Free Delivery on orders over 166€.
FAQ | Contact

Privacy policy

Privacy policy

§1 Personal Data Administration

  1. The administrator of personal data is Hanna Ciszewska, running a business under the name Hanna Ciszewska Couture, Tadeusza Apolinarego Wendy 1-3, 70-655 Szczecin, Poland. The business is registered in the Central Register and Information on Business Activity under the NIP number: 9552586037, REGON 540824102.
  2. Contact with the person supervising the processing of personal data within the organization is possible electronically at the email address: info@mlisme.com, in writing at the Administrator’s address, or by phone at the number +48 506 960 468.
  3. This Policy contains the rules for the processing of personal data by the Administrator in the Online Service, including the basis, purposes, and scope of processing personal data as well as the rights of the data subjects.
  4. Personal data is processed by the Administrator in accordance with applicable laws, in particular, with Regulation (EU) 2016/679 of the European Parliament and Council of April 27, 2016, regarding the protection of individuals concerning the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR). Official text of the GDPR: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679.
  5. The User’s rights are not absolute and do not apply to all processing activities of personal data.

§2 Definitions

  1. Administrator – Hanna Ciszewska, running a business under the name Hanna Ciszewska Couture, Tadeusza Apolinarego Wendy 50/17-18, 70-655 Szczecin, Poland. The business is registered in the Central Register and Information on Business Activity under the NIP number: 9552586037, REGON 540824102.
  2. Personal Data – information about an identified or identifiable individual through one or more specific factors defining their physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, internet identifier, and information collected through cookies and similar technologies.
  3. Policy – this Privacy Policy.
  4. Cookie Policy – a document outlining the rules for using cookies in the Service, available at: http://mlisme.com/pl/polityka-cookies/.
  5. Profiling – automated processing of personal data that involves analyzing and predicting user behavior.
  6. GDPR / General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016, regarding the protection of individuals in relation to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC.
  7. Service – the online service operated by the Administrator at the address mlisme.com.
  8. User – any natural person visiting the Service or using one or more services or functionalities described in the Policy.

§3 Security

  1. The Administrator has implemented appropriate technical and organizational measures to ensure the security of personal data processing, and in particular, is responsible for ensuring that the data collected by them is:
    processed in accordance with the law;
    collected for specified, legitimate purposes and not subject to further processing that is incompatible with those purposes;
    accurate and adequate to the purposes for which they are processed;
    stored in a form that allows the identification of data subjects, no longer than is necessary for the purposes of processing;
    processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

§4 Purposes and Legal Bases for Data Processing

  1. Based on Article 6(1)(a) of the GDPR (consent), personal data may be processed for the following purposes:
    Marketing of the Administrator’s and the Administrator’s partners’ products and services.
    Retargeting and behavioral advertising, including displaying personalized ads based on the user’s activity history in the Service and other websites. Data processing for these purposes occurs only based on the User’s consent expressed in the cookie banner. Data may be collected via cookies and similar technologies, in accordance with the Cookie Policy.
    Sending newsletters.
    Moderating content in the Service.
    Saving data in cookies according to the Cookie Policy.
    Publishing product or service reviews.
    Participation in webinars or online training.
    Contacting via distance communication tools, including phone, email, or apps.
    Participation in contests and loyalty programs.
    Inviting participation in surveys and market research.
    Managing and maintaining the User’s account in the Service.
    Personalizing content in the Service.

  2. Based on Article 6(1)(b) of the GDPR (performance of a contract), personal data may be processed for:
    Performing a sales contract or service contract or taking steps at the request of the data subject before entering into such contract,
    After entering into the contract, in particular: warranty rights, handling complaints or withdrawal from a distance contract.
    Managing the User’s account.

  3. Based on Article 6(1)(c) of the GDPR (legal obligation of the Administrator), personal data may be processed for:
    Issuing and storing invoices, receipts, or fulfilling other obligations arising from tax and accounting regulations (archival obligation concerning accounting documents).
    Cooperation with law enforcement agencies and public institutions.
    Creating registers and other documentation required by the GDPR provisions.

  4. Based on Article 6(1)(f) of the GDPR (legitimate interest of the Administrator), personal data may be processed for:
    Proper performance of the contract, processed during the performance of the contract and the rights resulting from it, e.g. the right to a complaint. Providing data is voluntary but necessary.
    Securing the Service, managing the Service, and ensuring its proper functioning.
    Conducting statistics and traffic analysis in the Online Service.
    Direct marketing.
    Establishing claims raised by or against the Administrator.
    Contacting the User.
    Managing the mlisme.com Service.
    Storing data necessary for the proper functioning of the Service in cookies according to the Cookie Policy.
    Managing Facebook, Instagram accounts and interacting with Users on these platforms.
    Data may be transferred to the following recipients or categories of recipients, such as courier companies, postal operators, law firms, accounting firms, IT service providers.

  5. Personal data may also be processed for other purposes if the Administrator has a legal basis for it, in particular, under Article 6 of the GDPR, provided that such a purpose does not violate the User’s rights and freedoms. In such cases, the User will be informed of the new processing purpose before the processing begins.

§5 Profiling

  1. The Administrator uses profiling for marketing purposes, which involves analyzing the User’s activity in the Service through cookies and similar technologies.
  2. Profiling may include:
    personalizing ads based on browsing history,
    analyzing the User’s interactions with content in the Service,
    adjusting the displayed ad content on external sites (e.g., Google Ads, Facebook).
  3. Profiling is carried out only based on the User’s consent.
  4. The User may withdraw their consent to profiling at any time by changing the settings or by contacting the Administrator at the email address: info@mlisme.com.

§6 Personal Data Processing Period

  1. The period of data processing by the Administrator depends on the type of service provided and the purpose of the processing. As a rule, data is processed for the duration of the service, until the consent is withdrawn or an effective objection is made regarding data processing when the legal basis for processing data is the legitimate interest of the Administrator.
  2. The data processing period may be extended if processing is necessary to establish and pursue potential claims or to defend against claims, and thereafter only if required by law. After the processing period has elapsed, the data is irreversibly deleted or anonymized.
  3. Specific periods for storing data depending on the purpose:
    Data related to the execution of the contract – stored for the duration of the contract and then for the period of limitation of claims (3 or 6 years).
    Accounting and tax data – stored for the period required by tax law (currently 5 years).
    Marketing data (newsletter, behavioral advertising) – stored until consent is withdrawn.
    Data related to user inquiries – stored for up to 12 months after the correspondence ends.

§7 User’s Rights

  1. The User has the following rights regarding their personal data: access to personal data,
    rectification of personal data at any time,
    deletion of personal data at any time,
    receiving a copy of personal data,
    restriction of personal data processing,
    objection to personal data processing,
    data portability,
    withdrawal of consent; withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal,
    objection to the processing of personal data based on the legitimate interest of the Administrator for marketing purposes, direct marketing, and purposes other than marketing,
    to file a complaint with a supervisory authority.
  2. To exercise the above rights, the User may contact the Administrator by sending a message to the email address info@mlisme.com or by correspondence to the Administrator’s address. The Administrator undertakes to consider the request within 30 days of its receipt.
  3. In some cases, the Administrator may refuse to fulfill the User’s request if the law imposes an obligation to continue processing the data.

§8 Recipients of Personal Data

  1. The Administrator transfers the User’s personal data to external entities for the proper operation of the Service, in particular: courier companies, postal operators, law and collection offices, payment operators (PayU, Stripe), insurers, banks, marketing companies.
  2. The Administrator reserves the right to disclose personal data when required by applicable law, including the obligation to provide information to relevant administrative authorities or law enforcement agencies.

§9 Transfer of Personal Data Outside the EEA

§10 Data Security

  1. The Administrator continuously conducts risk analysis to ensure that personal data is processed securely. In particular, access to data is granted only to authorized persons and only to the extent necessary due to the tasks performed by them.
  2. The Administrator is obliged to take all legally permissible actions to ensure that all personal data operations are recorded and carried out only by authorized entities.
  3. The Administrator is also required to ensure that other entities cooperating with the Administrator guarantee the use of appropriate security measures whenever they process personal data on behalf of the Administrator.
  4. The Administrator uses technical safeguards such as data transmission encryption (SSL/TLS), limiting access to systems, and procedures for protecting against unauthorized access to data.

§11 Privacy Policy Changes

  1. The Policy is regularly reviewed and updated.

   2. The current version of the Policy was adopted and is effective from March 20, 2025.

#mlisme

No access token
Terms and Conditions
Returns and Exchanges
Privacy Policy
Cookies Policy
Payment methods
Shipping
About us
FAQs
Blog
Contact

© - lismé 2024

Design by Investnet