Krośko Ten Tkacz
Privacy Policy

Privacy Policy

PRIVACY POLICY

Krośko The Weaver / Krośko Ten Tkacz

Effective Date: 01.06.2026

§1. General Information

  1. This Privacy Policy sets out the rules governing the processing of personal data of users of the following websites:
  1. operated under the brands "Krośko The Weaver" and "Krośko Ten Tkacz".
  2. The data controller is: Jakub Fikowicz-Krośko Jaśminowa 16B, Tokary 83-304 Przodkowo Poland E-mail: kroskotheweaver@gmail.com
  3. Personal data is processed in accordance with:
  • Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR),
  • applicable Polish laws relating to the protection of personal data.
  1. The Controller exercises due care to protect users' privacy and ensure the security of processed personal data.

§2. Scope of Collected Data

  1. The Controller may process the following personal data:
  • full name,
  • delivery address,
  • billing address,
  • e-mail address,
  • telephone number,
  • information necessary to process payments,
  • information voluntarily provided by the user through the contact form, e-mail correspondence, or other means of communication.
  1. Providing personal data is voluntary; however, in certain cases it may be necessary for:
  • processing and fulfilling an order,
  • contacting the user,
  • handling complaints or returns,
  • responding to enquiries.
  1. The Controller does not intentionally collect special categories of personal data referred to in Article 9 of the GDPR.

§3. Purposes and Legal Bases of Processing

  1. Personal data may be processed for the following purposes: a) fulfilling orders and performing sales agreements, b) communicating with Customers regarding their orders, c) complying with legal obligations applicable to the Controller, d) handling complaints and returns, e) establishing, pursuing, or defending legal claims, f) responding to messages submitted through the contact form, e-mail, or other communication channels made available by the Controller.
  2. The legal basis for processing personal data is, as applicable:
  • Article 6(1)(b) GDPR – performance of a contract or taking steps prior to entering into a contract,
  • Article 6(1)(c) GDPR – compliance with a legal obligation,
  • Article 6(1)(f) GDPR – the Controller's legitimate interests.

§4. Contact Form

  1. Users may contact the Controller through the contact form available on the website.
  2. Use of the contact form requires providing information necessary for responding to the submitted enquiry.
  3. Information submitted through the contact form is used solely for the purpose of handling correspondence, responding to enquiries, or taking actions related to the content of the message.
  4. Submission of a message through the contact form is voluntary.

§5. Data Recipients

  1. Personal data may be shared with service providers whose services are necessary for the operation of the website, online store, and communication with users, solely to the extent required for the provision of such services.
  2. Recipients of personal data may include in particular:
  • payment service providers,
  • postal and courier companies,
  • hosting providers,
  • IT service providers,
  • e-mail service providers,
  • contact form service providers,
  • accountants or tax advisers,
  • public authorities authorized under applicable law.
  1. The Controller does not sell personal data and does not disclose personal data to third parties for marketing purposes.

§6. Transfers of Personal Data Outside the European Economic Area

  1. Some services used by the Controller may involve the transfer of personal data outside the European Economic Area (EEA).
  2. In such cases, the Controller takes reasonable steps to ensure that personal data is transferred in accordance with GDPR requirements and appropriate legal safeguards.
  3. This may particularly apply to services provided by global technology providers, e-mail service providers, payment processors, or other services used in connection with operating the website and online store.

§7. Data Retention Period

  1. Personal data related to orders is retained for the period necessary to perform the contract and for any additional period required by applicable law.
  2. Personal data related to tax and accounting obligations is retained for the period required by applicable legislation.
  3. Data processed on the basis of the Controller's legitimate interests is retained until a valid objection is raised or until the purpose of processing no longer exists.
  4. Information contained in correspondence may be retained for as long as necessary to handle the matter and to protect against potential legal claims.

§8. Rights of Data Subjects

  1. Individuals whose personal data is processed have the right to:
  • access their personal data,
  • rectify inaccurate data,
  • erase personal data,
  • restrict processing,
  • receive a copy of their data (data portability),
  • object to processing,
  • withdraw consent where processing is based on consent.
  1. To exercise any of the above rights, individuals may contact the Controller using the contact details provided in this Privacy Policy.
  2. Individuals also have the right to lodge a complaint with the competent supervisory authority responsible for data protection.

§9. Data Security

  1. The Controller implements appropriate technical and organizational measures designed to protect personal data against:
  • loss,
  • destruction,
  • unauthorized access,
  • unauthorized disclosure,
  • unauthorized modification.
  1. Access to personal data is limited to authorized persons or entities who require such access for legitimate purposes.

§10. Links to External Websites

  1. The website may contain links to third-party websites.
  2. The Controller is not responsible for the content, security, or privacy practices of such websites.
  3. Users should review the privacy policy of any external website they visit.

§11. Cookies

  1. The website uses cookies and similar technologies.
  2. Detailed information regarding the use of cookies is available in the separate Cookies Policy.

§12. Changes to the Privacy Policy

  1. The Controller reserves the right to update this Privacy Policy in the event of:
  • changes in applicable law,
  • technological developments,
  • changes to the operation of the website,
  • changes relating to the services offered.
  1. The current version of this Privacy Policy will always be available on the website.

§13. Contact

For matters relating to personal data protection, please contact:

Jakub Fikowicz-Krośko Krośko The Weaver / Krośko Ten Tkacz E-mail: kroskotheweaver@gmail.com

This Privacy Policy should be read together with the Store Terms and Conditions, Cookies Policy, Shipping Policy, and any other policies or documents published on the website.

Now that the formalities are out of the way...

Want to see what life in the atelier looks like?

Visit the Atelier