Data and Cookies Protection Policy

This Security Policy describes the rules for processing information about you – including personal data – and the use of cookies while using the Fluo Dog online store.

1. General Information

1. This policy applies to the website www operating at the URL: https://fluo.dog.
2. The operator of the service and the Administrator of personal data is: Majsterkowo Łukasz Więcek (Łukasz Więcek), ul. Leona Wyczółkowskiego 79, 65-140 Zielona Góra.
3. The contact email address of the operator: [email protected].
4. The operator is the Administrator of your personal data in relation to the data provided voluntarily in the Service.
5. The Service uses personal data for the following purposes:
   • conducting a newsletter,
   • managing a comment system,
   • conducting online chat conversations,
   • handling inquiries via forms,
   • preparing, packing, and shipping goods,
   • fulfilling ordered services.
6. The Service performs functions of acquiring information about users and their behavior in the following ways:
   1. through voluntarily entered data in forms, which are entered into the Operator's systems,
   2. by saving cookies on end devices (so-called "cookies").

2. Selected Data Protection Methods Used by the Operator

1. Login and personal data entry locations are protected in transmission by the SSL (Secure Socket Layer) protocol. This ensures that personal data entered on the site is encrypted on the user's device and can only be read on the target server – protecting it from interception during transmission.
2. User passwords are stored in a hashed (one-way encrypted) form. The hashing function works one-way – it is impossible to reconstruct the original password from the hash value. This is the modern standard for password storage.
3. The operator periodically changes its administrative passwords.
4. To protect data, the Operator regularly performs backups of its systems, which helps secure data in case of failure or other circumstances causing loss.
5. An essential element of data protection is the regular update of all software used by the Operator to process personal data – particularly regular updates of system and library components.

3. Hosting

1. The Service is hosted (technically maintained) on the operator's servers: zenbox.pl.

4. Your Rights and Additional Information on Data Use

1. In some situations, the Administrator has the right to transfer your personal data to other recipients if necessary to fulfill the contract concluded with you or to fulfill obligations imposed on the Administrator. This applies to such groups of recipients:
   • hosting company (as part of data processing delegation),
   • couriers,
   • postal operators,
   • payment operators.
2. Your personal data is processed by the Administrator no longer than necessary to perform related activities (specified by separate regulations – e.g., accounting regulations). Regarding marketing data, they will not be processed longer than 3 years from the last activity.
3. You have the right to request from the Administrator:
   • access to your personal data,
   • correction of your data,
   • deletion,
   • restriction of processing,
   • data portability.
4. You have the right to object to the processing of your personal data for purposes arising from the legitimate interests pursued by the Administrator (including profiling). However, the right to object will not apply if there are important, legally justified grounds for processing that override your interests, rights, and freedoms – particularly grounds for establishing, pursuing, or defending claims.
5. You have the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw.
6. Providing personal data is voluntary, but necessary to use the Service (e.g., to create an Account or place an order).
7. Automated decision-making actions, including profiling, may be taken concerning you to provide services under the concluded contract and for the purpose of direct marketing by the Administrator.
8. Personal data is not transferred to "third countries" within the meaning of personal data protection regulations. This means that we do not send your data outside the European Union.

5. Information in Forms

1. The Service collects information voluntarily provided by the user (including personal data, if provided).
2. The Service may record information about connection parameters (timestamp, IP address).
3. In some cases, the Service may save information that facilitates linking data from the form with the email address of the user filling out the form. In such a situation, the user's email address will appear within the URL of the page after the form is filled out.
4. The data provided in the form is processed for the purpose resulting from the function of the specific form (e.g., to handle a service request, business contact, service registration, etc.). Each time, the context and description of the form clearly inform what it is for.

6. Administrator Logs

1. Information about user behavior in the Service may be logged. This data is used solely for administering the service.

7. Significant Marketing Techniques

1. The Operator uses statistical analysis of traffic on the site through Google Analytics (Google Inc. based in the USA). The Operator does not transfer personal data to Google, only anonymized information about your activity. The service uses cookies on the user's end device. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
2. The Operator uses the Facebook pixel (Facebook Inc. based in the USA). This technology allows Facebook to know that a given user (who is registered with them) is using our Service. In this technology, we rely on data for which Facebook is the administrator – the Operator does not transfer any additional personal data to Facebook. The service is based on the use of cookies on the user's end device.

8. Information about Cookies

1. The Service uses cookies.
2. Cookies (so-called "cookies") are IT data (small text files) that are stored on the end device of the Service user and are intended for use on the pages of this Service. Cookies usually contain the name of the domain of the service from which they come, the time of storage on the device, and a unique identifier.
3. The entity placing cookies on the end device of the User and accessing them is the Operator of the Service.
4. Cookies are used for the following purposes:
   • maintaining the user's session in the Service (after logging in), so the user does not have to re-enter their login and password on each subpage of the Service,
   • fulfilling the purposes specified above in the section "Significant Marketing Techniques".
5. Within the Service, two main types of cookies are used: "session" (session cookies) and "persistent" (persistent cookies). Session cookies are temporary files stored on the user's end device until logging out, leaving the site, or closing the browser. "Persistent" cookies are stored on the user's end device for the time specified in the cookie parameters or until they are deleted by the user.
6. Web browsing software (browser) by default allows the storage of cookies on the user's end device. However, Service users can change these settings – the browser allows for the deletion of cookies or their automatic blocking. Detailed information on this topic is included in the help or documentation of the browser used.
7. Limiting the use of cookies may affect some functionalities available on the pages of the Service (e.g., disabling "login" cookies may prevent logging in or maintaining the user's session).
8. Cookies placed on the end device of the User of the Service may also be used by entities cooperating with the Operator – particularly by companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing Cookies – How to Express and Withdraw Consent in Practice?

1. If the user does not want to receive cookies, they can change the browser settings (they have the right to do so). However, it should be noted that disabling cookies necessary for authentication, security, or maintaining preferences may hinder or even prevent the use of the Service.
2. To manage cookie settings, select from the list below the web browser you are using and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari (macOS)
   • Firefox
   • Opera

   Mobile Devices:

   • Android
   • Safari (iOS)
   • Windows Phone