This Privacy Policy was updated on May 20, 2021.

Leatherformat attaches great importance to its obligation to protect user privacy in accordance with applicable law.
This Privacy Policy will allow you to better understand the personal data protection principles applied by Leatherformat. We encourage you to read the information below before providing your personal data. The administrator of your personal data is SELF – MADE Sp. zo. o., NIP: 783-184-85-93, KRS: 0000943250 (hereinafter: "we", "Administrator" or "hellrider"). Company contact details: tel. +48 692966604 e-mail address: hellriderfashion@gmail.com The Privacy Policy may be updated by Leatherformat at any time. The date of the last update is always posted on the website page. Please note that by using the website www.hellridershop.com or other websites operated by Leatherformat/by providing appropriate consents, you authorize Leatherformat to collect, record, organize, store, use and/or transmit your personal data in accordance with this Privacy Policy.

Personal data is collected when:

• you visit the website;
• you create an account on the website;
• you make a purchase on the website or in our distribution network sales points;
• you subscribe to the newsletter;
• you register in one of our loyalty programs;
• you participate in special campaigns, in particular games, competitions, product tests, customer surveys or market research;
• you share content on social networks such as Instagram, Facebook, Pinterest or Twitter using tags or hashtags containing the names of the brands we distribute (e.g. @hellrider_shop @hellrider #hellrider) or other tags or hashtags we propose;
• you visit one of the sales points of our distribution network;
• you contact us: call or send a request or complaint to our Customer Service Department, rate our products and/or services, chat with Customer Service in real time;
• when you have consented to third parties sending your personal data to us.

We consider all information that can directly or indirectly identify you as “personal information.” We may collect the following personal data:

• personal data that you provide to us when purchasing in the online store, such as: surname, names, gender, telephone numbers, address, e-mail address, username, passwords, date of birth, NIP number, PESEL number;
• information about your payment method, in particular your credit card number and expiration date;
• information about orders such as: transaction number, purchase history, history of correspondence with the Customer Service Department;
• information containing content such as: photos, videos, reviews, comments, etc.;
• information from social media accounts (username, location, etc.), information about uploaded and shared posts that contain a hashtag with the name of the brands we distribute or other tags or hashtags proposed by hellrider;
• recordings of telephone calls by the Customer Service Department in order to ensure the best quality of services and training or evaluation of the work of our staff;
• technical information, in particular the IP address of your device and information about how your device navigates our website, as well as information about your preferences, interests, activity on the website and the loyalty program;
• other information that you provided when contacting our Customer Service Department or received from third-party providers.

Personal data may be collected mainly for the following purposes:

• administering the website www.hellridershop.com and improving the quality of services. This processing is necessary for the purposes of the legitimate interests mentioned above;
• processing your orders (conclusion and implementation of the sales contract, delivery, issuing an invoice, after-sales service, etc.) for products included in the range of online stores operated by Leatherformat. This processing is necessary for the performance of a contract to which you are a party;
• to manage customer relationships (CRM), in particular to better understand customer preferences and provide personalized offers about our products and services (in particular via e-mail, SMS, social networks or other media and through displaying targeted advertisements on websites and social media) in order to perform the contract regarding your participation in the loyalty program and maintaining and servicing your user account. For this purpose, we may perform segmentation operations based on preferences, interests and purchases, analyze website browsing to better qualify our database. Creating an account allows us to personalize your consumer needs. We also allow you to place an order as a guest and make purchases without registration. Processing takes place with your express consent or is necessary for the purposes of providing services provided electronically;
• to study social interactions. Data processing takes place with the Customer's consent;
• conducting the competition, in particular selecting the competition winners and issuing prizes;
• where appropriate, data is collected for the purposes of preventing and detecting fraud, crime and managing litigation. This processing is necessary for the purposes of the legitimate interests referred to above;
• data processing necessary to manage the Customer's request (regarding the provision of advice, participation in promotional campaigns, complaints, the right to withdraw from the contract, rectification or deletion of data, etc.). Such data processing takes place in order to fulfill the Customer's request;
• we may use information about our Customers in an anonymous and/or aggregated manner for demographic profiling, research, analysis and other similar purposes;
• personal data may also be used in a manner other than that specified in the Privacy Policy (e.g. to fulfill legal obligations arising from regulations, e.g. tax and accounting or to pursue claims and defend against claims, also of third parties), but always in accordance with applicable law.

We never sell personal data to other companies for marketing purposes. Personal data that we collect about Customers may be transferred or made available to our trusted partners to achieve the purposes of processing, as well as to third parties - service providers acting on our behalf, for the purpose of (processing and fulfilling the order, securing payments, managing Customer Service, management of technical operations, evaluation, review, analysis and management of digital campaigns and in anonymous and/or aggregated form to third parties for demographic profiling, research, analysis and other similar purposes, etc.). We authorize service providers to use personal data only to the extent necessary to perform services on our behalf or to comply with legal requirements. We ensure that your personal data is always protected and secured. Third party service providers may be located within or outside the European Economic Area (EEA). If service providers are located in countries that do not ensure the same level of personal data protection as in Poland, we undertake to:

• obtaining explicit consent to share personal data with such third parties;
• concluding appropriate data transfer agreements in accordance with the Standard Model Clauses established by the European Commission;
• compliance with the Binding Corporate Rules for processors of personal data (Processor Binding Corporate Rules) approved by the competent authorities;
• ensuring that such third parties comply with the EU-US Privacy Shield Framework and the Privacy Shield Principles regarding the collection, use and retention of personal data transferred from the European Union to the US ( more information on this subject is available at: https://www.privacyshield.gov/).

We would like to inform you that, in accordance with applicable regulations, we are also obliged to transfer personal data to local authorities if required by law or as part of an investigation initiated in accordance with applicable regulations.

Depending on the type of personal data and the associated risk, Leatherformat applies appropriate precautions, technical and organizational security measures to ensure the security and confidentiality of personal data and to prevent their alteration, damage or transfer to unauthorized entities. The measures in place may include practices such as: limited access by employees who, by virtue of their duties, are entitled to access personal data, additional warranty agreements in the case of third-party suppliers, privacy impact assessments, internal audits to assess our practices and Privacy Policy and/or implementing physical and/or logical security measures (secure access, authentication process, backup , anti-virus programs, firewall, etc.).

For more information, visit the Cookies page.

You can use our tags and hashtags to tag content on social networks such as Instagram, Facebook, Pinterest and Twitter. By using these tags/hashtags, you acknowledge and agree that your content may appear on our site and may be used in connection with our products or services.

We remind you that the information you share on social networks may be viewed, used and saved by other people around the world, in particular in countries that do not have legal provisions guaranteeing an adequate level of protection of your personal data in your country of residence. 

We also point out that when you upload content using one of our tags/ hashtags, the use of social networks is exclusively subject to the general terms and conditions of these social networks. We encourage you to read them. If you do not want one of your content to appear on our site, please remove it from your social network or stop using one of our tags/hashtags.

The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. The data processing period may also result from legal provisions if they constitute the basis for processing. In the case of data processing based on the legitimate interest of the Administrator - e.g. for security reasons - the data is processed for a period enabling its implementation or until an effective objection to data processing is submitted. If the processing is based on consent, the data is processed until it is withdrawn. If the basis for processing is the necessity to conclude and perform the contract, the data will be processed until its termination. The data processing period may be extended if the processing is necessary to establish, pursue or defend against possible claims, and after this period, only if and to the extent required by law. After the processing period has expired, the data is irreversibly deleted or anonymized.

Usually:

• to the extent that your personal data is processed by us for the purposes of completing your transactions for the purchase of our products or services, we will process them for the duration of the contract regarding such a transaction, and we may extend this period by the period of limitation of your or our claims, if the processing of this data is necessary to establish or pursue claims, as well as to defend against such claims;
• to the extent that your personal data is processed by us for the purposes of maintaining and servicing your user account or enabling you to participate in a loyalty program or for providing you with a newsletter, we will process it until, respectively: your resignation from the user account in the online store , unsubscribing from the newsletter or terminating its publication, resigning from participation in the loyalty program or terminating the program. We may extend this period by the limitation period for your or our claims if the processing of this data is necessary to establish or pursue claims, as well as to defend against such claims;
• to the extent that your personal data is processed for the purposes of fulfilling our obligations arising from legal provisions (e.g. the Accounting Act or tax regulations), we will process them for the period resulting from such provisions (e.g. for settlement purposes, your data will be stored for 5 years from the end of the calendar year in which the deadline for payment of tax related to the order or transaction expired);
• to the extent that your personal data is processed for the implementation of our legitimate interests, including (i) creating your customer profile in order to provide you with marketing information, as well as (ii) conducting marketing communications, we will process them for the period of existence of the legitimate interest, unless you exercise your right and object to the processing of this data for marketing purposes;
• credit card data will be deleted immediately after the transaction or archived for evidentiary purposes in accordance with applicable law. Subject to your express consent, bank details may be retained until the expiry date of your credit card. We never store the cards' visual cryptogram;
• telephone call recording data may be stored for up to six months.

In connection with the processing of your data by the Administrator, you have a number of rights:

• if you provide us with your e-mail address, telephone number or postal address and consent to sending commercial information by appropriate means, you may receive e-mails, calls or text messages from us about our products, services or upcoming events. You can unsubscribe from the newsletter at any time by contacting us at the address below. You can also change your preferences at any time in your account;
• in accordance with applicable regulations, the user has the right to access personal data (you can obtain information on how and to what extent we process your data and, additionally, a copy of your personal data), correct them (if they have been stored incorrectly or if they have changed), delete them (if there is no basis for the Administrator to process them), or limit processing (if you want the Administrator to process your data only to a limited extent, until your objection or request for correction of data is considered, and if you want the data to be stored in connection with your claims);
• you can request that your data that you have provided to us be transferred in a commonly used, machine-readable format (e.g. computer-readable). You can submit the received data to the administrator of your choice. Moreover, if technically possible, while maintaining appropriate security standards, we can do it for you at your request.
• if the processing of your data by the Administrator is based on legitimate interest, you can object to such processing;
• you also have the right to lodge a complaint with the authority responsible for the protection of personal data (the President of the Office for Personal Data Protection) if you believe that the processing of your personal data is inconsistent with applicable law. To exercise your rights, please send us a signed application to the address below:
• by writing to hellriderfashion@gmail.com ; or
• writing directly to the following address: hellrider Ul. Głogowska 180/7 61-517 Poznań (preferably with the note "Concerning personal data")

To enable quick and effective consideration of your request, please indicate what your request concerns, in particular:

• what rights the person submitting the application wants to exercise (e.g. the right to update data);
• what processing process the request concerns (e.g. receiving a newsletter containing commercial information to a specific e-mail address);
• what purposes of processing the request concerns (e.g. marketing purposes).

If the Administrator is unable to determine the content of the request or identify the person submitting the application based on the submitted notification, he will ask the applicant for additional information. You will be informed about the actions we have taken as soon as possible and in any case no later than one month after submitting your application. If it is necessary to extend this deadline, the Administrator will inform the applicant about the reasons for such extension. The response will be provided to the e-mail address indicated in the form, and in the case of applications sent by post, by regular mail to the address indicated by the applicant, unless the content of the letter indicates the desire to receive feedback to the e-mail address (in such a case, please provide the address e-mail).

This Privacy Policy fulfills the information obligation in connection with the change in the provisions on the protection of personal data and the commencement of application from May 25, 2018 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) "GDPR".

If you have any questions or comments regarding this Privacy Policy, you can contact our data protection contact point at the address or email address provided above.