General provisions:

1. The terms used in the Policy mean:

    a) Website: website;

    b) User: an entity using the publicly available Website

    c) Owner: MFBStore Ewelina Kowalska Opiesin 66B, 98-220 Zduńska Wola NIP 8291652845;

2. The purpose of the Policy is in particular to provide Users with privacy protection to the extent corresponding to the standards and requirements specified in applicable legal provisions.

3. The owner limits the collection and use of information about Users to the minimum necessary to provide services to them.

4. In order to gain full access through the Website to the content and services offered by the Owner, it is advisable to accept the rules resulting from the Policy.

5. They are applicable, among others the following legal provisions:

   a) the act of July 16, 2004, Telecommunications Law (Journal of Laws 2017.1907, i.e. as amended);

   b) the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2017.1219, i.e. as          amended);

   c) regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection) (Journal of Laws L 119 of 4.5.2016) together with Polish provisions on the protection of personal data.

Protection of privacy and personal data:

1. Users' data is processed by the Owner in accordance with the law. The Users' personal data obtained by the Owner are processed on the basis of the consent granted by the User or the occurrence of another premise authorizing the processing of data in accordance with the provisions, in particular the Regulation.

2. The owner takes special care to protect the interests of data subjects, and in particular ensures that the data are:

   a) processed in accordance with the law, reliably and transparently for customers and other data subjects;

   b) collected for specific, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes;

   c) adequate, relevant and limited to what is necessary for the purposes for which they are processed;

   d) correct and updated as necessary;

   e) stored in a form that permits identification of the data subject for a period not;

   f) longer than is necessary for the purposes for which the data are processed;

   g) processed in a manner ensuring adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organizational measures,

3. The owner applies appropriate technical and organizational measures ensuring protection of the personal data being processed, appropriate to the nature, scope, context and purposes of processing as well as the risk of violating the rights or freedoms of natural persons.

4. The owner strives to systematically modernize the IT, technical and organizational measures to protect this data, in particular, the Owner provides updates of IT security measures to protect against viruses, unauthorized access and other threats arising from the operation of the IT system and telecommunications networks.

5. Each User who in any way made his data available to the Owner, the Owner provides access to data and other rights to data subjects, in accordance with applicable law, including those persons:

   a) the right to withdraw consent to the processing of personal data;

   b) the right to be informed about their personal data;

   c) the right to control the processing of data, including their supplementation, updating, straightening and deletion;

   d) the right to object to processing or to limit processing;

   e) the right to complain to the supervisory authority and use other legal means to protect your rights.

6. The owner may process personal data in an automated manner, including profiling, on the terms resulting from the Regulation. In this case, the purpose of the Owner's actions are marketing purposes or the need to personalize messages sent to Users (including adjusting the information to the User's needs or expectations). The User has the right to object to such processing of his data - this objection may be expressed by sending a message to the Owner's e-mail address:

7. A person having access to personal data processes them only on the basis of the Owner's authorization or a contract for entrusting the processing of personal data and only at the Owner's request.