WINTER SALE -20% with code: SALE20

FREE DELIVERY FROM 54,99 EUR Make purchases for min. 54,99 EUR and enjoy free delivery! Offer is valid for orders which value in the basket exceeds 54,99 EUR, including orders in which a discount code was used. Enjoy your shopping.

Currency
EUR
Language
English
  • Sign In
  • Create an Account
Toggle Nav
My Cart
Menu
Account
Settings
Language
English
Currency
EUR

Privacy Policy

§1. INTRODUCTION

The GIORRE online store, operated at www.giorre.com and owned by Silvexcraft Mateusz Wójcik Sp. k., attaches the highest importance to protecting the privacy of its Customers regarding the provision of personal data to the Customer Service department. We are committed to privacy and take responsibility for data security seriously. We will clearly and transparently inform our Customers about what information we collect and how it is used.

This Privacy Policy defines the following:

Which personal data we collect and process in connection with being our Customer and using our website and online services;

  1. Where we obtain data from;
  2. What we do with that data;
  3. How we store data;
  4. To whom we disclose/reveal data;
  5. How we implement your data protection rights;
  6. How we comply with data protection principles.

All personal data is collected and processed in accordance with data protection laws applicable in Poland and the European Union.

§2. DEFINITIONS

Data Controller – the personal data administrator indicated in §3 of this Policy.

Personal data – any information about an identified or identifiable natural person through one or more specific factors defining physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, location data, online identifiers, and information collected via cookies or similar technologies.

Policy – this Privacy Policy.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Service – the online store operated by the Data Controller at www.giorre.com.

User (Customer) – any natural person visiting the Service or using one or more services or functionalities described in this Policy.

§3. PERSONAL DATA CONTROLLER

The administrator of your personal data is Silvexcraft Mateusz Wójcik Sp. k., headquartered in Tyczyn, ul. Orkana 5, 36-020 Tyczyn, NIP: 5170373027, REGON: 363361395, registered in the National Court Register under number 0000588340, hereinafter referred to as "GIORRE" or "Administrator". Contact regarding data protection is possible via email at: [email protected]

§4. PURPOSES AND LEGAL BASIS OF PERSONAL DATA PROCESSING

To provide services within the scope of our business, GIORRE processes your personal data for various purposes, always in accordance with the law. Below you will find the purposes of personal data processing along with their legal bases.

ACCOUNT REGISTRATION:

Persons registering at the GIORRE online store are asked to provide data necessary for account creation and management. Providing mandatory data is required to create and manage the account; optional data includes gender and date of birth. The data is submitted via the contact form available at www.giorre.com.

Personal data is processed:

  1. to provide services related to managing and maintaining an account – legal basis: necessity for the performance of a contract (Art. 6(1)(b) GDPR). Optional data: consent (Art. 6(1)(a) GDPR);
  2. for analytical and statistical purposes – legal basis: legitimate interest of the Administrator (Art. 6(1)(f) GDPR);
  3. to establish and pursue claims or defend against them – legal basis: legitimate interest of the Administrator (Art. 6(1)(f) GDPR);
  4. for marketing purposes – details described in the marketing and direct marketing sections.

USING THE SERVICE:

Personal data of all users of the Service (including IP address or other identifiers and information collected via cookies) is processed by the Administrator:

  1. to provide electronic services and content, including contact forms – legal basis: Art. 6(1)(b) GDPR;
  2. for complaint handling – legal basis: Art. 6(1)(b) GDPR; for analytics/statistics – Art. 6(1)(f) GDPR;
  3. to establish and pursue claims or defend against them – legal basis: Art. 6(1)(f) GDPR;
  4. for marketing purposes – details in marketing and direct marketing sections.

ORDERING:

Placing an order involves processing personal data. Providing mandatory data is required; failure to provide it prevents order completion.

  1. to execute the order – legal basis: Art. 6(1)(b) GDPR; optional data: Art. 6(1)(a) GDPR;
  2. to fulfill legal obligations (tax, accounting) – legal basis: Art. 6(1)(c) GDPR;
  3. for analytics/statistics – legal basis: Art. 6(1)(f) GDPR;
  4. to establish and pursue claims or defend against them – legal basis: Art. 6(1)(f) GDPR.

CONTACT FORM:

Using the contact form requires providing personal data necessary for identification and response.

  1. for identifying the sender and handling inquiries – legal basis: Art. 6(1)(b) GDPR;
  2. for analytics/statistics – legal basis: Art. 6(1)(f) GDPR.

MARKETING:

Personal data may be used for email notifications, direct marketing, profiling, geolocation, and third-party cookies.

§5. COOKIES

  1. GIORRE uses cookies on its website, similar to other entities. Cookies are small text files stored on your device and may be read by our system and third-party systems (e.g., Facebook, Google).
  2. Cookies serve various functions, including:
    1. security – authentication and prevention of unauthorized access;
    2. performance – smooth operation and retention of settings;
    3. session state – track page usage and errors;
    4. session maintenance – maintain login state;
    5. statistics – track user behavior via tools like Google Analytics;
    6. social features – pixels for Facebook, Instagram, Pinterest, YouTube, TikTok.
  3. Many cookies are anonymized and cannot identify you without additional information.
  4. Browsers may allow cookies by default. You may disable cookies, but some website functionality may be limited.

§6. WITHDRAWAL OF CONSENT

  1. You may withdraw consent to data processing at any time.
  2. To withdraw consent:
    1. send an email to [email protected];
    2. use the checkbox in the Customer Panel → “My Account” → “Personal Data”;
    3. click the link in an email.
  3. Withdrawal does not affect lawful processing prior to withdrawal.

§7. REQUIREMENT TO PROVIDE PERSONAL DATA

  1. Providing any personal data is voluntary and depends on your decision. However, in some cases, providing certain personal data is necessary to meet your expectations regarding the use of services offered by GIORRE.
  2. To fulfill your order, it is necessary to provide your email address — without it, we cannot send information regarding the order status.
  3. To receive your order, it is necessary to provide delivery address data — without it, we cannot deliver the order.
  4. To contact you, it is necessary to provide your phone number — without it, we cannot reach you regarding order inquiries, delivery, or significant changes in GIORRE’s offer.

§8. AUTOMATED DECISION-MAKING AND PROFILING

  1. For marketing purposes, the Administrator may use profiling, including geolocation and segmentation, to send offers or discount codes to Customers who have not placed orders since account registration. This involves automatic evaluation of factors to analyze behavior or make predictions.
  2. The Administrator may use heatmaps and session recordings to study user behavior. Information is anonymized before being sent to the service provider; passwords or other personal data are not recorded.

§9. RECIPIENTS OF PERSONAL DATA

  1. In the course of providing services, your personal data may be disclosed to external entities, including IT system providers, banks, payment operators, accounting, legal, audit, consulting services, couriers, marketing agencies, and entities related to the Administrator or business partners.
  2. With your consent, data may also be shared with other entities for their own purposes, including marketing.
  3. The Administrator reserves the right to disclose information to authorized authorities or third parties with a legal basis, ensuring careful review to prevent unauthorized disclosure.

§10. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Data protection outside the European Economic Area (EEA) may differ from EU law. Personal data is transferred outside the EEA only when necessary and with appropriate safeguards. You will always be informed if your data is to be transferred outside the EEA, e.g., when fulfilling orders outside the EEA.

§11. DATA RETENTION PERIOD

  1. We do not process personal data indefinitely. Data is retained only as long as necessary to achieve the purpose, after which it is permanently deleted or destroyed.
  2. If no further processing is required beyond storage (e.g., for order fulfillment), data is pseudonymized until deletion or destruction.
  3. Specific retention periods:
    1. for the duration of the contract — for data processed to perform the contract;
    2. 3 or 10 years + 1 year — for data processed to establish, pursue, or defend claims;
    3. 6 months — for data collected during service quotation without immediate contract conclusion;
    4. 5 years — for data related to tax obligations;
    5. up to 5 years — for data processed based on consent;
    6. up to 5 years — for data processed based on legitimate interest or for marketing;
    7. up to 3 years — for data processed for analytics, cookies, and website administration.
  4. Years are counted from the end of the year when data processing started to simplify deletion and destruction processes.
  5. The additional year for contract-related data accounts for potential late claims or misunderstandings about statute of limitations.

§12. DATA SUBJECT RIGHTS

  1. You have the right to:
    1. access your personal data;
    2. rectify personal data;
    3. delete personal data;
    4. restrict data processing;
    5. object to data processing;
    6. data portability.
  2. We respect these rights and facilitate their exercise to the fullest extent.
  3. These rights are not absolute; in some cases, we may legally refuse requests after careful consideration.
  4. Regarding objections to processing based on legitimate interests, we may refuse if:
    1. there are overriding legal grounds for processing;
    2. there is a legal basis for establishing, pursuing, or defending claims.
  5. You can also object to marketing processing at any time. Upon receiving your objection, we will cease processing for this purpose.
  6. You can exercise your rights by:
    1. sending an email to [email protected];
    2. clicking the link in the email received at the end of any message.

§13. RIGHT TO LODGE A COMPLAINT

If you believe your personal data is being processed unlawfully, you may lodge a complaint with the President of the Personal Data Protection Office.

§14. FINAL PROVISIONS

  1. Matters not regulated by this Privacy Policy are governed by personal data protection laws.
  2. You will be informed by email of any changes made to this Privacy Policy.
  3. This Privacy Policy is continuously reviewed and updated if necessary.
  4. This Privacy Policy is effective as of 22.09.2025.