We highly value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information in compliance with the General Data Protection Regulation (GDPR).


Information collected

We may collect the following types of personal data:

Contact information:

Name, email, phone, mailing address.

Account information:

Username, password and other registration information.

Transaction information:

Purchase records, payment details, order history.

Technical data:

IP address, browser type, access times and operating system.

Usage data:

How you interact with our website and services.


Data Use

We attach great importance to user privacy and data security. In order to provide you with better service, we will use your personal data in the following ways:

1. In order to provide you with better services, we may share your personal information with trusted third-party service providers (such as logistics companies, payment processing institutions, customer service support services, etc.). These service providers can only access information necessary to perform their duties and may not use this information for other purposes.

2. We may disclose your personal information when required by law or in response to legitimate requests from government agencies, law enforcement agencies or other legal procedures. We will ensure that your privacy and data security are protected to the extent permitted by law.

3. In the process of corporate mergers, acquisitions, asset transfers or other similar transactions, your personal information may be transferred as one of the business assets. In this case, we will ensure that the company receiving your personal information continues to comply with the provisions of this Privacy Policy.

4. In order to protect the legitimate rights and interests of our users, employees and companies, we may share your personal information with third parties when necessary to prevent fraud, abuse or other illegal activities and to ensure the security and integrity of our services.

5. In some cases, with your explicit consent, we may share your personal information with specific third parties. In any case, we will not sell, rent or otherwise disclose your personal information to third parties without your consent.


Sharing of Data

Service Providers: In order to provide you with better services, we may share your personal information with trusted third-party service providers (such as logistics companies, payment processing institutions, customer service support services, etc.). These service providers only have access to information necessary to perform their duties and may not use this information for other purposes.

Legal requirements: We may disclose your personal information when required by law or in response to legitimate requests from government agencies, law enforcement agencies or other legal procedures. We will ensure that your privacy and data security are protected to the extent permitted by law.

Business transfer: In the process of corporate mergers, acquisitions, asset transfers or other similar transactions, your personal information may be transferred as one of the business assets. In this case, we will ensure that the company receiving your personal information continues to comply with the provisions of this Privacy Policy.

Preventing fraud and abuse: In order to protect the legitimate rights and interests of our users, employees and companies, we may share your personal information with third parties when necessary to prevent fraud, abuse or other illegal activities and to ensure the security and integrity of our services.

Your consent: In some cases, with your explicit consent, we may share your personal information with specific third parties. In any case, we will not sell, rent or otherwise disclose your personal information to third parties without your consent.

Examples of legitimate interests under the EU General Data Protection Regulation (GDPR) include fraud prevention, direct marketing and sharing data within a corporate group.


Data Security

As a data "controller" under the EU General Data Protection Regulation (GDPR), we take all measures to protect the security and confidentiality of data, in particular to prevent it from being distorted, damaged or accessed by unauthorized third parties.We deploy robust security systems to ensure the highest security of collected data and detect data breaches.


Your rights

Under the GDPR, you have the following rights:

Subject to the relevant legal conditions, you have the following legal data protection rights: right of access (Article 15 GDPR), right of rectification (Article 16 GDPR), right of erasure (Article 17 GDPR), right of restriction of processing (Article 18 GDPR), right of data portability (Article 20 GDPR), right to complain to a supervisory authority (Article 77 GDPR), right to withdraw consent (Article 7 (3) GDPR) and right to object to certain data processing measures (Article 21 GDPR).


1. Right of access:

You can ask us for a copy of the data we hold about you.

2. Right of rectification:

You can ask us for any data we hold about you that you believe is inaccurate or incomplete.

3. Right of erasure:

This is often referred to as the “right to be forgotten”. It is not an absolute right to ask an organization to stop using or delete your data. An organization may be entitled to retain and continue to use the data (for example, to comply with a legal obligation to keep records, or to enable the organization to deal with a complaint and show that it treated you fairly within any period the law gives you to make a complaint or legal claim).

4. Right to restrict processing:

Sometimes it is possible to restrict the processing of data so that it is only used for certain purposes (such as legal claims or exercising legal rights). In this case, we will not use or share the data in other ways while the processing is restricted. You can ask us to restrict the use of data: if the data is inaccurate; if the data has been used unlawfully but you do not want us to delete it; if the data is no longer relevant but you want us to keep it for legal claims; if you have asked us to stop using it but you are waiting for us to tell you whether we are allowed to continue using it.

5. Right to data portability:

Individuals have the right to obtain their personal data in a structured, commonly used and machine-readable format and the right to transmit those data to another data controller.

6. Right to complain:

Individuals have the right to complain to a supervisory authority (usually a national data protection authority) about the processing of their personal data.

7. Right to withdraw consent:

If the processing of an individual’s data is based on their consent, the individual has the right to withdraw their consent at any time.

8. Right to object to profiling:

We use profiling for marketing purposes to decide whether to select you for specific promotions and product recommendations. You can object to this, but the offers and recommendations you receive will no longer be relevant and targeted to your interests.


If you would like to exercise your data protection rights, you can contact our privacy team by sending an email.

Cookies:


Our website may use cookies and similar technologies to enhance your browsing experience, personalize content, analyze website traffic, and track user interactions. You can choose to disable cookies through your browser settings, but this may limit some of the website's functionality.


Security measures

We have implemented appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, or disclosure. We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we notify you in advance.


This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.


Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be posted on this page. We encourage you to review this Privacy Policy periodically for any updates.


Company Name:Sandjaja Sp. z o.o


Company Address:Juliana Ursyna Niemcewicza Nr 7/9-423, Warszawa, 02-022, Warszawa, Poland


Company Phone:+44 07842299385