Privacy policy



 (effective from 6 June 2019)

“Safe shop” – a certificate issued by the website

§ 1


  1. The Data Controller for the processing of data collected through the Website located at is Anna Krystyniak trading as ANKA KRYSTYNIAK registered in the Business Activity Central Register and Information Record (CEIDG) operated by the Ministry of Economy of the Republic of Poland, principal place of business and address for service: ul. Złotopolska 11/18, 03-567 Warszawa, Poland, tax identification number NIP: 1132163722, statistical number REGON: 146166138, e-mail:, hereinafter referred to as “Data Controller” or “Service Provider”.
  2. Capitalised terms used in this Privacy Policy shall have the meaning set forth in the “Definitions” section of the Terms and Conditions.

§ 2


  1. Ankakrystyniak.comshall only process Users’ personal data for the purpose of managing purchases of Products from our Shop as well as for the purpose of conducting direct marketing related to our products and services by traditional means (in paper form), i.e. for the purposes of the legitimate interests pursued by the Data Controller. The data collected for these purposes shall be processed in accordance with the provisions of art. 6 section 1, points (b), (c) and (f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/WE (General Data Protection Regulation).
  2. If the Data Subject has given a separate consent to such processing (Article 6 section 1, point (a) GDPR) their personal data may be processed for the purpose of sending electronic marketing messages or for direct marketing via telephone – in accordance with Article 10 section 2 of the Act on the Provision of Electronic Services of 18 July 2002 or Article 172, section 1 of the Telecommunications Law Act of 16 July 2004, including profiled marketing communications if the Data Subject has consented to receive such communications.
  3. If the order needs to be delivered to the Customer personal data may be shared with postal operators and courier companies solely for order delivery purposes. Transaction data, including personal data, may be shared with the electronic payment operator selected during Order placement within the scope necessary for the purpose of payment processing.Personal data collected in connection with the purchase of products and services offered through our Shop shall be kept for no longer than is necessary for the purposes for which the data were collected, the archived data shall be stored for a prescriptive period of 6 years. The personal data processed for marketing purposes, based on the consent of the data subject, shall be processed until the withdrawal of consent.
  4. The data subject who believes that their personal data has been processed unlawfully, in violation of GDPR may submit a complaint to the President of the Personal Data Protection Office.
  5. Submitting your personal data is voluntary, however we require certain personal data for order processing purposes; placing orders through the Website is not possible without the provision of the requested personal data.
  6. The personal data collected via the Website is subject to automatic processing through profiling if the data subject has consented to such processing (Article 6, section 1, point (a) GDPR). As a result of profiling a profile is built of each data subject which enables the Data Controller to take decisions concerning Users as well as to analyse or predict their personal preferences, behaviours and attitudes.
  7. The Data Controller shall take all reasonable steps to protect the interests of data subjects and ensure that all data is:
    • 7.1.    lawfully processed,
    • 7.2.    obtained only for specified, lawful purposes, and not further processed in any manner incompatible with those purposes,
    • 7.3.    factually correct, adequate and relevant in relation to the purposes for which it is processed; stored in a form that permits identification of the data subject, for no longer than is necessary for those purposes.
  8. The Data Controller protects not only the Customers directly visiting the Shop, but also Customers who have provided their personal data to the Data Controller using the website and any other websites marked or co-branded with the Facebook brand (including subdomains, versions international, widgets and versions for mobile phones, Pixel software), whose operating principles are based on regulations made available in particular at, provided by Facebook Inc. or Facebook Ireland Limited (hereinafter also “Facebook Service”), including via the Facebook Lead Ads function aimed at direct marketing of the Data Controller own products or services.
  9. The rules of protection and use of personal data by the Facebook Service are available, for example, at:
  10. The Data Controller has no influence on the content of Facebook legal regulations, including personal data.

§ 3


  1. Every User has a right to access, to rectify and to control his personal data as well as the right to erasure, the right to restrict processing, the right to data portability, the right to object to processing and the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  2. The User may exercise his rights under points 1 and 2 by sending an email message to

§ 4


  1. com uses cookies. By continuing to use the website without changing the browser settings the User consents to the use of cookies.
  2. Cookies are essential for the provision of services via the website. Cookies, especially those requiring additional authorisation, contain information that is necessary for the proper functioning of the website.
  3. The website uses three main types of cookies: “session” cookies, “persistent” cookies and “analytical” cookies.
    • 3.1.    “Session” cookies are temporary files which are stored on the User’s end-device until they log out (leave the website).
    • 3.2.    “Persistent” cookies remain stored on the User’s device until deleted manually or automatically after a set period of time.
    • 3.3.     “Analytical” cookies provide information on how individual Users interact with and are used to improve the performance of the website. “Analytical” cookies collect information about how Users use the website, what type of website referred the User to, the frequency of visits and the time of each visit. All User data is collected anonymously and used solely for statistical analysis of website use.
  4. The User can adjust cookie permissions via options in their browser settings. More detailed information about cookie management with specific web browsers can be found in the browsers’ respective settings.

§ 5


  1. The Data Controller shall implement all necessary technical and organisational security measures to safeguard the data during processing ensuring a level of security appropriate to the nature of the data to be protected and, in particular, protect the data against unauthorised access, takeover, processing in violation of law, alteration, loss, damage or destruction.
  2. The Service Provider shall take appropriate technical measures to safeguard the electronic personal data against unauthorised interception or modification.
  3. In cases not provided for in this Privacy Policy the relevant provisions of the Terms and Conditions for the online Shop shall apply, as well as the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/WE and applicable provisions of Polish law.
  4. This Privacy Policy comes into effect on 6 June 2019.