Edit Content
B2B
Platinium

Privacy policy

Privacy Policy of the KombuchaByLaurent.pl Online Store

1. Data Administrator

The administrator of personal data is ROCOTO Sp. z o.o. Sp. K., ul. Powsińska 69/71, 02-903 Warsaw, KRS 0000782072, NIP 5213863638, REGON 383109272.
Email: pij@kombuchabylaurent.pl

2. Scope of Processing

We process personal data such as:

  • first name, last name, address, email, phone number,
  • payment data,
  • data from cookies and analytics tools.

3. Purposes and Legal Basis of Processing

Data is processed for:

  • fulfillment of a sales agreement (Art. 6(1)(b) GDPR),
  • compliance with legal obligations (Art. 6(1)(c) GDPR),
  • based on consent (Art. 6(1)(a) GDPR),
  • legitimate interest of the administrator (Art. 6(1)(f) GDPR).

4. Rights of Data Subjects

The data subject has the right to:

  • access their data and obtain a copy,
  • rectify data,
  • delete data (“right to be forgotten”),
  • restrict processing,
  • data portability,
  • object to processing,
  • withdraw consent at any time (if data was processed on that basis),
  • file a complaint with the President of the Personal Data Protection Office (UODO).

5. Cookies

The store uses cookies for the following purposes:

  1. Technical / necessary – to enable the functioning of the store, cart, and login.
  2. Analytical / statistical – e.g., Google Analytics, to improve store functionality.

Managing cookies: Users can change cookie settings in their browser or via the consent panel available on the store website.

6. Data Sharing

Personal data may be shared with:

  • courier companies and payment operators,
  • IT service providers,
  • entities legally related to ROCOTO Sp. z o.o. Sp. K.

Data transfer outside the EEA: If we use services such as Google Analytics or Meta Ads, data may be transferred to countries outside the European Economic Area (EEA). Transfer is conducted according to the EU Standard Contractual Clauses.

7. Data Retention Period

Data is stored for the period necessary to fulfill orders and in accordance with tax and accounting law requirements. After this period, data is deleted or anonymized.

8. Data Security

We implement appropriate technical and organizational measures to ensure data security, including encryption, SSL certificates, access control, and incident response procedures.

9. Privacy Policy Changes

The privacy policy may be updated. The new version will be published on the store website along with the effective date.

The Privacy Policy is effective from the date:

Skip to content