third parties only if they meet the criteria and requirements of the RODO, applying EU standard contractual clauses and other safeguards for transfers outside the EEA.
    4 User privileges
    The user whose personal data is processed has the right to:
  • Access, rectification, restriction, erasure or data portability: A data subject may request from the Controller access to his/her personal data, rectification, erasure (“right to be forgotten”) or restriction of processing, as well as portability of his/her data. The detailed conditions for exercising these rights are set forth in Articles 15-21 of the RODO Regulation.
  • Revoke consent at any time: A person whose data is processed on the basis of consent (pursuant to Article 6(1)(a) or Article 9(2)(a) of the RODO Regulation) has the right to withdraw consent at any time without affecting the lawfulness of processing carried out before its withdrawal.
  • File a complaint with a supervisory authority: A person whose data is processed by the Administrator has the right to lodge a complaint with a supervisory authority in accordance with the provisions of the RODO Regulation and Polish law, in particular the Personal Data Protection Act. In Poland, the supervisory authority is the President of the Office for Personal Data Protection in Warsaw.
  • Objection: The data subject has the right to object at any time – on grounds relating to his or her particular situation – to the processing of personal data based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the controller), including profiling under these provisions. The controller may no longer process such personal data unless the controller can demonstrate the existence of compelling legitimate grounds for the processing overriding the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims.
  • Objection to direct marketing: If personal data are processed for the purposes of direct marketing (based on the legitimate interests of the Controller and not on the basis of the data subject’s consent), the data subject has the right to object at any time to the processing of his or her personal data for such marketing, including profiling, to the extent that the processing is related to direct marketing.
    The exercise of the above rights is carried out on the basis of the user’s request sent to the e-mail address: info@nowo-nowo.pl . Such a request should include the user’s name and surname. The user shall ensure that the data he/she provides or publishes on the site is correct.
    Cookies
    “Cookies” are computer data, especially text files, stored on users’ terminal devices (usually on the hard drive of a computer or mobile device), which are used to save certain settings and data by the user’s browser in order to use websites. These files allow the website to recognize the user’s device and display the website accordingly, providing comfort during its use. The storage of “cookies” makes it possible to properly prepare the website and the offer for the user’s preferences – the server recognizes the user and remembers preferences such as visits, clicks, previous actions, among others.
    The following cookies are used on the site:
     
    5 Cookies
  1. sbjs_migrations.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_current_add.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_first_add.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_current.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_first.nov.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_udata.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: Sessional
  • Category: Analytical
  • Necessity: Optional
  1. sbjs_session.nowo-nowo.pl
  • Description: Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in cookies. This analytical and behavioral cookie is used to improve visitors’ experience on the site.
  • Type: 1 hour
  • Category: Analytical
  • Necessity: Optional
  1. wpEmojiSettingsSupports.nowo-nowo.pl

Necessity: Essential
In particular, “cookies” files contain the domain name of the website from which they originate, the time they are stored on the end device and a unique number identifying the browser from which the connection with the website is made.
“Cookies” are used for the purpose of:
adapting the content of the websites to the user’s preferences and optimizing the use of the websites,
creating anonymous statistics that help determine how the user uses the websites, which allows to improve their structure and content,
providing website users with advertising content tailored to their interests. Cookies
are not used to identify the user, and their identity is not established on their basis.
The basic division of “cookies” includes:
Necessary cookies: Absolutely necessary for the proper functioning of the website or functionality that the user wants to use. They ensure the security of services provided electronically. Functional
“cookies”: Important for the operation of the website, serve to enrich the functionality of the websites, provide a high level of functionality and enable most of the functionality of the websites. Business cookies: They enable the business model of the website. Blocking them may reduce the level of service provision due to the inability to realize revenues that subsidize the operation of the website. Configuration
“cookies”: Enable you to set features and services on the websites. Security and reliability cookies: Enable verification of authenticity and optimization of website performance. Authentication “cookies”: Informs when a user is logged in, so that the website can show relevant information and features. Session status cookies: They record information about the use of the website, which helps improve services and enhance the browsing experience. Process research
“cookies”: They enable the smooth operation of the website and the functions available on it. Advertising
“cookies”: Enable the display of advertisements tailored to users’ interests and personalization of advertisements. Location-accessing cookies: They adapt the information displayed to the user’s location. Audience analysis, research and auditing cookies: Help better understand user preferences and improve products and services through analytics. Non-harmful cookies: Include cookies necessary for the proper operation of the website and have nothing to do with tracking the user. Research
“cookies”: They are used to track users, but do not contain information to identify a specific user without other data.
The use of “cookies” to customize the content of the websites to the user’s preferences does not imply the collection of information that identifies the user, although it may sometimes be personal data. Personal information collected using “cookies” is encrypted in a way that prevents unauthorized access.
The “cookies” used by this site are not harmful to the user or his/her end device, so for the proper functioning of the site, it is recommended not to disable them in browsers. The user can change the settings of “cookies” in the browser at any time. The relevant instructions can be found in the help section of your browser and on browser pages such as:
Google Chrome
Mozilla Firefox
Microsoft Edge
Opera
Safari (macOS)
Safari (iOS/iPadOS)
For detailed information about managing cookies on mobile devices, please refer to the user manual for those devices.
Cookies make it easier to log in to a user’s account, including via social media, and to move between subpages without having to log in again. They are also used to secure websites, such as preventing unauthorized access.
The administrator may use tracking pixels or pure GIF files to collect information about user use of its services and responses to marketing messages sent by e-mail. A pixel is a piece of software code that allows tracking user behavior on websites. The browser automatically establishes a connection to the server storing the pixel, and the processing of data collected by the pixel is done in accordance with the data protection policy of the partner administering the server.
The Administrator may use web log files (containing, for example, a user’s IP address) to monitor site traffic, troubleshoot technical problems, detect fraud, and enforce the User Agreement.
While the administrator informs that the site does not respond to Do Not Track (DNT) signals, the user can disable certain forms of online tracking, including analytics data and personalized advertising, by changing the cookie settings in the browser or using cookie consent tools (if applicable).
Woocommerce Payments
In order to offer payment options offered by Woocommerce
to Customers, the Administrator will provide Woocommerce with personal information such as contact information and order details. Woocommerce can assess whether Customers can use the payment options offered by Woocommerce and customize these options to meet their needs. General information about Woocommerce is available here. Customers’ personal data is processed by Klarna in accordance with data protection laws and as stated in Woocommerce’s data protection policy.
Email advertising and newsletter registration
When you sign up for a newsletter, we will use the data you provide when you sign up or provide separately, for the purpose of regularly sending the newsletter electronically based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. GDPR. You can unsubscribe from the newsletter at any time by sending an email to info@nowo-nowo.pl or using the link in the newsletter. Once you unsubscribe, we will delete your email address unless you have consented to further use of your data or we reserve the right to further use your data, as permitted by law and which we will inform you of in this statement.

Description: WordPress sets this cookie when a user interacts with emoticons on a WordPress site. This helps determine whether the user’s browser can properly display emoticons.