Your city
$
English (US)
Categories
 
+1 646 303 9208
0Cart

Privacy policy


Providing personal data and consent for its processing are completely voluntary. Any personal data provided to us will be processed exclusively within the scope and purpose for which you have given consent. If you choose not to provide the necessary data for processing your order and do not consent to its processing, we will unfortunately not be able to fulfill your order. Please remember that you have the right to update or completely delete your personal data at any time. You can do this on your own, or by using our help, which we will gladly provide. Our company adheres to a strict personal data security policy. Your personal data is secure with us, and we make every effort to ensure that this level of security improves year after year. We believe that reviewing our privacy policy will make you feel secure and allow you to enjoy shopping on pemum.com.

I. Data Controller

The data controller of pemum.com (hereinafter referred to as Pemum), responsible for ensuring the security of your personal data, is: JDN Justyna Dawidowicz Moderska 11 62-060 Strykowo NIP: 7773356501

II. Personal Data Protection System

Pemum has implemented technical and organizational measures to ensure the protection of processed data in accordance with the requirements set out in the applicable personal data protection regulations. In particular, the following are considered:

  • Regulation of the Minister of the Interior and Administration of April 29, 2004, regarding the documentation of personal data processing and the technical and organizational conditions that devices and information systems used for personal data processing should meet (Journal of Laws No. 100, item 1024);
  • Guidelines of the General Inspector for Personal Data Protection;
  • Regulation (EU) 2016/679 of the European Parliament and Council of April 27, 2016, regarding the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC.

The key components of the implemented personal data protection system include:

  • SSL Certificate, which ensures that communication between your computer and pemum.com is encrypted with a 256-bit key.
  • We collect and process only necessary personal data for the shortest possible time, and for any activities not related to the execution of the sales agreement, you must give separate consent.
  • Access to your personal data is granted only to authorized individuals who are trained in personal data protection, guaranteeing its security.
  • The IT system of pemum.com and internal company procedures meet all standards of personal data protection.
  • Pemum has fulfilled all obligations under the law concerning personal data protection.

III. Personal Data - Purpose of Processing

FULFILLMENT OF THE ORDER

If you place an order on our online store, we use your personal data provided during the order process to fulfill the order, enable you to make payments, and send notifications about the order and delivery status.

What personal data do we process for this purpose?

  • Client's first and last name (required)
  • Address data (required)
  • Email (required)
  • Phone number (required)
  • For businesses: company name and NIP (required for businesses)
  • Shipping address (optional)
  • If another person is specified as the shipping recipient: first and last name, address, and phone number of the person receiving the order (optional)
  • Payment data.

Providing the above personal data, marked as required, is voluntary, or in some cases, required by law. However, failure to provide this data will prevent the order from being placed. Failure to provide optional data, marked as optional, will prevent the use of additional options (e.g., not providing an alternative shipping address will prevent the order from being sent to another address).

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Execution of the contract with you [Article 6(1)(b) GDPR]
  • Legitimate interest of the controller – for direct marketing purposes, including profiling and customer satisfaction surveys [Article 6(1)(f) GDPR]
  • Legitimate interest of the controller – for defense/claim purposes [Article 6(1)(f) GDPR]
  • Fulfillment of legal obligations by the controller [Article 6(1)(c) GDPR in relation to accounting law].

How long do we store your data? We will store your data for up to 6 years due to the length of the statute of limitations for claims (Article 118 of the Civil Code, Article 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed for longer – until the final judgment in that proceeding. If additional data has been provided, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Data provided during the order process is processed by Pemum and the following entities to the extent indicated below:

  • First and last name, address, phone number, email provided as the delivery address are transferred to courier companies in the form of a shipping label/consignment note, which is also an instruction for delivery depending on the chosen shipping method, and are sent to:
    • Poczta Polska SA in Warsaw (KRS: 0000334972, NIP: 525-000-73-13)
    • InPost Sp. z o.o. in Kraków (KRS 0000543759, NIP: 6793108059)
  • First and last name, address, NIP provided as the data for the sales document are transferred in the form of a sales document to the accounting system:
    • ifirma.pl - invoicing software.
  • If payment is made via an external payment system, any data provided after being redirected to the payment operator’s site remains recorded exclusively in their database and is not available or stored by Pemum.

Pemum cooperates with the following payment operators: The entity providing online payment services is Stripe, Inc., based in South San Francisco, California, United States, and Dublin, Ireland. Data is stored for a period of 5 years from the end of the calendar year following the year in which the sales document was issued, in accordance with the applicable regulations governing the storage of accounting documents.

 

  CUSTOMER ACCOUNT OF AN ONLINE STORE

If you agree to this and create a Customer Account, Pemum will process your personal data provided in the registration form of the Customer Account and in the section containing customer personal data on the Customer Account, in order to establish and use your Customer Account for the online store.

What personal data do we process for this purpose?

  • Customer’s first and last name (required)
  • Email (required)
  • For entrepreneurs: company name and VAT ID (required for entrepreneurs)
  • Address details (optional)
  • Shipping address (optional)
  • Additional email addresses (optional)
  • Phone number (optional)
  • Date of birth (optional, if you use the Birthday Gifts option)
  • In case you provide another person for shipping: name and surname of the person to ship the order to, and their address details and phone number (optional)
  • Purchase history (including withdrawals from contracts concluded online)
  • Loyalty program points and applicable discounts (if the customer joined the loyalty program)

Providing the above personal data marked as required is voluntary or, in some cases, a requirement of applicable law. However, failing to provide these personal data will prevent the creation of a Customer Account. Failing to provide optional data prevents the use of additional options that require this data (e.g., not providing optional shipping address data will prevent delivery to a different address). If additional data is provided, you have the right to withdraw this consent at any time. Withdrawal of consent does not affect the legality of processing that was done based on the consent before it was withdrawn.

On what legal basis do we process your personal data? The legal basis for processing your data is:

  • Performance of the contract concluded with you [Article 6(1)(b) GDPR]
  • Consent for processing personal data [Article 6(1)(a) GDPR]
  • Legitimate interest of the administrator – for direct marketing purposes, including profiling and customer satisfaction surveys [Article 6(1)(f) GDPR]
  • Legitimate interest of the administrator – for defense/claims purposes [Article 6(1)(f) GDPR]
  • Fulfillment of the administrator's legal obligations [Article 6(1)(c) GDPR in conjunction with accounting regulations]

How long do we store your data? We will store your data for up to 6 years, considering the statute of limitations for claims (Article 118 Civil Code, Article 86 § 1 of the Tax Code). In the case of ongoing proceedings regarding claims, your data may be processed for a longer period, until a final judgment in that case is reached. If you provide additional data, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of processing based on the consent before its withdrawal.

SENDING COMMERCIAL INFORMATION VIA ELECTRONIC MEANS AND NEWSLETTER

If you agree to this, Pemum will process your personal data to send you commercial information via electronic means.

What personal data do we process for this purpose?

  • First and last name
  • Email
  • Phone number

Providing the above personal data is voluntary, but failing to provide it will prevent you from receiving information about our latest collections and offers via the mentioned methods (phone and/or email).

On what legal basis do we process your personal data? The legal basis for processing your data is:

  • Consent for processing personal data [Article 6(1)(a) GDPR]
  • Legitimate interest of the administrator – for defense/claims purposes [Article 6(1)(f) GDPR]

How long do we store your data? We process your data until you withdraw your consent. You have the right to withdraw this consent at any time. Withdrawal of consent does not affect the legality of processing based on the consent before it was withdrawn. You can unsubscribe from the newsletter at any time by clicking the unsubscribe link located in the footer of each newsletter.

The email address is transmitted and processed solely for sending emails to: JDN Justyna Dawidowicz, Moderska 11, 62-060 Strykowo, NIP 7773356501.

COMPLAINT HANDLING

If you file a complaint, Pemum will process your personal data to handle the complaint process.

What personal data do we process for this purpose?

  • First and last name (required)
  • Address details (required)
  • Email (optional)
  • Phone number (optional)
  • Account number (optional)
  • Purchase history (including complaints)

Providing the above personal data marked as required is voluntary or, in some cases, required by law. However, failing to provide this data will prevent the acceptance and handling of the complaint. Failing to provide optional data prevents the use of additional options requiring this data (e.g., failing to provide the account number makes it impossible to process payments via a customer account if such a payment is owed due to the complaint; failing to provide a phone number/email prevents contacting the customer for the complaint process).

On what legal basis do we process your personal data? The legal basis for processing your data is:

  • Performance of the contract concluded with you [Article 6(1)(b) GDPR]
  • Fulfillment of the administrator's legal obligations [Article 6(1)(c) GDPR in conjunction with the provisions of Articles 556-576 of the Civil Code/ Article 8(3)(4) of the Act on Electronic Services]
  • Legitimate interest of the administrator – for defense/claims purposes [Article 6(1)(f) GDPR]
  • Fulfillment of the administrator's legal obligations [Article 6(1)(c) GDPR in conjunction with accounting regulations]

How long do we store your data? We will store your data for up to 6 years due to the statute of limitations for claims (Article 118 Civil Code, Article 86 § 1 of the Tax Code). In the case of ongoing proceedings regarding claims, your data may be processed for a longer period until a final judgment in that case is reached. If you provide additional data, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of processing based on the consent before it was withdrawn.

 

HANDLING WITHDRAWALS FROM DISTANCE CONTRACTS

If you submit a withdrawal from a contract concluded in our online store, Pemum processes your personal data in order to handle the withdrawal from the distance contract.

What personal data do we process for this purpose?

  • Name and surname (required)
  • Address data (required)
  • Email (optional)
  • Phone number (optional)
  • Account number (optional)
  • Purchase history (including contract withdrawals)

Providing the above personal data, which is marked as required, is voluntary, or in some cases, required by applicable law. However, failure to provide this personal data will prevent the acceptance and consideration of the withdrawal from the distance contract. Failure to provide optional data prevents the use of additional options that require this data (e.g., not providing an account number prevents the payment via bank transfer if the customer is entitled to receive a payment for the withdrawal from the contract, in case the payment for the order was made by a method other than a bank transfer; not providing a phone number/email address prevents this contact method from being used for the withdrawal process).

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Fulfillment of obligations arising from legal regulations [Art. 6(1)(c) GDPR in conjunction with Articles 27-38 of the Consumer Rights Act]
  • Legitimate interest of the administrator – for the defense/claim purposes [Art. 6(1)(f) GDPR]
  • Fulfillment of obligations arising from legal regulations [Art. 6(1)(c) GDPR in conjunction with accounting regulations]

How long do we store your data? We will store your data for up to 6 years due to the length of limitation periods for claims (Art. 118 of the Civil Code, Art. 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed longer – until the final judgment of such proceedings. If additional data is provided, you have the right to withdraw this consent at any time. Withdrawing consent does not affect the legality of processing carried out before its withdrawal, in accordance with applicable law.

LOYALTY PROGRAM

If you join the Loyalty Program, Pemum processes the personal data you provide in the registration form for the purpose of participation in the Loyalty Program.

What personal data do we process for this purpose?

  • Name and surname (required)
  • Email (required)
  • In the case of entrepreneurs – company name and VAT number (required)
  • Phone number (optional)
  • Address data (optional)
  • Date of birth (optional, if you use the Birthday Gifts option)
  • Points and the discount you are entitled to in the Loyalty Program (if the customer joined the program)

Providing the above personal data marked as required is voluntary, or in some cases, required by applicable law. However, failure to provide this personal data will prevent participation in the Loyalty Program. Failure to provide optional data prevents the use of additional options for which the data is required.

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Performance of the contract [Art. 6(1)(b) GDPR]
  • Consent of the data subject [Art. 6(1)(a) GDPR]
  • Legitimate interest of the administrator – for the purposes of direct marketing, including profiling and customer satisfaction research [Art. 6(1)(f) GDPR]
  • Legitimate interest of the administrator – for the defense/claim purposes [Art. 6(1)(f) GDPR]
  • Fulfillment of obligations arising from legal regulations [Art. 6(1)(c) GDPR in conjunction with accounting regulations]

How long do we store your data? We will store your data for up to 6 years due to the length of limitation periods for claims (Art. 118 of the Civil Code, Art. 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed longer – until the final judgment of such proceedings. If additional data is provided, you have the right to withdraw this consent at any time. Withdrawing consent does not affect the legality of processing carried out before its withdrawal, in accordance with applicable law.

ISSUING INVOICES

If required by tax regulations or upon your request for an invoice/name-based receipt/credit note, Pemum processes your personal data for the purpose of issuing such documents.

What personal data do we process for this purpose?

  • Name and surname (required)
  • Address data (required)
  • In the case of entrepreneurs: company name and VAT number (required for entrepreneurs)
  • Shipping address (optional)

Providing the above personal data marked as required is voluntary, or in some cases, required by applicable law. However, failure to provide this personal data will prevent the issuance of an invoice/name-based receipt/credit note. Failure to provide optional data prevents the use of additional options for which the data is required (e.g., not providing an alternative shipping address will prevent the invoice/receipt from being sent to a different address).

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Legitimate interest of the administrator – for the purposes of defense/claim [Art. 6(1)(f) GDPR]
  • Fulfillment of obligations arising from legal regulations [Art. 6(1)(c) GDPR in conjunction with accounting regulations]

How long do we store your data? We will store your data for up to 6 years due to the length of limitation periods for claims (Art. 118 of the Civil Code, Art. 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed longer – until the final judgment of such proceedings. If additional data is provided, you have the right to withdraw this consent at any time. Withdrawing consent does not affect the legality of processing carried out before its withdrawal, in accordance with applicable law.

CUSTOMER SERVICE (EMAIL AND PHONE CONTACT)

If you contact Customer Service with a question or request for assistance, Pemum processes your personal data to handle your inquiry/issue.

What personal data do we process for this purpose?

  • Name and surname (required)
  • Address data (required)
  • Email (required)
  • Phone number (optional)
  • Account number (optional)
  • Payment data
  • Purchase history (including information about contract withdrawals, complaints)
  • Points and discounts in the Loyalty Program (if the customer joined the program)

Providing the above personal data marked as required is voluntary, or in some cases, required by applicable law. However, failure to provide this personal data will prevent the handling of your inquiry/issue. Failure to provide optional data prevents the use of additional options for which the data is required (e.g., not providing a phone number will prevent this contact method for the withdrawal process).

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Performance of the contract [Art. 6(1)(b) GDPR]
  • Consent of the data subject [Art. 6(1)(a) GDPR]
  • Legitimate interest of the administrator – for the purposes of direct marketing, including profiling and customer satisfaction research [Art. 6(1)(f) GDPR]
  • Legitimate interest of the administrator – for defense/claim purposes [Art. 6(1)(f) GDPR]

How long do we store your data? We will store your data for up to 6 years due to the length of limitation periods for claims (Art. 118 of the Civil Code, Art. 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed longer – until the final judgment of such proceedings. If additional data is provided, you have the right to withdraw this consent at any time. Withdrawing consent does not affect the legality of processing carried out before its withdrawal, in accordance with applicable law.

DIRECT MARKETING - CUSTOMER SATISFACTION SURVEY

If you make purchases in our stores, Pemum processes your personal data for direct marketing purposes, specifically customer satisfaction surveys. We allow you to complete an anonymous survey on the store's website and/or send you an invitation to share your opinion about the purchases made.

What personal data do we process for this purpose?

  • Email

Providing the above personal data is voluntary.

On what legal basis do we process your personal data? The legal basis for processing these data is:

  • Consent of the data subject [Art. 6(1)(a) GDPR]
  • Legitimate interest of the administrator – for direct marketing purposes, including customer satisfaction research [Art. 6(1)(f) GDPR]
  • Legitimate interest of the administrator – for defense/claim purposes [Art. 6(1)(f) GDPR]

How long do we store your data? We will store your data for up to 6 years due to the length of limitation periods for claims (Art. 118 of the Civil Code, Art. 86(1) of the Tax Ordinance). In the case of ongoing proceedings regarding claims, your data may be processed longer – until the final judgment of such proceedings. You have the right to withdraw consent for processing your data at any time. Withdrawing consent does not affect the legality of processing carried out before its withdrawal, in accordance with applicable law.

CORRESPONDENCE

If we receive personal data that is not necessary for fulfilling the contract or legal obligation, such as in correspondence with us, withdrawal forms, warranty, or guarantee data, we will immediately delete or anonymize them and not process them further. Please do not provide us with personal information and data that we have not directly requested and which are irrelevant to the execution of the contract or legal obligation.

V. Cookies - Your Personal Data Automatically Collected Upon Visiting pemum.com

Cookies (also known as "cookies") are data files, particularly text files, which are stored on the end device of the pemum.com client.

There are two main types of cookies used on pemum.com: "session" cookies and "persistent" cookies. Session cookies are temporary files stored on the end device until the user logs out, leaves the website, or shuts down the software (web browser). Persistent cookies remain on the end device for a period specified in the cookie parameters or until the user deletes them.

Pemum.com uses the following types of cookies:

  • Essential cookies: These are required to use the services available on pemum.com. For example, authentication cookies used for services requiring login.
  • Security cookies: These are used to ensure security, such as detecting authentication abuse on pemum.com.
  • Performance cookies: These cookies collect information on how the website is used.
  • Functional cookies: These help "remember" the user’s chosen settings and personalize the pemum.com interface.
  • Advertising cookies: These deliver tailored advertising content based on the user's interests.

In most cases, the web browser software used for browsing automatically allows cookies to be stored. If you do not agree to the storage of cookies on your device, you can block them by configuring your web browser appropriately. Instructions for doing so can be found in your browser's help files. However, if you block cookies from pemum.com, we cannot guarantee its proper functionality.

If you agree to the placement of cookies on your device but would like to delete them after visiting pemum.com, you can do so without risk, and instructions on how to do so can also be found in your browser’s help files.

A. Pemum.com (Server) The IT system used by pemum.com automatically collects data related to the device you use to connect to pemum.com. This data is collected solely for statistical purposes and includes: device type, operating system, browser type, screen resolution, color depth, IP address, internet service provider, and the entry point to pemum.com. These data are used solely to optimize pemum.com and ensure the highest comfort of use.

This data is never combined with personal data as mentioned in Section III and is only used for statistical analysis and system error correction mechanisms. Pemum.com uses store software, and the company providing the software does not have access to personal data and does not process it in any way.

Data is processed for 24 months from the last activity.

B. Pemum.com (Cookies) Pemum.com uses cookie technology, which are text files placed on your device, to recognize you and tailor the site to your needs.

Pemum.com uses cookies for:

  • Remembering your shopping cart contents (session lasts 30 days from the last activity, after which the cookie is deleted);
  • Remembering your display preferences for pemum.com (session lasts 30 days from the last activity, after which the cookie is deleted);
  • Creating statistics and reports regarding pemum.com usage (session lasts 30 days from the last activity, after which the cookie is deleted);
  • Personalizing the appearance of pemum.com by displaying products that the store’s algorithm deems interesting to you based on products you’ve purchased, added to the cart, searched for, and their authors, manufacturers, categories – in short, similar products, but never directly linked to your personal data. (session lasts 30 days from the last activity, after which the cookie is deleted).

C. Google Analytics (Cookies) Google Analytics uses cookies, which are text files placed on your device to analyze the traffic sources and how visitors interact with pemum.com. Google collects data from cookies on its servers and uses this information to create reports and provide other services related to internet usage.

Google may also share this information with third parties if required by law or if those third parties process such data on Google’s behalf. This data is never linked to personal data and is only used for statistical analysis and system error correction mechanisms.

Data is processed for 12 months from the last activity, after which the cookie is deleted.

D. Google AdWords (Cookies) Google AdWords uses cookies, which are text files placed on your device, to assess the correctness and effectiveness of advertising activities carried out using the AdWords network. Google collects data from cookies placed on devices and uses this information to create reports and provide other services related to internet usage.

Google may also share this information with third parties if required by law or if those third parties process such data on Google’s behalf. This data is never linked to personal data and is only used for statistical analysis and system error correction mechanisms.

Data is processed for 12 months from the last activity, after which the cookie is deleted.

E. Cookies from Partner Servers Pemum.com uses scripts and software elements provided by and located on the servers of its business partners. These cookies may contain data necessary for the partner to provide the service to pemum.com or may contain data not listed in the privacy policy.

Pemum.com carefully selects its business partners but does not take responsibility for their cookie policy. Therefore, we recommend verifying each of our partners independently and deciding whether you wish to accept their cookies.

Pemum.com uses scripts from the following partners:

  1. Google Inc., Mountain View (CA, USA)
  2. Facebook Inc., Menlo Park (CA, USA)

VI. Privacy and Security Policy of Pemum.com Partners Pemum.com carefully selects its business partners and also verifies the inclusion of links to other websites. However, Pemum.com is not responsible for the standards and privacy policies implemented by the owners, operators, or administrators of these websites. We therefore recommend verifying each of our partners’ privacy policies and making an independent decision on whether to entrust them with your personal data. Google – https://www.google.pl/intl/pl/... Facebook – https://www.facebook.com/about...

VII. Sharing Your Personal Data In exceptional cases where applicable law requires the Data Controller to provide collected data to government authorities, pemum.com will do so. Except for these situations, your personal data, as permitted by law and based on separate data processing agreements, will be provided to specific entities solely for the purpose of fulfilling a contractual or legal obligation of the Data Controller. Entities to which data may be provided include: advertising agencies, banks, accounting offices, IT service providers, courier companies, logistics companies, payment institutions, and carriers.

In such cases, the Data Controller enters into data processing agreements with these entities, guaranteeing the highest standards of protection, confidentiality, and security of personal data, and ensures they are used only for fulfilling a contractual or legal obligation.

VIII. Changes to the Privacy Policy of Pemum.com Pemum.com reserves the right to change the privacy policy if required by law, changes occur in the technological conditions of pemum.com, or if the change introduces a higher standard than the minimum required by law.

Pemum.com will notify you of any changes electronically (to the email address provided during registration). The latest version of the privacy policy will always be available at https://pemum.com/privacy-poli...

IX. Your Rights Under applicable law, regarding your personal data, you have the right to:

  • Refuse or limit the processing of personal data;
  • Object to the processing of personal data;
  • Access your personal data;
  • Rectify or delete personal data;
  • Transfer your personal data;
  • Withdraw consent for the processing of personal data;
  • File a complaint with the supervisory authority – the President of the Personal Data Protection Office.

These rights are inalienable and cannot be restricted. We are always happy to assist you and provide information, and some of the rights mentioned above can be exercised independently.

X. Contact Pemum.com contacts you using the provided email address, and only in exceptional cases will we use the phone number you provided.

If you have any questions or concerns regarding the privacy policy and the security of your personal data, please feel free to contact us via email: contact@pemum.com. If you wish to update or delete your personal data and are unable or unwilling to do so independently, please contact us at contact@pemum.com.

You can also correspond with us at the following address: JDN Justyna Dawidowicz Moderska 11 62-060 Strykowo NIP 7773356501

Version 10.1 (Strykowo, January 1, 2025)