Privacy Policy

Dear User!

We care about your privacy and want you to feel comfortable using our services. Therefore, below we present the most important information about how we process your personal data and the cookies used by our Store. This information has been prepared in accordance with the GDPR (General Data Protection Regulation).

PERSONAL DATA CONTROLLER

"AGRO-FISH" A LIMITED LIABILITY COMPANY with its registered office at ul. Żarnowiecka 2, 84-110 Kartoszyno, entered into the National Court Register - register of entrepreneurs by the DISTRICT COURT GDAŃSK-PÓŁNOC IN GDAŃSK, 8TH COMMERCIAL DIVISION OF THE NATIONAL COURT REGISTER, under the KRS number 0000018592, NIP (Tax Identification Number) 5871521650, REGON number 19210398100000.

If you wish to contact us regarding our processing of your personal data, please write to us at the following e-mail address: info@agro-fish.pl .

YOUR RIGHTS

You have the right to request:

Access to your personal data, including obtaining a copy of your data (Article 15 GDPR or – if applicable – Article 13 paragraph 1 letter f GDPR);
their rectification (Article 16 of the GDPR);
Deletion (Article 17 GDPR);
Restrictions on processing (Article 18 GDPR);
Transfer of data to another controller (Article 20 of the GDPR).

And also the law:

Object to the processing of your data at any time:
- For reasons related to your particular situation – in relation to the processing of your personal data based on Article 6(1)(f) of the GDPR (i.e. on our legitimate interests) (Article 21(1) of the GDPR);
- If personal data are processed for direct marketing purposes, to the extent that the processing is related to such direct marketing (Article 21(2) GDPR).

Please contact us if you wish to exercise your rights. You can object to our use of cookies (which you can read about below) by adjusting your browser settings.

If you believe that your data is being processed unlawfully, you may submit a complaint to the President of the Personal Data Protection Office.

PERSONAL DATA AND PRIVACY

Below you will find detailed information on the processing of your data depending on the actions you take.

1. Placing an order in the Store

For what purpose?
- Fulfillment of your order.
On what basis?
- Sales contract (Article 6, paragraph 1, letter b of the GDPR).
- Legal obligation, in particular related to accounting and product safety, obliging us to process your personal data (Article 6, paragraph 1, letter c, GDPR).
How long?
- For the duration of the above-mentioned contract.
- Until our legal obligations expire.
- Furthermore, your data will be processed until the expiry of the period during which claims can be pursued – by you or by us.
What happens if you do not provide your data?
- You will not be able to place an order.

2. Creating an account in the Store

For what purpose?
- Performance of the contract for the provision of account management services in the Store.
On what basis?
- Service provision contract (Article 6(1)(b) of the GDPR).
How long?
- For the duration of the above-mentioned contract.
- Furthermore, your data will be processed until the expiry of the period during which claims can be pursued – by you or by us.
What happens if you do not provide your data?
- You will not be able to create an account or use its features, such as viewing your order history or checking your order status.

3. Contacting us (e.g. to ask a question)

For what purpose?
- Handling your inquiries or reports.
On what basis?
- Contract or actions taken at your request to conclude it (Article 6(1)(b) of the GDPR) – if your inquiry or notification concerns a contract to which we are or may be a party.
- Our legitimate interest in processing your data for the purpose of communicating with you (Article 6(1)(f) of the GDPR) – if your inquiry or notification is not related to the contract.
How long?
- For the duration of the contract binding us or – if the contract is not concluded – until the expiry of the claims enforcement period.
- Furthermore, your data will be processed until the expiry of the period during which claims can be pursued – by you or by us.
What happens if you do not provide your data?
- We will not be able to respond to your inquiry or request.

Depending on which is applicable in a given case.

4. Browser settings or other similar action allowing analytical activities

For what purpose?
- Analyzing how you use and navigate the Store's website in order to improve its functionality.
- (You can read more about this in the "Analytical Activities" and "Cookies" sections of the Privacy Policy).
On what basis?
- Our legitimate interest in processing data for the purpose stated above (Article 6, paragraph 1, letter f of the GDPR).
How long?
- Until cookies used for analytical purposes expire or are deleted by you.
What happens if you do not provide your data?
- We will not take into account your use and navigation of the Store website in our development work.

5. Subscribing to the newsletter

For what purpose?
- Sending a newsletter
- Analysis of the effectiveness of the content we send for the purpose of sending the newsletter.
- Establishing general principles for effective messaging in our business.
- (You can read more about this in the “Analytics” section of the Privacy Policy.)
On what basis?
- Agreement on the provision of newsletter sending services (Article 6, paragraph 1, letter b of the GDPR).
- Our legitimate interest in processing data for the purpose stated above (Article 6, paragraph 1, letter f, GDPR).
How long?
- Until you unsubscribe from our newsletter.
- Until we take into account your objection to processing.
- Furthermore, your data will be processed until the expiry of the period during which claims can be pursued – by you or by us.
- (See the last table in this section for more information.)
What happens if you do not provide your data?
- You will not be able to receive information regarding the Store and our services.

6. Taking action or omitting action that may give rise to claims related to the Store or our services

For what purpose?
- Establishing, pursuing or defending possible claims related to the concluded contract or the services provided.
On what basis?
- Our legitimate interest in processing personal data for the purpose indicated above (Article 6, paragraph 1, letter f of the GDPR).
How long?
- Until the expiry of the limitation period for claims or until we take into account your objection to processing*.
What happens if you do not provide your data?
- Inability to establish, pursue or defend claims.
Depending on which is applicable in a given case.

DATA PUBLISHING

If you decide to post a comment, its content and your signature will be visible to other users of the Store.

We do not disclose your email address to other users – unless you do so yourself.

ANALYTICAL ACTIVITIES

As part of the Store website, we conduct analytical activities aimed at increasing its intuitiveness and accessibility – this will only happen to you if you allow such activities.

As part of our analysis, we'll consider how you navigate the Store—for example, how much time you spend on a given subpage or where you click within the Store. This will allow us to optimize its layout, appearance, and content as we develop the Store to improve its functionality.

Additionally, if you opt in to receive our newsletter, we may analyze the effectiveness of our mailings. For example, we may check whether and how they impacted activity on our Store. Such activities will help us establish general guidelines for sending this type of email across our business, such as optimal mailing times and how to formulate effective content.

DATA SECURITY

When processing your personal data, we use organizational and technical measures in accordance with applicable law, including connection encryption using an SSL/TLS certificate.

COOKIES

Our Store, like most websites, uses cookies. These files:
- are saved in the memory of your device (computer, telephone, etc.);
- they do not change the settings of your device.
In this Store, cookies are used for the following purposes:
- statistical.
To learn how to manage cookies, including how to disable them in your browser, you can consult your browser's help file. You can access this information by pressing the F1 key in your browser. You can also find relevant instructions on the following subpages, depending on the browser you are using:
- Google Chrome
- Opera
- Safari
- Mozilla Firefox
- Microsoft Edge

COOKIES

Below you will find information about the functions of the cookies we process and their validity periods:

_ab – 1 year – Used to control when the admin bar is displayed on the store.
_abv – 1 year – Persists the collapsed state of the admin bar.
_checkout_queue_token – 1 year – Used when there is a queue during checkout.
_cmp_a – 1 day – Used to manage client privacy settings.
_identity_session – 2 years – Contains the user identity session ID.
_master_udr – session duration – Persistent device identifier.
_pay_session – session duration – Rails session cookie for Shopify Pay.
_secure_account_session_id – 30 days – Used to track customer sessions for new customer accounts.
_session_id – 2 years – Used for reporting and analysis
_shopify_country – 30 minutes – For Plus stores where the country/currency is determined by GeoIP. Helps avoid subsequent GeoIP queries after the initial request.
_shopify_essential – 1 year – Contains information necessary for the proper operation of the store, e.g. session, order information and security data.
_storefront_u – 1 minute – Allows you to update customer account information.
_tracking_consent – 1 year – Stores user privacy preferences if set by the merchant.
auth_state_<> – 25 minutes – Stores authentication state before redirecting the client to an external login provider.
card_update_verification_id – 20 minutes – Supports verification when a customer returns to Shopify after completing 3D Secure.
cart – 14 days – Contains information about the user's cart.
cart_currency – 14 days – Used after checkout to create a new empty cart with the same currency.
cart_sig – 14 days – A hash of the cart contents. Used to verify cart integrity and improve performance.
cart_ts – 14 days – Used in connection with order fulfillment.
checkout – 21 days – Used in connection with order fulfillment.
checkout_prefill – 5 minutes – Encrypts and stores URL parameters containing personal information for use in cart links.
checkout_session_lookup – 21 days – Used in connection with order fulfillment.
checkout_session_token_<> – 21 days – Used when creating a server-side shopping session.
checkout_token – session duration – Records the visitor's landing page when arriving from another site.
customer_account_locale – 1 year – Tracks the language settings of a customer account during redirects between the store and the account.
customer_payment_method – 60 minutes – Stores the payment method updated in subscriptions.
customer_shop_pay_agreement – 20 minutes – Helps verify a new payment method in Shop Pay.
device_fp_id – session duration – Device identifier to help prevent fraud.
device_id – session duration – Device session identifier, also used to prevent fraud.
discount_code – session duration – Stores the discount code received from the link to be used for the next order.
dynamic_checkout_shown_on_cart – 30 minutes – Adjusts the checkout process depending on the type of process.
hide_shopify_pay_for_checkout – session duration – Set when the customer closes the Shop Pay login window.
identity-state – 1 day – Stores the state before redirecting to authentication.
identity-state-<> – 1 day – As above – for a specific identifier.
identity_customer_account_number – 84 days – Stores the login ID between the customer account and the store.
keep_alive – session duration – Determines whether a given request is the first in a session with international domain redirection enabled.
locale_bar_accepted – session duration – Remembers whether the client accepted the geolocation notification.
locale_bar_dismissed – 1 day – Remembers whether the client closed the geolocation notification.
localization – 14 days – Localizes the cart to the appropriate country.
logged_in – 84 days – Indicates that the client is logged in.
login_with_shop_finalize – 5 minutes – Makes logging in via Shop easier.
master_device_id – 1 year – Persistent device identifier.
order – 21 days – Allows access to order details on the details page.
pay_update_intent_id – 20 minutes – Stores the Shop Pay payment update ID needed for verification.
preview_theme – session duration – Indicates whether the theme is currently being previewed.
previous_checkout_token – 1 year – Fills in the details for the next order based on the previous one.
previous_step – 1 year – Used in connection with order fulfillment.
profile_preview_token – 5 minutes – To preview the customization of order fulfillment.
receive-cookie-deprecation – session duration – Set by Google in connection with the deprecation of third-party cookies.
remember_me – 1 year – Allows you to remember your data for your next order.
secure_customer_sig – 1 year – Identifies the user after logging in so they don't have to log in again.
shopify-editor-unconfirmed-settings – 960 minutes – Stores changes made by the merchant in the editor.
storefront_digest – 1 year – Stores a hash of the password for your password-protected store, allowing you to preview it.
tracked_start_checkout – 1 year – Used in connection with the start of an order.
user – 1 year – Used in connection with logging in via Shop.
user_cross_site – 1 year – Used in connection with logging in via Shop.
wpm-domain-test – session duration – Tests the performance of Shopify Web Pixel Manager on a domain.
_landing_page – 14 days – Records the visitor's landing page when they come from other sites.
_orig_referrer – 14 days – Allows the merchant to identify the source of user traffic.
_shopify_ga – Session Duration – Contains Google Analytics parameters for cross-domain measurement.
_shopify_s – 30 minutes – Used to identify the browser and store combination. Expires 30 minutes after last use.
_shopify_sa_p – 30 minutes – Records the landing page of a visitor who came from another site for marketing analytics purposes.
_shopify_sa_t – 30 minutes – Records the landing page of a visitor who came from another site for marketing analytics purposes.
_shopify_y – 1 year – Shopify Analytics.
checkout_one_experiment – Session Duration – Used when the order fulfillment qualifies for “Checkout One” and the customer has been assigned to a control or test group.
shop_analytics – 1 year – Contains required customer information for analytical purposes in the Shop application.
unique_interaction_id – 10 minutes – Used to measure order fulfillment data.

Using the appropriate options in your browser, you can at any time:

delete cookies,
block the use of cookies in the future.

In such cases, we will no longer process it.

EXTERNAL SERVICES / DATA RECIPIENTS

We use the services of external entities to support our business. We entrust them with the processing of your data – these entities process data only upon our documented instructions.

Below you will find a list of recipients of your data:

Action: Any action in connection with the Store
Data recipients: Persons cooperating with us on the basis of civil law contracts, supporting our current activities
Outside the European Union: No place
Action: Using the Store
Data recipients: Sales software provider
Outside the European Union: No place
Action: Visiting the Store website with settings that allow marketing activities
Data recipients: Entity providing marketing services
Outside the European Union: No place
Action: Visiting the Store website with settings that allow analytical activities
Data recipients: Entity enabling analytical activities on the website
Outside the European Union: No place
Action: Placing an order in the Store
Data recipients:
– Payment provider
– The entity supplying the product to you
– Provider of software that facilitates business operations (e.g. accounting software)
– Provider of standard office software (including email boxes)
– Accounting office
Outside the European Union: No place
Action: Contact us (e.g. ask a question)
Data recipients: Provider of standard office software (including e-mail boxes)
Outside the European Union: No place