Privacy policy

§ 1 General Provisions

  1. The Administrator of the personal data of the users of the website located under the domain www.Fensi Furniture is fensi Sp. z o.o., with its registered seat: 9C/2 Woźna Street, 61-777 Poznań, REGON 368871652, Ghanaian TIN (NIP): 7831768262, entered in the National Register of Entrepreneurs kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, VIII Economic Department of the National Court Register, KRS 0000706965, share capital: PLN 5,000 paid in full (hereinafter: "Administrator")
  2. Contact with the Administrator is possible:
  3. The purpose of this Policy is to define the actions taken with regard to personal data collected through the Administrator's website and related services and tools used by its users, as well as in the activity of concluding and executing contracts in contact outside the website.
  4. If necessary, the provisions of this Policy may be changed. The change will be communicated to the users by announcing the new content of the Policy, and in the case of the base of persons who have consented to the processing of data by e-mail or provided e-mail data in the execution of contracts, they will also be notified of the change by e-mail.

§ 2 Basis of processing, purposes and storage of personal data

  1. Users' personal data shall be processed in accordance with the General Data Protection Regulation, the Personal Data Protection Act, the Personal Data Protection Act of 10.05.2018 and the Electronic Services Act of 18.07.2002.
  2. In the case of processing of personal data on the basis of an e-mail or complaint sent by the user, such processing shall take place on the basis of Article 6(1)(b) of the General Data Protection Regulation, according to which the processing is necessary to take action at the request of the data subject.
  3. If the user obtains separate consent, his/her personal data may also be processed by the Administrator for marketing purposes, including for the purpose of directing commercial information electronically to the e-mail address indicated by the user (Article 6(1)(a) of the General Data Protection Regulation).
  4. When the Administrator enters into and performs a sales or service contract, the other party is required to provide the data necessary for the conclusion of the contract (which is a contractual requirement and, with regard to tax numbers, also a statutory requirement) and for this purpose the Administrator processes personal data (Article 6(1)(b) of the General Data Protection Regulation).
  5. When conducting research and analysis to improve the performance of available services (e.g., tracking tools), Article 6(1)(f) of the General Data Protection Regulation is indicated as the basis for data processing.
  6. Users' personal data shall be stored for no longer than necessary to achieve the purpose of processing, i.e. until the consent is withdrawn, if processing is based on such consent, until the statute of limitations for claims of the Administrator and the other party with regard to the execution of concluded agreements (in the case of sales/service contracts, 2 years, counting to the end of the year), and until the execution of an inquiry directed by e-mail or the completion of the processing of complaints. After this period, the Client's personal data will be processed by the Administrator on the basis of Article 6(1)(f) of the GDPR, i.e. for the purposes resulting from the legitimate interests pursued for the purposes of marketing campaigns.
  7. To the extent necessary for the proper functioning of the website, its functionality and the proper execution of payment operations (if such is carried out by the website), the website uses the User's metadata. Metadata should be understood as the process of reading and recognizing by the site's computer system the configuration and components of the computer used by the user in order to adjust the site to its capabilities and establish a secure connection between the user's computer and the site. Importantly, such metadata must not lead to the identification of the User, as well as not in any way harmful to the data stored on the computer. Nevertheless, the User has the right to withdraw consent to the processing of metadata at any time by configuring his/her browser accordingly or downloading the appropriate plug-in provided by the browser manufacturer. In order to do so, the software manufacturer and its recommendations should be consulted.
  8. The Administrator may use profiling for direct marketing purposes, but decisions made on its basis by the Administrator do not relate to the conclusion or refusal to conclude a contract or the possibility of using electronic services. The effect of the use of profiling may be, for example, to grant a person a discount, send him/her a discount code, remind him/her of unfinished purchases, send a product proposal that may match the person's interests or preferences, or offer better terms compared to a standard offer. Despite the profiling, it is the person who freely decides whether to take advantage of the discount received in this way, or the better terms and conditions and make a purchase. Profiling involves the automatic analysis or prediction of a person's behavior on the Administrator's site, e.g. by adding a particular product to a shopping cart, browsing a particular product page, or by analyzing a person's past activity history on the site. The condition for such profiling is that the Administrator has the personal data of the person in question in order to be able to subsequently send him/her, for example, a discount code.
  9. Taking into account the nature, scope, context and purposes of the processing and the risk of infringement of the rights or freedoms of natural persons of varying probability and severity, the Administrator shall implement appropriate technical and organizational measures to ensure that the processing is carried out in accordance with the Regulation and to be able to demonstrate this. These measures shall be reviewed and updated as necessary. The Administrator shall apply technical measures to prevent unauthorized persons from obtaining and modifying, personal data sent electronically.

§ 3 Data sharing

  1. The Administrator shall ensure that any personal information collected is used to fulfill obligations to users. This information will not be shared with third parties except when:
    • the express consent of the data subjects to do so is given in advance, or
    • if the obligation to provide such data is or will be imposed by applicable law, such as to law enforcement agencies.
  2. In addition, personal data of service recipients and customers may be transferred to the following recipients or categories of recipients:
    • service providers supplying the Administrator with technical, IT and organizational solutions enabling the Administrator to conduct its business, including the website and electronic services provided through it (in particular, computer software providers, marketing agencies, email and hosting providers, software providers for business management and technical support to the Administrator and product delivery operator) - the Administrator shall make the collected personal data of the Client available to the selected provider acting on its behalf only in the case and to the extent necessary to realize the given purpose of data processing in accordance with this privacy policy.
    • providers of accounting, legal and advisory services that provide accounting, legal or advisory support to the Administrator (in particular, an accounting firm, law firm or debt collection company) - the Administrator shall make the collected personal data of the Client available to the selected provider acting on its order only in the case and to the extent necessary to realize the given purpose of data processing in accordance with this privacy policy.
  3. The Administrator may share anonymized data (i.e., data that does not identify specific Users) with third-party service providers in order to better identify the attractiveness of advertisements and services to Users, and in this regard, due to the location of software providers, data may be transferred - subject to the principles of their protection - to third countries, however, providing standard contractual provisions approved by the European Commission for the processing of personal data or having the appropriate authority to do so on the basis of bilateral data processing entrustment agreements between the European Union and the third country in question, while not being a member of the European Economic Area. These entities in the case of the Administrator are:
    • Google LLC. (Headquarters: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for Google Analytics tools used to analyze Web site statistics, Google Tag manager: used to manage scripts by easily adding code snippets to a site or application and to track actions performed by users on a Web site, Google Ads used to display sponsored links in Google's search engine results and on collaborative sites under the Google AdSense program,
    • Meta Platforms, Inc. (headquartered at 1601 Willow Road Menlo Park, CA 94025, USA) for Facebook pixel used to track conversions from Facebook ads, optimize them based on collected data and statistics, and build a targeted audience list for future advertising.
    • Hotjar Limited (Headquarters: Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta, Europe) for tracking customer engagement on the site and identifying the most frequented areas of the site.
    • TikTok Technology Limited (registered office: 10 Earlsfort Terrace, Dublin, D02 T380, Ireland) for the TikTok pixel used to track conversions from TikTok portal ads, optimize them based on collected data and statistics, and build a targeted audience list for future ads.
  4. Third-party analytics technologies integrated into the Administrator's services (including SDKs [Software Development Kits] and APIs [Application Program Interfaces]) may combine data collected in connection with your use of the Administrator's website with information they have collected separately over time and/or across platforms. Many of these companies collect and use information under their own data protection policies, which can be found on their websites. The Administrator encourages you to familiarize yourself with these policies.
  5. The Administrator's website may use the functionality of Google Analytics, a web audience analysis service provided by Google, LLC. ("Google"). Google Analytics uses cookies to help website operators analyze how visitors use the website. The information generated by the cookie about visitors' use of the website is generally transmitted to and stored by Google on servers in the United States. In accordance with current IT standards, the IP addresses of users visiting the Administrator's website are abbreviated. Only in exceptional cases is the complete IP address transferred to a Google server in the United States and shortened there. On behalf of the Administrator, Google will use this information to evaluate the website for its users, to compile reports on website traffic and to provide other services related to website traffic and Internet usage for website operators. In doing so, Google will not associate the IP address submitted as part of Google Analytics with any other data in its possession. For more information on how Google Analytics collects and uses data, please visit Google's official website at: www.google.com/policies/privacy/partners. In addition, any User can prevent Google from collecting and processing data about his/her use of the website by downloading and installing a browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout.
  6. The Administrator, when sharing data with third parties, shall endeavor to do so only with entities certified under the (former) EU-U.S. and Switzerland-U.S. Privacy Shield programs, which are available at www.privacyshield.gov. Such entities, when handling information originating in the European Economic Area (EEA), shall do so in accordance with the Accountability for Onward Transfer principle of the Privacy Shield program. Where applicable, the Administrator will rely on EU standard contractual clauses and other safeguards to enable transfers outside the EEA. In accordance with the July 16, 2020 decision of the Court of Justice of the European Union with respect to the EU-US Privacy Shield and the European Data Protection Board guidelines, the Administrator continues to assess the legal regime of the countries to which data is transferred and, where necessary, updates measures to ensure adequate levels of protection.

§ 4 User's rights

  1. A user whose personal data is processed has the right to:
    • access, rectification, restriction, erasure or portability – the data subject has the right to request from the Administrator access to his/her personal data, rectification, erasure ("right to be forgotten") or restriction of processing, and has the right to object to processing, and has the right to portability of his/her data. The detailed conditions for exercising the rights indicated above are indicated in Articles 15-21 of the GDPR.
    • revoke consent at any time – a person whose data is processed by the Administrator on the basis of expressed consent (pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR), then he/she has the right to revoke consent at any time without affecting the legality of the processing performed on the basis of consent before its revocation.
    • lodge a complaint to a supervisory authority – a person whose data is processed by the Administrator has the right to lodge a complaint to a supervisory authority in the manner and mode specified in the provisions of the GDPR and Ghanaian law, in particular the Personal Data Protection Act. The supervisory authority in Poland is the President of the Office for Personal Data Protection in Warsaw.
    • objection – The data subject has the right to object at any time – for reasons related to his or her particular situation – to the processing of personal data concerning him or her based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the Administrator) of the GDPR, including profiling under these provisions. In such a case, the Administrator shall no longer be allowed to process such personal data, unless the Administrator demonstrates the existence of compelling legitimate grounds for the processing overriding the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims.
    • objection to direct marketing – If personal data are processed for the purposes of direct marketing (based on the legitimate interests of the Administrator, not on the basis of the data subject's consent), the data subject shall have the right to object at any time to the processing of personal data concerning him or her for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing.
  2. Exercise of the above rights is carried out on the basis of the user's request sent to the e-mail address: support@fensifurniture.com. Such a request should include the name and surname of the user.
  3. The user shall ensure that the data provided or published by him on the site is correct.

§ 5 Cookies

    1. "Cookies" should be understood as IT data, in particular text files, stored on the users' terminal devices (usually on the computer's hard drive or mobile device) for the purpose of saving certain settings and data by the user's browser in order to use the websites. These cookies allow to recognize the user's device and display the website accordingly, providing comfort during its use. The storage of "cookies" therefore allows the website and the offer to be properly prepared for the user's preferences – the server recognizes the user and remembers preferences such as visits, clicks, previous actions, among others.
    2. "Cookies" contain, in particular, the domain name of the website from which they originate, the time they are stored on the terminal device and a unique number used to identify the browser from which the connection to the website is made.
    3. Cookies are used for:
      • adapting the content of the websites to the user's preferences and optimizing the use of the websites,
      • creation of anonymous statistics which, by helping to determine how the user uses the websites, make it possible to improve their structure and content,
      • provision of site users with advertising content tailored to their interests.

“Cookies” are not used to identify the user, and the user's identity is not established from them.

  1. The main division of "cookies" is their distinction into:
    • Necessary "Cookies" - are absolutely necessary for the proper functioning of the website or functionality you wish to use, as without them we could not provide many of the services we offer. Some of them also ensure the security of the services we provide electronically.
    • Cookies of a functional nature - are important for the operation of the website due to the fact that:
      • are used to enrich the functionality of the websites; without them, the website will work properly, but will not be tailored to the user's preferences,
      • serve to ensure a high level of website functionality; without them, the level of website functionality may decrease, but their absence should not prevent you from using the website completely,
      • serve the majority of website functionality; blocking them will result in selected functions not working properly.
    • Business "Cookies" - enable the implementation of the business model on the basis of which the website is provided; blocking them will not make all functionality unavailable, but may reduce the level of service provision due to the inability of the website owner to realize revenues that subsidize its operation. This category includes, for example, advertising "Cookies".
    • "Cookies" for website configuration - allow you to set functions and services on websites.
    • “Cookies” for security and reliability of websites - enable verification of authenticity and optimization of website performance.
    • Authentication "Cookies" - enable information when a user is logged in so that the website can show relevant information and features.
    • Session research "Cookies" - allow recording information about how users use the website. They may relate to the most visited pages or possible error messages displayed on certain pages. The "cookies" used to record the so-called "session state" help improve services and enhance the browsing experience.
    • "Cookies" for studying the processes taking place on the site - they enable the smooth operation of the website and the functions available on it.
    • Ad serving "Cookies" - allow displaying ads that are more interesting for users and at the same time more valuable for publishers and advertisers; "Cookies" can also be used to personalize advertising, as well as to display ads outside the websites.
    • Location-accessing "Cookies" - allow the information displayed to be tailored to the user's location.
    • Analytics, research or audience auditing "Cookies" - allow the website owner to better understand the preferences of its users and, through analysis, improve and develop products and services. Typically, the website owner or research company collects information anonymously and processes trend data without identifying the personal data of individual users.
  2. The use of "Cookies" for the purpose of adapting the content of the websites to the user's preferences does not, in principle, imply the collection of any information that allows the user to be identified, although this information may sometimes have the nature of personal data, i.e. data that allows the attribution of certain behavior to a specific user. Personal data collected using "Cookies" may be collected solely for the purpose of performing certain functions for the user. Such data are encrypted in a way that prevents unauthorized access to them.
  3. “Cookies” used by this site are not harmful to the user or to the terminal device used by the user, so for the proper functioning of the site it is recommended not to disable them in browsers. In many cases, web browsing software (web browser) allows by default to store information in the form of "Cookies" and other similar technologies on the user's terminal device. The user can change the browser's use of "Cookies" at any time. To do this, change the browser settings. How to change the settings varies depending on the software (web browser) you use. You will find relevant instructions on the subpages, depending on the browser you use.
  4. "Cookies" are also used to facilitate logging into your account and to enable you to move between sub-pages on the websites without having to log in again on each sub-page. At the same time, "Cookies" are used to secure websites, such as to prevent access by unauthorized persons.
  5. As part of the “Cookie” technology, the Administrator may use tracking pixels or pure GIF files to collect information about the user's use of its services and the user's response to marketing messages sent by e-mail. A pixel is a software code that allows an object, usually a pixel-sized image, to be embedded on a page, which provides the ability to track user behavior on the web pages where it is deployed. When the appropriate consent is given, the browser automatically establishes a direct connection to the server that stores the pixel, so the processing of data collected by the pixel is done within the framework of the data protection policy of the partner that administers the aforementioned server.
  6. The Administrator may use Internet log files (which contain technical data such as the user's IP address) to monitor traffic within its services, resolve technical problems, detect and prevent fraud, and enforce the User Agreement.
  7. The Administrator informs you that the website does not respond to Do Not Track (DNT) signals, while you may disable certain forms of online tracking, including certain analytics and personalized advertising, by changing the cookie settings in your browser or using our cookie consent tools (if applicable).
  8. Detailed information on how to change your cookie settings and how to delete them yourself in the most popular web browsers is available in the help section of your web browser, and on the following pages (just click on the link):
  9. Detailed information about the management of cookies on a cell phone or other mobile device should be found in the user manual of the mobile device.

§ 6 Klarna Payments

In order to be able to offer you Klarna's payment options, we will transmit personal data, such as contact details and order data, to Klarna. In this way Klarna can assess whether you can use the payment options offered by Klarna and adapt the payment options to your needs. General information about Klarna are available here. Your personal details are processed by Klarna in accordance with the applicable data protection regulations and in accordance with the information in Klarna’s data protection regulations.

§ 7 E-mail advertising registration for the newsletter

  • If you subscribe to our newsletter, we will use the data required while subscribing or separately communicated by you, in order to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. GDPR.
  • You can unsubscribe from the newsletter at any time either by sending a message to the support team (support@fensifurniture.com) or use a link provided in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and which we will inform you about in this declaration.