PRIVACY POLICY AND COOKIES POLICY

This Privacy Policy explains how Montresor sp. z o.o. (“we”, “us”, “our”) processes your personal data when you use the online store available at https://montresor.pl, including placing orders, creating an account, subscribing to the newsletter, contacting us, and browsing the website.

We respect your privacy and process your data in accordance with the General Data Protection Regulation (GDPR) and other applicable laws.

1. DATA CONTROLLER

The controller of your personal data is:

Montresor sp. z o.o.
ul. Mokotowska 71, unit 101
00-535 Warsaw, Poland
Email: tomasz@montresor.pl
Phone: +48 790 794 810

2. WHAT DATA WE PROCESS

We may process the following categories of personal data:

A. Data provided during the purchase process

  • First and last name

  • Address (shipping and billing)

  • Phone number

  • Email address

  • Payment information (no full card numbers are processed by us — handled by Stripe/Tpay)

B. Data provided when creating an account

  • Account login and password (encrypted)

  • Order history

  • Saved addresses

C. Newsletter subscription

  • Email address

D. Contact via email or forms

  • Name

  • Email address

  • Contents of your message

E. Technical data (collected automatically)

  • IP address

  • Device information

  • Browser type

  • Cookie identifiers

  • Analytics data (Google Analytics 4, Tag Manager)

3. PURPOSES AND LEGAL BASIS FOR PROCESSING

We process your data for the following purposes:

A. Order fulfillment

Processing necessary to perform a contract (Art. 6(1)(b) GDPR).
Includes: payment processing, delivery, returns, complaints.

B. Account management

Processing necessary to provide the account service (Art. 6(1)(b) GDPR).

C. Handling returns and withdrawal from the contract

Legal obligation (Art. 6(1)(c) GDPR).

D. Sending operational emails

(order confirmation, shipment updates, etc.)
Processing necessary to perform the contract.

E. Newsletter and marketing communication

Based on your consent (Art. 6(1)(a) GDPR).
You can withdraw consent at any time.

F. Website analytics and statistics

Legitimate interest (Art. 6(1)(f) GDPR) – improving functionality and user experience.

G. Security, fraud prevention, and abuse monitoring

Legitimate interest (Art. 6(1)(f) GDPR).

4. DATA RETENTION PERIODS

  • Order data: 6 years (legal tax/accounting obligation).

  • Account data: until you delete your account.

  • Newsletter data: until you withdraw consent.

  • Complaint/returns data: for the duration of the claim + 1 year.

  • Cookie and analytics data: up to 24 months, depending on settings.

5. DATA RECIPIENTS

Your data may be shared with:

A. Payment providers

  • Stripe

  • Tpay

  • Bank transfer operators

B. Delivery companies

  • Courier companies

  • Postal services

  • Local pickup point personnel (Montresor boutique)

C. Service providers

  • Web hosting provider

  • IT support

  • Email service providers

  • Google Analytics / Tag Manager (statistics)

All partners process data under GDPR-compliant agreements.

We do not sell your personal data.

6. TRANSFERS OUTSIDE THE EEA

Some technical data (e.g., analytics) may be processed outside the EEA, e.g. by Google or Stripe.

In such cases, data is protected by:

  • Standard Contractual Clauses (SCCs),

  • GDPR-compliant safeguards.

7. YOUR RIGHTS UNDER GDPR

You have the right to:

  1. Access your data

  2. Correct your data

  3. Delete your data (“right to be forgotten”)

  4. Restrict processing

  5. Transfer your data

  6. Object to processing

  7. Withdraw your marketing consent at any time

To exercise your rights, contact:
tomasz@montresor.pl

If you believe your data is processed unlawfully, you may lodge a complaint with the Polish Data Protection Authority (UODO).

8. COOKIES POLICY

Our website uses cookies:

A. Essential cookies

Required for:

  • shopping cart

  • checkout

  • maintaining user sessions

Cannot be disabled.

B. Functional cookies

Enhance browsing experience.

C. Analytics cookies

Google Analytics 4
(only used if the user accepts cookies, depending on consent settings).

D. Marketing cookies

Used to tailor ads and measure effectiveness
(only activated with user consent).

You can manage cookies via:

  • your browser settings

  • cookie banner on our website

9. SOCIAL MEDIA

If you interact with us on Instagram, Facebook, or YouTube, your data is also processed by those platforms based on their own terms and privacy settings.

10. SECURITY MEASURES

We apply:

  • encrypted SSL connections

  • password hashing

  • restricted server access

  • up-to-date security measures for WordPress and plugins

  • secure payment gateways (Stripe/Tpay)

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy to reflect legal or operational changes.
The updated version will always be available at:
https://montresor.pl

12. CONTACT

For all matters related to personal data:

Montresor sp. z o.o.
Email: tomasz@montresor.pl
Address: ul. Mokotowska 71, unit 101, 00-535 Warsaw

Shopping Basket
Przewijanie do góry