Frellux™ by Zepter

Privacy Policy

I .Firstly,

We invite you to read our Privacy Policy, which indicates the rules of processing of your personal data by us. The Privacy Policy (hereinafter: PP) applies to all our online services, including the ones at www.frellux.com

II.  Personal data controller

The personal data controller is Zepter International Poland sp. z o.o. (hereinafter: Zepter INTL Poland), a company registered in the register of entrepreneurs kept by the District Court for the capital city of Warsaw in Warsaw, XIII Commercial Department of the National Court Register, KRS 0000107635, NIP 5260200187, REGON 011524677, share capital: PLN 224,500.

Contact:
address: ul. Domaniewska 37, 02- 672 Warsaw (Poland)
Phone No.: (22) 565 84 84, (22) 565 80 00 / Helpline (22) 230 99 40 (international charges may apply)
E-mail: frellux@zepter.com.pl

III.    Data Protection Officer (DPO)


The DPO of Zepter International Poland sp. z o.o. is Mrs. Justyna Buzała, who can be contacted by email: iod@zepter.com.pl, or traditionally – by post to the following address: IOD Zepter INTL Poland, ul. Domaniewska 37, 02-672 Warsaw (Poland).


IV.    Purpose of personal data processing and legal basis

Your personal data will be processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: the “GDPR”) in order to/for:

a)       enable an online contact form service [Article 6 (1) (f) of the GDPR] – for the time necessary to settle your case, including sending marketing information about products or services selected by you, no longer than for 6 months after settling the matter for archiving purposes or until the claims are time barred as indicated in the applicable law,

b)  enable a chat service [Article 6 (1) (f) of the GDPR] – for the time necessary to settle your case, including sending marketing information about products or services selected by you, no longer than for 6 months after settling the matter for archiving purposes or until the claims are time barred as indicated in the applicable law,

c)  enable an online marketing form service, including the “callback” type [Article 6 (1)(a) of the GDPR] – in case of a consent granted to marketing contact using the medium indicated by you for a one-time marketing contact – a telephone number or e-mail – given by you, until you are contacted by Zepter INTL Poland or you withdraw your consent (depending on whichever comes first). You can withdraw the consent at any time, without affecting the processing based on consent before such withdrawal,

d)  conclude and perform an Agreement or take steps at the request of the data subject prior to entering the Agreement [Article 6 (1)(b) of the GDPR] – until the given activity is provided,

e)  fulfil legal obligations incumbent on Zepter INTL Poland, e.g. issuance and storing invoices and other accounting documents, preparing tax information, documenting and keeping settlements of public law receivables [Article 6(1)(c) of the GDPR] – for the period indicated in the relevant provisions of law,

f)  establishment, defence and enforcement of claims [Article 6(1)(f) of the GDPR] – for the period of limitation of claims indicated in the relevant provisions of law,

g)  creation of summaries, analyses and statistics for internal purposes of Zepter INTL Poland – due to our legitimate interest [Article 6 (1)(f) of the GDPR] – until Zepter INTL Poland takes into account a justified objection or until objection is raised,

h) transfer of marketing content electronically [Article 6 (1) (a) of the GDPR] – by e-mail (Newsletter) and/or by phone by Zepter INTL Poland [Article 6 (1) (a) of the GDPR in conjunction with  398 Electronic Communication Law – in case of giving a separate consent, e.g. by subscribing to Newsletter and/or expressing a separate consent to marketing telephone contact, until its withdrawal. The consent may be withdrawn at any time, without affecting the processing based on consent before such withdrawal.

Personal data, in case of collecting them directly from the data subject, are provided on a voluntary basis.


V.     To whom we transfer personal data

  1. The recipients of personal data may be entities from the group of enterprises within the meaning of the GDPR, which includes the Controller and entities/persons cooperating with us in the implementation of the objectives indicated in point 4 above.
  2. If case of transfer data outside the European Economic Area (hereinafter: EEA), use the tools of entities that have their registered office outside the EEA or that may store data outside the EEA, (your personal data will not be transferred to international organizations), we will apply all legally available protection measures (e.g. provided for in Article 46 of the GDPR) to secure such transfer of data. The transfer of data outside the EEA may take place on the basis of the exceptions provided for in Article 49 of the GDPR, provided that the conditions set out in this article apply. Information on the safeguards used can be obtained by contacting our DPO or us directly.

VI.    Use of Third-Party Cookies

This Cookie Policy explains how Zepter International Poland sp. z o.o. (“we”, “us”, or “our”) uses cookies and similar technologies on our website www.frellux.com.pl

We use cookies to ensure the website functions properly, enhance your browsing experience, and deliver targeted marketing and analytics. By using our site, you agree to the use of cookies as outlined in this policy.

1. What are cookies?

Cookies are small text files placed on your device (computer, smartphone, or tablet) by websites you visit. They are widely used to make websites work, or work more efficiently, and to provide reporting information.

2. Types of cookies we use:

We use the following categories of cookies:

           a. Strictly Necessary Cookies

These cookies are essential for the website to function and cannot be switched off. They include, for example, cookies that enable you to log in, use a shopping cart, or fill in secure forms.

          b. Performance and Analytics Cookies

These cookies collect information about how visitors use the site, such as the number of visitors and which pages are visited most often. We use these to improve how our website works.

  • Tool used: Google Analytics
  • Data collected may include IP address, browser type, session duration, visited pages.

View:  Google Privacy Policy

         c. Marketing and Advertising Cookies

These cookies track your browsing habits to enable us to show you ads relevant to your interests across social media and other websites.

  • Tools used: Meta Pixel (Facebook/Instagram)
  • Purpose: Conversion tracking, audience retargeting, and ad optimization.

View: Meta Privacy Policy

        d. Functionality Cookies

These cookies allow the website to remember your choices (e.g. language, currency, region) and provide enhanced, more personalized features.

3. How to manage your cookie preferences

When you first visit our site, a cookie banner gives you the option to accept or customize your preferences. You may change your cookie settings at any time by:

  • Clicking on the “Cookie Preferences” link in the footer of our website
  • Adjusting your browser settings to block or delete cookies

Please note that blocking some types of cookies may impact your experience on the website.

4. Retention Period

Cookies may be session-based (deleted when you close your browser) or persistent (stored on your device for a specified period). The retention period varies depending on the cookie’s purpose and provider.

5. Changes to this Cookie Policy

We may update this Cookie Policy to reflect changes in our technology or legal requirements. Any updates will be posted on this page with a new “Effective Date”.

VII.  Your rights

As a data subject, you have the following rights in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR):

1.     Right of access – You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to your data and related information (such as the purposes of processing, categories of data, recipients, and planned storage periods).

2.      Right to rectification – You have the right to request correction or completion of inaccurate or incomplete personal data.

3.      Right to erasure (“right to be forgotten”) – You may request the deletion of your personal data, in particular when:

o   the data is no longer necessary for the purposes for which it was collected,

o   you withdraw your consent (if consent was the legal basis),

o   you object to the processing and there are no overriding legitimate grounds,

o   the data has been unlawfully processed,

o   erasure is required to comply with a legal obligation.

4.     Right to restriction of processing – You may request restriction of processing when:

o   the accuracy of your personal data is contested – for a period allowing us to verify the accuracy,

o   the processing is unlawful, and you oppose deletion,

o   we no longer need your data for processing purposes, but you require it for the establishment, exercise or defence of legal claims,

o   you have objected to processing – pending verification whether our legitimate grounds override yours.

5.     Right to data portability – Where processing is based on your consent or on a contract, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller, where technically feasible.

6.     Right to object – You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is based on our legitimate interests. You may also object at any time to the processing of your data for the purposes of direct marketing.

7.     Right to withdraw consent – Where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before the withdrawal.

8.        Right to lodge a complaint – If you believe that your personal data has been processed unlawfully or in violation of your rights, you have the right to lodge a complaint with the relevant supervisory authority. In Poland, this is the President of the Personal Data Protection Office (UODO).

VIII. Right to object

In addition to the rights set out above, you have the right to object, at any time and on grounds relating to your particular situation, to the processing of your personal data which is based on our legitimate interests (Article 6(1)(f) GDPR), including for profiling purposes.

You also have the right to object at any time to the processing of your personal data for the purposes of direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

IX. Right to lodge a complaint

If you believe that the processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with a supervisory authority.

In Poland, the competent supervisory authority is:

President of the Personal Data Protection Office (UODO)
ul. Stawki 2, 00-193 Warsaw, Poland
Website: https://uodo.gov.pl

We encourage you to contact us first so that we can try to resolve your concern directly.

X. The act referred to in here

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ UE L 2016 No. 119, p. 1)

XI. Children’s Privacy – COPPA Compliance

Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal data from children under 13 years of age. If we become aware that we have inadvertently collected personal data from a child under the age of 13 without verifiable parental consent, we will take immediate steps to delete such data.

If you are a parent or legal guardian and believe that your child under the age of 13 may have provided us with personal data, you have the right to contact us by email at:
frellux@zepter.com.pl

Zepter INTL Poland is committed to complying with the Children’s Online Privacy Protection Act (COPPA) and ensuring the safety and privacy of minors online.

XII. California Privacy Rights – CCPA/CPRA Compliance

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These rights include:

  • The right to know what personal information we collect, use, disclose, or sell.
  • The right to request deletion of your personal information.
  • The right to opt out of the sale or sharing of your personal information.
  • The right to correct inaccurate personal information.
  • The right to limit the use of sensitive personal information.
  • The right not to be discriminated against for exercising your privacy rights.

We do not sell personal information in exchange for monetary compensation, but we may share certain information with third parties for analytics and marketing purposes, as described in this policy.

To exercise your rights under the CCPA/CPRA, or to request more information, please contact us at:
Email: frellux@zepter.com.pl
Phone: +48 22 230 99 40 (international charges may apply)

If you are a California resident and would like to submit a request, you may also use the contact form on our website. We may verify your identity before processing any such request.

XIII. Jurisdictional Clarity

This Privacy Policy is intended to apply globally, but certain rights and obligations may vary depending on your place of residence. If you are a resident of the United States, particularly California, please refer to the “California Privacy Rights” section for additional information. Residents of other U.S. states may also have privacy rights under applicable state laws, such as the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), and others.

XIV. Use of Sensitive Personal Information

Under the California Privacy Rights Act (CPRA), certain data is considered ‘sensitive personal information.’ We may collect and process the following categories of sensitive personal information:
– Government identifiers (e.g., national ID, tax ID)
– Account log-in credentials
– Precise geolocation data
– Racial or ethnic origin
– Health or biometric data
– Contents of user communications (e.g., customer service chats)

We only use this information for legitimate business purposes such as providing services, preventing fraud, and ensuring security. You have the right to limit the use or disclosure of your sensitive personal information. To exercise this right, please contact us at : frellux@zepter.com.pl

XV. Do Not Track Signals

Some browsers offer a “Do Not Track” (DNT) feature that signals your preference not to be tracked across websites. Currently, we do not respond to DNT signals, as there is no industry standard for compliance. We will continue to monitor developments and update this policy accordingly.

XVI. Data Retention (U.S. Residents)

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. The retention period varies based on the type of data, the purpose of processing, and applicable legal requirements. Upon request, we can provide more information regarding our data retention policies.

XVII. Sharing with Third Parties (U.S. Residents)

We may share your personal information with third parties for the purposes outlined in this policy, including marketing, analytics, and customer support. The categories of personal information we may share include:
– Identifiers (e.g., name, email, IP address)
– Internet or electronic activity (e.g., page views, session data)
– Commercial information (e.g., purchase history)

These disclosures may be considered a “sale” or “sharing” under California law, even if no money is exchanged. You have the right to opt out of such practices.

To opt out of the sale or sharing of your personal information, please click “Do Not Sell or Share My Personal Information” on our website.

XVIII. Other U.S. State Privacy Rights

If you reside in Virginia, Colorado, Connecticut, or other U.S. states with consumer privacy laws, you may have the right to:
– Access the personal data we collect about you
– Correct inaccuracies in your data
– Delete your personal data
– Opt out of targeted advertising and data sales

To exercise these rights, please  email frellux@zepter.com.pl.

We may need to verify your identity before processing your request.