PRIVACY POLICY

This Privacy Policy outlines the rules for collecting, processing and using personal data acquired from you by the online store Kinderkraft under the domain www.kinderkraft.co.uk („the Website”, „the Site”, or „the Store”) by „4kraft” sp. z o.o., taking into account the applicable provisions, in particular, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC („the GDPR”). We make every effort to ensure that your privacy is respected and that the personal data you provide when using the Website and shopping at the Store are protected.

WHO PROCESSES YOUR DATA?

The Controller of your data is „4kraft” spółka z ograniczoną odpowiedzialnością based in Poznań at ul. Tatrzańska 1 lok. 5 (60-413 Poznań, Poland), entered into the Register of Entrepreneurs kept by the District Court for Poznań - Nowe Miasto i Wilda in Poznań, 8th Commercial Division of the National Court Register under KRS (National Court Register) number: 0000378767, holder of NIP (Tax ID): 7811861679, REGON (National Business Registry No.): 301679527 („We”). At the same time, we are the entity responsible for processing your personal data.

Contact:

You can contact us by correspondence at: 4kraft sp. z o.o., ul. Tatrzańska 1 lok. 5, 60-413 Poznań, Poland, or via e-mail at: [email protected].

Personal Data Protection Officer:

To guarantee that your data will always be processed in a transparent and lawful manner, we have appointed a Personal Data Protection Officer - Ms Monika Janaszczyk. You may contact the Personal Data Protection Officer by sending an e-mail to: [email protected].

WHICH DATA DO WE COLLECT?

  • FORM FOR REGISTERING AN ACCOUNT AT THE STORE

    • Name and surname
    • E-mail address
    • Password

  • PURCHASE FORM

    • Name and surname
    • E-mail address
    • Telephone number
    • Billing address
    • Shipping address

  • CONTACT FORM

    • Name and surname
    • E-mail address
    • Possibly other data left in the message

  • NEWSLETTER SUBSCRIPTION

    • E-mail address

  • FORM FOR SIGNING UP TO THE „SAFE CAR SEAT PROGRAM

    • Name and surname
    • E-mail address
    • Telephone number
    • Address
    • Possibly other data indicated on the form in accordance with the „SAFE CAR SEAT PROGRAM” Regulations.

  • FORM FOR SIGNING UP TO THE „10-year warranty”PROGRAM

    • Name and surname
    • E-mail address
    • Telephone number
    • Country
    • Product details, including proof of purchase
    • Details from a survey about Kinderkraft
    • Possibly other data indicated on the form in accordance with the „10-year warranty” program Regulations.

  • CONTACT FORM (RETURN / WARRANTY/POST-WARRANTY COMPLAINT / GUARANTEE / MISSING ITEMS)

    • Name and surname
    • E-mail address
    • Telephone number
    • Pick-up address
    • Address for return shipping if different to pick-up address
    • Account number (for returns, guarantee, missing items)

  • PRODUCT REVIEW FORM

    • Name or nickname
    • Content of the review
    • Possible photo attached to the review

  • NOTIFICATION ABOUT PRODUCT AVAILABILITY

    • E-mail address

  • DATA PROVIDED TO US IN RELATION TO USING OUR CHAT FUNCTIONALITY

On our website, we provide Users with the option of using our Chat. Use of our Chat involves the processing of personal data in the form of name/nickname/message content, and possibly other data that you send.

In addition, we collect, use and share aggregated data, such as statistical and demographic data. For example, we may aggregate our Site usage data to calculate the percentage of Users accessing a particular Site feature. However, if we combine aggregated data with your personal data, it may directly or indirectly identify you.

We do not collect special categories of personal data (including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health-related data, or data about sexuality or sexual orientation). We also do not collect any information regarding convictions or prohibited acts.

Our Site is not intended for use by children, and although the products are intended for children, we do not knowingly collect information about children.

2.1 SERVER LOGS

Each use of the Website sends a query to our server. Specific queries are recorded and stored in the server logs. Data contained in logs are composed of: your IP address, the time the query arrives, the time the answer is sent, and information on the User’s browser and operating system. These data are not associated with specific individuals using our Website, and are not used to identify Users in any way - they are only used for server administration purposes. The period for which server logs are stored is 12 months.

2.2 COOKIES

Our Site collects data contained in cookies. Cookies are small text files sent by the Website and stored on your end device, containing specific information related to your use of the Site.

Cookies are used, inter alia, to make it possible to visit our Site, to display the Site correctly, and to enable the use of all of the Site’s functions, as well as to protect our Website against abuse and spam.

Subject to your consent, we may use cookies to personalise content and ads on our Website (and other websites) and to analyse traffic on our Site. Where appropriate, we may also share information about your use of our Website with our partners, which may combine it with other information you have provided to them or that they collect through your use of their services.

By consenting to marketing cookies, you consent to the sharing of your data with advertising and business partners, which may combine it with other information you have provided to them or that they have collected as a result of your use of their services, and to the automated processing of your data to personalise content and ads on and off our Website.

More detailed information about the individual tools used on our Website can be found later on in the Privacy Policy.

Our Site may contain links to other websites or applications, including the websites or applications of our business partners. Please remember that the websites of other entities may also use cookies. We do not control the websites of third parties and are not responsible for cookies they collect or have access to. When clicking on the link or application, please remember that each of them has its own cookies policy. For this reason, we ask that you read the privacy policy of other websites or applications before using them.

2.2.1 COOKIE TYPES

Depending on the duration for which they’re stored on the end device, the cookies we use can be divided into:

session cookies: stored on the user’s device and remaining there until the end of the browser session. Any information recorded is then permanently deleted from the device’s memory.

persistent cookies: stored on the user's end device for the period of time specified in the cookie parameters, or until the user deletes them.

We use the following types of cookies:

Necessary cookies contribute to the usability of websites by enabling basic functions, such as site navigation. Most websites cannot function properly without these cookies.

Preference cookies enable websites to remember information that changes the appearance or functioning of the website, such as your preferred language or the region in which you are located.

Statistical cookies help website owners understand how different users use their website.

Marketing cookies are used to track users on websites. The goal is to display ads that are relevant and interesting to individual users and, therefore, more valuable to publishers and advertisers.

2.2.2 MANAGING COOKIES IN YOUR BROWSER

In many cases, software used for browsing websites has a default setting allowing cookies to be stored on the User’s device, giving you the possibility of managing and/or deleting cookies in accordance with your preferences.

A link to the tool used on the Site that allows you to manage your preferences regarding the enabling of cookies can be found in the footer of our Website under the heading „Cookie Settings”.

To delete cookies recorded on your computer, follow the instructions that the manufacturer of your browser has available on the help page related to managing cookies in its products.

PURPOSES FOR WHICH WE COLLECT YOUR PERSONAL DATA, AND LEGAL BASIS

As part of the Website, we process personal data (where applicable) for the following purposes:

  • 3.1. enabling Site Users to create a Customer Account and make purchases on the Website, including, in particular:
    • 3.1.1. the performance of obligations arising from the agreement, if such has been concluded [Article 6(1)(b) GDPR], including agreements for keeping a Customer Account, sales agreements, and agreements for the delivery of ordered products; in the case of customers who are legal entities - in such a situation, we process data on the basis of Article 6(1)(f) GDPR, i.e. on the basis of our legitimate interest in pursuing the objective in question,
    • 3.1.2. to fulfil obligations arising from legal provisions, including warranty provisions (including consideration and handling of complaints submitted by you regarding our goods and services), tax and accounting law provisions [pursuant to Article 6(1)(c) GDPR] and pursuant to Article 6(1)(b) GDPR in the case of the warranty granted,
    • 3.1.3. contacting the User, in particular for purposes related to the provision of services - if applicable, in connection with the necessity to perform a concluded agreement [Article 6(1)(b) GDPR] or on the basis of our legitimate interest [Article 6(1)(f) GDPR],
  • 3.2. enable Site Users to use the contact form in the „Contact us” tab, and in particular to:
    • 3.2.1. provide answers to your questions sent via the contact form - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.2.2. establish or maintain business relationships between us and you or entities you represent or on whose bodies you act - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.2.3. we process your personal data, such as the telephone number, which is not required for using the form, based on your consent [Article 6(1)(a) GDPR], for the purposes of improving communication in connection with the submitted inquiry and handling thereof,
  • 3.3. enabling Users to join the „SAFE CAR SEAT PROGRAM”, in particular for the purpose of:
    • 3.3.1. considering requests and sending a response to received requests based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.3.2. the fulfilment of obligations arising from legal provisions, including accounting provisions and tax law - on the basis of the necessity to fulfil our legal obligations [Article 6(1)(c) GDPR],
    • 3.3.3. providing a full service, including solving technical and organisational problems - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.3.4. contact in connection with handling requests - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.3.5. shipping of a new car seat - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.3.6. conducting research and analyses to improve the operation of available services and the Customer Service Department - based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.3.7. statistical purposes on the basis of our legitimate interest [Article 6(1)(f) GDPR],
  • 3.4. enabling Users to join the „10-Year Warranty” programme, in particular for the following purposes:
    • 3.4.1. verification/acceptance and handling of the programme application [Article 6(1)(b) GDPR],
    • 3.4.2. proper performance of the agreement [Article 6(1)(b) GDPR],
    • 3.4.3. identification and contact with you based on our legitimate interest [Article 6(1)(f) GDPR],
    • 3.4.4. possible shipping of a new product or spare parts in connection with the extended warranty service [Article 6(1)(b) GDPR],
  • 3.5. enabling Site Users to use our Chat functionality based on our legitimate interest to handle messages and notifications [Article 6(1)(f) GDPR],
  • 3.6. the performance of our obligations arising under the agreement for the provision of electronic services, if such was concluded with you [Article 6(1)(b) GDPR],
  • 3.7. conducting activities related to the marketing of our products and services - based on your consent [Article 6(1)(a) GDPR], taking into account expressed consents to the use of particular types of cookies,
  • 3.8. sending commercial information within the meaning of the Polish Act on the Provision of Electronic Services, provided that you have agreed to receive such information - based on your consent [Article 6(1)(a) GDPR],
  • 3.9. enabling Users to receive offers and messages tailored to their preferences and expectations via WebPush notifications - based on consent [Article 6(1)(a) GDPR],
  • 3.10. improving searching on the Website - based on our legitimate interest in improving the shopping experience of the Users of our Website [Article 6(1)(f) GDPR],
  • 3.11. analysing your activity (including profiling) on the Website to adapt (including in an automated manner) services and content to your individual preferences, including targeted advertising - based on your consent [Article 6(1)(a) GDPR], taking into account expressed consents to the use of particular types of cookies,
  • 3.12. measuring the effectiveness of ads and conversions within appropriate advertising networks - based on your consent [Article 6(1)(a) GDPR], taking into account expressed consents to the use of particular types of cookies,
  • 3.13. compiling general statistics regarding the use of the Site by Users, including collecting general demographic information - based on your consent [Article 6(1)(a) GDPR], taking into account expressed consents to the use of particular types of cookies,
  • 3.14. enabling Site Users to manage consent to the installation of cookies and, where applicable, the related processing of personal data - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.15. assessing your satisfaction with purchases in our Store by sending a request to participate in a survey regarding our Online Store and/or purchased products, and displaying your reviews of our products, which you leave on the Trustpilot platform - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.16. enabling you to participate in a loyalty programme, if such is run - in connection with the performance of the agreement [Article 6(1)(b) GDPR] (in such a case, the detailed information obligation will be included in the regulations of such a programme),
  • 3.17. enabling you to participate in a competition, if such is organised - based on our legitimate interest [Article 6(1)(f) GDPR] (in such a case, the detailed information obligation will be included in the regulations of such a competition),
  • 3.18. performing technical activities and solving technical problems related to the administration of the Website - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.19. storing data for accountability (including demonstrating compliance with our obligations under the law) - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.20. where appropriate, establishing, protecting and pursuing claims - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.21. ensuring the security and integrity of the services we provide electronically, including combating fraud, abuse and spam, and ensuring traffic security on the Website - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.22. enabling payments to be made in accordance with your preferences regarding payment methods offered on our Site - based on your consent expressed by selecting a specific payment option [Article 6(1)(a) GDPR],
  • 3.23. sending notifications about product availability - based on your consent [Article 6(1)(a) GDPR],
  • 3.24. analysing traffic on the Website to conduct analyses regarding the effectiveness of marketing activities in the affiliate network and proper settlement with publishers of our ads - based on our legitimate interest [Article 6(1)(f) GDPR], taking into account expressed consents to the use of particular types of cookies,
  • 3.25. receiving and displaying your comments regarding product purchases that you leave on our Website - based on our legitimate interest [Article 6(1)(f) GDPR], and in the case of adding photos containing an image of you or your child - based on your consent [Article 6(1)(a) GDPR],
  • 3.26. protection against fraud related to clicks and displaying our ads on advertising platforms - based on our legitimate interest [Article 6(1)(f) GDPR],
  • 3.27. handling other enquiries and notifications that you send to us - based on our legitimate interest [Article 6(1)(f) GDPR].

If until now you have been interested in receiving our marketing messages sent via electronic means (such as e-mails), you will continue receiving them, unless you opt out of the Newsletter subscription. Remember that you may opt out of receiving marketing information at any time by clicking the „cancel subscription” link included in each marketing message. We respect your decisions, so you can always change your mind if in the future you do not wish to receive any marketing information from us.

Profiling based on personal data for the automated displaying of content tailored to your preferences takes place only on the basis of your express consent.

TOOLS WE USE

In order to use the information contained in cookies, among others, in an optimised manner, we use analytical tools and tools that enable us to manage the advertising and marketing of our products, including by displaying targeted ads based on the recognition of the User’s device.

These tools also enable us to process the information gathered in such a way as to assist our research and development works and support our marketing activities.

Under the consents you have granted us, your personal data (collected, inter alia, via cookies) may be processed in an automated manner (including in the form of profiling), and based on the collected information (for example, data regarding your preferences), we may customise content displayed on and off our Website, including advertising content.

Within the limits of the consents you have granted us, through the tools we use, we may also share information about your use of our Website with our social, advertising and analytics partners, which may combine it with other information that you have provided to them or that they have collected as a result of your use of their services.

4.1 GOOGLE reCAPTCHA

On the Website, we use the reCAPTCHA service, which is subject to the Privacy Policy and Google’s Terms of Service. We use reCAPTCHA services solely for combating spam and fraud on our Website.

reCAPTCHA collects information about your hardware and software, such as your IP address, browser properties (including browser type and version, screen resolution, language, time and date of access), your Google account details (if you are logged in), your website browsing behaviour, your access behaviour (for example, mouse cursor movements on the reCAPTCHA area) and, if necessary, image identification tasks, and then sends them to Google for analysis. In accordance with the reCAPTCHA Terms of Service, information collected while using the reCAPTCHA service will be used to improve the service and improve general security. However, they will not be used by Google to personalise displayed ads. Our legal basis for this processing is our legitimate interest in protecting our Website from abuse and spam.

4.2 PLATFORM FOR MANAGING COOKIES - COOKIEBOT

To lawfully enable Users of our Website to consent to the enabling of appropriate cookies and, where applicable, the related processing and sharing of personal data, we use the Cookiebot CMP platform.

User consent is recorded and documented by recording the User’s anonymous IP number, the User’s browser client, the website URL, the date and time of the consent, and the unique encrypted key, which is stored in a data centre at Cybot’s cloud provider - Microsoft Ireland Operations Ltd. in Dublin, Ireland. After 12 months, the consent is automatically deleted from the log.

The legal basis for the said data processing is our legitimate interest related to the implementation of the principle of accountability resulting from the provisions of the GDPR.

4.3 GOOGLE ANALYTICS, GOOGLE SIGNALS, GOOGLE TAG MANAGER, GOOGLE OPTIMISE, LOOKER STUDIO, GOOGLE ADS, YOUTUBE

Using Google Ads marketing tools and Google Analytics analytical tools in combination with additional Google services, such as Google Tag Manager, Google Optimize, Google Data Studio and Enhanced Conversions (extended conversions feature), we process data related to your activity on our Site, including online identifiers, to provide you with personalised ads based on profiling or to monitor your choices using statistical and marketing cookies. We undertake our activities using these tools only within the limits of your consents to the use of particular types of cookies, including consents regarding automated decision making and the transfer of data to advertising partners. You can check and/or change your consent settings at any time in the footer of our Site under „Cookie Settings”. To delete cookies already recorded on your computer, follow the instructions that the developer of your browser has available on the help page related to managing cookies in its products.

    4.3.1 Google Analytics allows us to generate detailed statistics on how Users use our Website. The tool collects data in the form of online identifiers, including cookie identifiers, device identifiers and User identifiers. When collecting data, Google Analytics 4 does not record or store IP addresses. Analytics deletes any IP addresses collected from EU users before storing them using domains and servers within the EU.

    The collected data will be deleted after 14 months.

    More information regarding the collection of Users’ data by Google is available at this link.

    A link to the tool used on the Site that allows you to manage your preferences regarding the enabling of cookies (including files related to the use of Google Analytics) can be found in the footer of our Website under the heading „Cookie management”.

    To opt out of Google Analytics cookies can also download and install the Google Analytics Opt-out Browser Add-on: Google Analytics Opt-out Browser Add-on.

    We also use Google Analytics advertising features that enable the inclusion of advertising options in Google Analytics, including remarketing in Google Analytics, impression reporting on Google’s advertising network, demographics and interests reporting in Google Analytics, integrated services that require Google Analytics to collect data for advertising purposes, including the use of advertising cookies and identifiers.

    4.3.2 GOOGLE SIGNALS: When Users enable ad personalisation in Google services, Google is able to develop a holistic view of how these Users interact with the online service from many browsers and devices. Google Signals is session data from websites and applications. Google associates this data with Users who have logged in to their Google accounts and have advertising personalisation enabled. Linking this data with logged-in Users enables the reporting of Users’ activities on various devices, remarketing on various devices and exporting conversions on various devices to Google Ads. In order for Google to collect such data, the User must consent in the ad personalisation settings in their Google account. The mechanism behind Google Signals compares the data collected by a given website with that collected by Google thanks to the enabled ad personalisation settings. This includes information such as location, browser, device and search history. If the User’s behaviour according to data from the website coincides with Google’s data, they are identified as the same person and included in the reports accordingly. The data collected by Google are anonymised and aggregated, and the reports received from Google do not enable us to identify individual Users.

    4.3.3 GOOGLE ADS: Google Ads is Google’s advertising system that enables, where appropriate, the display of ads on the Google advertising network and on YouTube.

    In connection with the use of Google Ads tools, other companies, where appropriate and taking into account Users’ consents, may place and read cookies in Users’ browsers or use web beacons to collect information as a result of displaying ads on websites.

    Google uses the information you provide on websites (including our Sites, where applicable) and applications to provide, manage, improve and develop new services, measure ad effectiveness, protect against fraud and abuse, and personalise the content and ads you see on Google and Google partner sites and applications. Detailed information on Google’s use of data can be found in the link below: How Google uses data from sites and apps that use our services.

    Any User with a Google account can disable the personalisation of ads on the internet in the Ad settings of Google.

    Users signed in to Google can also export all records from the Google website in the „My Activity” section (including related to ads) using the following function provided by Google: Download your data.

    4.3.4 On the Website, depending on your consents and settings, where appropriate, we use the extended conversion function - a function that increases the accuracy of measuring the number of the User’s events (for example, purchasing products, subscribing to the Newsletter, adding products to the cart, and account registration). The data are shared with Google for the performance of ad effectiveness measurement services on our behalf. This feature complements existing conversion tags by sending conversion data from our Website to Google in encrypted form in a manner that protects privacy. Before sending Google our Users’ data, this function uses a secure one-way encryption algorithm called SHA256. The encrypted data are then matched to the Google accounts of logged-in Users to attribute campaign conversions to advertising events, for example, clicks or impressions. Google’s security standards are rigorous. Google Ads only collects data on websites containing appropriate tags. The enhanced conversions feature ensures confidentiality and information security by applying the highest industry standards - data are encrypted before being sent to Google.

    4.3.5 Looker Studio as a tool for converting data to generate appropriate reports supports our analyses.

    4.3.6 Google Tag Manager - a tool we can use to manage scripts by easily adding code fragments to our Website. By using it, we can track activities performed by Users on the Website, such as the implementation of various events. It allows us to easily configure the analytics of our Website. As part of the tag manager, Users’ data are processed in the form of online identifiers, including cookie identifiers and IP addresses.

    4.3.7 Google Optimize allows you to test different versions of our Site to see how well they perform in terms of your specific goals. This function monitors the results of the experiment, and shows the best version. The data processed on our behalf by Google as part of the said service are online identifiers (including cookie identifiers), IP address, device identifiers and User identifiers.

In connection with our use of tools provided by Google group companies, your personal data may be transferred to third countries, including the United States. The legal basis for the transfer of personal data to the USA in this case is the participation of Google LLC in the “EU-US Data Privacy Framework”. Please note that Google may also transfer data to entities outside the European Economic Area in connection with the use of the services of these entities. If Google uses the services of entities from countries that are subject to a decision of the European Commission establishing an adequate level of protection in accordance with European data protection legislation, the basis for transferring data to a third country is such decision. In the case of entities from countries that are not subject to a decision of the European Commission establishing an adequate level of protection, the basis for transferring data to a third country by Google is the appropriate standard contractual clauses in accordance with the decision of the European Commission. In such a situation, when sending personal data obtained in connection with online ads and measurement outside Europe, Google uses standard contractual clauses (SCCs). The Google Ads Data Processing Terms regarding services for which Google is the processor include both relevant SCCs prepared by the European Commission (legitimising GDPR-compliant data transfers) and UK SCCs (legitimising GDPR-compliant data transfers adopted into UK law) in line with the needs of the relevant data transfer processes. Similarly, the Google Ads Controller-Controller Data Protection Terms regarding services for which Google is the controller include both relevant European Commission SCCs and UK SCCs, in line with the needs of the relevant data transfer processes.

4.4 CHAT

On our Website, we provide Users with the option of using our Chat to facilitate Users’ communication with us. Use of our Chat involves the processing of personal data in the form of name/nickname/message content, and possibly other data that you send. We process the data in question on the basis of our legitimate interest to handle your request/enquiry. Providing personal data when using our Chat is voluntary; however, it is necessary if you want to send a message via our Chat.

The tool is provided by Zendesk, Inc. (San Francisco, California), which participates in the EU-US Data Privacy Framework. In this case, the legal basis for data transfer to the USA is the decision of the European Commission establishing an adequate level of protection of personal data transferred by private and public entities from the territory of the European Economic Area (EEA) to organisations in the USA that ensure compliance with the new “EU-US Data Privacy Framework”.

In the event of further transfers of personal data outside the EEA, Zendesk ensures that such transfers are based on binding corporate rules (as part of data transfers within the Zendesk group) and standard contractual clauses or another legal instrument legalising such transfers.

4.5 AUTOMATION OF MARKETING COMMUNICATIONS, PERSONALISED COMMERCIAL INFORMATION

In the case of subscribing to the Newsletter and expressing appropriate consents regarding the profiling of personal data in connection with your activity in the Store and on social profiles using the e-mail address provided when creating an account, as well as based on your purchase history in the Store, by using these to evaluate certain information, in particular for analysis or forecasting and adapting our marketing activities to your personal preferences while at the same time consenting to automated decision making based on data profiling, we will send you personalised commercial and marketing information. The tools we use are aimed at keeping you informed about our new products and promotions, as well as increasing the involvement of Store Users by collecting information about products viewed, views of the Website, products added to the cart and products purchased. For this purpose, we process data such as name, surname, e-mail address, information about the products that the User viewed, added to the cart and purchased, as well as information about the selected language version.

These data will be used in personalised communication with the User only if the User is subscribed to the Newsletter, has expressed appropriate consents, and has appropriately confirmed the subscription.

You can opt out of receiving personalised marketing communications at any time by clicking on the “unsubscribe” link included in each marketing communication.

Since personalised marketing communication is based on the use of cookie technology and is closely related to the consent to the use of cookies for statistical and marketing purposes, if you want to receive commercial information from us dedicated to you, please check your settings in the “Cookie Settings” link located in the footer of our Website.

4.6 YOUTUBE VIDEOS ON OUR SITE

We place YouTube videos on our Site in an enhanced privacy mode without the use of cookies that track Users’ behaviour data. This means that activity information will not be collected by YouTube for the purpose of personalising the viewing method, and that the materials that will be displayed with the enhanced privacy mode enabled will not affect your browsing on YouTube.

4.7 FACEBOOK ADS MANAGER AND FACEBOOK PIXEL

In connection with the use of the marketing tools offered by Facebook (Meta Platforms Ireland Limited), third parties, including Facebook (Meta Platforms Ireland Limited), may use cookies, web beacons and similar technologies to collect or receive information from the Website and elsewhere on the internet, and use them to provide advertising measurement and targeting services. Facebook pixel is a short code placed on advertisers’ websites that allows you to measure ad effectiveness based on an analysis of actions taken by Users on the website. The use of a pixel enables the display of ads to relevant audiences, the increase of sales, and the measurement of ad results.

The said tools may include data processing, in particular:

  • information contained in HTTP headers, which contain information about the browser or application used (for example, the User’s agent, country/language of location),
  • information regarding standard/optional events, for example, “page views” or “application installation”, further object properties and buttons clicked by website visitors, depending on the configuration of the business tool,
  • online identifiers, including IP addresses and, where provided, Facebook-related identifiers or device identifiers (for example, advertising identifiers in mobile operating systems) and information to opt-out of/limit ad tracking.

Meta Platforms Ireland Limited is a joint data controller as part of the joint processing of event data with us for targeting advertising to persons establishing a relationship with us. Detailed information required by the GDPR and more information about how Facebook (Meta Platforms Ireland Limited) processes personal data, the legal basis, and methods for enforcing the rights of data subjects against Facebook (Meta Platforms Ireland Limited) can be found in the “Data Policy” available at: https://www.facebook.com/privacy/policy. Arrangements regarding joint controllership are available at: Controller Addendum.

In connection with the use of tools provided by Facebook (Meta Platforms Ireland Limited), your personal data may be transferred to third countries, including the United States. The legal basis for the transfer of personal data by Meta Platforms Ireland Limited to Meta Platforms, Inc. (USA) is the participation of Meta Platforms, Inc. in the “EU-US Data Privacy Framework”. Please note that Meta Platforms Ireland Limited may also transfer data to entities outside the European Economic Area in connection with the use of the services of these entities. If Meta Platforms Ireland Limited uses the services of entities from countries that are subject to a decision of the European Commission establishing an adequate level of protection in accordance with European data protection legislation, the basis for transferring data to a third country is such decision. In the case of entities from countries that are not subject to a decision of the European Commission establishing an adequate level of protection, the basis for transferring data to a third country by Meta Platforms Ireland Limited is the appropriate Standard Contractual Clauses in accordance with the decision of the European Commission.

You can also disable the gathering and use of information to support ad targeting. The mechanism enabling Users to make this choice can be found at the following links:

https://optout.aboutads.info , http://www.youronlinechoices.eu/ .

4.8 TRADETRACKER AFFILIATE PROGRAMME

We participate in the TradeTracker affiliate marketing programme, thanks to which we are able to expand our marketing efforts to include new publishers that can display ads for our products.

Thanks to our participation in the programme, we are able to obtain information about which advertisements displayed by publishers generated sales, potential sales or other activities important to us from a business point of view. For this purpose, we use data on the traffic on our Website, including data contained in cookies. This data concerns natural persons, but does not allow their identification down to their name and surname. These are pseudonymised data and refer to a single redirection of an individual from one site to another, and are then used to confirm the execution of the transaction.

Therefore, if you click on an advertisement for our products on another website, and then complete the transaction in our Store, to which you were referred, your data will be processed in the TradeTracker system so that the advertiser can receive remuneration for displaying our advertisement.

The TradeTracker programme also keeps a database of references to individual devices, so that we can understand whether an advertisement viewed on one device, for example, your phone, resulted in the purchase being made on another device, for example, a laptop. This database does not allow the identification of persons.

TradeTracker does not create profiles showing an individual’s internet usage over a specific period of time. TradeTracker also does not target ads for products or services using behavioural profiles (frequently viewed products, interests). TradeTracker's role is solely to measure the effectiveness of specific online ads.

As part of the affiliate programme, we and TradeTracker are considered joint controllers of personal data within the meaning of the GDPR. The content of the main arrangements in connection with the joint controlling of personal data is available here.

4.9 SUPPORT FOR OUR ANALYSIS AND REPORTING - SUPERMETRICS

We use a solution that helps us process data for reporting, analysis and active data management. These analyses and reporting involve the processing of data such as:

  • internet identifiers, such as cookie identifiers, internet protocol addresses and device identifiers;
  • location data;
  • customer identifiers;
  • contact details such as names, e-mail addresses, telephone numbers and addresses;
  • event data and CRM data, such as data relating to data subjects and the activities they undertake on or in connection with specific websites, applications, services or applications;
  • financial and transaction details.

In relation to the use of Supermetrics solutions, your data, stored only in cache in encrypted form, may be transferred to third countries. In the event of any transfer of data outside the EEA, Supermetrics ensures that the transfer takes place only to (a) a country recognised by the European Commission as ensuring an adequate level of protection, or (b) entities that have entered into standard contractual clauses with Supermetrics approved by the European Commission regarding the transfer of data personal data outside the EEA, or have provided other appropriate safeguards referred to in Article 46 GDPR. To obtain a copy of the security measures in question, please contact us at [email protected].

4.10 PROTECTION OF OUR ADVERTISING CAMPAIGNS

To protect against fraud related to impressions and clicks on our ads on advertising platforms, we use the ClickCease™ service software. This software protects our advertising campaigns by detecting and excluding fraudulent recipients. For this purpose, Users’ data are collected and processed; such data are in the form of an IP address, basic information about the computer device used by the User to access the ad, the browser used, the browser’s version and language (i.e. location), general geographical information, a unique identifier that the software assigns to each User’s device, the duration of the session, and Users’ interactions with and clicks on our ads and on our Website.

The data in question are collected and stored on the Microsoft Azure platform, which is currently located in the United States, and this transfer is carried out by ClickCease on the basis of the Microsoft Azure Standard Contractual Clauses.

The data in question will be processed by ClickCease, which is based in Israel. Israel is subject to European Commission Decision No C(2011) 332 of 31 January 2011 on the adequate protection of personal data with regard to automated processing of personal data.

The processing in question is based on our legitimate interest in protecting our campaigns against unfair practices.

4.11 TOOLS TO IMPROVE SEARCHING ON OUR SITE

We use solutions that improve searches on our Website using artificial intelligence. Thanks to this, our customers can find what they are looking for faster and easier.

For this purpose, we process, as appropriate:

  • randomly generated Website User's ID;
  • IP address (in anonymised form) and, if applicable, information from cookies used on our Site;
  • information regarding your visit to our Site, including information about clicks, click streams, date and time of the visit, services viewed, and length of visits to certain subpages.

Where appropriate, personalisation cookies enable us to personalise searches on the Site based on previous interactions with our Site; these cookies allow us to analyse Users’ behaviour on the Website and their purchasing preferences, which in turn allows us to provide Users with personalised product suggestions and to make changes to the functionality of the Site.

Data obtained through this type of cookies may also be used to improve the software we use, as well as to develop new solutions and functionalities.

The legal basis for the said processing is:

  • in terms of improving search on the Website – our legitimate interest in taking actions to improve the shopping experience of Users of our Website,
  • in terms of personalising the content of the Site based on the User’s previous interactions with the Website – consent to such processing combined with consent to the enabling of individual cookies, expressed jointly in the window enabling the management of User consents to the enabling of cookies. The User may withdraw the consent at any time – a link to the consent management settings is located in the footer of our Site.

4.12 WEBPUSH NOTIFICATIONS

Depending on the consents you have granted, we may send you marketing messages and dedicated commercial information using WebPush notifications.

In the case of a push notification, the address is the identifier of the target device to which the notification is to be delivered. Each mobile device or computer on which an application or operating system is installed has a unique ID that is used to send push notifications to that device. For iOS (Apple) systems, the device identifier is called a “device token” and is generated by the Apple Push Notification Service (APNS). For Android (Google) systems, the device ID is called “registration ID” and is generated by Google Cloud Messaging (GCM) or Firebase Cloud Messaging (FCM).

The tailoring of sent offers and messages to your preferences and expectations may, where appropriate, be based on automated processing, including profiling of your personal data regarding your activity on our Site and on social media profiles using the e-mail address you provided when creating an account in the Store, as well as based on your purchase history in our Store, by using them to evaluate certain information, in particular for analysis and forecasting. By agreeing to receive WebPush notifications, you agree to:

  • the processing of your personal data by 4kraft sp. z o. o. for the purpose of sending commercial information regarding 4kraft sp. z o.o. services and direct marketing of 4kraft sp. z o.o. in connection with the sending of WebPush notifications,
  • automated decision making based on profiling your data in order to receive personalised notifications from 4Kraft sp. z o.o.,
  • the sending of commercial information regarding 4kraft sp. z o.o.’s products and services electronically via WebPush notifications,
  • the use of telecommunications terminal devices and automatic calling systems for the purposes of direct marketing and sending of 4kraft sp. z o.o.’s commercial information for the purpose of sending WebPush notifications.

You can withdraw your consent to receiving WebPush notifications at any time in your browser settings as per the instructions for your browser:

NOTIFICATION ABOUT PRODUCT AVAILABILITY

Our Store offers the “product availability notification” option. To use it, simply provide us with your e-mail address to which you want to receive the notification. We will inform you when the product you selected is available. By using product availability notifications, you consent to the processing of your e-mail address to send you the said notification. Your data will be deleted after the notification is sent. If you wish to withdraw consent to the said processing, please inform us by e-mail at [email protected].

YOUR REVIEW ON TRUSTPILOT

If you have made a purchase in our Store, we may invite you to leave a review of the purchased products to collect your opinion and improve our products and services. The legal basis for processing your data for this purpose is our legitimate interest in measuring our customers’ satisfaction.

To invite our customers to leave a review, we send a link to the Trustpilot A/S (“Trustpilot”) platform. We do not share your data with Trustpilot. If you decide to accept the invitation to write a review and create an account on the Trustpilot platform, Trustpilot will become a controller of your personal data independent of us. You can find out more about how Trustpilot will process your data in such a case HERE.

As part of our cooperation with Trustpilot, we are able to display reviews of our products on our Site. In this respect, we will become the controller of your personal data visible in such a review, i.e. where appropriate, in particular: your name and surname or the Username indicated by you, the review, as well as your image (if you have added your photo in your Trustpilot account). We do not have the ability to edit and/or delete your data in this respect – we only use the technology of embedding opinions directly from Trustpilot. We base this processing on our legitimate interest in collecting and publishing reviews about our products.

KLARNA PAYMENTS

If you select the Klarna payment method during the purchase process, we will transfer your personal data in the form of contact details and order details to Klarna Bank AB based in Stockholm (Sweden) for Klarna to assess whether you qualify for the offered payment method and for Klarna to tailor the payment method to you. Your personal data transferred to Klarna will be processed by Klarna from the moment of transfer in accordance with the Klarna privacy policy and the relevant Klarna regulations, which you accept.

Due to our cooperation with the sales solutions provider Klarna, in accordance with your consent to marketing cookies, we may use a Klarna-controlled component on the Website to send advertising messages for Klarna products or additional services at the checkout, which uses local storage to identify the buyer, including cookies.

Both the enabling of these cookies and the transfer of your data to Klarna in the form of, inter alia, online identifiers, are based on your consent expressed in the cookie management tool. A link to the tool used on the Site that allows you to manage your preferences in this regard can be found in the footer of our Website under the heading “Cookie Settings”.

To delete cookies recorded on your computer, follow the instructions that the manufacturer of your browser has available on the help page related to managing cookies in its products.

TECHNICAL MEASURES

We make every effort to secure your data and protect it against the actions of third parties. We implement all necessary measures to secure servers, connections and the Website. In particular, communication between your computer and our server when we collect your personal data is encrypted using the SSL (Secure Socket Layer) protocol. In addition, our databases are protected against access by third parties. All connections related to you making electronic payments, if this option is selected, will be made via a secure encrypted connection. In the case of using the services of subcontractors, we carefully verify their credibility and the security measures they implement to protect the data of the Users of our Website. However, the actions we take may turn out to be insufficient if you do not follow the security rules yourself. In particular, we encourage you to always keep the login and password to the Website confidential and not disclose them to third parties. In order to prevent unauthorised use of your account, please log out each time you finish using the Website.

RECIPIENTS OF YOUR DATA

Where appropriate, we may transfer your data to:

  • individuals authorised by us; our employees and associates who must have access to the data in order to perform their duties,
  • processors to which we commission some tasks related to the processing of personal data, for example, companies that handle our ICT systems or provide us with ICT tools and server space, companies that provide consulting and marketing services to us, suppliers of tools we use, including analytical and remarketing tools, to the extent to which they process data on our behalf;
  • other entities that will process personal data as an independent data controller: for example, courier companies for the purpose of shipping, companies servicing payments within the Store, business partners (including advertising partners) as part of the marketing tools used on the Website,
  • public entities, if this is required by law.

PERIOD OF STORING OF YOUR PERSONAL DATA

We will process your personal data for the period necessary to perform the contract for the provision of the Customer Account service (if such is concluded), the performance of the contract for the sale of goods (if such is concluded), as well as for the period provided for by applicable law, taking into account, where appropriate, the period of limitation of claims resulting from civil law relationships between you and us.

We may process the personal data that we process based on your consent until you withdraw such consent, or until the processing of your personal data is no longer necessary to achieve the purpose for which the data are processed, and when the given purpose of the processing is achieved and completed, whichever occurs first.

In the case of answering your questions or request, we will process your personal data until the question is answered or the request is processed. Where appropriate, we may store your data to defend against claims brought against us and to pursue any claims we may have against you.

We will process the data that we process on the basis of our legitimate interest until you make an objection, or until the processing of your personal data is no longer necessary to achieve the purpose for which the data are processed, and when the given purpose of the processing is achieved and completed, whichever occurs first.

Detailed information on the durability of individual cookies is provided in the tool used on the Website, which allows you to manage preferences and consents to the use of cookies.

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES (OUTSIDE THE EEA)

In addition to the transfers of personal data outside the EEA referred to above in the sections of the Policy regarding the use of individual tools, your personal data may be subject to transfers in connection with:

  • our use of services provided by Microsoft Corporation, including e-mail services, in cases where data transfer will be required as part of the said services. The legal basis for the transfer of personal data to the USA in such a case is the participation of Microsoft Corporation in the “EU-US Data Privacy Framework”. Please note that Microsoft Corporation may also transfer data to entities outside the European Economic Area in connection with the use of the services of these entities. If Microsoft Corporation uses the services of entities from countries that are subject to a decision of the European Commission establishing an adequate level of protection in accordance with European data protection legislation, the basis for transferring data to a third country is such decision. In the case of entities from countries that are not subject to a decision of the European Commission establishing an adequate level of protection, the basis for transferring data to a third country by Microsoft Corporation is the appropriate standard contractual clauses in accordance with the decision of the European Commission;
  • using tools to track shipments and send notifications to our customers – in such a case, your e-mail address and order number may be transferred outside the EEA. The legal basis for the transfer is standard contractual clauses. To obtain a copy of the said clauses, please contact [email protected].

YOUR RIGHTS

In connection with the processing of your personal data, you have the following rights within the scope specified by law and where applicable:

  • to access the content of your data and rectify them, delete them or limit their processing, and to transfer your data,
  • in situations where we process your data based on your consent, you have the right to withdraw such consent at any time, but this will not affect the lawfulness of the processing that was carried out based on your consent before its withdrawal,
  • to object, at any time, to the processing of personal data based on our legitimate interest for reasons related to your particular situation,
  • to lodge a complaint with the President of the Personal Data Protection Office (or the supervisory authority dealing with the protection of personal data in another country, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement) if you decide that the processing of your personal data infringes GDPR regulations.

You can find a list of the competent authorities for the Member States here.

You can exercise some of the above rights yourself:

  • Unsubscribing from receiving commercial information by using the “unsubscribe” function for commercial information available in the footer of each commercial message sent by us will be equivalent to withdrawing consent to the processing of personal data for the purpose of sending commercial information;
  • Unsubscribing from receiving commercial information by using the “unsubscribe” function for commercial information available in the footer of each commercial message sent by us will be equivalent to withdrawing consent to the processing of personal data for the purpose of sending commercial information;
  • You can unsubscribe from receiving WebPush marketing notifications by changing your browser settings in accordance with the information provided in item 4.13. of this Privacy Policy.

You may exercise your other rights by sending an e-mail to the following address: [email protected].

We will make every effort to handle your request and answer your questions regarding the processing of your personal data promptly. We will respond within 30 days from the date of receipt of your request. If this deadline is to be extended in appropriate cases due to the complexity of the request or the volume of requests we have received, we will inform you about its extension, together with an indication of the reasons for such extension.

In the case of justified doubts as to the identity of the person making the request, we have the right to request additional information necessary to confirm the identity of the person submitting the report. Providing such data is not obligatory; however, failure to provide them will result in the request being refused.

We store information regarding reports received to demonstrate compliance with the accountability principle referred to in the GDPR, as well as to establish, protect and pursue claims.

The profiling of personal data to present tailored offers takes place only on the basis of your consent.

The provision of your data is voluntary; however, failure to do so may result in the inability to use most of our Site’s services, as well as prevent your participation in our programmes.

CHANGES TO OUR PRIVACY POLICY

Our goal is to ensure the greatest possible protection of your data. The development of technology and the Store’s offer means that the Privacy Policy may change.

QUESTIONS AND RESERVATIONS

You can direct any questions and reservations about this Privacy Policy via e-mail to: [email protected].

We accept:

Paypal
Mastercard
Visa
Klarna
Kinderkraft

All products from our online shop are created based on the years of experience of our staff. We use materials that are not only safe for children but also functional and esthetically appealing.

Follow us on:

Instagram Facebook Youtube

Contact us

+44 20 4525 0748

monday - friday / 8:00 - 15:00

[email protected]

Kinderkraft

Help

© 2024 Kinderkraft. All Rights Reserved.