- This Privacy Policy defines the rules for processing the personal data of users (entrepreneurs) using the ordering portal available at kuna.vet, hereinafter referred to as the Portal.
- The controller of personal data is:
The Controller processes personal data in accordance with:
other relevant national and EU regulations concerning personal data protection.
the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the so-called GDPR),
the Act on Providing Services by Electronic Means of 18 July 2002,
Personal data is processed for the following purposes:
| Purpose of Processing | Legal Basis – Art. 6(1) GDPR |
| Creation and management of an account on the Portal | lit. b) – performance of a contract |
| Fulfillment of orders and commercial contracts | lit. b) – performance of a contract |
| Issuing invoices and accounting documents | lit. c) – legal obligation |
| Handling complaints and customer communication | lit. b) or f) – legitimate interest |
| Pursuing claims, debt collection | lit. f) – legitimate interest |
| Direct marketing (e.g., newsletter) | lit. a) – consent (if required) |
The following data, among others, may be processed:
other data voluntarily provided by the customer in the course of contact with the Portal.
identification data: first and last name, company name, Tax Identification Number (NIP), National Business Registry Number (REGON),
contact data: email address, phone number, delivery and correspondence address,
data concerning orders, payments, and transaction history,
login data and IP address,
Data may be disclosed to entities processing data on behalf of the Controller, including:
- courier and logistics companies,
- online payment operators,
- accounting offices and law firms,
- IT, hosting, and store software service providers.
Each of these entities processes data based on an appropriate personal data processing agreement and only in accordance with the Controller’s instructions.
Personal data is stored by the Controller for the period necessary to achieve the purposes for which it was collected, and then for the period resulting from applicable laws or until the statute of limitations for any potential claims.
In particular:
- data related to order fulfillment, transactions, and account management – for the entire period the customer has an active account and for up to 6 years after its deletion (for potential claims or disputes),
- data contained in accounting documentation – for 5 years from the end of the tax year, in accordance with accounting and tax regulations.
The store is directed exclusively to business clients (B2B).
Nevertheless, some of the data processed by the Controller may constitute personal data within the meaning of Article 4(1) of the GDPR, in particular:
- data of natural persons running a sole proprietorship,
- data of persons representing or contacting on behalf of companies (e.g., procurement department employees, company owners, attorneys-in-fact).
Data that is not personal data within the meaning of the GDPR (e.g., general company data that does not identify natural persons) may be stored by the Controller for a longer period – in accordance with commercial data archiving principles.
Every user has rights arising from the GDPR, including:
- the Right of access to data (Art. 15 GDPR),
- the Right to rectification of data (Art. 16 GDPR),
- the Right to erasure of data – the so-called “right to be forgotten” (Art. 17 GDPR),
- the Right to restriction of processing (Art. 18 GDPR),
- the Right to data portability (Art. 20 GDPR),
- the Right to object to data processing (Art. 21 GDPR),
- the Right to lodge a complaint with the President of the Personal Data Protection Office (https://uodo.gov.pl).
To exercise these rights, please contact the Portal Administrator
Providing personal data is voluntary but necessary for the provision of services offered by the Portal. Failure to provide data will prevent account creation and order fulfillment.
The Controller implements appropriate technical and organizational measures to ensure the security of personal data, in particular:
systems protecting against unauthorized access to data.
connection encryption (SSL certificate),
use of passwords and access authorization,
The service uses cookies (so-called “cookies”) for the proper functioning of the website, ensuring store functionality, and for statistical and marketing purposes, provided the user has given consent.
Furthermore, articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the user has visited the other website. These websites may collect data about the user, use cookies, embed additional third-party tracking tools, and monitor the user’s interaction with that embedded content, including tracking interaction with the embedded content if the user has an account and is logged in to that website.
Detailed information regarding the types of cookies used, their purpose, storage period, and consent management options can be found in the Cookie Policy, available under a separate link on the website.
The Controller reserves the right to update this Policy. Users will be informed of any changes via a notice on the store’s website or by email.