BOMM – importer and wholesaler of artificial flowers. Since 1990, it has been operating as an importer and distributor of highest quality decorations and artificial plants.
Menu
Promotional Prices Categories Seasons New Products Sale Premium products Online catalog About us Contact

Privacy and cookies policy of bomm.pl

This document governs the privacy and "cookie" policy of the bomm.pl online store maintained via online website provided at the URL: www.bomm.pl, hereinafter referred to as the "Store". The Store is managed by

BOMM Sp. z o.o. Sp. k. with its registered office in Lubiczów (05-082) at ul. Warszawska 77 entered into the Register of Entrepreneurs of the National Court Register under KRS No.: 0000600819, NIP (Tax Identification Number): 1182118988 and REGON (National Business Register Number): 363690816, hereinafter referred to as the "Seller". The Seller may be contacted by phone: +48 (22) 722-01-55 or by e-mail: info@bomm.pl.

1. Introduction

In the section describing the privacy policy, we inform about the conditions of collecting, processing, using and protecting personal data of the Store's Customers, hereinafter referred to as "Customers". Personal data mean any information related to an identified or identifiable natural person. An identifiable person means an individual who can be directly or indirectly identified, particularly by reference to an identification number or to one or more factors specific to their identity. The data are not regarded as allowing the identification of a person if they require unreasonable costs, time or effort. Personal data do not include the data of entrepreneurs processed only in the Central Register and Information on Economic Activity maintained by the Minister of Development.

In this document, we also list technologies used in the processing of personal data. They include, for example: browser memory support, geolocation and pixel tags.

With regard to the cookies policy, we inform about conditions of storing information or accessing information already stored in the telecommunications end user's device. An end-user is considered to be a natural person or an entity using a publicly available telecommunications service or requesting the provision of such a service to meet its own needs.

2. Declaration

In the pursuit of the main aim of respecting the privacy of our Customers, we endeavour to exercise all due diligence. In order to meet this assumption, we implement standards and rules resulting from universally binding legal provisions. These include in particular: the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended), the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended) and the Telecommunications Act of 16 July 2004 (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1489, as amended). More particularly, we make reasonable efforts to ensure that personal data of our Customers is:

Data processed by the Seller are stored on external, safe and professional servers based on contracts concluded by the Seller. These contracts take into account the appropriate level of data security

3. Personal data controller

The controller of personal data processed by the Store is the Seller.

4. The basis of processing personal data

In the first place, we may process the personal data of Customers using electronic services via Store if it is:

We do not process these personal data after the Customer has finished using the electronic service, subject to the possibility of further use of data that are:

We process data obtained in this manner according to Article 18 points 1, 2, 5 and Article 19 points 1 and 2 of the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended).The aforementioned data scopes are not binding for determining the scope of data processed by the Seller. The scope of data processed by the Seller has been published in point 5 of the Privacy and Cookie Policy.

Secondly, we may process personal data that is necessary for the performance of a contract, to which the data subject is one of the parties, or if this is necessary to take steps before the conclusion of a contract at the request of the data subject. We process data obtained in this manner on the basis of Article 23 point 1, sub-point 3 of the Act of 19 August 1997 on the Protection of Personal Data (Dz. U. / Journal of Laws/ of 2016, No. 0, item 922, as amended).

Irrespective of the above, we may also process personal data if it is necessary for the fulfilment of legitimate purposes pursued by our company or by the data recipients, and the processing does not violate the rights and freedom of the data subject. Legitimate purposes are in particular considered to include direct marketing of our products or services, as well as the assertion of claims in connection with our business activities. We process data obtained in this manner on the basis of Article 23 point 1 sub-point 5 and Article 23 point 1 sub-point 4 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended).

In other cases, we ask for voluntary consent to the processing of your personal data. This consent is given in particular by checking the box ("checkbox") located next to the declaration of consent for the processing of personal data. We process data obtained in this manner on the basis of Article 23 point 1 sub-point 1 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. /Journal of Laws/ of 2016, No. 0, item 922, as amended) or Article 18 point 4 of the Act of 18 July 2002 on Providing Services by Electronic Means (Dz. U. /Journal of Laws/ of 2016, No. 0, item 1030, as amended).

5.Sets, their scopes and purposes of personal data processing

We process personal data of our Customers in structured sets, which we define by the purpose of their processing. Such data are processed to the extent that is necessary to fulfil the set's purpose. The following list includes sets, scopes and purposes of data processing.

Name of the set Scope of processed data Purpose of processing
The set of personal data of Store's Customers who have created a customer account
  • name and surname
  • e-mail address
  • telephone number
  • NIP (Tax Identification Number)
  • IP number
Enabling the possibility of using functions of the Store's customer account.
The set of personal data of the customers who have concluded a sales contract via Store.
  • name and surname
  • name of the company
  • address
  • e-mail address
  • bank account number
  • order number
  • telephone number
  • NIP (Tax Identification Number)
  • REGON(Business Register Number)
  • IP number
Conclusion and execution of the sales contract with the Customers.
Set of personal data of Store's Customers who have filed a complaint or issued a declaration of withdrawal from the contract
  • name and surname
  • name of the company
  • address
  • e-mail address
  • bank account number
  • order number
  • complaint number
  • telephone number
  • NIP (Tax Identification Number)
  • REGON (Business Register Number)
Execution of proceedings relating to complaints or withdrawals from the contracts.
The set of data of persons who have subscribed to the Newsletter
  • name and surname
  • e-mail address
  • IP number
Sending Newsletter.

Customers' personal data sets are subject to registration with the Inspector General for the Protection of Personal Data. Exclusions, if any, applicable in this respect result especially from Article 43 of the Act of 29 August 1997 on the Protection of Personal Data (Dz. U. / Journal of Laws/ of 2016, No. 0, item 922, as amended).

6.Entrustment and sharing of personal data

We have the right to entrust your personal data to other entities. They may include, for example, a web host, accounting or legal service provider, payment operator, or other entity with whom we work to properly provide services. Personal data is always entrusted based on a written data entrustment agreement. An up-to-date list of entities to which we entrust data processing is constantly available to all Customers. To access it, simply request it with us. This can be done, for example, by sending an email. The legal basis for entrusting personal data is Art. 31 of the Polish act of 29th August 1997, on personal data protection (Dz. U. of 2016, No. 0, pos. 922 as amended).

We may transfer processed data outside the European Economic Area. The personal data processing laws that apply in those countries may provide less protection than the laws in effect in the Republic of Poland. Therefore, if we transmit such data, we take special care to comply with the conditions for processing laid down in this document. One form of manifesting this care is the use of standard contractual clauses approved by the European Commission, including those compliant with the EU-US Privacy Shield.

We do not share collected data with third parties, except as required by generally applicable law, i.e. on the basis of a request of a body or court authorised to do so.

7. Customer's rights

In connection with the personal data processing, Customers have the related to it rights:

We may provide system functionality to enable you to exercise these rights. If you wish to exercise said rights, please contact us as instructed in Section 20 of the Privacy and Cookies Policy.

8. Server Logs

These are the internal event logs of the Store server, automatically recording page requests that are sent when Customers use the Store. System logs include the page request sent by the Customer, the IP address, browser type, browser language, the date and time of the request, and at least one "cookie" file that can uniquely identify the Customer's browser.

The data collected in system logs is used by us indefinitely, solely for the purpose of administering the Store. They are not transferred to third parties, except in the circumstances described herein.

In connection with the using the Store by Customers, we may automatically collect and record in server logs technical details of how the services are used, requests sent by the Customer related to the provision of electronic services, IP address and technical data about the operation of the Store related to the actions performed by the Customer. This includes, in particular, information about the starting, ending and the scope of each instance of the use of the electronically supplied services. We may also collect information to store it locally on your device using a browser memory mechanism.

9. Cache memory

While providing services to Customers, we may automatically use the cache of the Customer's browser, application or device. This use includes storing data in the memory of the browser installed on the Customer's device. Cache can store data intersessionally, i.e. between the Customer's sessions. The purpose of using the cache is to speed up the functionality of the Store by eliminating the situation in which the same data would be repeatedly downloaded from the Store, thereby overloading the Customer's Internet connection.

10. Geolocation

We, or third parties through the cookies they administer, may use geolocation functionality to collect and process information about the Customer's whereabouts. For this purpose, the following data may be processed: an IP number, from a GPS sensor, from a Wi-Fi point or from mobile network base stations.

11. Pixel Tag

We, or third parties through cookies they administer, may use pixel tag functionality. These are elements published in digital content and make it possible to record information, for example, about Customer activity on the website.

12. Cookies - introduction

In the course of providing services to customers, we use professional technologies to collect and save information, such as cookies. These are commonly used small files containing a string of characters, which are sent to and stored on an end device (e.g. computer, laptop, tablet, smartphone) used by the Customer while visiting the Store. This information is sent to the browser cache, and the browser sends it back on subsequent visits to the website. Cookies contain information necessary for the proper use of the Store. They typically contain the name of the website they come from, the storage time on the end device and a unique number. Third-party entities listed in Section 16 of the Privacy and Cookies Policy may also have access to cookie data.

13. Basis for processing cookies

We ask Customers who use electronically supplied services through the Store to voluntarily consent to the processing of cookies by storing information or accessing information already stored in their telecommunications end devices.

Consent to the processing of cookies is granted, in particular, with the use of the button containing a statement of consent to the processing of cookies or confirmation of reading its terms and conditions. This consent may be withdrawn at any time, free of charge and as described in the section on cookie management.

We process cookies on the basis of Art. 173 of the Act of 16 July 2004, Telecommunications Law (Dz. U. of 2016, No. 0, pos. 1489, as amended).

14. What cookies are used by us?"

We can categorize cookies in three methods of division.

In terms of the purposes of using cookies, we distinguish their three categories:

When it comes to their expiration date, there two categories of cookies:

When it comes to the entities that administer cookies, there are:

See also

This website uses cookies for the purposes specified in the privacy and cookies policy. You can set the conditions for storing and accessing cookies in your browser.
Performance cookies
Targeting cookies
Functional cookies
Read more...