General provisions

1. Customer’s personal data are processed in accordance with the Regulation of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repeal of Directive 95 / 46 / EC, hereinafter referred to as “the Regulation”, the Act of 10 May 2018 on the protection of personal data and the Act on Electronic Services of July 18, 2002 (Journal of Laws No. 144, item 1204, as amended) ).
2. Administrator exercises special diligence to protect the interests of data subjects, and in particular ensures that the data they collect are processed in accordance with the law; collected for specified, legitimate purposes and not subject to further processing incompatible with these purposes; factually correct and adequate in relation to the purposes for which they are processed and stored in a form enabling identification of persons they concern, no longer than it is necessary to achieve the purpose of processing.

Purpose and scope of data collection

1. The purpose of collecting personal data by the Administrator is:
   • Establishing, change, performance or termination of the contractual relationship between the Seller and the Customer consisting in the conclusion and performance of the Product Sales Agreement and their delivery to the Customer.
   • Direct marketing of the Administrator’s own products or services.
2. The site has implemented Google Analytics advertising features and Facebook Ads allowing the collection of demographic data and interest information.
3. The Administrator makes available the collected personal data of the Customer within the scope and not longer than it is necessary for the delivery, to the selected carrier performing the shipment at the request of the Administrator. In the case of a Customer who uses the Online Store with the electronic payment method or payment card, the Administrator provides the collected personal data of the Customer, within the scope and not longer than it is necessary to make the payment, to the selected entity servicing the above payments in the Online Store.
4. Administrator processes the following personal data of clients: name, surname, e-mail address, contact telephone number, address (street, house number, apartment number, zip code, city, country). In the case of institutional clients, the Administrator additionally processes the company name and the tax identification number.

Reasons for data collection

1. Providing personal data by the Customer is voluntary, but failure to provide the personal data specified in the Regulations necessary to conclude the Contract of Sale results in the refusal to conclude this contract.
2. The basis of data processing results from actions taken by the Customer in the Online Store. The basis for processing customer’s personal data is the need to perform the contract, or take action at its request before its conclusion.
3. In the case of data processing for the purposes of direct marketing of own products or services of the Administrator and the implementation of advertising functions of Google Analytics or Facebook Ads, the basis for such processing is prior approval of the Customer or execution of the legally justified purposes of the Administrator. For legitimate reasons, in particular, direct marketing of the Administrator’s own products is considered.

Right to control, access and correct your data

1. The customer has the right to access their personal data and demand their rectification, deletion, processing restrictions, the right to data transfer, the right to object to the processing, the right to withdraw consent at any time without affecting the lawfulness of processing, as well as the law submit a complaint to the supervisory body if it considers that the processing of personal data violates the provisions of the Regulation.
2. Personal data will be processed for a period necessary until the basis for processing personal data ceases to exist, and after its termination, for the period of limitation of claims of the Administrator and in relation to it, and for statistical purposes, for example data provided for the purpose of the performance of the contract of sale or contract for the provision of electronic services, will be processed during the period of contract performance, and after its completion, for the period of limitation of claims resulting from this title due to the Administrator and in relation to him.
3. The permissions mentioned above can be implemented by sending an appropriate message by e-mail to the following address: contact@berrolia.com

Cookie policy

1. Cookies are text files containing small amounts of information, which your computer or mobile device downloads when you visit a website. When you return to these websites – or visit other websites that use the same cookies – they recognise these cookies and therefore your browsing device.
2. Cookies help websites to do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
3. You can control how cookies are placed on your device either through the ‘Cookie Settings’ link near the bottom of the page or from within your browser.
4. Once you’ve disabled a cookie category we’ll stop using the associated cookies to gather any further information but we may still use information collected previously. You can delete existing cookies from your browser.

Final provisions

1. Administrator uses technical and organizational measures to ensure that personal data being processed is protected against hazards and categories of data protected, in particular, protects data against unauthorized access, unauthorized removal, processing in violation of applicable laws and changes, loss, damage or destruction. The administrator ensures the level of security of personal data taking into account the state of technical knowledge, nature, scope, context and purposes of processing personal data and the risk of violating the rights and freedoms of data subjects.
2. The Administrator uses the following technical measures to prevent the collection and modification by unauthorized persons of personal data sent electronically:
   • Securing the data set against unauthorized access.
   • Access to the Account only after providing an individual login and password.