Privacy policy

1. This Privacy Policy defines principles of gathering, processing and using personal data obtained by website (hereinafter referred as “the Online Shop”).

2. The Online Shop is owned by AGRODOCTOR-PL sp. z o.o. with its registered seat in Krakow (30-081), ul. Królewska 65A/1, NIP (Tax ID. No.): 6772384564, REGON (National Business Registry No.): 360226120, entered in the Register of Entrepreneurs kept by the District Court for the Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Commercial Division of the National Court Register under the KRS number 0000533050, with share capital in the amount of 50.000 PLN; e-mail:, hereinafter referred to as, who is also the Personal Data Administrator.

3. Personal data collected by via the Online Shop are processed in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/WE (general regulation on data protection), also known as the GDPR.

4. makes special care to respect the privacy of customers visiting the Online Shop.

Article 1 - The type of data being processed, the objectives and the legal basis.

1. collects data on individuals who perform legal actions that are not directly related to their activity, individuals conducting business or professional activity on their own behalf as well as individuals representing legal persons or organizational units that are not legal entities to whom the act grants legal capacity, hereinafter reffered to collectively as Customers.

2. Customer personal data are collected in case of:

a) registering an account in the Online Shop to create indiwidual account and manage it. Legal basis: Necessity to perform the contract for the provision of the Account service (Article 6 (1) (b) of the GDPR).  

b) making order in the Online Shop to perform contract of sale. Legal basis: Necessity for the performance of the contract of sale (Article 6 (1) (b) of the GDPR).

3. In case of a registration of an Account in the Website, a User shall provide following data:

a) e-mail address;

b) Firstname and Lastname.

4. During the Registration the Customer shall establish an individual Password to access their account. The Customer can change the password at a later time, as described in Article 5.

5. In the case of ordering in the Online Shop, Customer provides the following information:

a) e-mail address;

b) address data:

a. post code and city, region;

b. country;

c. street and house/flat number.

c) Firstname and Secondname;

d) phone number;

6. In the case of Entrepreneurs above the data range is further extended by:

a) the company name;

b) Business Tax;

c) TIN number.

7. During the Online Shop browsing additional information may be collected such as IP address assigned to your computer or external IP address of your ISP's, domain name, browser type, time of access, the type of operating system.

8. Moreover, also Navigational Data may be collected from the Users, including information on links and hyperlinks that they decide to click or other activities performed at our Online Shop. Legal basis - a legitimate interest (Article 6 (1) (f) of the GDPR), consisting in facilitating the use of electronic services and improving the functionality of these services.

9. In order to determine, investigate and enforce claims, certain personal data provided by the Customer may be processed as part of using the functionality in the Online Shop, such as: name, surname, data on the use of services, if the claims result from the manner in which the customer uses the services , other data necessary to prove the existence of the claim, including the extent of the damage suffered. Legal basis - a legitimate interest (Article 6 (1) (f) of the GDPR), consisting in determining, pursuing and enforcing claims and defending against claims in proceedings before courts and other state authorities.

10. The transfer of personal data to is voluntary, in connection with concluded sales contracts or provision of services via the Online Shop website, however with the reservation that failure to specify in the data forms in the Registration process prevents registration and establishment of the Customer Account, and in If you place an order without registering your customer account, you will not be able to place and process your order.

Article 2 - Who are the data shared or entrusted to and how long are it stored?

1. The Customer's personal data is provided to service providers used by when running the Online Shop. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, or are subject to's instructions as to the purposes and methods of processing such data (processors) or independently define the purposes and methods of their processing (administrators).

a) Processors. uses suppliers who process personal data only at the request of These include providers providing hosting services, accounting services, providing marketing systems, systems for analyzing traffic in the Online Shop, systems for analyzing the effectiveness of marketing campaigns; client support systems;

b) Administrators. uses suppliers who do not act solely on instructions and set the goals and methods of using personal data of clients. They provide electronic and bank payment services.

2. Location. Service providers are based mainly in Poland and other countries of the European Economic Area (EEA).

3. Customers' personal data is stored:

a) If the basis for the processing of personal data is consent then the personal data of the customer are processed by until the consent is canceled, and after the consent has been withdrawn for a period of time corresponding to the period of limitation of claims that may raise and what can be raised to him. Unless a special rule provides otherwise, the period of limitation is ten years, and for claims for periodic benefits and claims related to running a business - three years.4. Navigational Data may be used to provide better services for Users, perform analyses of statistical data and adjust the Website to Users’ preferences and to administer with the Website.

b) If the basis for data processing is performance of the contract, then the personal data of the customer are processed by as long as it is necessary to perform the contract, and after that time for a period corresponding to the period of limitation of claims. Unless a special rule provides otherwise, the period of limitation is ten years, and for claims for periodic benefits and claims related to running a business - three years.

4. If a purchase is made in the Store, personal data may be transferred to the courier company in order to deliver the ordered goods.

5. The navigation data can be used to provide customers with better service, statistical data analysis and adaptation of the Online Shop to customer preferences, as well as the administration of the Online Shop.

6. In the case of a request, provides personal data to authorized state bodies, in particular organizational units of the Prosecutor's Office, the Police, the President of the Office for Personal Data Protection, the President of the Office of Competition and Consumer Protection, or the President of the Office of Electronic Communications.

Article 3 - Cookies mechanism, IP address

1. The Website uses small files called cookies. They are recorded by Website on a computer of a visitor to the Online Shop, if a web browser allows so. Cookie file usually contains a name of domain, where it comes from, its expiry time and an individual random number that identifies such file. Information collected by means of such type of files allow to adjust services offered by to individual preferences and actual needs of visitors at the Online Shop. It gives also an opportunity to work out general statistics of hits into information presented at the Online Shop.

2. uses two types of cookie files:

a) Session cookie: recorded information is deleted from memory of a device after an end of a session of a given web browser or after a computer is turned off. Session cookie mechanism does not allow for collection of any personal data and other confidential information from User’s computer.

b) Persistent cookie: they are kept on User’s hard disk drive until they are deleted. Persistent cookie mechanism does not allow to collect any personal information or any confidential information from users computer.

3. uses its own cookies for:

a) authentication in the Online SHop and to ensure the user session in the Online Shop (after logging in), through which the user does not have on every page to retype your login and password;

b) analyzes and surveys and audits audience, and in particular to create anonymous statistics that help to understand how customers use the Online Shop, which allows improvement of their structure and content.

4. uses external cookies to:

a) collect general and anonymous statistical data through Google Analytics (administrator of external cookies: Google Inc seated in the USA).

5. The cookie mechanism is safe for computers of the Online Shop’s Users. In particular this way does not give a possibility for viruses or other unwanted or malicious software to enter your computers. Still, Users have an option in their web browsers to limit or switch off the access of cookie files to their computers. If you use this option, you may still use the Online Shop except functions that due to their nature require cookies.

6. Below you can find how to change the settings for web browsers on the use of cookies:

a) Internet Explorer;

b) Mozilla Firefox;

c) Chrome;

d) Safari;

e) Opera.

7. may collect your IP address. IP address is a number assigned to the computer of a website visitor by your ISP. IP number allows you to access the Internet. In most cases, the computer is assigned dynamically, ie it changes every time you connect to the Internet and therefore is widely regarded as a non-personally identifying information. The IP address is used by in diagnosing technical problems with the server, creating a statistical analysis (eg determining regions from which we note the most visits), as information useful in administering and improving the Website, as well as for security purposes and the possible identification of aggravating server unwanted automatic programs for viewing Online Shop content.

8. The Online Shop contains links and hyperlinks to other web pages. shall not be responsible for privacy policies in force therein.

Article 4 - Rights of data subjects.

1. The right to withdraw consent - legal basis: art. 7 par. 3 GDPR.

a) The customer has the right to withdraw any consent given by

b) Withdrawal of consent has effect since the withdrawal of consent.

c) Withdrawal of consent does not affect the processing carried out by in accordance with the law before its withdrawal.

d) Withdrawal of consent does not entail any negative consequences for the customer, however, it may prevent further use of services or functionality that under the law can only provide with consent.

2. The right to object to data processing - legal basis: art. 21 GDPR.

a) The customer has the right to object at any time - for reasons related to his special situation - to the processing of his personal data, including profiling, if processes his data based on a legitimate interest, e.g. marketing of products and services , statistics on the use of individual functionalities of the Online Shop and facilitating the use of the Online Shop, as well as a satisfaction survey.

b) Resignation in the form of an e-mail from the receipt of marketing messages concerning products or services will mean the Customer's objection to the processing of his personal data, including profiling for these purposes.

c) If the customer's objection turns out to be legitimate and has no other legal basis to process personal data, the client's personal data will be deleted, the client will object to the processing.

3. The right to delete data ("the right to be forgotten") - legal basis: art. 17 GDPR.

a) The customer has the right to request the removal of all or some personal data.

b) The customer has the right to request the deletion of personal data if:

  a. personal data are no longer necessary for the purposes for which they were collected or processed;
  b. withdrew his specific consent to the extent to which personal data were processed based on his consent;
  c. he objected to the use of his data for marketing purposes;
  d. personal data are processed unlawfully;
  e. personal data must be removed in order to comply with the legal obligation provided for by Union law or the law of the Member State to which is subject;
  f. personal data have been collected in connection with the offering of information society services.

c) Despite the request to delete personal data, in connection with filing an objection or withdrawing consent, may retain some personal data to the extent that processing is necessary to establish, assert or defend claims, as well as to fulfill a legal obligation requiring processing for Union law or the law of a Member State to which is subject. This applies in particular to personal data including: name, surname, e-mail address, which data is retained for the purpose of handling complaints and claims related to the use of services, or additionally the address of residence / mailing address, order number, which this data is retained for the purpose of handling complaints and claims related to concluded sales contracts or provision of services.

4. The right to limit data processing - legal basis: art. 18 GDPR.

a) The customer has the right to request the restriction of the processing of his personal data. Submission of a request, pending its consideration, prevents the use of certain functionalities or services, the use of which will involve the processing of data covered by the request. will also not send any messages, including marketing messages.

b) The customer has the right to request a restriction of the use of personal data in the following cases:
a. when he questions the correctness of his personal data - then limits their use for the time needed to verify the correctness of data, but no longer than for 7 days;
b. when the data processing is unlawful, and instead of deleting the data, the Customer will demand restriction of their use;
c. where personal information is no longer necessary for the purposes for which it was collected or used, but is needed by the Customer to establish, assert or defend claims;
d. when he objected to the use of his data - then the restriction takes place for the time needed to consider whether - due to the special situation - protection of the client's interests, rights and freedoms outweighs the interests that the Administrator performs while processing the client's personal data.

5. Right of access to data - legal basis: art. 15 GDPR.
a) The Customer has the right to obtain from the Administrator confirmation whether he processes personal data, and if so, the Customer has the right to:
a. get access to your personal data;
b. obtain information about the purposes of processing, categories of personal data being processed, recipients or categories of recipients of this data, the planned period of customer data storage or criteria for determining this period (when it is not possible to determine the planned data processing period) about the rights of the Customer under RODO and the right to lodge a complaint with the supervisory body, the source of this data, about automated decision-making, including profiling and about safeguards applied in connection with the transfer of these data outside the European Union;
c. obtain a copy of your personal data.

6. The right to rectify data - legal basis: art. 16 GDPR.
a) The Customer has the right to demand from the Administrator that he or she corrects his / her personal data incorrectly. Taking into account the purposes of processing, the Customer whose data is related has the right to request supplementing incomplete personal data, including by submitting an additional statement, directing the request to the e-mail address in accordance with § 6 of the Privacy Policy.

7. The right to data transfer - legal basis: art. 20 GDPR.
a) The Customer has the right to receive his personal data, which he provided to the Administrator, and then send them to another personal data administrator of his choice. The Customer also has the right to demand that personal data be sent by the Administrator directly to such an administrator, if it is technically possible. In this case, the Administrator will send the Customer's personal data in the form of a file in csv format, which is a widely used, machine-readable format that allows sending the received data to another personal data administrator.

8. In a situation where the Customer comes from the rights resulting from the above rights, fulfills the request or refuses to meet it promptly, however not later than within one month after receiving it. However, if - due to the complexity of the request or the number of requests - will not be able to fulfill the request within a month, it will meet them within the next two months by informing the Customer within one month of receiving the request - about the intended extension and its reasons.

9. The Customer may submit complaints to the Administrator, inquiries and requests regarding the processing of his personal data and the exercise of his rights.
10. The customer has the right to demand that provide a copy of standard contractual clauses by sending a request in the manner specified in § 6 of the Privacy Policy.

11. The Customer has the right to lodge a complaint to the President of the Office for Personal Data Protection in the scope of violation of his rights to the protection of personal data or other rights granted under the GDPR.

Article 5 - Security management - password

1. provides clients with a secure and encrypted connection when sending personal data and when logging in to the Customer Account on the Website. uses SSL certificate issued by one of the world's leading companies in the field of security and encryption of data transmitted via the Internet.
2. In the event that the Customer who has an account in the Shop has lost any access password in any way, the Online Shop allows generating a new password. does not send a password reminder. The password is stored in the database in an encrypted form in a way that prevents its reading. To generate a new password, please enter your e-mail address in the form available under the link "Forgot your password" provided at the login form for the account in the Online Shop. The new password will be automatically sent to the e-mail address provided during registration or saved in the last change of the account's profile.
3. never sends any correspondence, including electronic correspondence, with a request to provide login data, in particular to the access password to the Customer's account.

Article 6 - Changes to The Private Policy

1. Privacy Policy may change as inform users in advance of 7 days.

2. Please send all additional questions related to the Privacy Policy to:

3. Date of the last amendment: 25.05.2018.