Privacy policy

PRIVACY POLICY

General

This Privacy Policy defines the methods of using and protecting personal data necessary to provide services electronically via the www.bff.bio online store.

The administrator of the www.bff.bio online store is:

BEYOND FUNCTIONAL FOOD SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Warsaw, at ul. Józefa Mehoffera 29 U2, 03-131,  registered by District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division of the National Court Register, KRS No. 000101547, NIP5242961467, REGON 524280330, with a share capital of PLN 20,000.00

The administrator of the Customer's personal data is

BEYOND FUNCTIONAL FOOD SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Warsaw, at ul. Józefa Mehoffera 29 U2, 03-131,  registered by District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division of the National Court Register, KRS No. 000101547, NIP5242961467, REGON 524280330, with a share capital of PLN 20,000.00< /span> (hereinafter: Administrator), phone: 789 682 286, e-mail: info@bff.bio

Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /WE (General Data Protection Regulation) (hereinafter: GDPR).

The data collected by the Administrator will be:
  • processed lawfully,
  • processed for clearly defined purposes and not subjected to further processing incompatible with these purposes
  • substantively correct and adequate in relation to the purposes for which they are processed
  • stored no longer than it is necessary to achieve the purpose of processing

Voluntary provision of personal data

The provision of personal data by the customer is voluntary in order to use the online shop www.bff.bio. Failure to provide certain data may restrict the use of the online shop www.bff.bio. The above data is processed on the basis of the Customer's consent, which the Customer gives by ticking the appropriate box on the order form and the registration form.

1. The information we collect

1.1. Information provided by you:

  • When you make a purchase on our website, you will need to provide us with certain information, such as your name, email address, home address, telephone number and payment information.
  • When you send us an enquiry via the contact form, you must provide us with your name and email address.
  • When you subscribe to our newsletter, you must provide us with your email address.
  • When you create an account on our website, you must provide us with your e-mail address and password.

1.2. Information collected automatically:

  • When you use our website, we collect certain information automatically, such as your IP address, web browser information, device type, access time, and the ways in which you have used our website.
  • We use cookies to collect information about your preferences and activities on our website [see cookie policy]

1.3. Information Shopify collects:

We use the Shopify platform to run our website and operate the online store. Shopify automatically collects some information about you and your activities on our website, such as your IP address, browser type and language, access time and pages you have been on. For more information about the information Shopify collects and how it uses it, please see the Shopify Privacy Policy available at https://www.shopify.com/legal/privacy.

2. Use of Information

2.1. Our use of:

  • We use the information we collect to ensure that our website and related services function properly.
  • We use the information we collect to contact you to respond to your inquiries, process orders, and to inform you about new offers and promotions.

2.2. Sharing information:

  • We do not share your personal information with other entities without your consent, unless it is required by law or it is necessary to perform our services (e.g. to process payments).
  • We work with companies that provide services to us, such as payment service providers and courier companies. These entities have access to certain information to perform their services, but may not use it in any other way.
  • We use analytics tools such as Google Analytics to monitor our website traffic and analyze user behavior to improve our services.

2.3. Recipients of personal data:

Current list of entities to whom we may disclose your personal data:

  • Shopify Inc, 33 New Montgomery St Ste 750 San Francisco California 94105.
  • Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States.
  • Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, United States.
  • DPD Polska Sp. z o.o., ul. Mineralna 15, 02-274 Warsaw.
  • InPost S.A, ul. Wielicka 28, 30-552 Kraków.
  • Alsendo sp. z o.o. 1 F. Klimczaka Street, 02-797 Warsaw.
  • Mazuko Finance sp. z o.o. ul. Mehoffera 29 lok U2, 03-131 Warsaw.
  • Web INnovative Software Sp. z o.o., ul. Bolesława Krzywoustego 105/21, 51-166 Wrocław.
  • BaseLinker Sp. z o.o., Plac Solny 15, 50-062 Wrocław.
  • Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin.
  • PayPro S.A. ul. Pastelowa 8, 60-198 Poznań, Poland.
  • PayPal (Europe) S.à r.l. et Cie, S.C.A. 22-24 Boulavard Royal, L-2449 Luxembourg.

3. Security

3.1. Information Security:

  • Caring about the security of your information is crucial to us. We use various security measures, such as SSL encryption, to protect your information from unauthorized access, loss, damage or unauthorized alteration.
  • We try to regularly update our data protection methods and procedures to ensure the highest level of security.
  • We use advanced security technologies, such as firewalls, to protect our systems and your data from hackers and other threats.
  • We have controls in place to make sure your information is secure, such as login authentication procedures and identity checks when processing orders.
  • Our employees only have access to your information to perform their job duties, and all of our employees are required to maintain the confidentiality of your personal information.

4. Your rights

You have the right to request information about what information we have about you and how it is used at any time.

On the basis of the GDPR, you have the right to:

  • request access to your personal data,
  • request rectification of your personal data,
  • request to delete your personal data,
  • requests to limit the processing of personal data,
  • objection to the processing of personal data,
  • requests to transfer personal data.

If you submit any of the above-mentioned requests to us, without undue delay - and in any case within one month of receiving the request - we will provide you with information about the actions taken in connection with your request.

If necessary, we may extend the monthly period by another two months due to the complexity of the request or the number of requests.

In any case, we will inform you within one month of receiving the request about the extension of the deadline and give you the reasons for the delay.

You can withdraw your consent to the processing of your personal data at any time. Withdrawal of consent to the processing of personal data does not affect the lawfulness of the processing carried out by us on the basis of your consent before its withdrawal.

If you want to withdraw your consent to the processing of your personal data, submit your request to: info@bff.bio


5. Cookies

When browsing the www.bff.bio website, "cookies" are used, i.e. small text files that are saved on your end device in connection with the use of the www.bff.bio online store.

They are created by your web browser and store the settings and information needed for the proper operation of the website. On subsequent visits to the site from the same device, the browser can check for the existence of files

"cookies"  storing important information and resending them to the visited website that previously saved the files

"cookies" on your device. In this way, the website can recognize whether you have visited it before and, for example, adjust the presented content to you.


Files

"cookies"make it easier for you to use previously visited websites. If you use the same device and browser as before, it allows you to remember your preferences and allows you to properly display the website, tailored to individual needs. Cookies allow you to create statistics that help you understand how visitors use the website, which allows you to improve its structure and content.

Controlling and deleting files

“cookies”

You can change the way cookies are used at any time. Most browsers offer the option of accepting or rejecting all cookies, accepting only certain types of cookies, or informing you each time a website tries to save them. You can also easily delete files

“cookies” that have already been saved on the device by the browser. The options for managing and deleting cookies vary depending on the browser you use. All necessary information can be found by the User using the Help function in their browser or by visiting the website http://www. aboutcookies.org, which explains how to control and delete cookies

“cookies”  in the most popular browsers. Please note that blocking all

"Cookies" can cause difficulties in action or completely prevent the use of certain functionalities of the site.


6. Final Provisions

This Privacy Policy may change at any time. Any changes will be posted on our website.

Possibility to file a complaint

You have the right to lodge a complaint with the supervisory body dealing with the protection of personal data - the President of the Office for Personal Data Protection.

Possibility of submitting a request for information about data or their processing in electronic form

You can submit requests regarding the processing of personal data by e-mail to the data controller's address.

In matters not covered by the regulations, the provisions of the Civil Code and relevant acts of Polish law, as well as European Union law, in particular the GDPR (Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC).