GDPR and Cookies Privacy Policy
License number granted by Legal Geek Creator: 77ddddda-28a7-4686-be98-159120368c6c.
Luck Hats Store Privacy Policy
https://luckofficial.co/
("Store")
Dear User!
We care about your privacy and want you to feel comfortable while using our services. Therefore, below we present you with the most important information about the principles of processing your personal data and the cookies used by our Store. This information has been prepared in accordance with the GDPR, i.e. the General Data Protection Regulation.
PERSONAL DATA ADMINISTRATOR
Michał Augustowski, entrepreneur conducting business activity under the name MICHAŁ AUGUSTOWSKI LUCK HATS, entered in the Central Register and Information on Economic Activity maintained by the minister responsible for economy and for maintaining the Central Register and Information on Economic Activity, NIP 6551971725, REGON number 260764629, ul. Poprzeczna 12, 28-100 Busko-Zdrój.
If you wish to contact us regarding the processing of your personal data, please email us at: hello@luckofficial.co.
YOUR RIGHTS
You have the right to request:
- access to your personal data, including obtaining a copy of your data (Art. 15 GDPR or - if applicable - Art. 13 (1)(f) GDPR),
- their rectification (Art. 16 GDPR),
- deletion (Art. 17 GDPR),
- restriction of processing (Art. 18 GDPR),
- transfer of data to another administrator (Art. 20 GDPR).
And also the right to:
-
object at any time to the processing of your data:
- for reasons related to your particular situation – to the processing of personal data concerning you, based on Art. 6 (1)(f) GDPR (i.e. on our legitimate interests), including profiling (Art. 21 (1) GDPR);
- if personal data are processed for direct marketing purposes, including profiling, to the extent that the processing is related to such direct marketing (Art. 21 (2) GDPR).
Contact us if you wish to exercise your rights. You can object to our use of cookies (which you can read about below) especially through appropriate browser settings.
If you believe that your data is being processed unlawfully, you can lodge a complaint with the President of the Personal Data Protection Office.
PERSONAL DATA AND PRIVACY
Below you will find detailed information on the processing of your data depending on your actions.
1. Placing an order in the Store
| For what purpose? | |
|---|---|
| fulfillment of your order | |
| On what basis? | |
| sales contract or contract for the provision of digital content (Art. 6 (1)(b) GDPR) | legal obligation, related in particular to accounting, product safety and compliance with legal requirements, obliging us to process your personal data (Art. 6 (1)(c) GDPR) |
| How long? | |
| for the duration of the aforementioned contract | until the expiration of our legal obligations |
|
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
|
| What happens if you do not provide the data? | |
| you will not be able to place an order | |
2. Creating an account in the Store
| For what purpose? |
|---|
| performance of the contract for the provision of account maintenance services in the Store |
| On what basis? |
| contract for the provision of services (Art. 6 (1)(b) GDPR) |
| How long? |
| for the duration of the aforementioned contract |
|
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
| What happens if you do not provide the data? |
| you will not be able to create an account and use its functions, such as viewing order history or checking order status |
3. Contacting us (e.g. to ask a question)
| For what purpose? | |
|---|---|
| handling your inquiries or reports | |
| On what basis? | |
| contract or actions taken at your request, aimed at its conclusion (Art. 6 (1)(b) GDPR) – if your inquiry or report concerns a contract to which we are or may be a party | our legitimate interest, consisting in processing your data to communicate with you (Art. 6 (1)(f) GDPR) – if your inquiry or report is not related to a contract |
| How long? | |
| for the duration of the binding contract or – if the contract is not concluded - until the expiration of the claims period – see the last table of this section* | until the expiration of the claims period – see the last table of this section - or until we accept your objection to processing* |
|
in addition, your data will be processed until the expiration of the period during which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
|
| What happens if you do not provide the data? | |
| we will not be able to respond to your inquiry or report | |
4. Browser settings or other similar action allowing marketing activities
| For what purpose? |
|---|
|
direct marketing, consisting of displaying personalized advertisements
(more on this can be found in the "Profiling" and "Cookies" sections of the Privacy Policy) |
| On what basis? |
| our legitimate interest, consisting in processing data for the above-mentioned purpose (Art. 6 (1)(f) GDPR) |
| How long? |
| until the expiration or deletion by you of cookies used for marketing purposes* |
| What happens if you do not provide the data? |
| you will not receive suggestions for products or services that you may be interested in |
5. Your consent to receive marketing content from us (e.g. information about special offers)
| For what purpose? | |
|---|---|
| sending marketing information, especially special offers |
analysis of the effectiveness of messages sent by us, in order to establish general rules regarding effective message sending in our business
(you can read more about this in the "Analytical activities" section of the Privacy Policy) |
| On what grounds? | |
| Your consent to our marketing activities (Art. 6(1)(a) of the GDPR) | our legitimate interest, consisting in processing data for the purpose specified above (Art. 6(1)(f) of the GDPR) |
| How long? | |
| until you withdraw your consent – remember, you can withdraw your consent at any time. Data processing until you withdraw your consent remains lawful. | until we consider your objection to processing |
|
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
|
| What happens if you do not provide data? | |
| you will not receive our marketing materials, including information about our special offers | |
6. Newsletter subscription
| For what purpose? | |
|---|---|
| sending a newsletter |
analysis of the effectiveness of the content sent by us, in order to establish general principles regarding effective message sending in our business
(you can read more about this in the "Analytical activities" section of the Privacy Policy) |
| On what grounds? | |
| agreement for newsletter delivery service (Art. 6(1)(b) of the GDPR) | our legitimate interest, consisting in processing data for the purpose specified above (Art. 6(1)(f) of the GDPR) |
| How long? | |
| until you unsubscribe from our newsletter | until we consider your objection to processing |
|
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
|
| What happens if you do not provide data? | |
| you will not be able to receive information about the Store and our services | |
7. Using services (other than those listed above), such as browsing our website or using other functions available on it - if they require data processing
| For what purpose? |
|---|
| performance of the agreement concluded between us |
| On what grounds? |
| agreement on the provision of services (Art. 6(1)(b) of the GDPR) |
| How long? |
| for the duration of the aforementioned agreement |
|
in addition, your data will be processed until the expiry of the period in which claims can be pursued – by you or by us
(more information on this can be found in the last table of this section) |
| What happens if you do not provide data? |
| you will not be able to use those functions for which data processing is necessary |
8. Taking action or inaction that may give rise to claims related to the Store or our services
| For what purpose? |
|---|
| establishment, assertion, or defence of possible claims related to the concluded agreement or provided services |
| On what grounds? |
| our legitimate interest, consisting in processing personal data for the purpose indicated above (Art. 6(1)(f) of the GDPR) |
| How long? |
| until the expiry of the limitation period for claims or until we consider your objection to processing* |
| What happens if you do not provide data? |
| inability to establish, assert or defend claims |
PROFILING
Within the Store, we perform profiling – this will occur in relation to you if you allow such actions. This profiling consists of an automatic assessment of what products or services you might be interested in, using information about the content you view. Thanks to this, advertisements for products or services displayed within the online services you use will be better tailored to you and your needs.
The profiling we carry out does not result in decisions that produce legal effects concerning you or similarly significantly affect you.
ANALYTICAL ACTIVITIES
If you wish to receive marketing messages or newsletters from us, we may analyze the effectiveness of our mailings. For example, we may check whether and how they affected activity in our Store. Such actions will help us establish general rules for sending these types of messages in our operations - e.g., regarding optimal sending times or how to formulate effective content.
DATA SECURITY
When processing your personal data, we apply organizational and technical measures in accordance with the relevant legal provisions, including encrypting the connection using an SSL/TLS certificate.
COOKIES
Our Store, like most websites, uses so-called cookies. These files:
- are saved in your device's memory (computer, phone, etc.);
- do not cause changes in your device's settings.
In this Store, cookies are used for:
- remembering your session
- statistical purposes
- marketing purposes
- providing Store features
To learn how to manage cookies, including how to disable them in your browser, you can use your browser's help file. You can find information on this by pressing the F1 key in your browser. In addition, relevant instructions can be found on the following subpages, depending on the browser you use:
Cookies will not be processed by us for longer than 365 days from the last visit to the Store.
Using the appropriate options in your browser, you can at any time:
- delete cookies,
- block the future use of cookies.
In such cases, we will no longer process them.
EXTERNAL SERVICES / DATA RECIPIENTS
We use the services of external entities that support us in our operations. We entrust them with your data for processing – these entities process data only on our documented instruction.
Below you will find a list of recipients of your data:
| ACTION | DATA RECIPIENTS | TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION |
|---|---|---|
| any activity related to the Store | individuals cooperating with us under civil law contracts, supporting our current operations | does not occur |
| software provider for sales management | does not occur | |
| staying on the Store's website with settings allowing for marketing activities | entity providing marketing services | yes – United States of America ** |
| staying on the Store's website with settings allowing for analytical activities | entity enabling analytical activities on the website | yes – United States of America ** |
| placing an order in the Store | payment provider | yes – United States of America ** |
| entity delivering the product to you | does not occur | |
| software provider facilitating business operations (e.g., accounting software) | does not occur | |
| provider of standard office software (including email inbox) | does not occur | |
| accounting office | does not occur | |
| entity providing an installment system | does not occur | |
| signing up for the newsletter or consenting to receive marketing messages | entity providing newsletter or marketing message delivery | yes – United States of America ** |
| your use of services provided to us in connection with the Store by social networks | social networks | yes – United States of America ** |
| contacting us (e.g., asking a question) | provider of standard office software (including email inbox) | does not occur |
And furthermore:
relevant public authorities to the extent we are obliged to provide them with data.
TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION
** In connection with the above, your personal data may also be processed by entities outside the European Union. The appropriate level of protection for your data, including through the application of appropriate safeguards, is ensured by:
- the participation of these entities in the so-called Data Privacy Framework, which is a program established by an implementing decision of the European Commission as a set of rules guaranteeing adequate protection of your privacy - in the case of entities from the United States of America









