1. General provisions

1.    
Privacy and use of cookies on
the website www.sterkhandles.com (hereafter: „Policy”) was created and
adopted by Robert Kwiecień, a business operator running the ENGER company
Robert Kwiecień, 32-200 Miechów, ul. Zagrody 25, NIP: 6591047490, Regon
351189474

2.    
The terms used in the policy
mean:

• Service: on-line shop www.sklep.enger.pl
• User: entity using the Service;
• Owner: Robert Kwiecień, ul. Zagrody 25,
  32-200, running a business as the ENGER company Robert Kwiecień,
  registered in the Central Register and Information on Business Activity,
  NIP: 6591047490, Regon: 351189474, electronic address biuro@enger.pl;
• Cookies: text files sent by the Website
  and saved on the User’s end device, which the User uses while browsing the
  website. The files contain the information necessary for the proper
  functioning of the service. Cookies usually include the domain name of the
  Internet service from which they originate, the length of time they are
  stored on the end device, and the number.

3.    
The policy aims in particular
at:

• providing Users with information on the
  use of Cookies in the Service, as required by law, including the
  Telecommunications Law;
• ensuring the protection of users’ privacy
  to the standards and requirements of applicable laws.

4.    
The owner shall limit the
collection and use of information relating to users to the minimum necessary
for the provision of services to them.

5.    
To gain full access through
the Service to the content and services offered by the Owner, it is advisable
to accept the rules resulting from the Policy. Acceptance can be made by using
the software settings installed on the device that is used or by configuring
the service.

6.    
The following legal
provisions, among others, apply:

• Telecommunications Law Act of 16 July
  2004  (J L  2019.2460 i.e., as amended);
• Act of 18 July 2002 on the provision of
  electronic services (J L. 2020.344 i.e. as amended);
• Regulation (EU) 2016/679 of the European
  Parliament and of the Council of 27 April 2016 on the protection of
  individuals about the processing of personal data and the free movement of
  such data and repealing Directive 95/46/EC (General Data Protection
  Regulation) (OJ L 119, 4.5.2016) together with the Polish legislation on
  personal data protection (hereinafter: ‘Regulation’);
• Law of 10 May 2018 on the protection of
  personal data (OJ 2019, it 1781).

2. Protection of privacy and
personal data

1.    
Data concerning the Users are
processed by the Owner following the law. The personal data of the Users
obtained by the owner shall be processed based on the consent given by the User
or of any other reason for the processing of the data following the rules, in
particular the Regulation.

2.    
The owner shall exercise
special care to protect the interests of the data subject and in particular,
shall ensure that the data are:

• processed lawfully, fairly and
  transparently for the Clients and other data subjects;
• collected for specific, explicit and
  legitimate purposes and not further processed in a way incompatible with
  those purposes;
• adequate, appropriate and limited to what
  is necessary for the purposes for which they are processed;
• correct and updated as necessary;
• kept in a form which permits
  identification of the data subject for no longer than is necessary for the
  purposes for which the data are processed;
• processed in such a way as to ensure
  adequate security of personal data, including protection against unauthorised
  or unlawful processing and accidental loss, destruction or damage, by
  appropriate technical or organisational measures,

3.    
The owner shall take
appropriate technical and organisational measures to ensure the protection of
personal data processed, appropriate to the nature, scope, context and purpose
of the processing, and the risk of infringement of the rights or freedoms of
individuals.

4.    
The Owner strives to
systematically modernise the IT, technical and organisational measures for the
protection of such data, in particular, the Owner shall ensure that the IT
protection measures are updated to protect against viruses, unauthorised access
and other threats resulting from the operation of the IT system and
telecommunications networks.

5.    
Apart from other cases
arising from legal regulations, the Owner may process the following personal
data of the Customer necessary to establish, shape the content, amend or
terminate the contract:

1) Customer’s name and
forenames;

2) the permanent address of
residence;

3) address for
correspondence, if different from the address of residence;

4) Customer e-mail addresses;

5) telephone number;

6.    
The owner may process, with
the consent of the Customer and for advertising, market and customer behaviour
and preferences research, the results of such research to improve the quality
of the services, other data relating to Customer which is not necessary for the
provision of the Service by electronic means.

7.    
Each User who has made his or
her data available to the Owner in any way shall be granted access to the data
and exercise other rights by the data subjects following the applicable legal
provisions, including those persons:

• the right to withdraw consent on the
  processing of personal data;
• the right to information concerning their
  data;
• the right to control the processing of
  data, including their completion, updating, rectification and erasure;
• the right to object to or to restrict
  processing;

5) the right to complain to
the supervisory authority and to use other legal means to protect their rights.

8.    
The owner may process
personal data in an automated manner, including through profiling, under the
terms of the Regulation. In this case, the owner’s actions are intended to
serve as marketing purposes or to customize messages sent to users (including
matching the information to the User’s needs or expectations). The User has the
right to object to such processing of data, which may be expressed by sending a
message to the address of the owner.

9.    
A person who has access to
personal data shall process it only under the authority of the owner or under
the agreement to entrust the processing of personal data and only at the
request of the owner.

10.  
In connection with the
activity of the Service, the Owner uses the services of other entities,
including to execute the agreement with the User. Users’ data may be
transferred to:

1) hosting company,

2) Service software
suppliers,

3) internet service
providers,

4) companies providing
courier or postal services,

5) providers of electronic
payment platforms,

5) providers of invoicing
software

6) entities providing
accounting services;

7) marketing or advertising
service providers.

3. Cookies

1.    
Cookies identify the User,
which allows adjusting the content of the website it uses to his/her needs.
Storing Users’ preferences enables proper adjustment of the content, including
ads, to the needs of the User. The owner uses Cookies to ensure an appropriate
standard of service convenience, and the data collected is used only internally
to optimize operations.

2.    
Cookies are used to:

• adapt the content of the service to
  preferences and to improve the quality of service.
• optimize the use of the service, in
  particular by identifying the end-user device,
• the production of statistics,
• maintain user’s session
• provide the User with advertising content.

3.    
The owner processes
statistical information about the use of the service, including session
information, IP number, time spent on individual pages and sub-pages, use of
individual service functionality, device information, and web browser
information. Such data shall be processed following Article 6(1)(f) of the
Regulation in the legitimate interest of the controller to facilitate the use
of the service, to improve the quality and functionality of the services
provided, and the processing of such data shall be without prejudice to the
rights and freedoms of users. Information about users is not used for any
additional purposes.

4.    
This data shall be processed
as part of the owner’s current activities, but not more than 60 days after
receipt of the information. After this time, the Owner may further process
general statistical data, which will be deprived of any information concerning
individual Users.

5.    
Please note that in some
cases, the software installed by the User on the terminal device, used for
browsing websites (e.g. a web browser) introduces a default storage of Cookies
in the User’s terminal device. Users can change the Cookies settings at any
time. These settings can be changed, among other things, to block automatic
settings of Cookies or to inform on their placement in the end-users device.
Detailed information about the possibilities and ways of handling cookies are
available in the software settings (browser).

6.    
The user may at any time
disable or restore the option of collecting cookies by changing the settings of
his device and web browser in the use of cookies or other similar technologies.

7.    
Changing the settings is an
objection that may cause inconvenience in using the Website in the future.
Disabling the option of accepting Cookies allows the User to view the website
content except when it is required to log in to access it.

8.    
Leaving the settings
unchanged means that the data will be placed in the User’s final device (using
the Website will cause automatic placement of cookies in the User’s final
device).

9.    
Cookies are stored on users’
devices for a maximum of 12 months.

10.  
The stored data placed in the
User’s end device do not cause any configuration changes in the User’s end
device or the software installed in that device.

11.  
The information on Cookies
also applies to other similar technologies used in the Service.

4. Complaints

1.    
Claims can be submitted to
the owner in electronic form at reklamacje@enger.pl.

2.    
There is a possibility of
using out-of-court ways of handling complaints and pursuing claims in legal
relations with Consumers, including:

1)
Electronic dispute resolution via ODR (online dispute resolution), available at
https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=PL

2) the possibility of
arbitration proceedings before a common court or other authorities.

3.    
The owner undertakes to deal
with the complaint within 14 days.

4.    
If the complaint is
acknowledged, the Owner will take appropriate action.

5.    
To process the complaint, the
owner shall process the data of the users submitting the complaint, in
particular the e-mail address, name, content of the complaint, circumstances of
the complaint, information obtained during the complaint handling process,
including an explanation of the incident that caused the complaint. In the
course of processing the complaint, the Owner may process some other
information, including information about the User’s use of the Services,
cookies or other similar technologies, information about devices. These data
are processed following Article 6 (1) (b) of the Regulation to deal with the
complaint and are processed for the time necessary to deal with the complaint
and after the complaint procedure has been completed for archiving purposes following
the Accounting Act, in the event of defence against possible claims against the
service provider.

6.    
Where an investigation is
initiated for possible breach of the provisions of the Regulations, Policy or
law, rules of social coexistence or good manners, the Owner may process the
User’s data until the end of the pending proceedings and until the expiry of
the limitation period for claims, which usually amounts to 3 years, but in
special cases provided for by law it may be longer. The data will then be
processed, including those made available following Article 6(1)(f) of the
Regulation, i.e. in the controller’s legitimate interest in pursuing its claims
against the User. The legitimate interest of the controller will then take
precedence over the rights and freedoms of the user.

5. Final provisions

1.    
The policy was adopted by
order of the Owner and enters into force on 10.04.2020.

2.    
Any deviation from the Policy
must be made in writing under pain of nullity.

3.    
The law applicable to the
Policy is the law of the Republic of Poland.

4.    
In matters not covered by the
Policy, the relevant legal provisions shall apply.