Privacy policy

This Privacy Policy prescribes the manner in which eTailor sp. z o.o., i.e. the administrator of the website tyxo.pl (hereinafter referred to as “Tyxo”) processes personal data.

The Policy is for information purposes and serves satisfaction of the information obligations imposed on the data controller under the GDPR, i.e. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

  1. PERSONAL DATA CONTROLLER
    1. The controller of the personal data provided by you is eTailor sp. z o.o. with its registered office in Mysłowice (41-408), ul. Graniczna 92a, entered in the register of entrepreneurs of the National Court Register (KRS) under the KRS number: 0000711876, Tax Identification Number NIP: 2220905951, National Business Registry Number REGON: 369142240, share capital in the amount of PLN 13,550.

    2. You may contact Tyxo as the personal data controller in particular via e-mail at biuro@tyxo.pl.

  2. DATA PROCESSING METHOD
    1. The purpose and scope of the processing of your personal data is determined by the scope of your consents and data provided by you sent by means of a relevant form.

    2. The processing of your personal data may concern your e-mail address, IP address, first and last name, address for service, bank account number, gender, measurements and image.

    3. Your personal data will be processed for the following purposes:
      1. compliance with obligations resulting from legal provisions—the legal basis is the statutory authorisation to process data necessary to act in line with the law (Article 6.1(c) of the GDPR);

      2. provision of services by electronic means through the website and Tyxo application—the legal basis is the statutory authorization to process data necessary to perform an agreement if the data subject is a party to such agreement, or if it is essential for undertaking certain actions prior to conclusion of the agreement upon request of the data subject (Article 6.1(b) of the GDPR);

      3. performance of a sales agreement concluded with you, in particular creation of ordered products and their delivery to you—the legal basis is the statutory authorization to process data necessary to perform an agreement if the data subject is a party to such agreement (Article 6.1(b) of the GDPR);

      4. initiation of promotional and commercial actions carried out by Tyxo—the legal basis is a legitimate interest executed by Tyxo (Article 6.1.(f) of the GDPR) or voluntary consent (Article 6.1(a) of the GDPR);

    4. Your personal data will be processed for the following period:
      1. a period sufficient for Tyxo to prove the appropriate performance of its obligations, whereby such term corresponds to the period of limitation of claims;
      2. in the case of marketing actions, until the concerned person objects to further processing of his/her personal data for marketing purposes or until he/she revokes the consent to be sent messages with marketing content.

    5. Upon the lapse of the above mentioned period, personal data are deleted, unless their processing is necessary under another legal basis.

    6. In certain situations Tyxo may transfer your personal data to third countries (i.e. beyond the European Economic Area), in particular to the United States of America under the EU-U.S. Privacy Shield. In such a case, Tyxo will take every effort to ensure that your personal data are appropriately secured and will transfer your personal data only to entities which guarantee the appropriate level of protection of your data.

  3. RECIPIENTS OF DATA
    1. Tyxo may entrust the processing of your personal data to third parties to ensure the functioning of the website, execution of orders, as well as the exercising of its rights or compliance with its obligations connected with processing. In such a case, data recipients may include: the hosting provider, the provider of the CRM service, the e-mail operator, legal firm, postal service and courier mail operators.

    2. The personal data collected by Tyxo may also be disclosed to: competent state bodies upon their request on the basis of relevant provisions of law, or other persons and entities—in the cases prescribed in the provisions of law.

    3. Each entity to which Tyxo transfers personal data for processing on the basis of a personal data transfer agreement (hereinafter referred to as “Transfer Agreement”) guarantees an adequate level of security and confidentiality of the processing of personal data. The entity processing your personal data on the basis of the Transfer Agreement may process your personal data through another entity only upon prior consent of Tyxo.

    4. Disclosing personal data to unauthorized entities under this Privacy Policy may only take place upon prior consent of the data subject.

    5. If personal data are transferred to entities from third countries for processing, such transfer may take place on the basis of respective model contract clauses or decisions of the European Commission, in particular the EU-U.S. Privacy Shield, i.e. Commission Implementing Decision 2016/1250/EU of 12 July 2016.

  4. PROFILING
    1. If you give your consent thereto, Tyxo may make automated decisions, including profiling, for marketing purposes, i.e. for the purpose of presenting you its offer of products and services tailored to your needs.

    2. Profiling consists in an automated assessment of certain personal factors related to a relevant person. Tyxo makes such an assessment to analyse your needs in the context of Tyxo’s offer and for the purpose of presenting you materials tailored to your preferences.

    3. You will not incur any negative consequence in connection with our profiling and automated decision-making, and your personal data will neither be subject to profiling nor be used for automated decision-making otherwise than for the purpose stated in clause 2.3.4 above.

    4. In the scope in which your personal data are subject to profiling and automated decision-making, you are entitled to object to such activities, while in the scope in which the basis for processing is your consent, you are entitled to revoke such consent.

  5. RIGHTS OF DATA SUBJECT
    1. In connection with the processing of your data you have the right to: (a) delete the collected personal data referring to you both from the system belonging to Tyxo as well as from bases of entities with which Tyxo has co-operated, (b) restrict the processing of data, (c) portability of the personal data collected by Tyxo and referring to you, in this to receive them in a structured form, (d) request Tyxo to enable you access to your personal data and to rectify them, (e) object to processing, (f) withdraw the consent towards Tyxo at any time without affecting the legality of processing carried out on the basis of the consent before it is withdrawn, (g) lodge a complaint about Tyxo to the supervisory authority (President of the Personal Data Protection Office).

  6. OTHER DATA
    1. Tyxo may store http enquiries, therefore the files containing web server logs may store certain data, including the IP address of the computer sending the enquiry, the name of station—identification through http protocol, if possible, date and system time of registration on the website Tyxo.pl and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by you before, if you entered the website through a link, information concerning your browser, information concerning errors, information concerning your device, mobile device identifiers (i.e. Apple Advertising Identifier). Web server logs may be collected for the purpose of proper administration of the website. Only persons authorized to administer the IT system have access to data. Files containing web server logs may be analyzed for the purpose of preparing statistics concerning traffic on the website and occurring errors. Summary of such details does not enable identification of any person.

  7. SECURITY
    1. Tyxo applies technological and organizational means ensuring protection of the processed personal data adequately to the threats and categories of data to be secured, in particular, through technical and organisational means Tyxo secures data against being disclosed to unauthorized persons, taken over by an unauthorized person, processed in violation of the law, and changed, lost, damaged or destroyed. The set of collected users’ personal data is stored on a secured server, moreover, the data are also secured by Tyxo’s internal procedures related to the processing of personal data and information security policies.

    2. Tyxo has also implemented appropriate technical and organizational means, such as pseudonymisation, designed to effectively enforce the data protection principles, such as data minimisation, and for the purpose of providing the processing with necessary safeguards, so as to meet the GDPR requirements and protect the rights of data subjects.

    3. At the same time, Tyxo would like to advise you that using the Internet and services provided by electronic means may pose a threat of malware breaking into your teleinformatic system and device, as well as any other unauthorized access to your data, including personal data, by third parties. In order to minimize such threats, you should use appropriate technical security means, e.g. use updated antivirus programs or programs securing the identification in the Internet. In order to obtain detailed and professional information related to security in the Internet, Tyxo recommends taking advice from entities specializing in such IT services.

  8. COOKIES AND USER IDENTIFIERS
    1. For the purposes of the correct operation of the website, Tyxo uses a cookie support technology. Cookies are packages of information stored on your device through the website, usually containing information corresponding to the intended use of a particular file, by means of which you use the website Tyxo.pl—these are usually: address of the website, date of publishing, lifetime of a cookie, unique number and additional information corresponding to the intended use of a particular file.

    2. The website uses two types of cookies: (a) session cookies, which are permanently deleted upon closing the session of the browser; (b) permanent cookies, which remain on the device after closing the session until they are deleted.

    3. It is not possible to identify you on the basis of cookie files, whether session or permanent. The cookie mechanism prevents collection of any personal data.

    4. The cookies used by the website are safe for your device, in particular they prevent viruses or other software from breaking into to the device.

    5. Files generated directly by Tyxo may not be read by other websites. Third-party cookies (i.e. cookies provided by entities co-operating with Tyxo) may be read by an external server.

    6. You may individually change the cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service.

    7. First of all, you may disable storing cookies on your device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the website.

    8. You may also individually remove cookies stored on his/her device at any time in accordance with the instructions of the browser producer.

    9. Tyxo uses own cookies for the following purposes: configuration of the website Tyxo.pl and adjustment of the page content to the preferences or conduct of users; analysis and research of views, click number and path taken on the website to improve the appearance and organisation of content on the website, time spent on the website, number and frequency of visits on the website.

    10. Tyxo uses Third-Party Cookies for the following purposes:

Tool:

Purpose of storing:

Google Analytics

collecting general or anonymous statistical data by means of analytical tools

Google Adwords

promotional and marketing actions within the retargeting process

Apple Search Ads

promotional and marketing actions within the retargeting process in the Apple AppStore

Facebook Ads

promotional and marketing actions within the retargeting process

Details concerning cookie support are available in the settings of your browser.


FINAL PROVISIONS
This Privacy Policy comes into effect as of 1 March 2020.