Privacy Policy
Privacy and Cookie Policy
2016-05-16
This privacy and cookie policy defines:
the purposes and methods of our processing of your personal data,
your rights under the General Data Protection Regulation ("GDPR"),
our approach to using technologies that allow us to send or access information on your browser or device, which is often referred to as cookies.
I.OUR ROLE AS YOUR DATA CONTROLLER
The administrator responsible for processing your personal data in relation to the use of the website https://sushiicons.pl/ is Sushi Icons Ltd. Our office is located in Warsaw at 6 Chrystiana Piotra Aignera street (office No. U5), 00-710. We are registered in the Register of Entrepreneurs of the National Court Register maintained by the District Court in Warsaw under KRS number 0000904465, with NIP 5213931481 and REGON 3891646457.
II. HOW TO CONTACT US?
You can reach us in the following ways:
By physical mail at our registered office: Sushi Icons Ltd, 6 Chrystiana Piotra Aignera Street (Apt U5), Warsaw, 00-710.
By phone at +48 22 602 20 20 (our hotline is available from 8:00 a.m. to 6:00 p.m. on business days).
By email at sushiicons.pl@gmail.com.
III. WHO IS THE DATA PROTECTION OFFICER AT THE CONTROLLER?
Our Data Protection Officer is Mykhailo Shevchuk. You can contact him by e-mail at poland@sushiicons.com.ua.
IV. SCOPE OF COLLECTED DATA AND SOURCE OF ITS ORIGIN
[Online restaurant shopping] When you place an order in our online restaurant, we gather some information from you through the order form. This includes your first and last name, company name and tax ID if applicable, as well as your delivery address and contact details. We also keep a record of your purchase and any after-sales information related to complaints or returns.
[Contacting us] If you reach out to us through our available contact methods—whether through forms on our website or messages on social media—we’ll collect details related to that communication. This includes your contact information and the content of what you’ve shared with us.
[Participation in competitions and events] When you take part in competitions or events organized by us, we collect the information you provide in the application forms. This includes your contact details and any data necessary for determining competition results, issuing prizes, or facilitating your participation in the event.
[Social media interaction] If you engage with us on social media—by commenting on our posts, responding, or sending us messages—we gather data related to those interactions. Additionally, we may receive information about your online activities from social media providers.
[Using our website] When you use our website, we may collect your personal data, including online identifiers like cookie IDs and IP addresses, as well as information about how you interact with our site. Additionally, we might receive data about your online activity from providers of certain services or features available on our website.
[Special cases of indirect acquisition of Personal Data] We may also collect your information indirectly in certain situations, such as: (i) when someone else provides your first name, last name, mobile phone number, and address in connection with their order delivery; (ii) when your first name, last name, company name, address details, and Tax Identification Number are given by someone else for invoicing purposes; or (iii) when another person shares your bank account information for processing refunds or withdrawals.
V. WHAT IS THE PURPOSE OF PROCESSING YOUR PERSONAL DATA, AND WHAT LEGAL GROUNDS DO WE RELY ON?
1. Making Purchases at an Online Restaurant
When you make purchases at our online restaurant, we process your personal data for the following reasons and under these legal bases:
To enter into and fulfill a sales contract you are part of, or to take steps you request before the contract is finalized, including handling complaints and exercising your rights related to completed sales (Article 6(1)(b) of the GDPR).
To comply with legal obligations we have, such as those related to tax, accounting, and consumer rights (Article 6(1)(c) of the GDPR).
To facilitate payment for your orders through third-party services, like PayU, which is part of our legitimate interest (Article 6(1)(f) of the GDPR).
To establish, pursue, or defend against any claims, which is considered our legitimate interest (Article 6(1)(f) of the GDPR).
To identify any irregularities in our online services and ensure the security of our platform, including IT security, which is also part of our legitimate interest (Article 6(1)(f) of the GDPR).
For analytical and statistical purposes to improve our services, which falls under our legitimate interest (Article 6(1)(f) of the GDPR).
2. Services Provided Electronically
When we provide services to you through our website, we process your personal data for several reasons, based on the following legal grounds:
To set up and fulfill a contract for our services, or to take steps at your request before we finalize any sales agreement. This also covers handling complaints related to executed contracts (Article 6(1)(b) of the GDPR).
To establish, pursue, or defend against any claims, which is considered our legitimate interest (Article 6(1)(f) of the GDPR).
To identify any irregularities in our online services and ensure the security of our platform, including IT security, which is also part of our legitimate interest (Article 6(1)(f) of the GDPR).
For analytical and statistical purposes to improve our services, which falls under our legitimate interest (Article 6(1)(f) of the GDPR).
3. Marketing
As part of our marketing efforts, we process your personal data for the following purposes and based on the following legal grounds:
To send you commercial information about our products, services, and events via your preferred communication method (email or SMS), but only if you give your consent during registration on our online restaurant website (Article 6(1)(a) of the GDPR).
To conduct direct marketing activities, including promoting our products and services and offering other benefits, such as personalized advertising and tailored offers, which we pursue as part of our legitimate interests (Article 6(1)(f) of the GDPR).
To share your personal data with third parties so they can gather your feedback on purchased products or our store, but only with your consent (Article 6(1)(a) of the GDPR).
In our marketing activities, we also utilize functionalities (like cookies and similar technologies) that help us create personalized offers. Specifically, we use tools such as Google Analytics, Meta Pixel, Hotjar, Cookiebot, Google Tag Manager, Criteo, Jotform, Typeform, Google Search Consol and others, to understand your behavior online and on mobile apps and social media. This helps us tailor our marketing messages and improve the content we deliver. We analyze customer behavior patterns to develop content that aligns more closely with your preferences and interests, though these efforts won't significantly influence your choices. Personalized offers may appear both on our online restaurant website and on the websites of other partners.
4. Social Media Profiles
When it comes to managing our social media profiles on platforms like Facebook, Instagram, YouTube, and TikTok, we collect and process information from visitors for several reasons, based on the following legal grounds:
Profile Management: We maintain our social media profiles according to the guidelines set by these platforms. This allows us to share updates about our activities, services, events, and competitions we organize, as well as to foster community engagement. Interacting through comments, chats, and messages, including event registrations, is part of this process, which aligns with our legitimate interest (Article 6(1)(f) of the GDPR).
Performance Analysis: We analyze how our social media profiles are performing, including their popularity and user engagement. This also falls under our legitimate interest (Article 6(1)(f) of the GDPR).
For those utilizing the statistics feature on Facebook, we want to clarify that both we and Meta act as joint controllers for the data processed for statistical purposes. Our agreements detailing the responsibilities for personal data processing can be found here: https://www.facebook.com/legal/terms/page_controller_addendum
As outlined, Meta takes on primary responsibility under the GDPR for handling data used for statistical purposes and fulfilling all relevant obligations.
VI. DATA RECIPIENTS
The recipients of the data are those entities with whom we share the personal data we process. The specific list of these recipients can vary from case to case, as it depends on factors like the type of services you're using and the consents you've provided.
In the context of the online restaurant, the primary recipients of your personal data are entities that help ensure the smooth execution of sales agreements, such as payment operators. This includes PayU S.A., based in Poznań (60-166) at 186Grunwaldzka street, which provides its services in accordance with the terms outlined in its regulations.
Additionally, your data may be shared with the following parties:
Organizations that help us manage and maintain our website, including hosting services, software providers, and legal and advisory firms.
Partners involved in our marketing efforts, such as those who assist in sending promotional information and running marketing campaigns.
Platforms through which you can share your feedback on products you've purchased from us.
Social media platforms, if you engage with us on our social media profiles.
Analytics and advertising providers, especially those using cookies or similar technologies.
Entities authorized by law to access your information, if we're legally required to share it.
Your feedback on our products or services shared on third-party websites, as well as your interactions on our social media profiles, are visible to visitors on those platforms.
VII. TRANSFER OF PERSONAL DATA OUTSIDE THE EEA
Your personal data is primarily stored within the European Economic Area (EEA). However, since we utilize tools such as cookies and similar technologies from providers like Google and Meta, and engage with social media platforms, your data may sometimes be transferred outside the EEA. Should such transfers to third countries occur, we ensure compliance with Chapter 5 of the GDPR. This includes only transferring data to countries that have been deemed to provide an adequate level of data protection by the European Commission, or through the use of Standard Contractual Clauses.
If you need more information regarding our safeguards for transferring data to third countries, as well as details on obtaining a copy of your data or where it can be accessed, please feel free to contact us. We are committed to ensuring that the processing of personal data is in full compliance with regulations.
VIII. DATA STORAGE PERIOD
Personal data processed with your consent will be retained until the purpose for which it was collected has been fulfilled, or until consent is withdrawn, whichever occurs first.
Personal data processed in relation to the conclusion or performance of a contract will be retained for the duration of the contract. Additionally, it may be retained beyond the contract's termination until the expiration of the limitation period for any potential claims arising from the contract, in accordance with applicable legal provisions.
Personal data processed to fulfill obligations arising from legal requirements, such as tax and accounting obligations or the provision of electronic services, will be retained for the duration specified by the relevant legal provisions or until such obligations are fulfilled.
The processing of your personal data based on our legitimate interests, including direct marketing, profiling, or analytical purposes, will continue until the purpose of processing has been achieved, or until you submit a valid objection to the processing of your data for these purposes.
If we're using your data for marketing purposes based on our legitimate interest, you can object to this without needing to provide a reason, and we'll always consider it. For other types of data processing based on legitimate interests, you can object if you have a specific situation to share. However, we may still proceed with the data processing if we can show that we have important reasons that outweigh your interests, rights, and freedoms, or if it's necessary for establishing, pursuing, or defending legal claims.
IX. YOUR RIGHTS
When it comes to your personal data, you have the following rights:
1. The right to access your personal data.
2. The right to correct any inaccuracies in your personal data.
3. The right to limit how your personal data is processed.
4. The right to request deletion of your personal data.
5. The right to object to the processing of your personal data (see point 8).
6. The right to transfer the personal data you've provided to us, if it’s being processed automatically based on your consent or a contract.
7. The right to withdraw your consent for processing your personal data at any time, without affecting the legality of the processing that occurred prior to your withdrawal.
8. The right to file a complaint with the supervisory authority, which is the Office for Personal Data Protection (2 Stawki Street, 00-193 Warsaw).
X. OTHER ENTITIES THAT MAY PROCESS YOUR PERSONAL DATA
Our restaurant's website features links to third-party sites, including social media profiles like Facebook, Instagram, and YouTube, as well as various plug-ins, add-ons, and extensions. Please note that we don’t provide information on how these third-party sites, plug-ins, or extensions work, nor do we cover their personal data processing practices. We strongly recommend checking out the terms and privacy policies of these services before using them.
XI. INFORMATION ON THE OBLIGATION OR VOLUNTARYITY OF PROVIDING PERSONAL DATA
Providing personal data for the purposes outlined in the Privacy Policy is voluntary. However, please be aware that not providing this information may hinder our ability to fulfill these purposes. For instance, it could result in the inability to finalize a sales contract or a contract for electronic services, or it may prevent us from sending you birthday offers if you do not provide your date of birth.
XII. COOKIES FILES
At our online restaurant, we utilize cookies and similar technologies to enhance your experience. Please be aware that we collect information about every individual who accesses our website, regardless of whether you are a customer of our restaurant. Simply visiting the site may result in the storage or downloading of information on your device or browser. The type of information collected through cookies varies based on how you interact with the different features of the site. Below, you will find a comprehensive overview of the cookies we use.
1. What Are Cookies and What Types Exist?
Cookies, also known as cookie files or HTTP cookies, are small files containing data that are stored on a user’s device—such as a computer, smartphone, or tablet—when they visit a website. These cookies primarily serve to store user preferences and other relevant information for the websites being visited, enabling them to display content tailored to individual user needs, access specific functionalities, and personalize the browsing experience.
Cookies can be categorized based on their duration of use into two main types:
Session Cookies: These are temporary cookies that expire once the web browser session is closed (i.e., the period from opening to closing the browser).
Persistent Cookies: Unlike session cookies, persistent cookies remain on the user’s device even after the browser session is closed and will remain stored for a period defined by the script.
2. On What Basis Do We Use Cookies?
The use of cookies is contingent on the consent of the user visiting the service. Users may grant permission for cookies to be stored on their device and allow access to previously stored information. This consent is typically managed through the settings available on the cookie banner displayed on our website, or through the settings of the software installed on the user’s device that facilitate cookie storage.
3. What are Cookies Used For?
Cookies serve a variety of functions. Some are essential for the site to operate, while others enhance specific features or are utilized for advertising, statistical analysis, and performance tracking.
Essential cookies are crucial for the site`'s operation. These include cookies that maintain your user session, enable login authentication, manage the online shopping cart, and monitor service availability. Your consent is not required for these essential cookies, as they are necessary for the proper functioning of the service.
We will, however, seek your consent for the use of the following types of cookies:
Functional Cookies: These cookies help manage your login sessions, facilitate automatic logins, customize your page display preferences, show recently viewed products, and align displayed items with your interests.
Analytical Cookies: These are used to gather insights into how users navigate the website, enabling us to optimize performance, resolve issues, and understand user needs and preferences better (e.g., through Google Analytics).
Marketing Cookies: These facilitate the promotion of our service and products on third-party websites and search results. They also help in personalizing ads based on individual user preferences as derived from online activity (e.g., using Google AdWords).
4. How to Manage or Limit Cookies?
You can refuse the use of cookies and revoke any previously granted consent or limit their application by adjusting the settings via the cookie banner on the Service.
Alternatively, you can block or delete cookies by modifying your web browser settings. Detailed instructions on how to manage cookie preferences can typically be found in the "Help" section of your web browser.