Privacy policy

The security and transparency of our service is very important to us. We clearly specify the terms and conditions of its operation and give our actual address, telephone numbers and e-mail addresses. We provide precise information on the guarantee periods and explain how to lodge a complaint with us and how to return purchased goods. We also place great importance on the quality of the products we sell and the correct method of delivery.

The Privacy Policy is where you will find out who is the controller of your personal data, for what purpose, to what extent and for how long it will be processed. In addition, you will find out who we can share your data with and under what conditions, as well as what rights you have in relation to the processing of your data.

We have created this Privacy Policy so that you will find all the necessary information required by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, which becomes applicable on 25 May 2018. ("RODO").

Whenever we refer to data below, we mean the personal data you provide to us or that we obtain from other sources, such as your name, email address or telephone number.

PRIVACY POLICY - Staviori / INFINITY Dawid Namyślak

Valid from: [enter date].
Document in compliance with RODO, the Electronic Services Act, the Consumer Rights Act and the Cookie Guidelines.

1. General information

This Privacy Policy sets out the rules for the processing of your personal data when using the website staviori.co.uk and other related domains operated by INFINITY Dawid Namyślakregistered in the CEIDG:

Data controller:
INFINITY Dawid Namyślak
16 Jeleniogórska Street
60-179 Poznań
NIP: 7772573745
REGON: 301254472

The administrator operates an online shop, selling precious metals, jewellery and luxury products, as well as providing additional services (e.g. newsletter, account services, personalisation of products).

2. How you can contact us about your personal data

You can contact the Controller or the designated Data Protection Officer on all matters concerning your personal data:

iodo@staviori.pl
📬 INFINITY Dawid Namyślak, ul. Jeleniogórska 16, 60-179 Poznań
(adding: "protection of personal data")

3 What data we process

We only process data necessary for a specific purpose, in particular:

Data provided by the user

  • name,

  • residence / delivery address,

  • e-mail address,

  • telephone number,

  • order data,

  • payment details (only those we actually receive - no full card details),

  • data from contact, complaint or returns forms.

Data related to precious metals trade

In the case of the purchase of precious or high-value metal products, we may also process the data required by:

  • Anti-Money Laundering and Countering the Financing of Terrorism (AML) Act,

  • tax obligations (e.g. for transactions above certain thresholds).

Automatically extracted data

  • IP address,

  • session identifiers,

  • device data,

  • data from cookies and similar technologies.

Data collected from third parties

  • payment operators (e.g. PayU, Przelewy24, PayPal),

  • courier companies (delivery status),

  • banks - only when the payment requires confirmation of status,

  • marketing and analytics service providers (subject to data entrustment).

4 Aims and legal basis of data processing

We only process your data if it is lawful to do so. Depending on the situation:

A. Order execution (Article 6(1)(b) RODO)

- conclusion and performance of the contract,
- payment processing,
- Delivery,
- handling complaints, guarantees and warranties.

B. Legal obligations (Article 6(1)(c) RODO)

In particular:

  • Accounting Act (retention of documents),

  • Consumer Rights Act (returns, complaints),

  • tax legislation,

  • AML obligations (for high-value transactions),

  • other documentary duties.

C. Legitimate interest of the controller (Article 6(1)(f) RODO)

In particular:

  • the assertion or defence of claims,

  • business analytics (anonymised),

  • ensuring the security of transactions (especially with high-value precious metals),

  • communication with the client,

  • marketing to existing customers (with the possibility to object).

D. User consent (Article 6(1)(a) RODO)

When it concerns:

  • newsletter,

  • marketing by e-mail/SMS/telephone,

  • analytical and marketing cookies,

  • competitions, promotional activities.

Consent can be withdrawn at any time - this does not affect the lawfulness of the processing prior to withdrawal.

5. data storage time

We only keep data for as long as necessary:

Orders without an account:

- the period necessary for the performance of the contract and thereafter for the period required by law (e.g. 5 tax years).

User account:

- until the account is deleted or inactive for 36 months.

Complaints and returns:

- for the duration of the seller's liability + statute of limitations.

Marketing data (newsletter):

- to withdraw consent.

Data covered by AML obligations:

- in accordance with statutory retention (max. 5 years from the end of the relationship).

Cookies:

- according to the period indicated next to each file (usually 1 day - 2 years).

6 Data recipients

We only pass on data to entities that are necessary for the provision of services, including but not limited to:

  • payment operators,

  • courier and logistics companies,

  • accounting office,

  • law firms,

  • IT and hosting providers,

  • marketing tool providers (e.g. Meta, Google),

  • entities authorised by law (e.g. police, tax office - only on a valid basis).

We do not sell your data.

7 Transfers of data outside the EEA

If we use tools such as Google Analytics, Meta (Facebook/Instagram), HubSpot or similar:

Data may be transferred to countries outside the EEA, such as the United States. Transfers take place on the basis of:

  • the European Commission's decision (EU-US Data Privacy Framework), or

  • standard contractual clauses (SCCs),

  • and additional safeguards.

If you want, I can add a detailed list of tools - let me know.

8. Your rights

You have the right to:

  1. access to their data,

  2. rectification of data,

  3. deletion of data ("right to be forgotten"),

  4. limitation of processing,

  5. object to the processing of data - especially direct marketing,

  6. data portability,

  7. withdraw consent at any time,

  8. lodge a complaint with the President of the Data Protection Authority.

9 Automatic decisions and profiling

We can apply minimal profiling, for example:

  • matching the offer to the product category you are viewing,

  • cookie-based advertising matching,

  • anti-fraud safeguards - especially when selling precious metals.

We do not make decisions with legal effects within the meaning of Article 22 RODO without human involvement.

10 Cookies

We use three categories of cookies:

Necessary - required

For the proper functioning of the website (login, shopping cart, session).

Analytical - with your consent

They help to study traffic and improve shop performance.

Marketing - with your consent

Enable tailored advertising.

Consent management:

  • we display a cookie banner on first entry,

  • You can change the cookie settings yourself at any time in the consent panel or in your browser,

  • disabling cookies may restrict some features of the website.

11. Changes to the Privacy Policy

The policy can be updated in the event of:

  • changes to the law,

  • changes to the scope of services,

  • implementation of new technological tools.

The current version is always available on the website.

12. Contact details of the administrator

INFINITY Dawid Namyślak
16 Jeleniogórska Street
60-179 Poznań
tel. +48 500 744 070