Privacy Policy

§1. General Information

1. This privacy policy sets out the rules for the processing of personal data of Users using the Website and the use of cookies.
2. The administrator of personal data is LAPARO Sp. z o.o., with its registered office in Wrocław at 54 Armii Krajowej St., 50-541 Wrocław, entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000595136, NIP: 8971818380, REGON: 363450897, with the email address sales@laparo.pl.
3. The Administrator processes personal data in accordance with the provisions of the GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council).
4. Providing personal data by the User is voluntary, but necessary in order to conclude a contract, receive commercial information, make contact, or use certain functionalities of the Website.

§2. Rules for the Processing of Personal Data

[Purposes of Processing]

1. The User’s personal data may be processed for the following purposes:
2. performance of a contract concluded with the User (e.g., sales in the Online Store),
3. sending newsletters,
4. contacting the User,
5. direct marketing of the Administrator’s products and services,
6. creating statistics and analyzing User behavior.

[Data Recipients]

The Administrator may share personal data with its subcontractors (e.g., IT service providers, accounting, legal, marketing, courier, and payment processing companies), as well as with specific entities such as:

• Facebook Ireland Ltd. (Facebook Pixel),
• LinkedIn Ireland Unlimited Company (LinkedIn Insight Tag),
• Google LLC i Google Ireland Limited (Google Analytics, Google Ads),
• MailerLite Inc. (mail/newsletter sending).
• The Administrator and Facebook Ireland jointly process the User’s personal data in accordance with Article 26 of the GDPR – more information: link.

[Transfer of Data Outside the EEA]

The Administrator transfers data outside the European Economic Area only to:

• Google LLC,
• MailerLite Inc.,
• Facebook Ireland Ltd.
• The data transfer is based on standard contractual clauses (Article 46(2) of the GDPR):
• Google (https://business.safety.google/adsprocessorterms/sccs/)
• MailerLite (https://www.mailerlite.com/pl/legal/data-processing-agreement)
• Facebook (https://www.facebook.com/legal/EU_data_transfer_addendum)

[Retention Period]

Data are stored for the following periods:

• for the duration of contract performance and the period necessary for the limitation of claims,
• until consent is withdrawn (newsletter, marketing),
• 3 years (contact, statistics, analyses).

[User Rights]

The User has the right to:

• access their data,
• rectify, delete, or restrict the processing of their data,
• data portability,
• object to data processing,
• withdraw consent (if consent was the basis for processing),
• lodge a complaint with the President of the Personal Data Protection Office (UODO).

The User may also ask the Administrator on what basis their personal data are being processed.

§3. Automated Decision-Making

1. The Administrator does not make decisions based solely on automated processing, including profiling, that would produce legal effects concerning Users or similarly significantly affect them.

§4. Cookies

The Administrator uses cookies – data stored on the User’s end device – for the following purposes:

1. customizing the content of the Website to the User’s preferences,
2. personalizing advertisements,
3. creating statistics and analyses.

Cookies are divided into:

• “session” cookies (deleted after the session ends),
• “persistent” cookies (remain on the device until deleted or expired).

The User may change their browser settings to limit or block cookies – however, this may hinder the use of the Website.

Information on how to manage cookies can be found, among others, on the browser websites:

• Firefox, Chrome, Microsoft Edge, Opera, Safari.

Consent to cookies may be given via browser settings in accordance with the Telecommunications Law.

§5. External and Marketing Tools

[Google]

The Administrator uses:

1. Google Analytics – analyzes User traffic and behavior (anonymously),
2. Google Ads – enables ad personalization.
3. The User can opt out of Google Analytics at the following link: https://tools.google.com/dlpage/gaoptout
4. Google ad personalization settings are available here: https://myadcenter.google.com/personalizationoff?sasb=true&ref=ad-settings
5. Google Privacy Policy: https://policies.google.com/privacy

[Facebook Pixel]

1. The Administrator uses Facebook tools for remarketing – collected data are anonymous and used for statistical purposes.
2. More information about Facebook privacy can be found at: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0, Instagram: https://help.instagram.com/155833707900388.

[Hotjar]

1. This tool analyzes User behavior (e.g., clicks, scrolling). The data are non-identifying.
2. Opt out of analysis: https://www.hotjar.com/policies/do-not-track/
3. Hotjar Privacy Policy: https://www.hotjar.com/legal/policies/privacy/

[Social Media]

Social media services may receive information about the User’s visits to the Website- details can be found in the privacy policies of those services.

The Website may integrate with the following platforms: LinkedIn, Facebook, Instagram, Twitter, YouTube.