Privacy Policy

Privacy Policy

Last updated: 12.12.2024r.

This document outlines the principles for collecting, processing, and using the personal data of the Website’s users to protect their privacy and security. Please read it carefully before using the Website.

Interpretation and Definitions

Interpretation

Words with initial capital letters have meanings defined under the following conditions. These definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Website refers to the online platform available at https://genxtro.com.
  • Administrator refers to the entity managing the Website.
  • User refers to an individual or entity accessing the Website.

Personal Data Administrator

The Administrator of personal data is the entity managing the Website, as specified in the main Terms and Conditions.

Collected Personal Data

The Website collects personal data provided by the User while using the Website, including:

  • First and last name
  • Email address
  • Delivery address
  • Phone number
  • Payment information

Purposes of Data Processing

Personal data of Users is processed for the following purposes:

  1. Fulfilling orders and delivering products

  2. Payment processing and handling order-related processes

  3. Marketing communication (with the User’s consent)

  4. Analyzing User behavior to improve the provided services

  5. Statistical purposes and profiling to tailor offers to User preferences

  6. Displaying personalized advertisements using cookies and tracking pixels

Legal Basis for Data Processing

Personal data is processed in compliance with GDPR based on:

  • The User’s consent (Article 6(1)(a) GDPR)
  • Performance of a contract (Article 6(1)(b) GDPR)
  • Delivery address
  • Legal obligations of the Administrator (Article 6(1)(c) GDPR)
  • Legitimate interests of the Administrator (Article 6(1)(f) GDPR)

Data Retention Period

Personal data will be stored for the period necessary to fulfill the purposes for which it was collected and subsequently deleted or anonymized in accordance with legal regulations.

Sharing Personal Data

The personal data of Users may only be shared with:

  • Payment operators for transaction processing
  • Fraud prevention services
  • Logistics and fulfillment service providers
  • External customer service centers (contact centers)

Data will not be transferred to entities located outside the European Union unless conditions set by GDPR, such as appropriate safeguards, are met.

User Rights

Under GDPR, Users have the following rights:

  1. Access personal data and receive a copy of it

  2. Rectify inaccurate personal data

  3. Delete personal data (“right to be forgotten”)

  4. Restrict data processing

  5. Object to data processing for marketing or profiling purposes

  6. Lodge a complaint with a supervisory authority (e.g., the Polish Personal Data Protection Office or another competent authority within the EU)

To exercise these rights, Users can contact the Administrator via the contact form available on the Website.

Administrator Rights

The Administrator reserves the following rights:

  1. Right to modify the Privacy Policy: The Administrator reserves the right to change this Privacy Policy at any time. In the case of significant changes, Users will be informed through the Website.

  2. Right to use data for legal purposes: The Administrator may process and share personal data to meet legal obligations, such as cooperation with law enforcement agencies.

  3. Right to optimize the Website: The Administrator may process aggregated anonymous data to improve Website functionality and perform statistical analyses.

  4. Right to restrict access: The Administrator may restrict access to the Website for Users who violate the Terms and Conditions or Privacy Policy.

  5. Right to transfer data in case of a change in ownership: The Administrator reserves the right to transfer the personal data database to a new owner in the event of the sale of the Website or business. Updates about any change in ownership will be clearly communicated to Users via the Website, including the identification of the new Data Administrator.

Cookies and Tracking Technologies

The Website uses cookies and tracking pixels to:

  1. Tailor advertisements to User preferences

  2. Analyze traffic on the Website

  3. Facilitate Website use and personalization

Types of cookies used on the Website:

  • Session cookies: Temporary files stored on the User’s device until the browser is closed.
  • Persistent cookies: Files stored for a specified period or until deleted by the User.

Users can manage cookie settings via their web browser or by using the Privacy Settings link available in the Website footer.

Restricting the use of cookies may impact the availability and functionality of certain services on the Website.

Data Breach Procedures

In the event of a data breach, the Administrator will take appropriate steps to mitigate its impact, including:

  1. Notifying the competent supervisory authority within 72 hours of detecting the breach (if required by law).

  2. Informing Users if the breach poses a high risk to their rights or freedoms.

  3. Implementing corrective measures to eliminate the risk of future breaches.

Data Security

The Administrator implements appropriate technical and organizational measures to secure personal data against unauthorized access, loss, alteration, or destruction. These measures include, among others, data encryption, access controls, and regular security audits.

Contact

For any questions regarding this Privacy Policy, please contact us via the contact form available at: https://genxtro.com/contact.