Skip to content

Cart

Your cart is empty

Continue shopping

Recommended:

Brush Your Luck - hat brush
Sale price€20,95

GDPR and Cookies Privacy Policy

Privacy Policy as of 04.05.2026.
License number granted by Legal Geek Creator: 77ddddda-28a7-4686-be98-159120368c6c.

Luck Hats Store Privacy Policy
https://luckofficial.co/
("Store")

Dear User!

We care about your privacy and want you to feel comfortable while using our services. Therefore, below we present you with the most important information about the principles of processing your personal data and the cookies used by our Store. This information has been prepared in accordance with the GDPR, i.e. the General Data Protection Regulation.

PERSONAL DATA ADMINISTRATOR

Michał Augustowski, entrepreneur conducting business activity under the name MICHAŁ AUGUSTOWSKI LUCK HATS, entered in the Central Register and Information on Economic Activity maintained by the minister responsible for economy and for maintaining the Central Register and Information on Economic Activity, NIP 6551971725, REGON number 260764629, ul. Poprzeczna 12, 28-100 Busko-Zdrój.

If you wish to contact us regarding the processing of your personal data, please email us at: hello@luckofficial.co.

YOUR RIGHTS

You have the right to request:

  • access to your personal data, including obtaining a copy of your data (Art. 15 GDPR or - if applicable - Art. 13 (1)(f) GDPR),
  • their rectification (Art. 16 GDPR),
  • deletion (Art. 17 GDPR),
  • restriction of processing (Art. 18 GDPR),
  • transfer of data to another administrator (Art. 20 GDPR).

And also the right to:

  • object at any time to the processing of your data:
    • for reasons related to your particular situation – to the processing of personal data concerning you, based on Art. 6 (1)(f) GDPR (i.e. on our legitimate interests), including profiling (Art. 21 (1) GDPR);
    • if personal data are processed for direct marketing purposes, including profiling, to the extent that the processing is related to such direct marketing (Art. 21 (2) GDPR).

Contact us if you wish to exercise your rights. You can object to our use of cookies (which you can read about below) especially through appropriate browser settings.

If you believe that your data is being processed unlawfully, you can lodge a complaint with the President of the Personal Data Protection Office.

PERSONAL DATA AND PRIVACY

Below you will find detailed information on the processing of your data depending on your actions.

1. Placing an order in the Store

For what purpose?
fulfillment of your order
On what basis?
sales contract or contract for the provision of digital content (Art. 6 (1)(b) GDPR) legal obligation, related in particular to accounting, product safety and compliance with legal requirements, obliging us to process your personal data (Art. 6 (1)(c) GDPR)
How long?
for the duration of the aforementioned contract until the expiration of our legal obligations
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide the data?
you will not be able to place an order

2. Creating an account in the Store

For what purpose?
performance of the contract for the provision of account maintenance services in the Store
On what basis?
contract for the provision of services (Art. 6 (1)(b) GDPR)
How long?
for the duration of the aforementioned contract
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide the data?
you will not be able to create an account and use its functions, such as viewing order history or checking order status

3. Contacting us (e.g. to ask a question)

For what purpose?
handling your inquiries or reports
On what basis?
contract or actions taken at your request, aimed at its conclusion (Art. 6 (1)(b) GDPR) – if your inquiry or report concerns a contract to which we are or may be a party our legitimate interest, consisting in processing your data to communicate with you (Art. 6 (1)(f) GDPR) – if your inquiry or report is not related to a contract
How long?
for the duration of the binding contract or – if the contract is not concluded - until the expiration of the claims period – see the last table of this section* until the expiration of the claims period – see the last table of this section - or until we accept your objection to processing*
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide the data?
we will not be able to respond to your inquiry or report
* depending on which applies in a given case

4. Browser settings or other similar action allowing marketing activities

For what purpose?
direct marketing, consisting of displaying personalized advertisements
(more on this can be found in the "Profiling" and "Cookies" sections of the Privacy Policy)
On what basis?
our legitimate interest, consisting in processing data for the above-mentioned purpose (Art. 6 (1)(f) GDPR)
How long?
until the expiration or deletion by you of cookies used for marketing purposes*
What happens if you do not provide the data?
you will not receive suggestions for products or services that you may be interested in
* depending on which applies in a given case

5. Your consent to receive marketing content from us (e.g. information about special offers)

For what purpose?
sending marketing information, especially special offers analysis of the effectiveness of messages sent by us, in order to establish general rules regarding effective message sending in our business
(you can read more about this in the "Analytical activities" section of the Privacy Policy)
On what grounds?
Your consent to our marketing activities (Art. 6(1)(a) of the GDPR) our legitimate interest, consisting in processing data for the purpose specified above (Art. 6(1)(f) of the GDPR)
How long?
until you withdraw your consent – remember, you can withdraw your consent at any time. Data processing until you withdraw your consent remains lawful. until we consider your objection to processing
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide data?
you will not receive our marketing materials, including information about our special offers

6. Newsletter subscription

For what purpose?
sending a newsletter analysis of the effectiveness of the content sent by us, in order to establish general principles regarding effective message sending in our business
(you can read more about this in the "Analytical activities" section of the Privacy Policy)
On what grounds?
agreement for newsletter delivery service (Art. 6(1)(b) of the GDPR) our legitimate interest, consisting in processing data for the purpose specified above (Art. 6(1)(f) of the GDPR)
How long?
until you unsubscribe from our newsletter until we consider your objection to processing
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide data?
you will not be able to receive information about the Store and our services

7. Using services (other than those listed above), such as browsing our website or using other functions available on it - if they require data processing

For what purpose?
performance of the agreement concluded between us
On what grounds?
agreement on the provision of services (Art. 6(1)(b) of the GDPR)
How long?
for the duration of the aforementioned agreement
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section)
What happens if you do not provide data?
you will not be able to use those functions for which data processing is necessary

8. Taking action or inaction that may give rise to claims related to the Store or our services

For what purpose?
establishment, assertion, or defence of possible claims related to the concluded agreement or provided services
On what grounds?
our legitimate interest, consisting in processing personal data for the purpose indicated above (Art. 6(1)(f) of the GDPR)
How long?
until the expiry of the limitation period for claims or until we consider your objection to processing*
What happens if you do not provide data?
inability to establish, assert or defend claims
* depending on which is applicable in a given case

PROFILING

Within the Store, we perform profiling – this will occur in relation to you if you allow such actions. This profiling consists of an automatic assessment of what products or services you might be interested in, using information about the content you view. Thanks to this, advertisements for products or services displayed within the online services you use will be better tailored to you and your needs.

The profiling we carry out does not result in decisions that produce legal effects concerning you or similarly significantly affect you.

ANALYTICAL ACTIVITIES

If you wish to receive marketing messages or newsletters from us, we may analyze the effectiveness of our mailings. For example, we may check whether and how they affected activity in our Store. Such actions will help us establish general rules for sending these types of messages in our operations - e.g., regarding optimal sending times or how to formulate effective content.

DATA SECURITY

When processing your personal data, we apply organizational and technical measures in accordance with the relevant legal provisions, including encrypting the connection using an SSL/TLS certificate.

COOKIES

Our Store, like most websites, uses so-called cookies. These files:

  • are saved in your device's memory (computer, phone, etc.);
  • do not cause changes in your device's settings.

In this Store, cookies are used for:

  • remembering your session
  • statistical purposes
  • marketing purposes
  • providing Store features

To learn how to manage cookies, including how to disable them in your browser, you can use your browser's help file. You can find information on this by pressing the F1 key in your browser. In addition, relevant instructions can be found on the following subpages, depending on the browser you use:

Cookies will not be processed by us for longer than 365 days from the last visit to the Store.

Using the appropriate options in your browser, you can at any time:

  • delete cookies,
  • block the future use of cookies.

In such cases, we will no longer process them.

EXTERNAL SERVICES / DATA RECIPIENTS

We use the services of external entities that support us in our operations. We entrust them with your data for processing – these entities process data only on our documented instruction.

Below you will find a list of recipients of your data:

ACTION DATA RECIPIENTS TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION
any activity related to the Store individuals cooperating with us under civil law contracts, supporting our current operations does not occur
software provider for sales management does not occur
staying on the Store's website with settings allowing for marketing activities entity providing marketing services yes – United States of America **
staying on the Store's website with settings allowing for analytical activities entity enabling analytical activities on the website yes – United States of America **
placing an order in the Store payment provider yes – United States of America **
entity delivering the product to you does not occur
software provider facilitating business operations (e.g., accounting software) does not occur
provider of standard office software (including email inbox) does not occur
accounting office does not occur
entity providing an installment system does not occur
signing up for the newsletter or consenting to receive marketing messages entity providing newsletter or marketing message delivery yes – United States of America **
your use of services provided to us in connection with the Store by social networks social networks yes – United States of America **
contacting us (e.g., asking a question) provider of standard office software (including email inbox) does not occur

And furthermore:

relevant public authorities to the extent we are obliged to provide them with data.

TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION

** In connection with the above, your personal data may also be processed by entities outside the European Union. The appropriate level of protection for your data, including through the application of appropriate safeguards, is ensured by:

  • the participation of these entities in the so-called Data Privacy Framework, which is a program established by an implementing decision of the European Commission as a set of rules guaranteeing adequate protection of your privacy - in the case of entities from the United States of America