Privacy Policy

Data Controller

The following information is provided to you so that you are aware of the personal data protection commitments of SYLA, a  company Rotata group zoo, registered on address Francuska 35, Katowice 40028, Poland  which acts as as data controller for the processing of personal data mentioned in this document.

Our person in charge of the Information Technology and Civil Liberties Policy

SYLA has appointed a person in charge of the information technology and civil liberties policy who you can reach by email at the following address: syla.gifts@gmail.com.

A part of the processing of personal data, SYLA collects and processes the following data:

-Title, surname, first name, date of birth when it has been entered, billing address, delivery address, email address, telephone number;

-Customer number;

-Statistics regarding the opening and clicking on emails sent by SYLA and activity on the site (pages viewed, products seen, abandoned baskets, etc.).

The purposes of our processing

The processing we implement is for the following purposes:

-Management of the content of the website;

-Management of orders;

-Management of communication to customers and prospects;

-Tracking the customer journey;

-Monitoring customer relations (including satisfaction surveys) and customer claims;

-Traffic analysis;

-Customer categorisation;

-Advertising retargeting of our audiences 

The legal bases of our processing

We only implement data processing if at least one of the following conditions is met:

-Your consent to the processing operations has been obtained; 

-The existence of our legitimate interest, or that of a third party, which justifies our implementation of the processing of personal data concerned; 

-The performance of a contract between us requires that we implement the processing of personal data concerned; 

-We are bound by legal and regulatory obligations that require the implementation of the processing of personal data concerned. 

The legitimate interests pursued 

The legitimate interests pursued by SYLA may include, in particular, allowing the continuity of its business, improving the consumer experience, retaining the consumer, understanding consumers’ expectations.

The personal data that we collect, as well as that collected later, is intended for us as data controller. We make sure that only authorised people can access this data. Our service providers may be recipients of this data to perform the services we entrust to them. Some personal data may be sent to third parties or to legally authorised authorities to meet our legal, regulatory or contractual obligations. Your personal data may be reconciled, pooled or shared between all parent and sister entities and subsidiaries of SYLA. It may be communicated to these entities for the purposes referred to in this information notice. These operations are carried out using instruments which comply with the applicable regulations and which ensure the protection and respect of your rights.

The retention periods we apply to your personal data are proportionate to the purposes for which they were collected. As a result, we organise our data retention policy as follows: -Four years from the collection of your data or the last contact from you; -In the context of concluded contracts, data is kept according to the applicable limitation periods; -Thirteen months regarding cookies from their installation on your device; -Six months maximum for data collected through a conversation from the chat -Regarding a request made through the contact form, the data is kept for the time it takes to process the said request, plus the statutory limitation period. -Regarding the creation of a customer profile on the website of SYLA, the data is kept for three years from the last contact from you, or failing that, the date of creation of the customer profile -Concerning the subscription to a newsletter, until the withdrawal of its consent or failing this three years, from the last contact from you.

Terms of exercise of your rights 

Regarding the right of information, SYLA will not be obliged to respond when you already have the information you request. SYLA will inform you if it cannot respond to your requests. 

These rights are not absolute and are subject to different conditions under: 

-The applicable Ukrainian law regarding the protection of personal data and privacy; 

The laws and regulations that apply to you 

SYLA wishes to inform you that the non-entry or modification of your data may have consequences on the processing of certain requests within the framework of the execution of contractual relations and that your request to exercise your rights will be kept for tracking purposes. All the rights you enjoy are detailed below. Your right to information You acknowledge that this information notice informs you of the purposes, the legal framework, the interests, the recipients or categories of recipients with whom your personal data are shared, and the possibility of a transfer of data to a third country or to an international organisation. 

In addition to this information and in order to ensure a fair and transparent treatment of your data, you declare to have received additional information regarding: 

-The retention period of your personal data; 

-The existence of your rights and the terms of their exercise. If we decide to process data for purposes other than those indicated, all information relating to these new purposes will be communicated to you. 

Your right of access and rectification of your data 

You have the right to access and have your personal data rectified, which you can exercise by contacting SYLA by email to syla.gifts@gmail.com As such, you have the confirmation that your personal data is or is not processed and when it is, you have access to your data as well as information about: 

-The purposes of the processing; 

-The categories of personal data concerned; 

-The recipients or categories of recipients as well as the international organisations to which personal data has been or will be communicated, in particular recipients who are established in third countries; 

-When possible, the intended personal data retention period or, when this is not possible, the criteria used to determine this period; the existence of the right to request the data controller to rectify or erase personal data, or a limitation of the processing of your personal data, or the right to oppose such processing;

 -The right to lodge a claim with a supervisory authority; 

-Information about the source of the data when it is not collected directly from the data subjects;

 -The existence of automated decision making, including profiling, and, in this last case, useful information about the underlying logic, as well as the significance and intended consequences of that processing for the data subjects; You may ask that your personal data be, as the case may be, rectified, completed if it is inaccurate, incomplete, equivocal or out of date. 

Your right to erase your data 

You can ask us for the erasure of your personal data when one of the following reasons applies: 

-the personal data is no longer necessary for the purpose for which it was collected or otherwise processed; 

-you withdraw the consent previously given; 

-you object to the processing of your personal data when there is no legal reason for said processing; 

-the processing of personal data does not comply with the provisions of the applicable legislation and regulations; 

-your personal data has been collected in relation to the offer of information society services to children under the age of 16. However, the exercise of this right will not be possible when the retention of your personal data is necessary under the laws or regulations and in particular for the recognition, exercise or defence of rights in court. 

Your right to limit data processing 

You may request the limitation of the processing of your personal data in the cases provided for by the laws and regulations. 

Your right to object to data processing 

You have the right to object to the processing of your personal data when the processing is based on the legitimate interest of the controller.

We attach great importance to the protection, integrity and confidentiality of your data. Consequently, we have implemented technical and organizational measures to guarantee a level of security adapted to the risk and thus protect your data against any loss, alteration, access or disclosure to unauthorized third parties. 

However, despite our efforts, no security measure can protect against all the risks of misappropriation or piracy, for which we as data controller cannot be held responsible. 

We undertake in the event of a personal data breach and in accordance with the regulations in force relating to the protection of personal data, to notify them to the CNIL. In the event that a data breach would present a high risk to your rights and freedoms, we will inform you as soon as possible and always under the conditions provided for by the regulations in force relating to the protection of personal data.