Privacy Policy

We may collect certain personal data of Users of our Website, including in particular:

• Personal data necessary for the conclusion and performance of the contract: first name, last name, telephone number, e-mail address, home address;
• Data necessary for telephone and e-mail communication: first name, last name, telephone number, e-mail address;
• Data necessary for the transmission of marketing content: e-mail address, telephone number;
• Payment data – e.g., bank account number, payment status, invoices, information about the use of the selected payment operator or payment in installments, payment details provided by the user;
• Account data – e.g., login details, including email address, and other information provided as part of the account;
• Data concerning shipment and services – e.g., shipment reference number, information about its route, location data, shipment status, place of delivery, type of packaging, number of items, weight, photo of the shipment;
• Data about you and your preferences – e.g., number of shipments, complaints, purchase history and related commercial activities, communication, survey information, purchasing preferences;
• Automatically generated data – e.g., IP address, unique device or user ID, type of system and browser, websites visited, clickstream information, and device location.
• Social media data - Tokko administers profile pages (also known as “fan pages”) on social media (e.g., Instagram). If you contact us directly via social media profiles or use social media features integrated with our services and have a profile on a given social media platform, we may receive data from the social media platform administrator that allows us to identify you.

In accordance with the GDPR, the use of personal data must always have a legal basis. We use Users' personal data only to the extent necessary to achieve the purpose of processing. Users' personal data may be used for the following purposes:

• To prepare and perform a contract (Article 6(1)(b) of the GDPR);
• In the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), which is:
  - Maintaining telephone and email contact;
  - Sending marketing content requested by the User;
  - Ensuring the stability and security of the Website and its Users;
  - Managing the Website and improving it for optimal browsing by the User;
  - Establishing, pursuing, and defending claims, as well as protecting against possible claims.
• In order to comply with legal and regulatory obligations applicable to the Administrator (Article 6(1)(c) of the GDPR).

The User has the right to request access to their personal data and obtain information about it, update, correct or delete their personal data, restrict processing or object (for legitimate reasons) to the processing of their personal data, and the right to transfer data, to the extent limited by law, including Art. 12-22 of the GDPR.

Every person has the right to lodge a complaint with the competent supervisory authority, which in Poland is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw) if they consider that the processing of personal data is unlawful.

To exercise your rights, please contact us at:

Email: contact@tokko.design.

Postal address: TOKKO sp. z o.o., ul. Romana Dmowskiego 85, 60-204 Poznań.

Personal data is stored in a form that allows identification for no longer than is necessary for the purposes for which the personal data was collected.

In particular:

Personal data is stored in a form that allows identification for no longer than is necessary for the purposes for which the personal data was collected.

In particular:

1. Data provided in connection with correspondence and telephone contact are stored for the period necessary to respond and then for the period of limitation of claims.
2. Data processed for the performance of a contract will be processed for the duration of the contract and then for the period of limitation of claims.
3. Data collected for the purpose of providing marketing content requested by the User will be stored until the User opts out of receiving such content.
4. Personal data processed for the purpose of establishing, pursuing and defending claims shall be stored for the limitation period applicable to individual claims.
5. Data collected automatically for statistical purposes when using the Website shall be stored for the duration of the individual cookies.

We have implemented appropriate and reasonable technical and organizational security measures to store the personal data we collect and to keep it confidential and to protect it from unauthorized or unlawful disclosure or access, accidental loss, destruction, alteration, or damage, taking into account the state of the art and the costs of implementation.

Personal data will only be available to a limited list of recipients on a restricted access basis or when required by law, including, but not limited to: Suppliers and service providers acting as subcontractors of the Administrator, in particular entities responsible for managing the Website, which may have access to Users' personal data to the extent necessary, advisory and support entities, logistics companies.

Some data recipients may be located outside the European Economic Area, which does not provide an adequate level of protection (“third country”). In any case, such transfer shall only take place with appropriate safeguards in place for such data processing, including, but not limited to, the use of Standard Contractual Clauses approved by the European Commission or other measures in accordance with Chapter V of the GDPR.

In order to create your profile for marketing purposes and to direct direct marketing tailored to your preferences, the Administrator will process your personal data in an automated manner, including profiling, but this will not have any legal effects on you or similarly significantly affect your situation.

The scope of the personal data profiled corresponds to the scope indicated above in relation to the analysis of your activity in the Store and the data you save in your Account.

The legal basis for the processing of personal data for the above purpose is Article 6(1)(f) of the GDPR, according to which the Administrator may process personal data for the purposes of its legitimate interests, in this case marketing activities tailored to the preferences of recipients. The provision of the above personal data is voluntary, but necessary for the fulfillment of the above purpose (failure to provide such data will result in the inability of the Administrator to conduct marketing activities tailored to the preferences of recipients).

The Administrator will process personal data for the purpose of profiling until an objection is effectively lodged or the purpose of processing is achieved.

The website uses cookies. Cookies are IT data (small text files) saved and stored by your web browser on your device.

The website only uses necessary cookies, i.e., cookies necessary for the proper functioning of the Website.

Cookies do not cause any configuration changes to end devices or the software on those devices. The purpose of cookies is to identify the computer and browser that the device used to view, for example, our website.