Privacy policy

Privacy Policy

quantumreality.space

This Privacy Policy is effective from 7/1/2024

§ 1

Definitions

1.      Administrator – Quantum Reality Ltd. with its registered office in Wrocław (50-078), at Leszczyńskiego Street 4/25, entered into the register of entrepreneurs of the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, VI Commercial Division of the National Court Register under the number KRS: 0001076434, Tax Identification Number (NIP): 8971931260, Statistical Number (REGON): 527237576, with a share capital of 5,000.00 PLN;

2.      Personal data – all information about an identified or identifiable natural person through one or several particular factors determining the physical, physiological, genetic, mental, economic, cultural, or social identity, including the IP of the device, location data, internet identifier, and information collected via cookies and other similar technology;

3.      Policy – this Privacy Policy;

4.      Products – Products and services available in the assortment of the Service, including also Products prepared at the special request of the Customer, in particular: photo prints, gadgets with photos, photo books, calendars, etc.;

5.      GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons about the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;

6.      Service – the online service operated by the Administrator at www.quantumreality.space;

7.      Agreement, Sales Agreement – a product sales agreement concluded or entered into between the Customer and the Company via the Service. The Sales Agreement also means – according to the characteristics of the Product – a service agreement or a contract for specific work;

8.      User – every natural person visiting the Service or using one or several services or functionalities described in the Policy;

9.      Order – the purchase of a Product on the website www.quantumreality.space

§ 2

Processing of User Data

In connection with the use of the Service by the User, the Administrator collects data to the extent necessary to provide the individual services offered, as well as information about the User's activity on the Service. Detailed rules and purposes of processing personal data collected during the use of the Service by the User are described below.

§ 3

Purposes and Legal Basis for Data Processing in the Service

1.      Personal data of all persons using the Service (including the IP address or other identifiers and information collected through cookies or similar technologies), who are not registered Users (i.e., persons without a profile in the Service) are processed by the Administrator for the purpose of providing electronic services in terms of making available to Users content stored in the Service, including:

1)     to the extent necessary to establish, shape the content, change, resolve, and properly implement services provided electronically and execute Orders placed by the User;

2)     for the purpose of executing Orders placed by the User for Products in the Service's assortment;

3)     for the purpose of considering complaints submitted by the User and returning benefits in case of withdrawal from the Agreement

4)     the legal basis for processing is the necessity of processing to perform the Agreement (Article 6(1)(b) of the GDPR);

5)     for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users' activities, as well as their preferences, in order to improve the functionalities used and services provided;

6)     for the purpose of possibly establishing and pursuing claims or defending against them - the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in the protection of its rights;

7)     for marketing purposes of the Administrator and its trusted partners, through sending newsletters and via SMS/MMS - the legal basis for processing is the User's consent (Article 6(1)(a) of the GDPR).

8)     for marketing purposes of the Administrator, including presenting offers and products in the Service related to the provision of electronic services - the legal basis for processing is a legally justified interest (Article 6(1)(f) of the GDPR).

2.      The User's activity in the Service, including their personal data, is recorded in system logs (a special computer program used to store a chronological record containing information about events and activities concerning the IT system used to provide services by the Administrator). The information collected in the logs is processed mainly for purposes related to the provision of services. The Administrator also processes it for technical, administrative purposes, to ensure the security of the IT system and manage this system, as well as for analytical and statistical purposes - in this respect, the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).

§ 4

Registration in the Service

1.      Individuals who register in the Service are asked to provide the data necessary to create and manage a customer account. To facilitate service, the User may provide additional data, thereby consenting to their processing. Such data can be removed at any time.

2.      Providing data marked as mandatory is required to set up and manage a customer account, and failure to provide them results in the inability to create an account. Providing other data is voluntary.

3.      Personal data provided during registration in the Service are processed:

1)     for the purpose of providing services related to the management and operation of an account in the Service - the legal basis for processing is the necessity of processing to perform the agreement (Article 6(1)(b) of the GDPR), and for optionally provided data - the legal basis for processing is consent (Article 6(1)(a) of the GDPR);

2)     for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users' activities in the Service and the way of using the account, as well as their preferences in order to improve the functionalities used;

3)     for the purpose of possibly establishing and pursuing claims or defending against them - the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in the protection of its rights.

4.      It is also possible to log in to the account in the Service via social media portals (Facebook, G+, etc.). In this case, the Service will retrieve from the User's account in the social media portal only the data necessary for registration and account management. By changing the settings of the plugin independently, the User can easily extend the range of data retrieved to include those that may be useful when using the functionalities of the account in the Service.

5.      If the User posts any personal data of other people in the Service (including their name and surname, address, telephone number,  email address, or image), this can only be done on the condition of not violating the provisions of applicable law and the personal rights of these people, and having their consent to disclose their image.

§ 5

Placing Orders

1.      Placing a Product Order by a User of the Service involves the processing of their personal data. Providing data marked as mandatory is required to accept and handle the order, and failure to provide them results in the inability to execute the order. Providing other data is optional.

2.      In connection with the Order, Personal data are processed:

1)     to execute the placed order – the legal basis for processing is the necessity of processing to perform the agreement (Article 6(1)(b) of the GDPR); in the case of optionally provided data, the legal basis for processing is consent (Article 6(1)(a) of the GDPR);

2)     to fulfill legal obligations incumbent on the Administrator, particularly arising from tax laws and accounting regulations – the legal basis for processing is a legal obligation (Article 6(1)(c) of the GDPR);

3)     for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users' activities in the Service, as well as their purchasing preferences to improve the functionalities used;

4)     to possibly establish and pursue claims or defend against them – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in the protection of its rights;

5)     for purposes related to customer satisfaction research, in particular by sending communications to the email address with a request to complete a satisfaction survey – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in maintaining high-quality service and the level of customer satisfaction with the offered products and services.

§ 6

Contact. Contact Forms

1.      The Administrator provides the possibility of contacting them in written form or via electronic mail, contact form.

2.      Using the form requires providing personal data necessary to contact the User and respond to the inquiry. The User may also provide other data to facilitate contact or handling of the inquiry. Providing data marked as mandatory is required to accept and handle the inquiry, and failure to provide them results in the inability to handle it. Providing other data is voluntary.

3.      Personal data are processed:

1)     to enable contact with the Administrator and to initiate contact in any form - the legally justified interest of the data administrator – in the case of incidental correspondence, consisting in enabling electronic contact with the administrator (Article 6(1)(f) of the GDPR) or voluntarily expressed consent (Article 6(1)(a) of the GDPR);

2)     to identify the sender and handle their inquiry sent through the provided form – the legal basis for processing is the necessity of processing to perform the service agreement (Article 6(1)(b) of the GDPR);

3)     for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in conducting statistics of inquiries submitted by Users via the Service in order to improve its functionalities.

4)     for purposes related to customer satisfaction research, in particular by sending communications to the email address with a request to complete a satisfaction survey – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in maintaining high-quality service and the level of customer satisfaction with the offered products and services.

§ 7

Marketing

1.      The Administrator processes the personal data of Users for the purpose of conducting marketing activities, which may consist of:

1)     displaying marketing content to the User that is not adjusted to their preferences (contextual advertising);

2)     displaying marketing content to the User corresponding to their interests (behavioral advertising);

3)     sending email and SMS/MMS notifications about interesting offers or content, which in some cases contain commercial information;

4)     conducting other types of activities related to direct marketing of goods and services (sending commercial information electronically and telemarketing activities);

2.      For the purpose of carrying out marketing activities, the Administrator in some cases uses profiling. This means that through automatic data processing, the Administrator assesses selected factors concerning individuals in order to analyze their behavior or create a forecast for the future.

§ 8

Contextual and Behavioral Advertising

1.      The Administrator processes the personal data of Users for marketing purposes in connection with directing contextual advertising to Users (i.e., advertising that is not adapted to the User's preferences). The processing of personal data is then related to the realization of the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).

2.      The Administrator and its trusted partners process the personal data of Users, including personal data collected through cookies and other similar technologies, for marketing purposes in connection with directing behavioral advertising to Users (i.e., advertising that is tailored to the User's preferences).

§ 9

Newsletter

1.      The Administrator provides a newsletter service on the terms set out in the Regulations to persons who have provided their email address for this purpose. Providing data is required to provide the newsletter service, and failure to provide it results in the inability to send it.

2.      In providing the newsletter service, Personal data are processed:

1)     for the purpose of providing the newsletter service including sending marketing content – the legal basis for processing is the User's consent to receive it (Article 6(1)(a) of the GDPR);

2)     for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator, (Article 6(1)(f) of the GDPR) consisting in conducting analyses of Users' activities in the Service in order to improve the functionalities used;

3)     for the purpose of possibly establishing and pursuing claims or defending against them – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).

3.      The User may at any time opt-out of receiving the newsletter. They can contact the Company or by sending an email to: contact@quantumreality.com. The User can also unsubscribe by clicking "Unsubscribe" directly from the newsletter message they received and making appropriate settings in the customer account.

§ 10

Direct Marketing

The personal data of the User may also be used by the Administrator to direct marketing content to them through various channels, i.e., via email or MMS/SMS. Such actions are taken by the Administrator only if the User has given consent, which can be withdrawn at any time.

§ 11

Social Media

The Administrator processes the personal data of Users visiting the Administrator's profiles operated on social media (Facebook, YouTube, Instagram, Twitter, Threads, etc.). This data is processed solely in connection with managing the profile, including informing Users about the Administrator's activities and promoting various events, services, and products, as well as communicating with users via functionalities available in social media. The legal basis for processing personal data by the Administrator for this purpose is his legitimate interest (Article 6(1)(f) of the GDPR) in promoting his own brand and building and maintaining a community related to the brand.

§ 12

Information in Forms

1.      The Administrator collects information voluntarily provided by the User while filling out forms located on the Service.

2.      The Service may also record information about connection parameters (e.g., timestamp, IP address).

3.      Data provided in the form are processed for the purpose arising from the function of a specific form, e.g., to perform the process of handling the issue contained in the form or to contact the Administrator.

4.      Data provided in the form may be transferred to entities technically performing certain services – in particular, this refers to the transfer of information about the holder of a registered domain to entities that are operators of internet domains, services supporting payments, or other entities with which these entities cooperate in this regard.

§ 13

Cookies and Other Technology

1.      Cookies are small text files installed on the User's device browsing the Service. Cookies collect information facilitating the use of the Service - e.g., by remembering the User's visits to the Service and the actions they perform. They are stored on the User's end device (computer, smartphone, tablet, etc.). Saving these files on the device enables, among other things, remembering login data, so the User does not have to enter their login and password each time. These files remember goods added to the basket, or adapt page content to the User's interests. Cookies enable collecting statistical data of the Service, which allows us to develop the Service according to our customers' preferences.

2.      If the User does not agree to save cookies on their device, they should appropriately configure the browser settings or delete the saved cookies from the browser memory after using the service each time. Keep in mind that applying restrictions on saving cookie files may make it difficult or impossible to use the Service.

3.      To express consent for saving cookies, you should give visible consent at the bottom of the Service.

4.      Within the service, information about geolocation is collected, i.e., the Administrator verifies from which location (continent, country, province, and city) the User places an order.

5.      The Administrator uses so-called service cookies primarily to provide Users with services provided electronically and to improve the quality of these services. In connection with this, the Administrator and other entities providing analytical and statistical services on its behalf use cookies, storing information or gaining access to information already stored in the User's end device (computer, phone, tablet, etc.). Cookies used for this purpose include:

1)     cookies with data entered by the User (session identifier) for the duration of the session (user input cookies);

2)     authentication cookies used for services requiring authentication for the duration of the session (authentication cookies);

3)     cookies used to ensure security, e.g., used to detect abuses in authentication (user-centric security cookies);

4)     session cookies of multimedia players, for the duration of the session (multimedia player session cookies);

5)     persistent cookies used to personalize the User's interface for the duration of the session or slightly longer (user interface customization cookies),

6)     Cookies used for monitoring website traffic, i.e., data analytics: we use Google Analytics to analyze website traffic and browsing activities. These are particularly used for statistical purposes to check how often individual services are visited. We also use this data for optimization and development of services. More information about Google Analytics can be found at: https://policies.google.com/technologies/cookies.

6.      The Administrator and its trusted partners also use cookies for marketing purposes, including in connection with directing behavioral advertising to Users. For this purpose, the Administrator and trusted partners store information or gain access to information already stored in the User's end telecommunication device (computer, phone, tablet, etc.). The use of cookies and personal data collected through them for marketing purposes, particularly in terms of promoting services and goods of third parties, requires obtaining the User's consent. This consent can be withdrawn at any time. Withdrawing consent does not affect the legality of processing, which was carried out based on consent before its withdrawal.

§ 15

User Rights

1.      The User has the right to: access the data and request its correction, deletion, processing restriction, the right to data portability, and the right to object to data processing, as well as the right to lodge a complaint with the supervisory authority dealing with personal data protection.

2.      To the extent that the User's data is processed based on consent, it can be withdrawn at any time by contacting the Administrator or using functionalities provided in the Service, including the email address: support@quantumreality.space or by phone: 606 370 111

3.      The User has the right to object to data processing for marketing purposes if the processing is related to the legitimate interest of the Administrator, and also – for reasons related to the User's particular situation – in other cases where the legal basis for data processing is the legitimate interest of the Administrator (e.g., in connection with the realization of analytical and statistical purposes).

4.      The User has the right at any time to object to data processing related to customer satisfaction research, in particular, to object to sending communications to the email address with a request to complete a satisfaction survey, without the need to justify such objection.

§ 16

Recipients of Personal Data

1.      In connection with the provision of services, personal data will be disclosed to external entities, including in particular providers responsible for IT systems management, entities operating the Customer Support Center, entities such as banks and payment operators, entities providing accounting services, couriers (in connection with order execution), marketing agencies (in terms of marketing services).

2.      In the case of the User's consent, their data may also be made available to other entities for their own purposes, including marketing purposes.

3.      The Administrator reserves the right to disclose selected information about the User to the appropriate authorities or third parties who request the provision of such information, based on the appropriate legal basis and in accordance with applicable law.

§ 17

Transfer of Personal Data Outside the EEA

Personal data will not be transferred outside the European Union and the European Economic Area.

§ 18

Personal Data Security

1.      The Administrator ensures the security of personal data through appropriate technical and organizational measures aimed at preventing unlawful data processing and their accidental loss, destruction, or damage. Moreover, the Administrator takes special care to ensure that personal information is:

1)     correct and processed by the law,

2)     obtained only for specific purposes and not further processed in a way incompatible with those purposes,

3)     adequate, relevant, and not excessive in relation to the purposes of their processing,

4)     accurate and up to date,

5)     not stored longer than necessary,

6)     securely stored,

7)     not transferred to a country outside the European Economic Area without adequate protection.

2.      To better secure the User's account, it is recommended to:

1)     use a complex password to secure access to the account, preventing easy guessing by third parties. Such a password should contain a minimum of 8 characters, including upper and lower case letters, numbers, and special characters.

2)     keep the login and password to the Customer's account confidential, especially not to disclose these details (login, password) to any third parties.

3)     log out of the Service after each completed session (completed purchases, posting messages on the forum, etc.). Simply closing the browser window does not equate to logging out from quantumreality.space. Logging out from quantumreality.space occurs after clicking the “Logout” button, which is located in the upper right corner of the page.

4)     use antivirus programs, including regularly scanning disks for viruses.

5)     use the Service only through trusted computers, on which only verified software is installed. Using other people's computers by the User carries the risk of intercepting the login, password, or other data the User provides while using the account.

6)     if the User uses the Service via a public computer, e.g., in an internet café, they should not save data on the computer and should delete the history of browsed pages.

3.      The Administrator continuously conducts a risk analysis to ensure that personal data is processed securely – primarily ensuring that access to data is only by authorized personnel and only to the extent necessary for their tasks. The Administrator ensures that all operations on personal data are registered and performed only by authorized employees and associates.

4.      The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures in each case when they process personal data on behalf of the Administrator.