Skip to main content
English

Darmowa dostawa od 98zł!

Wishlist
Products in the cart: 0. See details

Your cart is empty

Privacy policy

Privacy Policy of ROFREETEA.COM

THIS PRIVACY POLICY (hereinafter “Policy”) sets out the principles for processing personal data of Customers and Users of the website www.rofreetea.com (hereinafter “Website”) operated by Biotini Michał Wiśniewski, located at ul. Herbu Szreniawa 11/5, 02‑972 Warsaw, registered in the CEIDG, VAT ID: 9512122283 (hereinafter “Controller”).

§ 1. GENERAL PROVISIONS

  1. The Controller conducts activities related to operating the Website and selling products offered therein.

  2. Users may contact the Controller via email at hi@rofreetea.com or by telephone at (+48) 728 437 147.

§ 2. LEGAL BASIS FOR PROCESSING

  1. Personal data are processed on the basis of:

    1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 – GDPR;

    2. The Act of 10 May 2018 on the protection of personal data;

    3. Other applicable provisions of Polish law.

§ 3. SCOPE AND PURPOSE OF DATA PROCESSING

  1. The Controller collects the following categories of Customer data:

    1. Identification data: first name and last name;

    2. Address data: correspondence and delivery address;

    3. Contact data: email address and telephone number;

    4. Payment data: necessary for transaction processing;

    5. Billing data: VAT number, full company address.

  2. Purposes and legal bases for processing:

    1. Execution of sale agreements or pre-contractual measures – Art. 6(1)(b) GDPR;

    2. Compliance with legal obligations (accounting, tax) – Art. 6(1)(c) GDPR;

    3. Direct marketing of own products – Art. 6(1)(f) GDPR (legitimate interest);

    4. Analytical activities and Website improvement (cookies and analytics tools) – Art. 6(1)(f) GDPR and, for strictly necessary cookies, Art. 6(1)(a) GDPR (consent);

    5. Marketing communications (newsletter, special offers) – based solely on prior consent – Art. 6(1)(a) GDPR.

§ 4. DATA RECIPIENTS

  1. Personal data may be disclosed to the following categories of recipients:

    1. Payment service providers (PayU, Przelewy24);

    2. Courier and postal companies;

    3. Hosting and IT service providers;

    4. Accounting and tax advisory firms.

  2. All recipients process data under data processing agreements and implement appropriate security measures.

§ 5. DATA RETENTION PERIOD

  1. Data related to order fulfillment and accounting are retained as long as required for tax and accounting purposes (up to five years).

  2. Marketing data are retained until the consent is withdrawn by the User.

  3. Analytical data and cookies are retained in accordance with the Website’s cookie policy and the User’s browser settings.

§ 6. RIGHTS OF DATA SUBJECTS

  1. Users have the right to:

    1. Access their personal data;

    2. Rectify inaccurate data;

    3. Erase personal data (“right to be forgotten”);

    4. Restrict processing;

    5. Data portability;

    6. Object to processing;

    7. Withdraw consent to marketing processing at any time;

    8. Lodge a complaint with the President of the Personal Data Protection Office.

  2. Requests to exercise these rights should be sent to hi@rofreetea.com.

§ 7. TRANSFER OF DATA TO THIRD COUNTRIES

  1. The Controller may transfer personal data to countries outside the European Economic Area only based on:

    1. Standard contractual clauses approved by the European Commission;

    2. A European Commission adequacy decision.

§ 8. COOKIES AND TRACKING TECHNOLOGIES

  1. The Website uses cookies for the following purposes:

    1. Ensuring proper Website functionality;

    2. Analyzing traffic and User behavior;

    3. Conducting marketing activities.

  2. Users may manage cookie settings through their browser settings or via the tool provided on the Website.

§ 9. CHILDREN’S DATA PROTECTION

  1. The Website is not intended for persons under the age of 13.

  2. The Controller does not knowingly process personal data of children.

§ 10. DATA TRANSFER IN CASE OF CHANGE OF OWNER

  1. In the event of a change of ownership of the Website or a merger, personal data may be transferred to the acquiring entity, provided that the processing purposes remain compatible.

§ 11. AMENDMENTS TO THE POLICY

  1. This Policy is effective as of July 15, 2025.

  2. Any changes will be published on the Website with the date of their entry into force.