1. Data administrator and definitions

1. The administrator of the personal data of the Customers / Users of the Website, also referred to as the Seller, is: Angara Distribution Spółka z ograniczoną odpowiedzialnością Sp. k., telephone: 698 507 335, NIP: 5272951048, REGON: 388322102.
2. The data administrator can be contacted:
   1. at the correspondence address: Hubala 7/12 Street, 05-803 Pruszków, Poland;
   2. at e-mail address: b2b@angara.pl.
   1. User - a natural person accessing the website(s) or using the services or functionalities described in this Privacy and Cookies Policy.
   2. Customer - a natural person with full legal capacity, a natural person who is a Consumer, a legal person or an organisational unit without legal personality, to which the Act grants legal capacity, who enters into a Distance Sales Contract with the Seller.
   3. Web Site - the website operated by the Seller, available at electronic addresses (pages): https://mugwithlogo.com through which the Customer/User may obtain information about the Goods and order service.
   4. RODO - Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

   2. Purposes, legal basis and duration of data processing

   1. In order to perform the Distance Sales Contract, the Seller processes:
      1. information concerning the User's device in order to ensure the correct operation of the services: IP address of the computer, information contained in cookies or other similar technologies, session data, browser data, device data, data on activity on the Website, including on individual subpages;
      2. personal data of the Users: first name, surname, e-mail address, telephone number, or other personal data required by the Administrator to complete the order.
   2. This information does not contain data concerning the identity of Users, but in combination with other information may constitute personal data and therefore the Administrator covers them with the full protection to which they are entitled under the RODO.
   3. This data is processed in accordance with Article 6(1)(b) of the RODO, for the purpose of providing the service, i.e. contract for the provision of services by electronic means in accordance with the Terms and Conditions, and in accordance with Article 6(1)(a) of the RODO, in relation to consenting to the use of certain cookies or other similar technologies expressed by the relevant settings of the Internet browser in accordance with the Telecommunications Law or in relation to consenting to geolocation. The data are processed until the Customer/User's use of the Website is terminated.
   4. The Administrator undertakes to take all measures required under Article 32 of the RODO, i.e., taking into account the state of the art, the cost of implementation and the nature, scope and purposes of the processing and the risk of infringement of the rights or freedoms of natural persons of varying probability and seriousness, the Administrator implements appropriate technical and organisational measures to ensure a degree of security appropriate to the risk.

   3. Marketing activities of the Controller

   1. On the Website, the Controller may post marketing information about its products or services. The display of this content is carried out by the Data Controller in accordance with Article 6(1)(f) RODO, i.e. in accordance with the legitimate interest of the Data Controller to publish content related to the services provided and promotional content of campaigns in which the Data Controller is involved. At the same time, this action does not violate the rights and freedoms of Customers/Users, Customers/Users expect to receive content of similar content and even expect it or it is their direct purpose to visit the website(s) of the Website.

   4. Recipients of users' data

   1. The Data Controller shall only disclose users' personal data to processors under concluded contracts of entrustment of personal data processing in order to perform services for the Data Controller, e.g. hosting and operation of the Website, IT service, marketing and PR service.

   5. Transmission of personal data to third countries

   1. Personal data will not be processed in third countries.

   6. Data subject rights

   1. Every data subject has the right:
      1. access (Article 15 RODO) - to obtain confirmation from the Data Controller as to whether his/her personal data is being processed. If data about the person are processed, he/she is entitled to access them and to obtain the following information: about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the data have been or will be disclosed, the period of data retention or the criteria for their determination, the data subject's right to request rectification, erasure or restriction of the processing of personal data and to object to such processing;
      2. to obtain a copy of the data (Art. 15(3) RODO) - to obtain a copy of the data undergoing processing, the first copy being free of charge, and for subsequent copies the Data Controller may impose a reasonable charge based on administrative costs;
      3. to rectification (Art. 16 RODO) - to request the rectification of personal data concerning him/her which are inaccurate or the completion of incomplete data;
      4. to erasure (Art. 17 RODO) - to request the erasure of his/her personal data if the Data Controller no longer has a legal basis for the processing or the data are no longer necessary for the purposes of the processing;
      5. to restrict processing (Art. 18 RODO) - to request the restriction of the processing of personal data when:
         1. the data subject challenges the accuracy of the personal data - for a period allowing the Data Controller to verify the accuracy of the data,
         2. processing is unlawful and the data subject objects to the erasure of the data by requesting a restriction of use,
         3. the Data Controller no longer needs the data, but are needed by the data subject to establish, assert or defend a claim,
         4. the data subject has objected to the processing - until it is established whether the legitimate grounds on the part of the controller override the grounds of the data subject's objection;
      6. to data portability (Art. 20 RODO) - to receive in a structured, commonly used machine-readable format the personal data concerning him or her which he or she has provided to the Controller, and to request that these data be sent to another Controller where the data are processed on the basis of the data subject's consent or a contract concluded with him or her and where the data are processed by automated means;
      7. to object (Art. 21 RODO) - to object to the processing of his/her personal data for the legitimate purposes of the Controller on grounds relating to his/her particular situation, including profiling. The Controller shall then assess the existence of valid legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims. If, according to the assessment, the interests of the data subject outweigh the interests of the controller, the Controller will be obliged to cease processing for these purposes;
      8. to withdraw consent at any time and without stating a reason, but the processing of personal data carried out prior to the withdrawal of consent will continue to be lawful. Withdrawal of consent will result in the Controller ceasing to process the personal data for the purpose for which the consent was given.
   2. In order to exercise the above-mentioned rights, the data subject should contact, using the contact details provided, the Controller and inform him/her of which right and to what extent he/she wishes to exercise.

   7. President of the Office for the Protection of Personal Data

   1. The data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Office for the Protection of Personal Data with its registered office in Warsaw, 2 Stawki Street, which may be contacted as follows:
   2. by letter: 2 Stawki Street, 00-193 Warsaw;
   3. by electronic sub-box available at: https://www.uodo.gov.pl/pl/p/kontakt;
   4. Infoline: 606-950-0000.

   8. Data Protection Inspector

   1. In any case, the data subject may also directly contact the Data Protection Officer of the Controller by email or in writing to the address of the Controller as provided in section 1, item 2 of this Privacy and Cookies Policy.

   9. Amendments to the Privacy Policy

   1. The Privacy and Cookies Policy may be supplemented or updated according to the current needs of the Administrator in order to provide up-to-date and reliable information to Customers/Users.

   10. Cookies

   1. The Website performs the functions of obtaining information about Customers, Users and their behaviour in the following ways:
      1. through voluntarily entered information in forms for purposes resulting from the function of a specific form;
      2. through the storage of cookies (so-called ‘cookies’) in terminal equipment;
      3. through the collection of web server logs by the Website hosting operator (necessary for the correct operation of the website).< /li>
   2. Cookies are IT data, in particular text files, which are stored in the terminal equipment of the Customer / User and are intended for the use of the Website. Cookies usually contain the name of the website from which they originate, the time they are stored on the end device and a unique number.
   3. The Website uses cookies only after the Client/User of the Website has given his/her prior consent in this respect. Consent to the Website's use of all cookies is given by clicking on the button: ‘Close’ when the message about the Website's use of cookies is displayed or by closing this message.
   4. If the Customer/User of the Website does not consent to the Website's use of cookies, he/she may use the option: ‘I do not give my consent’, also available in the message about the Website's use of cookies, or make changes to the settings of the Internet browser he/she is currently using (this may, however, cause the Website's page to work incorrectly).
   5. In order to manage your cookie settings, select your Internet browser/system from the list and follow the instructions: Internet Explorer, Chrome, Safari, Firefox, Opera, Android, Safari (iOS), Windows Phone.
   6. The legal basis for the processing of personal data derived from cookies is the legitimate interests of the Data Controller, consisting of providing high quality services, ensuring the security of services.
   7. There are two main types of cookies used within the Website: ‘session’ cookies and ‘permanent’ cookies (persistent cookies). ‘Session’ cookies are temporary files that are stored on the User's terminal equipment until the User logs out, leaves the Website or switches off the software (web browser). ‘Permanent’ cookies are stored on the Client/User's terminal device for the time specified in the parameters of the cookies or until they are deleted by the Client/User.

   Functional cookies (required)

   shop_monit_token: 30 minutes, cookie
   Identifies the shop customer.

   Google

   NID: 180 days, cookie
   These cookies (NID, ENID) are used to remember user preferences and other information, such as preferred language, the number of results displayed on a search results page (for example, 10 or 20), and whether the user wants to have the Google SafeSearch filter enabled. This cookie is also required to offer Google Pay.

   Google reCAPTCHA

   _GRECAPTCHA: 1095 days, cookie
   This cookie is set by Google reCAPTCHA, which protects our site from spam requests on contact forms.

   
   

   Analytics cookies

   Google Analytics

   _ga_: 730 days, cookie
   Used by Google Analytics to collect data about the number of times a user visits the site, as well as the dates of the first and last visit.

   _ga: 730 days, cookie
   Records a unique identifier that is used to generate statistical data about how a visitor uses the site.

   _gid: 1 days, cookie
   The _gid cookie captures a unique identifier which is used to generate statistics about how a visitor uses the site.

   _gat: 1 day, cookie
   Used to throttle the speed of requests. Analytics anonymises the IP address.

   _dc_gtm_UA-#: 730 days, cookie
   Used by Google Tag Manager to control loading of Google Analytics script tag. Analytics anonymises IP address.

   FPLC: 1200 minutes, cookie
   Non-HttpOnly version of FPLC cookie with hashed value from FPID value.

   _gat[_]: 1 minutes, cookie
   Used to throttle the speed of requests. If Google Analytics is implemented via Google Tag Manager, this cookie will be named _dc_gtm_.

   _gat_gtag: 1 minute, cookie
   Used to analyse visitor browsing habits, flow, source and other information.

   __utma: 730 days, cookie
   Used to distinguish between users and sessions. The cookie is created when the javascript library is executed and no existing __utma cookie exists. The cookie is updated every time data is sent to Google Analytics.

   __utmb: 30 minutes, cookie
   Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookie exists. The cookie is updated every time data is sent to Google Analytics.

   __utmc: cookie
   Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie worked in conjunction with the __utmb cookie to determine if a user was in a new session/visit.

   __utmt: 10 minutes, cookie
   Served to limit the number of requests.

   __utmz: 180 days, cookie
   Stores the source of traffic or a campaign that explains how a user arrived at your site. The cookie is created when the javascript library is executed and is updated every time data is sent to Google Analytics.

   __utmv: 730 days, cookie
   It is used to store custom variable data at the visitor level. This cookie is created when a developer uses the _setCustomVar method with a visitor-level custom variable. This cookie was also used for the deprecated _setVar method. Plik cookie jest aktualizowany za każdym razem, gdy dane są wysyłane do Google Analytics.

   AMP_TOKEN: 365 dni, plik cookie
   Zawiera token, który może być użyty do pobrania ID klienta z serwisu AMP Client ID. Inne możliwe wartości wskazują opt-out, inflight request lub błąd pobierania Client ID z serwisu AMP Client ID.

   FPID: 730 dni, plik cookie
   Ten plik cookie domyślnie nosi nazwę FPID (First Party Identifier). Wartość zapisana w FPID zostanie wykorzystana do ustawienia identyfikatora klienta w żądaniu skierowanym do serwerów Google.

   _gaexp: 90 dni, plik cookie
   Używane do określenia włączenia użytkownika do eksperymentu oraz wygaśnięcia eksperymentów, w których użytkownik został włączony.

   _opt_awcid: 1 dni, plik cookie
   Używane dla kampanii zmapowanych na identyfikatory klientów Google Ads.

   _opt_awmid: 1 day, cookie
   Used for campaigns mapped to Google Ads Campaign ID.

   _opt_awgid: 1 day, cookie
   Used for campaigns mapped to Google Ads group IDs

   _opt_awkid: 1 days, cookie
   Used for campaigns mapped to Google Ads criteria identifiers

   _opt_utmc: 1 days, cookie
   Saves the last utm_campaign query parameter.

   _opt_expid: 0.2 minutes, cookie
   Saves the last utm_campaign query parameter.

   Google Analytics pixel: 999 days, tracking pixel
   The pixel measures visits, clicks and other digital behaviour. This allows you to adjust your marketing strategy.

   __utmli: 60 days, cookie
   The cookie is part of the Enhanced Link Attribution feature, which (attempts) to distinguish clicks on links to the same destination in paging analytics. It contains the id (if any) of the clicked link (or its parent) to be read on the next page, so that in-page analyses can determine where on the page the clicked link was.

   
   
   8. Cookies are used for the following purposes:
      1. creation of statistics which help to understand how Customers/Users of the Website use the websites, which enables the improvement of their structure and content;
      2. maintaining the Customer/User session (after logging in), thanks to which the Customer/User does not have to re-enter his/her login and password on each sub-page of the Website;
      3. defining the Customer/User profile in order to display him/her product recommendations and tailored materials on advertising networks, in particular the Google network.
   9. The web browsing software (web browser) usually allows cookies to be stored on the Customer/User's terminal device by default. Customers/Users may change their settings in this respect. The web browser allows cookies to be deleted. It is also possible to automatically block cookies.
   10. Restrictions on the use of cookies may affect certain functionalities available on the Website.
   11. Cookies placed on the Customer/User's terminal device and may also be used by advertisers and Website partners cooperating with the Website.
   12. Cookies may be used by the Google network, to display advertisements tailored to the way the Customer/User uses the Website. For this purpose, they may retain information about the user's navigation path or the time spent on a particular page: https://policies.google.com/technologies/partner-sites.
   13. We recommend that the Customer/User reads the privacy policies of these companies to understand the use of cookies used in statistics: Google Analytics privacy policy.
   14. In terms of information about the Customer/User's preferences collected by the Google advertising network, the Customer/User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
   15. On the Website, there are plug-ins that may transmit Customer/User data to Administrators such as, for example: Google Analytics, Google reCAPTCHA, Google.