Privacy Policy

This Privacy Policy outlines the principles governing our processing of your information, including personal data and the use of cookies.

1. General Information

1.1. This policy applies to the website operating at: nordictale.store

1.2. The operator of the website and the Administrator of personal data is:

  • Rafał Bochnak
  • Zielona 19, 34-730 Mszana Dolna, Poland

1.3. Contact email address of the Operator: hello@nordictale.store

1.4. The Operator is the Administrator of your personal data with respect to the data voluntarily provided on the Website.

1.5. The Website processes personal data for the following purposes:

  • Managing the comments system
  • Operating online chat services
  • Handling queries via contact forms
  • Fulfilling orders for purchased services
  • Presenting offers and information

1.6. The Website collects information about users and their behaviour in the following ways:

  • Through voluntarily provided data entered in forms, which are stored in the Operator’s systems
  • By storing cookies (so-called “cookies”) on user devices

2. Selected Data Protection Measures Used by the Operator

2.1. Encryption and Security Measures

  • Login pages and personal data entry forms are secured with SSL encryption.
  • This ensures that data entered on the Website is encrypted on the user’s device and can only be read on the destination server.

2.2. Data Storage

  • Personal data stored in the database is encrypted, ensuring that only the Operator can access it.
  • This protects data in case of a database breach.

2.3. Password Security

  • User passwords are stored in hashed form.
  • The hashing function is one-way, making it impossible to reverse-engineer passwords.

2.4. Two-Factor Authentication (2FA)

  • The Website uses two-factor authentication as an additional security layer for login.

2.5. Administrative Security

  • The Operator regularly updates administrative passwords.
  • Regular backups of stored data are performed.
  • The Operator ensures the regular updating of all software used for data processing.

3. Hosting

3.1. The Website is hosted by cyberFolks.pl.

3.2. The hosting provider logs technical data for reliability purposes, which may include:

  • URLs of requested resources
  • Request timestamps and response times
  • Client device name (identified via HTTP protocol)
  • Errors occurring during HTTP transactions
  • Referring URLs (if the user accessed the Website via a hyperlink)
  • Browser information
  • IP addresses
  • Diagnostics related to email processing and order fulfilment

4. Your Rights and Additional Information on Data Processing

4.1. In some cases, the Administrator may transfer your personal data to third-party entities if required to fulfil the contract or comply with legal obligations. This includes:

  • Hosting providers
  • Banks
  • Payment operators
  • Public authorities

4.2. Your personal data is processed only for as long as necessary for the purpose for which it was collected. For marketing-related data, processing will not exceed 3 years.

4.3. You have the right to request from the Administrator:

  • Access to your personal data
  • Correction of inaccuracies
  • Deletion of data
  • Restriction of processing
  • Data portability

4.4. You have the right to object to processing based on legitimate interests, including profiling, unless there are overriding legal grounds for processing (e.g., legal claims).

4.5. You can lodge a complaint with the President of the Personal Data Protection Office (UODO) at: Stawki 2, 00-193 Warsaw, Poland.

4.6. Providing personal data is voluntary but necessary to use the Website.

4.7. No personal data is transferred outside the European Union.

5. Information in Forms

5.1. The Website collects information voluntarily provided by users, including personal data where applicable.

5.2. The Website may record connection details, such as:

  • IP addresses
  • Timestamps

5.3. Data entered into forms is used only for the specific function of the form, e.g., handling service requests or contacting users.

6. Administrator Logs

6.1. User activity on the Website may be logged for administrative purposes.

7. Important Marketing Techniques

7.1. The Operator uses:

  • Google Analytics for traffic analysis (Google Inc., USA).
  • Remarketing techniques to adjust advertisements based on user behaviour.
  • Facebook Pixel to enhance advertising (Facebook Inc., USA).
  • Automated service functions, such as sending follow-up emails to users who have visited specific pages.

8. Information About Cookies

8.1. The Website uses cookies to enhance user experience.

8.2. Cookies are small text files stored on the user’s device. They typically contain:

  • The originating website name
  • The storage duration
  • A unique identifier

8.3. The Operator uses cookies for:

  • Maintaining user sessions (e.g., remembering logins)
  • Marketing and analytical purposes

8.4. The Website employs two types of cookies:

  • Session cookies (temporary, deleted after closing the browser)
  • Persistent cookies (stored until manually deleted)

8.5. Users can manage cookies through browser settings. However, blocking essential cookies may disrupt some Website functionalities.

8.6. Third-party cookies used by the Website may come from:

  • Google (Google Inc., USA)
  • Facebook (Facebook Inc., USA)
  • Twitter (Twitter Inc., USA)

9. Managing Cookies – How to Grant or Withdraw Consent?

9.1. If you do not wish to receive cookies, adjust your browser settings accordingly.

9.2. To manage cookie settings, follow the instructions for your browser:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

9.3. For mobile devices:

  • Android
  • Safari (iOS)
  • Windows Phone