When visiting tylko.com, you may be asked to share some of your personal information. This is obtained to give you the best possible experience. Whenever you share your personal information, we make sure it's processed in accordance with applicable laws and to the highest standards of care and safety.
The basis and purpose of personal data processing
tylko.com processes your personal data in compliance with the provisions of the Regulation (EU) 2016/679 of the European Parliament, of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”). You can contact us anytime about your personal data:
Custom Sp. z o. o.,
+44 113 868 0195
Your personal data is processed to successfully accept and fulfil your order. We may need to share your personal data with third parties to do this, such as storage and delivery companies, banks, and online payment providers. Where possible, we'll provide you with information on the processing of your personal data received from a third party.
In some instances, we may also be required to share your personal data with public authorities upon their substantiated, specific request.
In every other case, we will never share your personal data with anyone.
Consent for personal data processing
With your consent, we may use your personal data for marketing or advertising purposes. Specifically, we may use your email address to send you our newsletter.
As with every website, our server automatically collects the following information and temporarily saves it in server log files that are transmitted by your browser, unless you have deactivated this function: - IP address of the computer transmitting the request - Client’s file request; the http response code; the volume of data transmitted - The website from which you access our website (referrer URL) - Date and time of the server request - Type, version and language of your browser - Operating system on the computer transmitting the request
Our server log files are not evaluated based on personal use. We cannot allocate this data to specific persons at any time. Also, we do not merge this data with data from other sources.
The data you give us via email, in our online shop, or through the contact form on our website is voluntary. We use this data to process our contractual relationship with you and/or your inquiries or orders, to conduct market research or opinion polls, or for mailing advertisements to you. We only use your data for email advertising purposes with your consent. We erase all data generated as soon as it is no longer needed. If statutory retention periods apply, we will restrict the processing of such data. The legal basis is Article 6 (1) b) of the GDPR or Article 6 (1) f) of the GDPR.
When you register for our online shop and create a customer profile, we save the customer account information you provide (including, but not limited to, your name, billing and delivery addresses, telephone number, payment information and email address) so you don't have to re-enter your data every time you place an order. You can update or delete your customer profile at any time. The legal basis is Article 6 (1) p. 1 b) of the GDPR.
If you want to subscribe to our newsletter, please provide a valid email address and your country of origin, and confirm that you are in agreement with the following (the legal basis is Art. 6 (1) p. 1 a) of the GDPR): I hereby agree that Custom Sp. z o.o. may process and use the data I have provided for the purpose of sending me email newsletters to inform me about furniture and home accessories, as well as about current campaigns. I can revoke this agreement at any time by sending written notice to Custom Sp. z o.o at Mińska 25 bud. 63, 03-808 Warszawa or to [email protected] As soon as I revoke such an agreement, the data I provided will be deleted from all Custom Sp. z o.o systems and no longer will be used to send me the newsletter.
Personal data provided to us via our website will be saved only for the time it takes us to meet the purpose for which you provided the data. When your contract has been fulfilled completely, your data will be blocked and then deleted in accordance with the relevant tax and trade regulations, unless you have given your express consent to such data being used for other purposes. To the extent mandatory for trade and tax retention periods to be observed, the retention period for some types of data can be up to ten years.
At any time, at no cost to you and without providing any reason, you can request information regarding the data relating to you that is saved in our systems, as well as information regarding the origin, recipients or categories of recipients to whom such data has been transmitted and why such data has been saved.
In addition, you are legally entitled to have your personal data rectified, blocked or erased. Also, you can withdraw your consent to the use of your data at any time and without having to provide a reason. If we process your personal data to pursue our legitimate interests pursuant to Article 6 (1) f) of the GDPR, pursuant to Article 21 of the GDPR you have the right to object. In addition, you have the right to portability of your data and the right to lodge a complaint with a data protection supervisory authority if you are not satisfied with our processing of your personal data.
Please send any general questions, requests for information, and inquiries and objections to the processing of your data to Custom Sp. z o.o, ul. Mińska 25 bud. 63, 03-808 Warszawa, [email protected] If you have any questions concerning data protection, please feel free to contact us.
More information regarding your data can be found in our Terms and Conditions.
Personal data protection
We use strict technical and organizational measures to secure all personal data that is processed by tylko.com from loss, destruction or unauthorised access by third parties. We cannot, however, take responsibility for any unauthorized access to your personal data caused by security breaches that might happen in relation to your device, browser or your own negligence.
Information about the rights of data subjects
The data subject has the right to demand a confirmation from the controller about whether it will process the personal data concerned. If this is the case, he or she has the right to access this personal data and to the information listed in detail in Article 15 of the GDPR.
The data subject has the right to demand from the controller that incorrect personal data concerning him or her be rectified immediately and, where applicable, that incomplete personal data be completed (The legal basis is Article 16 of the GDPR).
The data subject has the right to demand from the controller that the personal data concerning him or her shall be erased immediately if one of the reasons listed in detail in Article 17 of the GDPR are met, e.g. if the data is no longer required for the purposes pursued (right to erasure).
The data subject has the right to demand from the controller that the processing be restricted if one of the conditions listed in Article 18 of the GDPR are met, e.g. if the data subject has lodged an objection to the processing for the duration of the review by the controller.
The data subject has the right to object to the processing of the personal data concerning him or her at any time for reasons which result from his or her particular situation. The controller shall then no longer process the personal data, unless it can prove compelling and legitimate reasons for the processing, which outweigh the interests, rights and freedoms of the data subject, or the processing serves to claim, exercise or defend legal claims (The legal basis is Article 21 of the GDPR).
Irrespective of any other legal remedy under administrative law or judicially, each data subject has the right to lodge a complaint to a supervisory authority if the data subject believes that the processing of personal data concerning him or her violates the GDPR (the legal basis is Article 77 of the GDPR). The data subject can assert his or her right with a supervisory authority in the Member State in where he or she is resident, where he or she has his or her workplace or the place of the suspected violation.
Use of Google Analytics
tylko.com uses Google Analytics, a web analytics service provided by Google Inc. It furnishes us with information, generated with a cookie stored on your device that shows us how you use our website. This means that information conveyed by a cookie stored on your device may be transmitted to Google, Inc. However, since the IP-anonymisation mechanism is active on this website, your IP address will be truncated within Member States of the European Union and your full IP address will only be provided to Google, Inc. in exceptional situations. Google Analytics helps us to evaluate your use of the website, compile reports on website activity and provides a number of other website and internet-related services.
In order to avoid being subjected to Google Analytics when visiting this website in the future, you can download and install a browser plug-in available here: http://tools.google.com/dlpage/gaoptout?
As an alternative to the above browser plug-in, you can also click this link, which will install an opt-out cookie file on your device. In order to delete it, you will need to click the link again.
We use retargeting technology on our website to provide you with more value. Retargeting enables us to address internet users who have shown interest in our shop and/or our products in the past, through targeted advertising on our partners’ websites. We believe that personalized, interest-oriented advertising is more interesting than non-targeted advertising. These targeted ads are displayed on our respective partners’ websites based on cookie technology and an analysis of visitors’ prior use of the internet. This form of advertising is entirely pseudonymous. No usage profiles will be consolidated with your personal data. By using our website, you consent to cookies being used to capture, save and use your user-related data. Your data will be saved in cookies beyond the end of your browser session so that it can be retrieved, for example, when you return to the website. You can revoke your consent at any time effective immediately by setting your browser to accept no cookies. The legal basis for our use of retargeting technology is Article 6 (1) p. 1 f) of the GDPR.
Use of Mixpanel
Our website and app uses Mixpanel, Inc. technology. This means that we collect user data under anonymised profiles. This may involve cookies. These profiles are used to analyse visitor behaviour, as well as to improve and tailor our offers. The data collected within a profile is not merged with the user’s personal data without their explicit, prior consent.
You can always opt-out from being subjected to Mixpanel analytic tools by clicking this link and following the instructions here.
Integration of the Trusted Shops Trustbadge
Following an order, the Trusted Shops Trustbadge is incorporated into this website in order to display our Trusted Shops trustmark for buyers and the eventually collected reviews, as well as the Trusted Shops product offer.
In balancing various interests, this serves to safeguard our legitimate prevailing interests in an optimised marketing of our offer. The Trustbadge and the services advertised are an offer from Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Köln.
Whenever a Trustbadge is called up, the web server automatically stores a so-called server log file which contains, for example, your IP address, the date and time of retrieval, the data volume transferred and the requesting provider (access data), and documents the retrieval. This access data will not be evaluated and will be automatically overwritten seven days after your visit to the page.
Other personal information will only be transferred to Trusted Shops if you decide, after completing an order, to use Trusted Shops products or have already registered for their use. In this case, the contractual agreement between you and Trusted Shops applies.
What are cookie files?
By cookie files, we mean all IT data, especially text files, that are stored on your devices and aimed at shaping your use of websites. These files allow us to identify your device and properly display the website adjusted to your individual preferences. Cookie files usually contain the name of the website from which they come, time of storing them and a unique number.
What do we use cookie files for?
Cookie files are used to adjust the content of our website and optimize it to your preferences. They are also used to create anonymous, aggregated statistics that help us understand how you are using our website, in turn allowing us to improve its structure and content without personally identifying you.
What cookie files do we use?
In general, there are two types of cookie file: "session” and "persistent”. The first one is a temporary file that remains on your device until you log out from a website or quit your browser. “Persistent” files remain on your device during the whole time set in the parameters of cookie files, or until you manually delete them.
Cookie files may be specifically divided based on the following categories:
A. Types of cookie file depending on the necessity to perform service:
Necessary: These are essential for the proper function of the website or features you want to use.
Functional: These enhance the function of our service. Without them certain features won’t work properly, and the website will not be tailored to your preferences.
Business: They realize the business model on the basis of which the website is shared. Blocking them will not result in inaccessibility of the whole service, but it may lower the experience. Advertising cookies fall under this category.
B. Depending on the amount of time a cookie file will be located on your device:
Season cookie files: These files note the time of using the website through the browser (session). They can be deleted after clearing or closing.
Persistent cookie files: These are not deleted after clearing or closing the browser, and remain on your device for a specified or unspecified amount of time, depending on the settings of the website.
C. Depending on the origin/administrator of the service, which manages cookie files:
First-party cookie files: Files located by the owner of the website that was visited.
Third-party cookie files: Files located by external entities, whose components were activated by the website owner.
Warning: Cookie files may be activated by an administrator using scripts, as well as components located on partner servers in other locations and in different legal systems. In these cases, there may be other standard cookie file policies in place.
D. Depending on their purpose:
Service configuration: Allows for setting functions and services on the website.
Security and reliability of service: Allows for the verification, authentication and optimization of service performance.
Authentication: Informs when a user is logged in, allowing the website to show correct information and features.
State of session: Encrypts information about the way a user uses the website. This may include: often used websites and errors displayed. Cookie files used to encrypt the “state of session” help improve the service.
Processes: Allow for efficient operation of the website and its functions.
Advertisements: Shows advertisements that are more appealing to users and more valuable for advertisers and publishers, as well as to personalize advertisements. This may also be used to present advertisements outside of the website.
Localization: Allows for the adjustment of information presented to the localization of the user.
Analysis, research and audit of viewing. This allows the owners of websites to better understand preferences of users, and through analysis can improve and develop products and services. Usually the website’s owner or research company collects anonymous information and processes data about trends, without identifying personal data.
E. Types of cookie files depending on their interference with a user’s privacy:
Harmless: These cookie files are necessary for the proper functioning of the website, but they do not track user behaviour.
Exploring: Used for tracking users, but doesn't cover information allowing for identification.
Do cookie files contain personal data?
Possible answer (depending on the company and adopted policy):
a) Personal data collected with cookie files may be collected only in order to perform specific functions for the user. Such data is encrypted in a way that doesn’t allow for unauthorized access.
b) Cookie files are little text files delivered from websites to user devices (computer, smartphone, etc.). They are used only to better adjust the website to users’ individual needs. They don’t contain any personal data.
How can cookie files be rejected/deleted?
You can delete cookie files on your computer in two ways:
One: Visit your browser settings and check which cookie files are installed, and then delete them.
Apple Safari: Settings > Safari > Delete history and website data
Google Chrome: Privacy > Settings > Content settings > All cookies and website data > Delete all
Internet Explorer: Settings > Internet options > General > Browsing history > Settings > Temporary internet files and history settings > Show files
Browser Mozilla Firefox: Tools > Options > Privacy > Delete cookies
You can also set your browser to block cookie files, or warn you each time when one is installed. Settings differ depending on the browser. Instructions relating to the cookie files can be found in the “Help” menu of most browsers.
The behaviour of browsers may be set separately on all devices used by you. Detailed information regarding the changes of settings in different browsers may be found also here.