Subscribe our AppShop
Subscribe our appShop

Privacy policy

Dear Sir or Madam,

below, we would like to present rules by which we collect and store your data, rights to which you are entitled, as well as individuals responsible for ensuring the security of your personal data processed by us. We kindly ask you to review the following information and to accept terms of use of our website. All personal data processing will be carried out in accordance with the applicable laws and regulations.

What is personal data and what does its processing involve?

Under Article 4(1) of the GDPR, personal data is defined as any information relating to an identified or identifiable natural person. This includes, among others, name and surname, identification number (such as PESEL), telephone number, email address, IP address and physical or physiological characteristics. In addition, information about your location transmitted by smartphones, tablets and other electronic devices is also considered personal data. Please note that, in accordance with the GDPR, personal data protection applies only to natural persons and does not extend to legal entities.

Processing of personal data refers to virtually any operation performed on personal data, regardless of whether it is carried out by automated means or not. This includes, for example: collection, storage, recording, organization, modification, browsing, use, disclosure, restriction, deletion or destruction.

Who is the Personal Data Controller?

Controller is the entity responsible for collecting personal data. Controller is also the point of contact to whom you may address any requests related to collection and processing of your personal data by us. In our case, the Controller is Agnieszka Kułaga, conducting business under the name Be Compleat Agnieszka Kułaga, ul. Bielatowicza 11, 33-100 Tarnów, NIP: 8732999444 (Be Compleat). Personal Data Controller can be contacted via email at kontakt@becompleat.pl or by phone at 694 932 247.

What personal data do we process?

As a rule, we process personal data only when it is truly necessary for provision of a given service or performance of a contract. In such cases, we process personal data of Be Compleat clients and individuals contacting Be Compleat to inquire about our services, provide feedback regarding our products or services, initiate cooperation or enter into a contract. This includes, in particular, following personal data: name and surname, home or business address, health-related information, email address and phone number.

Furthermore, if you give your explicit consent and in order to properly perform services we provide – specifically preparation of an appropriate diet plan based on health-related information – we inform you that we may collect your sensitive data, including, among others, information concerning your health or biometric data. Please note that whenever you provide, whether personally, via websites, email messages or during phone conversations, any information that falls within the special categories of personal data (i.e., sensitive data), such action shall be deemed as your explicit consent for us to collect and use such information in accordance with this document or the terms specified at the point of disclosure.

On what basis and for what purpose do we process your data?

We process personal data lawfully, fairly and in a transparent manner. Your personal data is processed on the basis of:

  1. Your voluntary consent, for example, by sending us an email or agreeing to receive newsletters or other forms of marketing (Article 6(1)(a) of the GDPR).
  2. Performance of contract, including the initiation of cooperation or conclusion of contract (Article 6(1)(b) of the GDPR).
  3. Legał obligations, such as those arising from tax law or accounting regulations (Article 6(1)(c) of the GDPR).
  4. Legitimate interests pursued by Be Compleat as the Data Controller, for instance, in the context of database creation, analytical and profiling activities (including analysis of product usage), direct marketing of our own products and securing documentation for the purpose of defense against potential claims for the establishment of claims (Article 6(1)(f) of the GDPR).

The purposes for which we process your personal data include:

  1. Ensuring the highest quality of services we provide, i.e., where you are or become a party to a contract with us, we will process only personal data necessary for its execution – such as your name, phone number or residential/delivery address.
  2. Legitimate interests pursued by the Controller, which include: performance of contracts and execution of orders, proper delivery of services to you, compiling statistical data related to visits to our website, improving our services and tailoring them to your personalized needs, as well as conducting marketing and promoting our services in the marketplace.

To whom may we disclose your personal data?

With your consent, your data will be shared only with trusted entities cooperating with us, specifically: dietitians, customer service representatives and IT specialists. Your data may also be disclosed to our subcontractors, associates or service providers who assist us in delivering our services (e.g. entities providing postal, courier, accounting services or those involved in order fulfillment). Transfer of personal data to another entity does not grant that entity unrestricted use of data, but only permits processing for purposes defined in data processing agreement, ensuring data security and solely to extent necessary to properly provide services to you and fulfill our contractual obligations. Transfer of personal data does not release us (as the transferring party) from responsibility for their processing. We also inform you that your data may be disclosed to public authorities, but only if such authorization arises from generally applicable legal provisions and the authority presents an appropriate request in this regard.

How long will we process your personal data?

Your personal data will be processed as long as it remains relevant in light of our legal relationship, i.e., until the basis for processing no longer exists. For example: in the case of consent – until it is withdrawn, restricted or otherwise limited by you; if the data is necessary for performance of a contract – for the duration of contract and thereafter, until any applicable limitation periods expire; if the basis for data processing is legitimate interest of the Controller – until such interest ceases to exist. Additionally, we will process your personal data for as long as required by applicable legal regulations, which also define the retention periods for such processing.

What rights do you have?

The GDPR provides number of rights for individuals whose personal data is collected and processed. According to the GDPR, you have the right to:

  1. Access your personal data;
  2. Request rectification of your personal data;
  3. Request deletion or restriction of the processing of your personal data;
  4. Withdraw your consent to the processing of your personal data (where consent was given);
  5. Data portability;
  6. Object to the processing of your personal data.

Cookies

Controller’s website uses “cookies.” These are small text files stored on your computer, phone, tablet or other device. They may be read by the Controller as well as by systems belonging to other entities whose services we use (such as Google). Cookies typically contain name of the website they originate from, duration of their storage on your device and a unique identifier. For more information about cookies, please visit www.allaboutcookies.org.

Cookies can be divided into the following categories:

  • Temporary (session) cookies – These operate only during your visit to website, enabling its proper functioning. Session cookies are stored on user’s device until they log out of website or close browser. They are also used by server to store information about user actions so that, in the event of a disconnection, user can return to the same place on the site.
  • Persistent cookies – These remain on device after visiting website, allowing it to remember user settings for future visits. This makes website easier to navigate and remembers preferences of the Customer/User.
  • Third-party/external/ad network cookies – These allow displayed content to be tailored to preferences of the Customer at the time of purchasing (e.g. Google Analytics, Google Ads).

Cookies used by the Controller can also be categorized based on the purpose for which they are installed:

Essential cookies – these cookies are necessary for proper functioning of website or specific features that the user wishes to use. Without them, website would not function correctly. Some of these cookies also ensure the security of services provided electronically by the Controller. Their placement on a visitor’s device does not require consent. You may block or delete essential cookies using your browser settings; however, this may result in partial or full dysfunctionality of website or difficulties in navigating it, including inability to use certain features.

Personal data obtained through essential cookies is processed by us:

  • Based on Article 6(1)(f) of the GDPR (legitimate interest of the Controller in ensuring the functionality of website);
  • Based on Article 6(1)(b) of the GDPR (performance of a contract to which the data subject is a party).

Fucntional cookies – these remember your preferences and choices, allowing us to offer more personalized services. Information collected by these cookies does not track your activity.

These cookies are used to:

  • Support website functionality – without them, site should still work correctly, but may not be tailored to your preferences;
  • Provide a high level of website functionality – without them, the level of usability may be reduced, although site should remain operational.

Cookies considered personal data are processed by the Controller based on Article 6(1)(a) of the GDPR (user consent).

Analytical cookies – these allow us to measure website traffic and collect information about traffic sources, which helps improve functionality and performance of our site.

Personal data obtained through analytical cookies is processed by us based on Article 6(1)(a) of the GDPR (user consent).

Marketing (advertising) cookies – these allow for the display of advertisements that are more relevant to users and more valuable to publishers and advertisers. These cookies may also be used to personalize ads and to display advertisements outside of our website.

Personal data obtained through marketing (advertising) cookies is processed by us based on Article 6(1)(a) of the GDPR(user consent).

List of all Cookies Processed by the Controller:

The Controller also uses tracking pixels. Pixel is a piece of software code that enables the placement of an object – typically 1-pixel image – on a website, allowing for tracking of user behavior on sites where the pixel is embedded. Optimal pixel performance may be combined with the use of first-party or third-party cookies. Upon providing appropriate consent, the user’s browser automatically connects directly with server hosting the pixel; therefore, data collected by pixel is processed in accordance with the privacy policy of entity managing that server.

Transfer of Data to Third Countries:

Within the Website, User data may be processed by entities cooperating with the Controller, which, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), are obligated to maintain privacy standards equivalent to those contained in this Policy.

Some of the Controller’s partners are based outside the European Union and are therefore considered “third countries” under the GDPR. The Controller ensures that such entities have committed to providing an appropriate level of protection for personal data.

Google – for web traffic analytics. Data collected does not allow for the identification of any specific individual. More information on Google’s privacy standards is available here: www.google.com/intl/pl/policies/privacy/partners/.
You can disable Google Analytics tracking via this link: https://tools.google.com/dlpage/gaoptout.

Facebook (Meta) – provided by Meta Platforms Ireland Limited, used for managing ads on Meta platforms and conducting remarketing activities. Facebook Pixel is a code snippet placed on the website that allows targeting audiences based on the behavior of users who have visited the site. Through Facebook Pixel functionality, ads can be displayed on Meta platforms only to users who have shown interest in products or services or have similar characteristics to those who did. This data is processed based on legitimate interest of the Controller (Article 6(1)(f) of the GDPR). More information on Facebook Pixel can be found in Meta’s Privacy Policy.

These companies guarantee compliance with data protection standards, and the Controller’s use of their technologies in processing personal data is in accordance with the law.

You may contact the Controller at any time to exercise any of your rights. If you have any questions, concerns or doubts regarding this policy or the way we process personal data – or if you wish to file a complaint (although we hope this will not be necessary) – please email us with detailed information regarding your complaint at: kontakt@becompleat.pl. All complaints will be reviewed and responded to.

You also have the right to lodge a complaint with supervisory authority, i.e. the President of the Personal Data Protection Office (address: ul. Stawki 2, 00-193 Warsaw), if you believe that our data processing violates the GDPR. If you wish to exercise any of your rights, please contact the Controller at:
Be Compleat Agnieszka Kułaga, ul. Bielatowicza 11, 33-100 Tarnów
Email: kontakt@becompleat.pl
Phone: 694 932 247