PRIVACY POLICY – SCRIPS
Effective date: 1st January 2024
1. Introduction
SCRIPS sp. z o.o., VAT nb. 5342648391 , ("SCRIPS", "we", "our", or "us") is committed to protecting the privacy and security of your personal data. This privacy policy outlines our practices concerning the collection, use, and sharing of your personal data through www.scrips.store ("Website") in compliance with the General Data Protection Regulation (GDPR).
2. Identity and Contact Details of the Data Controller
The data controller responsible for your personal information for the purposes of GDPR compliance is: SCRIPS sp. z o.o., SCRIPS sp. z o. o., Al. Krakowska 22A, 05-090 Sękocin Nowy. For any privacy-specific concerns, please contact our Data Protection Officer at contact@scrips.store.
3. Principles of Data Processing
In handling your personal data, we adhere to the following GDPR principles:
• Lawfulness: We process personal data legally and ethically.
• Fairness: We ensure that processing is fair and transparent to you.
• Transparency: We are clear about what data we process and why.
• Purpose Limitation: We collect data for specified, explicit, and legitimate purposes.
• Data Minimization: We limit the processing of data to what is necessary.
• Accuracy: We keep personal data accurate and up to date.
• Storage Limitation: We retain personal data for no longer than necessary.
• Integrity and Confidentiality: We ensure the confidentiality and integrity of personal data.
4. Types of Personal Data Collected
We collect various types of personal data, including:
• Identity Data: Full name, username or similar identifier.
• Contact Data: Billing address, delivery address, email address, and telephone numbers.
• Financial Data: Payment card details.
• Transaction Data: Details about payments and other details of products you have purchased.
• Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website.
• Usage Data: Information about how you use our Website and products.• Marketing and Communications Data: Your preferences in receiving marketing from us.
5. Lawful Basis for Processing
Our lawful basis for collecting and using the personal data described in this privacy policy depends on the personal data we collect and the specific context in which we collect it:
• Consent: You have given your consent for processing personal data for one or more specific purposes.
• Performance of Contract: Provision of personal data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
• Legal Obligations: Processing personal data is necessary for compliance with a legal obligation to which we are subject.
• Vital Interests: Processing personal data is necessary in order to protect your vital interests or of another natural person.
• Public Interests: Processing personal data is related to a task that is carried out in the public interest or in the exercise of official authority vested in us.
• Legitimate Interests: Processing your personal data is necessary for the purposes of the legitimate interests pursued by us.
6. Data Collection and Purpose Explanation
Personal data is collected for the following purposes and using the following services:
• To register you as a new customer.
• To process and deliver your orders including managing payments, fees, and charges.
• To manage our relationship with you, including notifying you about changes to our terms or privacy policy.
• To enable you to participate in a prize draw, competition, or complete a survey.
• To improve our Website, products/services, marketing, customer relationships, and experiences.
• To recommend products or services which may be of interest to you.
• To ensure content from our Website is presented in the most effective manner for you and your device.
7. Data Recipients
Your personal data may be shared with selected third parties including:
• Business partners, suppliers, and sub-contractors for the performance of any contract we enter into with them or you.
• Analytics and search engine providers that assist us in the improvement and optimization of our Website.
• Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
8. Data Subject Rights
Under GDPR, you possess the following rights in relation to your personal data:
• Right to Access: You have the right to request copies of your personal data from us.
• Right to Rectification: You can request that we correct any information you believe is inaccurate or complete any information you believe is incomplete.
• Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
9. Data Security Measures
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
10. Data Transfers Outside the EU
We do not transfer your personal data outside the European Union. However, if we ever need to transfer personal data out of the EU, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
11. Payment Information and Processing
Payment Methods and Security: At SCRIPS sp. z o.o., we offer a variety of payment methods to cater to the convenience of our clients. These include:
• Card Payments: We accept major credit cards such as Visa, Mastercard, and American Express.
• Digital Wallets: For seamless transactions, we support Apple Pay and Google Pay.
• Online Payment Services: Our platform is integrated with PayPal, Klarna, and other region-specific services like Bancontact in Belgium, EPS in Austria, Giropay in Germany, iDeal in the Netherlands, and BLIK and Przelewy24 in Poland.
12. Data Retention Policy
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
13. Automated Decision-Making and Profiling
We do not use automated decision-making and/or profiling as defined under GDPR.
14. Use of Cookies and Similar Technologies
Please refer to our Cookie Policy for detailed information on how we use cookies and similar technologies to personalize and enhance your experience on our Website.
15. Policy Updates
We may update this privacy policy from time to time in response to legal, technical, or business developments. When we update our privacy policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. You can see when this privacy policy was last updated by checking the “last updated” date displayed at the top of this policy.
16. Complaints and Contact Information
If you have any concerns or complaints about how we are handling your data, please do not hesitate to get in touch with us at our designated contact address. You also have the right to lodge a complaint with the supervisory authority for data protection in your country.
17. Third-Party Links and Services
Our Website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
18. Changes to Personal Information
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
19. Acceptance of These Terms
By using this Website, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Website. Your continued use of the Website following the posting of changes to this policy will be deemed your acceptance of those changes.
20. Contact Us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at contact@scrips.store or by mail using the details provided below: SCRIPS sp. z o. o., Al. Krakowska 22A, 05-090 Sękocin Nowy.