Privacy Policy

Privacy Policy dated April 25, 2025 (hereinafter: the “Privacy Policy”)

This document sets out the rules for the processing and protection of Users’ personal data by Snappform, submitted via the Website.

This data protection statement provides information about data processing within the Website and its related services, and fulfills the information obligations imposed on the data controller by Regulation 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “GDPR”).

Data shared with external entities is used solely to provide our services to you.

DEFINITIONS

The terms used in the Privacy Policy shall mean:

Snappform / Service Provider – Snapp Form sp. z o.o., with its registered office in Warsaw (02-591), at ul. Stefana Batorego 18, apt. 108, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court for the Capital City of Warsaw, 12th Commercial Division of the National Court Register under KRS number: 0001158842, NIP: 7011248322, REGON: 541020759, with fully paid share capital of PLN 10,000.00.

Website – the website operated at www.snappform.pl and www.snappform.com, owned by the Service Provider.

User – a person using the Website or who has previously registered using the registration form and is in the Website’s user database.

DATA CONTROLLER

The controller of Users’ personal data collected via the Website is Snapp Form sp. z o.o., based in Warsaw (02-591), ul. Stefana Batorego 18, apt. 108, entered into the National Court Register as detailed above.

Contact with the Data Controller is possible in particular via email:
store@snappform.com

Correspondence address:
Snapp Form sp. z o.o.
Stefana Batorego 18, apt. 108, Warsaw, Poland

HOW WE PROCESS DATA

Browsing the Website’s content does not require Users to provide personal data.
Providing personal data is voluntary, but failure to consent to processing of required data may prevent the provision of some or all services by the Service Provider.

User data processed includes: name and surname, email address, phone number, delivery address, billing address, tax ID (NIP), IP address, and other data necessary to provide services in accordance with the Terms of Service.

Personal data is processed for the following purposes:

a) fulfillment of sales contracts,
b) fulfillment of item repair agreements (relife),
c) creation of user accounts,
d) shopping cart service,
e) newsletter service, including processing of complaints, warranty claims, technical inquiries, and service optimization,
f) promotional and commercial activities,
g) compliance with legal regulations.

Legal basis: for points a–f, it is the performance of a contract or steps taken at the request of the data subject prior to entering into a contract, or the legitimate interests of the Service Provider.
For point g, the legal basis is compliance with a legal obligation.

If the Service Provider becomes aware of unlawful use of services by the User, data may be processed to determine liability.

Personal data will be processed until the account is deleted or for up to 6 years from the last order (whichever is later), unless further processing is required by law.

The Service Provider does not transfer personal data to third countries.

USER RIGHTS REGARDING DATA PROCESSING

The User has the right to:

restrict data processing,
delete personal data, unless payment for an order is outstanding; if payment has been made, data may be retained for accounting and legal purposes for up to 6 years,
data portability, including receiving data in a structured format,
withdraw consent at any time (without affecting legality of prior processing),
access and rectify personal data,
object to data processing,
file a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, Poland).

DISCLOSURE AND SHARING OF PERSONAL DATA

The Service Provider may entrust personal data to third parties to fulfill services specified in the Terms of Service. Recipients may include: payment operators, banks (for credit verification), hosting providers, technical service providers, invoicing systems, and accounting offices.

Data may also be disclosed to state authorities upon lawful request, or to others as permitted by law.

Any third party processing data on the Service Provider’s behalf under a Data Processing Agreement must provide at least the same level of data protection.

Such third parties may use subcontractors only with the prior consent of the Service Provider.

DATA SECURITY

The Service Provider implements technical and organizational measures to protect personal data from unauthorized access, alteration, destruction, or disclosure.

These include data minimization, pseudonymization, and other safeguards required by law (Articles 25, 30, 32–34, 35–39 of GDPR).

User data is stored on secure servers.
The Service Provider has internal data processing procedures and information security policies.

Despite these measures, the Service Provider notes that using the Internet may still pose risks of malware or unauthorized data access. Users are advised to use appropriate software (e.g. antivirus, firewalls).

COOKIES

To ensure proper functioning of the Website, the Service Provider uses Cookies. These are data packets stored on the User’s device, usually containing information about the website, expiration date, unique number, and other file-specific details.

Two types of Cookies are used:

Session Cookies – deleted after the browser session ends,
Persistent Cookies – remain until deleted by the User.

Cookies do not identify Users or allow retrieval of personal data.

Service Provider Cookies are secure and do not install malware. However, External Cookies (from partners) may be accessed by external servers.

Users can disable Cookies via their browser settings, though this may limit website functionality.

Types of Cookies used:

Essential – enable access to services (e.g. authentication),
Security – detect abuse in authentication,
Performance – gather usage statistics,
Functional – remember settings (e.g. language, font size),
Advertising – display ads tailored to User interests.

Browser software usually allows Cookies by default. Settings can be adjusted to block or notify about Cookies. Full details are available in the browser’s documentation.

Cookies may also be used by advertisers and partners cooperating with the Website.

FINAL PROVISIONS

This Privacy Policy comes into effect on April 25, 2025.

Privacy Policy

Privacy Policy dated April 25, 2025 (hereinafter: the “Privacy Policy”)

This document sets out the rules for the processing and protection of Users’ personal data by Snappform, submitted via the Website.

Data shared with external entities is used solely to provide our services to you.

DEFINITIONS

The terms used in the Privacy Policy shall mean:

Website – the website operated at www.snappform.pl and www.snappform.com, owned by the Service Provider.

User – a person using the Website or who has previously registered using the registration form and is in the Website’s user database.

DATA CONTROLLER

The controller of Users’ personal data collected via the Website is Snapp Form sp. z o.o., based in Warsaw (02-591), ul. Stefana Batorego 18, apt. 108, entered into the National Court Register as detailed above.

Contact with the Data Controller is possible in particular via email:store@snappform.com

Correspondence address:Snapp Form sp. z o.o.Stefana Batorego 18, apt. 108, Warsaw, Poland

HOW WE PROCESS DATA

Browsing the Website’s content does not require Users to provide personal data.Providing personal data is voluntary, but failure to consent to processing of required data may prevent the provision of some or all services by the Service Provider.

User data processed includes: name and surname, email address, phone number, delivery address, billing address, tax ID (NIP), IP address, and other data necessary to provide services in accordance with the Terms of Service.

Personal data is processed for the following purposes:

Legal basis: for points a–f, it is the performance of a contract or steps taken at the request of the data subject prior to entering into a contract, or the legitimate interests of the Service Provider.For point g, the legal basis is compliance with a legal obligation.

If the Service Provider becomes aware of unlawful use of services by the User, data may be processed to determine liability.

Personal data will be processed until the account is deleted or for up to 6 years from the last order (whichever is later), unless further processing is required by law.

The Service Provider does not transfer personal data to third countries.

USER RIGHTS REGARDING DATA PROCESSING

The User has the right to:

restrict data processing,

delete personal data, unless payment for an order is outstanding; if payment has been made, data may be retained for accounting and legal purposes for up to 6 years,

data portability, including receiving data in a structured format,

withdraw consent at any time (without affecting legality of prior processing),

access and rectify personal data,

object to data processing,

file a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, Poland).

DISCLOSURE AND SHARING OF PERSONAL DATA

The Service Provider may entrust personal data to third parties to fulfill services specified in the Terms of Service. Recipients may include: payment operators, banks (for credit verification), hosting providers, technical service providers, invoicing systems, and accounting offices.

Data may also be disclosed to state authorities upon lawful request, or to others as permitted by law.

Any third party processing data on the Service Provider’s behalf under a Data Processing Agreement must provide at least the same level of data protection.

Such third parties may use subcontractors only with the prior consent of the Service Provider.

DATA SECURITY

The Service Provider implements technical and organizational measures to protect personal data from unauthorized access, alteration, destruction, or disclosure.

These include data minimization, pseudonymization, and other safeguards required by law (Articles 25, 30, 32–34, 35–39 of GDPR).

User data is stored on secure servers.The Service Provider has internal data processing procedures and information security policies.

Despite these measures, the Service Provider notes that using the Internet may still pose risks of malware or unauthorized data access. Users are advised to use appropriate software (e.g. antivirus, firewalls).

COOKIES

To ensure proper functioning of the Website, the Service Provider uses Cookies. These are data packets stored on the User’s device, usually containing information about the website, expiration date, unique number, and other file-specific details.

Two types of Cookies are used:

Session Cookies – deleted after the browser session ends,

Persistent Cookies – remain until deleted by the User.

Cookies do not identify Users or allow retrieval of personal data.

Service Provider Cookies are secure and do not install malware. However, External Cookies (from partners) may be accessed by external servers.

Users can disable Cookies via their browser settings, though this may limit website functionality.

Types of Cookies used:

Essential – enable access to services (e.g. authentication),

Security – detect abuse in authentication,

Performance – gather usage statistics,

Functional – remember settings (e.g. language, font size),

Advertising – display ads tailored to User interests.

Browser software usually allows Cookies by default. Settings can be adjusted to block or notify about Cookies. Full details are available in the browser’s documentation.

Cookies may also be used by advertisers and partners cooperating with the Website.

FINAL PROVISIONS

This Privacy Policy comes into effect on April 25, 2025.

Contact with the Data Controller is possible in particular via email:
store@snappform.com

Correspondence address:
Snapp Form sp. z o.o.
Stefana Batorego 18, apt. 108, Warsaw, Poland

Browsing the Website’s content does not require Users to provide personal data.
Providing personal data is voluntary, but failure to consent to processing of required data may prevent the provision of some or all services by the Service Provider.

Legal basis: for points a–f, it is the performance of a contract or steps taken at the request of the data subject prior to entering into a contract, or the legitimate interests of the Service Provider.
For point g, the legal basis is compliance with a legal obligation.

User data is stored on secure servers.
The Service Provider has internal data processing procedures and information security policies.