INTRODUCTION

At Center-Mebel sp. z o.o. sp. k., operating under the RARO brand, we are committed to

protecting the privacy of our customers and take our responsibility for

the security of their data seriously. We provide clear and transparent information about what personal data

we collect and what we do with it.

This Privacy Policy sets out the following:

• what personal data we collect and process in connection with you being our

customer and in connection with your use of our websites, online store, newsletter, and

other online services;

• what we do with this data;

• how long we process the data;

• to whom we transfer/disclose the data;

• and how we implement your right to data protection.

DATA CONTROLLER

The controller of your personal data is:

Center-Mebel sp. z o.o. sp. k.

Al. Legionów 141F/1

18-400 Łomża

KRS 0000533019

NIP 9662095151

(hereinafter referred to as the “Company”), owner of the RARO brand.

WHAT PERSONAL DATA WE PROCESS

Personal data means any information about you that allows you to be identified,

such as your name, contact details, customer number, login, payment details, and information

about your access to our website.

We may collect your personal data in connection with, among other things, the sale of our

products and services, the creation of an account in our online store, the use of our website

and other websites accessible through it, participation in a survey or

competition, subscription to a newsletter, or contacting us.

In particular, we may collect data from the following categories:

• name and surname, home address, email address, telephone number, credit

card/debit card details or other payment details,

• information about your preferences regarding the use of the products and services we offer

,

• information about your purchase of our products and services and those of our

partners,

• information about your use of our website,

• communications with you or from you to us (e-mail, chat, social media,

 telephone).

FOR WHAT PURPOSE DO WE PROCESS PERSONAL DATA

We process personal data:

• for the purpose of providing services electronically and concluding sales contracts – Article 6(1)(a)

(b) of the GDPR,

• to target marketing content – Article 6(1)(f) of the GDPR,

• to fulfill the legal obligations incumbent on the Company – Article 6(1)(c) of the GDPR,

• for analytical and statistical purposes – Article 6(1)(f) of the GDPR,

• to establish or pursue claims or defend against claims – Article 6(1)(f)

of the GDPR.

HOW LONG DO WE PROCESS PERSONAL DATA

We process personal data:

• for the purpose of performing a sales contract – for the time necessary to perform it,

• for the purpose of providing electronic services – for the duration of the provision of services,

• for marketing purposes – until an objection is raised,

• for analytical and statistical purposes – for the duration of the provision of services,

• for the purpose of pursuing the Company's legitimate interest – for the duration of that interest.

Data may also be stored for periods required by law (e.g., tax,

accounting).

After the necessary time has elapsed, the data will be securely deleted, destroyed, or anonymized.

INTERNATIONAL DATA TRANSFER

The Company does not transfer personal data to third countries.

SHARING OF PERSONAL DATA

The recipients of the data may be:

• state authorities authorized by law,

• trusted providers of IT services and information systems,

• postal operators, couriers, transport companies,

• electronic payment operators, banks,

• insurance companies,

• law firms and debt collection companies,

• business partners offering products/services through our website,

• social media – based on the user's consent and the privacy settings of the given

service.

DATA PROTECTION OFFICER

The company is not required to appoint a Data Protection Officer.