privacy policy

1. Personal data controller

The controller of your personal data is:
HOTBOX SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
ul. Kielecka 9 / 21, 31-526 Kraków, Poland
NIP: 6751782437

2. What data do we process?

In connection with placing an order or contacting us, we may process the following personal data:

first and last name
e-mail address
delivery address
phone number (optional)

Providing data is voluntary, but necessary for the order to be processed. Failure to provide data will prevent the order from being processed, but will not affect the ability to use other features of the website.

3. Purposes and legal basis for data processing

We process your personal data for the following purposes:
Order fulfillment and service – Article 6(1)(b) of the GDPR
Issuing invoices and tax obligations – Article 6(1)(c) of the GDPR
Contact regarding the order – Article 6(1)(f) of the GDPR
Website traffic analysis (e.g. Google Analytics) – Article 6(1)(f) of the GDPR

4. Data recipients

Your personal data may be transferred to the following entities:
courier companies and delivery companies (for the purpose of delivering your order),
accounting office (for accounting services),
hosting companies and IT service providers,
analytics tool operators (e.g. Google).

5. Data retention period

Your data will be processed for the period necessary to complete the order and for the time required by tax and accounting regulations (usually up to 5 years from the end of the year in which the transaction was made).

6. Rights of the data subject

You have the right to:
access your personal data,
rectify it,
erase it (“right to be forgotten”),
restrict processing,
transfer data,
object to processing,
lodge a complaint with the President of the Personal Data Protection Office (UODO).

7. Cookies and analytical tools

The website uses cookies to ensure proper functioning, as well as analytical tools such as Google Analytics, which enable the analysis of statistics and user behavior on the website.
During your first visit to the website, a banner informing you about the use of cookies is displayed – you can give your consent or manage it.

8. Profiling

Your personal data may be processed in an automated manner, including in the form of profiling, which involves analyzing your order history, visited subpages, and activities on the website in order to:
tailor marketing content to your preferences,
improve the product offer,
display personalized ads (if you have given your consent).
Profiling will not have any legal effects on you or otherwise significantly affect your situation – it is used solely for marketing and analytical purposes.

9. Transfer of data outside the European Economic Area (EEA)

We do not transfer your personal data outside the European Economic Area unless it is necessary in connection with the operation of external tools (e.g. Google) that may store data on servers outside the EEA. In such cases, appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

10. Changes to the privacy policy

The privacy policy may be updated. The new version will be published on the website along with the date of entry into force.

Last updated: August 14, 2025.

This website uses cookies for statistical and marketing purposes and to ensure its proper functioning. Cookie policy.

Accept