Privacy & Cookie Policy

Effective date: August 26, 2025

1. GENERAL INFORMATION

1.1. This Privacy & Cookie Policy explains how Elżbieta Arbaczewska (“we”, “our”, “us”) collects, uses, stores, and protects personal data of visitors and customers on the website getsalty.store (“Website”).

1.2. Contact information:

  • Email: shop@getsalty.store

  • Phone: +48 698 405 949

  • Address: Abrahama 16, 52-206 Wrocław, Poland

1.3. By using our Website, you consent to the collection and processing of your data as described in this Policy.

1.4. The data controller (administrator) of your personal data is Elżbieta Arbaczewska, Abrahama 16, 52-206 Wrocław, Poland, NIP 8993024606.

2. DATA WE COLLECT

We may collect the following personal data:

  • Contact information: name, email address, phone number, billing/shipping address.

  • Payment information: credit/debit card or payment service data (processed securely via Przelewy24).

  • Order information: products purchased, order history, preferences.

  • Technical data: IP address, browser type, device type, pages visited.

  • Cookies and tracking data (see Section 7).

3. HOW WE USE YOUR DATA

Your personal data may be used for:

  • Processing orders, payments, and shipping.

  • Sending order confirmations, shipping updates, and customer support communications.

  • Managing customer accounts and preferences.

  • Improving our website, products, and services.

  • Compliance with legal obligations.

  • Marketing communications, only if you have given consent.

4. LEGAL BASIS FOR PROCESSING

We process personal data based on the following legal grounds:

  • Contract performance: necessary to fulfill your orders.

  • Consent: for marketing communications and cookies requiring consent.

  • Legal obligation: compliance with Polish/EU law.

  • Legitimate interests: website security, fraud prevention, and service improvement.

5. DATA SHARING

5.1. We may share your personal data with:

  • Payment processors (Przelewy24) for secure payment processing.

  • Delivery partners (InPost, DPD) for shipping orders.

  • IT service providers for website hosting, analytics, and security.

5.2. We do not sell your personal data to third parties.

5.3. Some of our service providers may be located outside the European Economic Area (EEA). In such cases, data transfers are carried out in compliance with GDPR requirements, using appropriate safeguards such as Standard Contractual Clauses (SCCs).

6. DATA RETENTION

  • Customer and order data is retained for as long as necessary for order fulfillment and legal compliance (e.g., tax records).

  • Marketing consent data is retained until consent is withdrawn.

  • Technical and anonymized data may be retained for analytical purposes.

7. COOKIES

7.1. What are cookies?
Cookies are small text files stored on your device to improve website functionality, track analytics, and enhance user experience.

7.2. Types of cookies used:

  • Necessary cookies: required for website functionality (e.g., shopping cart).

  • Analytical/Performance cookies: track website usage for improvement.

  • Marketing/Advertising cookies: track user behavior for personalized ads (requires consent).

7.3. Consent & management:

  • You can manage or disable cookies in your browser settings.

  • Disabling some cookies may affect website functionality.

  • You may withdraw your consent to marketing/advertising cookies at any time via your browser settings or the cookie banner displayed on our website.

8. YOUR RIGHTS (GDPR)

As an EU user, you have the following rights regarding your personal data:

  • Access: request a copy of your data.

  • Correction: update incorrect or incomplete data.

  • Erasure: request deletion of your data (“right to be forgotten”).

  • Restriction: limit how we process your data.

  • Data portability: receive your data in a portable format.

  • Objection: object to data processing for marketing purposes.

Requests can be made via email: shop@getsalty.store.

Requests will be processed without undue delay and within 30 days at the latest.

You also have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (UODO) in Poland.

9. DATA SECURITY

We implement technical and organizational measures to protect your personal data, including encryption, secure servers, and access control.

10. THIRD-PARTY LINKS

Our website may contain links to other websites. We are not responsible for the privacy practices of third-party websites.

11. CHANGES TO THIS POLICY

We may update this Privacy & Cookie Policy periodically. Changes will be posted on this page with a new effective date.