Login

Login

For Affiliate Promoters: Privacy Policy

  • 1 General Provisions

The personal data administrator for users of the website located at the domain www.salesmonopoly.com is SALES MONOPOLY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, based at: ul. Wagrowska 12G/3, 61-369 Poznań, registered in the Polish National Court Register (Krajowy Rejestr Przedsiębiorców) maintained by the District Court of Poznań — Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register under the number: 0001143549, with a tax identification number (NIP): 7822948680 (hereinafter referred to as the „Administrator”).
The Administrator has designated an electronic contact point intended for direct communication with the authorities of the Member States, the Commission, the Digital Services Council: info@salesmonopoly.com. This same contact point can be used by any Customer for direct and rapid communication with the Administrator. The Administrator can also be contacted in writing at its address: ul. Wagrowska 12G/3, 61-369 Poznań, or via the contact form available on the website. Communication can be conducted in Polish, Spanish, or English.The purpose of this Policy is to define the actions taken concerning personal data collected through the Administrator’s website and related services and tools used by its users, as well as within the framework of activities involving the conclusion and implementation of contracts outside the website.
If necessary, the provisions of this Policy may be amended. Changes will be communicated to users by publishing the new content of the Policy, and in the case of individuals who have consented to the processing of data via email or provided email data during contract execution, they will also be notified by email.

  • 2 Basis for Processing, Objectives, and Storage of Personal Data

Users’ personal data is processed in accordance with the General Data Protection Regulation (GDPR), the Spanish Organic Law 3/2018 of December 5 on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD), the Spanish Law 34/2002 of July 11 on Information Society Services and Electronic Commerce (LSSI-CE), and Law 11/2022 of June 8 — General Telecommunications Law, along with their subsequent amendments, and for the purpose of making a notification under Article 16(1) of Regulation (EU) 2022/2065 of the European Parliament and of the Council of October 19, 2022, on a single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L 2022.277.1 as amended; „DSA”) also under Article 3(h) of the DSA.The Administrator may collect the following data for the following purposes:The Administrator may use profiling for direct marketing purposes, but decisions based on it do not concern the conclusion or refusal to conclude a contract, nor the possibility of using electronic services. The outcome of profiling may include, for example, granting a discount to a person, sending them a discount code, reminding them of unfinished purchases, sending a product proposal that may match their interests or preferences, or offering better conditions compared to the standard offer. Despite profiling, the person freely decides whether they want to take advantage of the discount received or better conditions and complete the purchase. Profiling involves the automatic analysis or prediction of a person’s behavior on the Administrator’s website, for example, by adding a specific product to the cart, browsing a specific product page, or analyzing their activity history on the website. A condition for such profiling is that the Administrator has the person’s personal data to, for instance, send them a discount code.To the extent necessary for the proper functioning of the website and its functionalities, the website may, while being used by the User, collect other information, including, among others:

  • IP address;
  • Information about the device, hardware, and software, such as hardware identifiers, mobile device identifiers (e.g., Apple Identifier for Advertising [“IDFA”] or Android Advertising Identifier [“AAID”]);
  • Platform type;
  • Settings and components;
  • Data concerning the internet browser, including the type of browser and preferred language.

Considering the nature, scope, context, and purposes of processing, as well as the risk of violating the rights or freedoms of natural persons with varying probabilities and severity of threats, the Administrator implements appropriate technical and organizational measures to ensure that processing is carried out in accordance with the regulation and that it can be demonstrated. These measures are reviewed and updated as necessary. The Administrator applies technical measures to prevent unauthorized persons from acquiring and modifying personal data transmitted electronically.

  • 3 Data Sharing (continued)

The Administrator may share anonymized data (i.e., data that does not identify specific users) with external service providers to better understand the appeal of advertisements and services to users. In this context, due to the location of software providers, data may be transferred—while maintaining protection principles—to third countries that meet the standard contractual clauses approved by the European Commission for personal data processing or have the relevant authorization to do so under bilateral data processing agreements between the European Union and the respective third country, which is not a member of the European Economic Area. The entities involved, in the case of the Administrator, include:

  • Google LLC. (Headquarters: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for tools such as Google Analytics (used for analyzing website statistics), Google Tag Manager (used for managing scripts by easily adding code snippets to the website or app and tracking user actions on the website), Google Ads (used for displaying sponsored links in Google search results and on pages that participate in the Google AdSense program), and Google Workspace (enabling comprehensive editing of the website and coordinating the work of individuals working on it, including Google Drive, Gmail, Google Sheets, Google Forms, and Google Looker Studio).
  • Meta Platforms, Inc. (Headquarters: 1601 Willow Road, Menlo Park, CA 94025, USA) for Facebook Pixel, which tracks conversions from Facebook ads, optimizes them based on collected data and statistics, and builds targeted audience lists for future ads.
  • Microsoft Corporation (Headquarters: One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland) for analytical tools such as Microsoft Clarity, used for analyzing website statistics and tracking user activities on the website.
  • Stripe, Inc. (Headquarters: 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA, or 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland) for data necessary to process, authorize, and verify payments as well as parties involved in such payments.

The Administrator will always inform users about the intention to transfer personal data outside the EEA at the stage of data collection.The Administrator continuously conducts risk analysis to ensure that personal data is processed securely—ensuring primarily that only authorized persons have access to the data and solely to the extent necessary for the tasks they perform. The Administrator ensures that all operations involving personal data are logged and carried out only by authorized employees and collaborators.The Administrator takes all necessary measures to ensure that its subcontractors and other collaborating entities provide guarantees of implementing appropriate security measures in each case where they process personal data on behalf of the Administrator.The Administrator’s website may use the functionalities of Google Analytics, a website traffic analysis service provided by Google, LLC („Google”). Google Analytics uses cookies to help website operators analyze how visitors use the website. Information generated by cookies about the use of the website by visitors is generally transmitted to and stored by Google on servers in the United States. According to current IT standards, IP addresses of users visiting the Administrator’s website are shortened. Only in exceptional cases is the complete IP address transmitted to a Google server in the United States and shortened there. At the Administrator’s request, Google will use this information to evaluate the website for its users, create reports on website traffic, and provide other services related to website traffic and internet use to website operators. Google will not associate the IP address transmitted as part of Google Analytics with any other data held by it. More information on how Google Analytics collects and uses data can be found on Google’s official website at: www.google.com/policies/privacy/partners. Additionally, any user can prevent Google from collecting and processing data relating to their use of the website by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout.When sharing data with third parties, the Administrator makes every effort to ensure that this is done only with entities meeting the criteria and requirements specified under Articles 46 or 49 of the GDPR. Where applicable, the Administrator will rely on the EU standard contractual clauses and other safeguards to enable transfers outside the EEA. Following the decision of the Court of Justice of the European Union of July 16, 2020, the Administrator continues to evaluate the legal systems of the countries to which data is transferred and, as necessary, updates measures aimed at ensuring appropriate levels of protection.Regarding data transferred to the United States, the Administrator, when sharing data with third parties, ensures that this is done, in accordance with the European Commission’s decision of July 10, 2023, only with entities and organizations in the USA that ensure compliance with the new „EU-US Data Privacy Framework.” A list of these organizations has been published by the U.S. Department of Commerce. The transfer of personal data from the EEA to organizations that have joined the „EU-US Data Privacy Framework” program and are on this list is possible without the need for additional authorizations or the application of legal instruments such as standard contractual clauses or binding corporate rules. However, if a given data importer in the USA has not joined the „EU-US Data Privacy Framework” program, the transfer of personal data to them is possible and will be carried out in compliance with the conditions set out in Articles 46 or 49 of the GDPR. In such cases, the Administrator will rely on the EU standard contractual clauses and other safeguards to enable transfers outside the EEA.

  • 4 User Rights

A user whose personal data is processed has the right to:

  • Access, rectification, restriction, deletion, or portability: The person whose data is being processed has the right to request from the Administrator access to their personal data, its rectification, deletion („right to be forgotten”), or restriction of processing, and also has the right to object to processing, as well as the right to data portability. The detailed conditions for exercising these rights are specified in Articles 15-21 of the GDPR.
  • Withdraw consent at any time: If the data is processed by the Administrator based on consent (under Article 6(1)(a) or Article 9(2)(a) of the GDPR), the individual has the right to withdraw such consent at any time without affecting the legality of the processing carried out based on consent before its withdrawal.
  • File a complaint with a supervisory authority: The individual whose data is processed by the Administrator has the right to file a complaint with a supervisory authority in accordance with the provisions of the GDPR and applicable national law. In Spain, the supervisory authority is the Spanish Data Protection Agency (Agencia Española de Protección de Datos, AEPD).
  • Object: The individual whose data is being processed has the right to object at any time—on grounds relating to their particular situation—to the processing of their personal data based on Article 6(1)(e) (public interest or public tasks) or (f) (legitimate interest of the Administrator), including profiling based on these provisions. In such a case, the Administrator may no longer process these personal data unless it demonstrates compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the individual, or for the establishment, exercise, or defense of legal claims.
  • Object to direct marketing: If personal data is processed for direct marketing purposes (based on the legitimate interest of the Administrator and not on the consent of the data subject), the individual has the right to object at any time to the processing of their personal data for such marketing purposes, including profiling to the extent that it is related to such direct marketing.

The exercise of the above rights is carried out based on a request sent by the user to the email address info@salesmonopoly.com. Such a request should include the user’s first and last name.The user guarantees that the data they provide or publish on the website is accurate.

  • 5 Cookies

„Cookies” refer to IT data, particularly text files, stored on users’ end devices (usually on the hard drive of a computer or a mobile device) that allow the user’s browser to save specific settings and data for the use of websites. These files enable the recognition of the user’s device and the proper display of the website, ensuring convenience during its use. The storage of „cookies” allows the website and its offerings to be tailored to the user’s preferences—the server recognizes and remembers, for example, preferences such as visits, clicks, and previous actions.”Cookies” specifically contain:

  • The domain name of the website from which they originate,
  • The time they are stored on the end device, and
  • A unique number used to identify the browser connecting to the website.

Cookies are used for the following purposes:

  • To adapt the content of websites to the user’s preferences and optimize the use of websites,
  • To create anonymous statistics that, by helping determine how the user uses websites, allow for the improvement of their structure and content,
  • To provide website users with advertising content tailored to their interests.

Cookies are not used to identify the user, and their identity is not determined based on them.The main classification of cookies distinguishes them as follows:

  • Essential cookies: These are absolutely necessary for the proper functioning of the website or the functionalities the user wants to use, as without them, many of the services we offer could not be provided. Some of them also ensure the security of the services we provide electronically.
  • Functional cookies: These are important for the operation of the website because:
    • They enhance the functionality of websites; without them, the website will work correctly but will not be tailored to the user’s preferences.
    • They ensure a high level of functionality for websites; without them, the level of functionality may decrease, but their absence should not completely prevent the use of the website.
    • They are necessary for most website functionalities; blocking them will cause certain features to not work properly.
  • Business cookies: These enable the implementation of the business model on which the website is based; blocking them will not make all functionalities unavailable, but it may reduce the quality of the service due to the inability of the website owner to generate revenue that subsidizes its operation.

Cookies used to adapt the content of websites to the user’s preferences generally do not involve the collection of any information that allows for the identification of the user. However, this information may sometimes constitute personal data, i.e., data that allows certain behaviors to be attributed to a specific user. Personal data collected using cookies may only be collected to perform specific functions for the user. Such data is encrypted in a way that prevents unauthorized access.The cookies used by this website are not harmful to the user or the end device they use. Therefore, to ensure the proper functioning of the service, it is recommended not to disable their use in browsers. In many cases, the software used to browse websites (internet browser) allows the storage of information in the form of cookies and other similar technologies on the user’s end device by default. The user can change the way the browser uses cookies at any time. To do this, the browser settings must be changed. The method for changing settings varies depending on the software used (internet browser). Appropriate instructions can be found on the help pages of the browser you are using.As part of cookie technology, the Administrator may use tracking pixels or clear GIF files to collect information about how the user uses its services and their response to marketing messages sent via email. A pixel is a software code that allows an object, usually a one-pixel-sized image, to be embedded on a website, enabling the tracking of user behavior on the websites where it is placed. Upon granting the appropriate consent, the browser automatically establishes a direct connection with the server hosting the pixel, so the processing of data collected by the pixel is carried out under the data protection policy of the partner managing the server.The Administrator may use internet log files (which contain technical data such as the user’s IP address) to monitor traffic within its services, resolve technical issues, detect and prevent fraud, and enforce the provisions of the User Agreement.The Administrator informs that the website does not respond to DNT (Do Not Track) signals. However, the user can disable certain forms of online tracking, including some analytics and personalized ads, by changing cookie settings in their browser or using our cookie consent tools (if applicable).Detailed information on how to change cookie settings and manually delete them in the most popular internet browsers is available in the help section of the browser and on the following pages (click the relevant link):

  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge
  • Opera
  • Safari macOS
  • Safari iOS/iPad OS

Detailed information on managing cookies on a mobile phone or other mobile device should be found in the user manual for the respective mobile device.