PRIVACY POLICY OF THE ONLINE STORE RAGIDOG.COM

TABLE OF CONTENTS

  1. GENERAL PROVISIONS
  2. GROUNDS FOR DATA PROCESSING
  3. PURPOSE, GROUNDS AND PERIOD OF DATA PROCESSING IN THE ONLINE STORE
  4. RECIPIENTS OF DATA IN THE ONLINE STORE
  5. PROFILING IN THE ONLINE STORE
  6. RIGHTS OF THE DATA SUBJECT
  7. COOKIES IN THE ONLINE STORE AND ANALYTICS
  8. FINAL PROVISIONS

1. GENERAL PROVISIONS

1.1. This privacy policy of the Online Store is for information purposes, which means that it is not a source of obligations for the Service Recipients or Customers of the Online Store. The privacy policy contains, above all, the rules governing the processing of personal data by the Controller in the Online Store, including the grounds, purposes and period of processing of personal data as well as the rights of data subjects, and information on the use of cookies and analytical tools in the Online Store.

1.2. The controller of personal data collected via the Online Store is LMC TRISS SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (a limited liability company under Polish law) with its registered office in Zakopane (registered office address: ul. Tatary 20B, 34-500 Zakopane, Poland; correspondence address: ul. Nędzy Kubińca 105C, 34-511 Kościelisko, Poland); entered in the Register of Entrepreneurs of the National Court Register under KRS number: 00001056427; registry court where the company’s documentation is kept: District Court for Kraków-Śródmieście in Kraków, 12th Commercial Division of the National Court Register; share capital: PLN 5,000; Tax Identification Number (NIP): 7361745647; Statistical Number (REGON): 526313915; email address: contact@ragidog.com; contact telephone number: +48 784-687-014 – hereinafter referred to as the “Controller” and being at the same time the Service Provider of the Online Store and the Seller.

1.3. Personal data in the Online Store is processed by the Controller in accordance with applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as the “GDPR”. The official text of the GDPR: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679

1.4. Use of the Online Store, including making purchases, is voluntary. Likewise, the associated provision of personal data by the Service Recipient or Customer using the Online Store is voluntary, subject to two exceptions: (1) concluding agreements with the Controller – failure to provide, in the cases and to the extent indicated on the Online Store’s website, in the Terms and Conditions of the Online Store and in this privacy policy, the personal data necessary to conclude and perform a Sales Agreement or an agreement for the provision of an Electronic Service with the Controller results in the inability to conclude that agreement. Provision of personal data is in such a case a contractual requirement, and if the data subject wishes to conclude a given agreement with the Controller, they are obliged to provide the required data. The scope of data required to conclude the agreement is each time indicated in advance on the Online Store’s website and in the Terms and Conditions of the Online Store; (2) the Controller’s statutory obligations – provision of personal data is a statutory requirement arising from generally applicable law imposing on the Controller an obligation to process personal data (e.g. processing data for the purpose of keeping tax or accounting books), and failure to provide it will prevent the Controller from fulfilling those obligations.

1.5. The Controller exercises particular care to protect the interests of the data subjects whose personal data it processes, and in particular is responsible for and ensures that the data it collects is: (1) processed lawfully; (2) collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes; (3) substantively correct and adequate in relation to the purposes for which it is processed; (4) kept in a form permitting identification of the data subjects for no longer than is necessary to achieve the purpose of processing; and (5) processed in a manner ensuring appropriate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organisational measures.

1.6. Taking into account the nature, scope, context and purposes of processing as well as the risk of infringement of the rights or freedoms of natural persons of varying likelihood and severity, the Controller implements appropriate technical and organisational measures to ensure that processing is carried out in accordance with the GDPR and to be able to demonstrate this. These measures are reviewed and updated as necessary. The Controller applies technical measures preventing the acquisition and modification of personal data transmitted electronically by unauthorised persons.

1.7. All words, expressions and acronyms appearing in this privacy policy and beginning with a capital letter (e.g. Seller, Online Store, Electronic Service) should be understood in accordance with their definition contained in the Terms and Conditions of the Online Store available on the Online Store’s website.

2. GROUNDS FOR DATA PROCESSING

2.1. The Controller is entitled to process personal data in cases where – and to the extent that – at least one of the following conditions is met: (1) the data subject has given consent to the processing of their personal data for one or more specific purposes; (2) processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary for compliance with a legal obligation to which the Controller is subject; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

2.2. The processing of personal data by the Controller each time requires the existence of at least one of the grounds indicated in Section 2.1 of the privacy policy. The specific grounds for the processing of personal data of the Service Recipients and Customers of the Online Store by the Controller are indicated in the next section of the privacy policy – in relation to the given purpose of processing of personal data by the Controller.

3. PURPOSE, GROUNDS AND PERIOD OF DATA PROCESSING IN THE ONLINE STORE

3.1. Each time, the purpose, grounds, period and recipients of personal data processed by the Controller result from the actions taken by a given Service Recipient or Customer in the Online Store or by the Controller. For example, if a Customer decides to make purchases in the Online Store and chooses personal collection of the purchased Product instead of courier delivery, their personal data will be processed for the purpose of performing the concluded Sales Agreement, but will no longer be disclosed to the carrier delivering shipments on the Controller’s behalf.

3.2. The Controller may process personal data within the Online Store for the following purposes, on the following grounds, and for the following periods indicated in the table below:

Purpose of data processing Legal basis for processing Data retention period
Performance of a Sales Agreement or an agreement for the provision of an Electronic Service, or taking steps at the data subject’s request prior to concluding the above agreements Article 6(1)(b) GDPR (performance of a contract) – processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the data subject’s request prior to entering into a contract Data is stored for the period necessary to perform, terminate or otherwise conclude the Sales Agreement or the agreement for the provision of an Electronic Service.
Direct marketing Article 6(1)(f) GDPR (legitimate interest of the Controller) – processing is necessary for the purposes of the Controller’s legitimate interests, consisting in caring for the interests and good image of the Controller and its Online Store and pursuing the sale of Products Data is stored for the period of existence of the legitimate interest pursued by the Controller, but no longer than the limitation period for the Controller’s claims against the data subject arising from its business activity. The limitation period is determined by law, in particular the Civil Code. The Controller may not process data for direct marketing purposes where the data subject has effectively objected to such processing.
Marketing Article 6(1)(a) GDPR (consent) – the data subject has consented to the processing of their personal data for marketing purposes by the Controller Data is stored until the data subject withdraws their consent to further processing of their data for this purpose.
Keeping tax books Article 6(1)(c) GDPR in conjunction with the applicable provisions of Polish tax law – processing is necessary for compliance with a legal obligation to which the Controller is subject Data is stored for the period required by law obliging the Controller to keep tax books (until the limitation period for the tax liability expires, unless tax laws provide otherwise).
Establishment, exercise or defence of claims that may be raised by the Controller or against the Controller Article 6(1)(f) GDPR (legitimate interest of the Controller) – processing is necessary for the purposes of the Controller’s legitimate interests, consisting in the establishment, exercise or defence of claims Data is stored for the period of existence of the legitimate interest pursued by the Controller, but no longer than the limitation period for claims that may be raised against the Controller (the basic limitation period for claims against the Controller is six years).
Use of the Online Store’s website and ensuring its proper functioning Article 6(1)(f) GDPR (legitimate interest of the Controller) – processing is necessary for the purposes of the Controller’s legitimate interests, consisting in operating and maintaining the Online Store’s website Data is stored for the period of existence of the legitimate interest pursued by the Controller, but no longer than the limitation period for the Controller’s claims arising from its business activity.
Keeping statistics and analysing traffic in the Online Store Article 6(1)(f) GDPR (legitimate interest of the Controller) – processing is necessary for the purposes of the Controller’s legitimate interests, consisting in keeping statistics and analysing traffic in the Online Store in order to improve its functioning and increase Product sales Data is stored for the period of existence of the legitimate interest pursued by the Controller, but no longer than the limitation period for the Controller’s claims arising from its business activity.

4. RECIPIENTS OF DATA IN THE ONLINE STORE

4.1. For the proper functioning of the Online Store, including the performance of the Sales Agreements concluded, it is necessary for the Controller to use the services of external entities (such as a software provider, courier or payment processor). The Controller uses only such processors that provide sufficient guarantees to implement appropriate technical and organisational measures so that processing meets the requirements of the GDPR and protects the rights of data subjects.

4.2. Personal data may be transferred by the Controller to a third country, whereby the Controller ensures that in such a case this will take place in relation to a country ensuring an adequate level of protection – compliant with the GDPR – and, in the case of other countries, that the transfer will take place on the basis of standard data protection clauses. The Controller ensures that the data subject has the possibility of obtaining a copy of their data. The Controller transfers collected personal data only where and to the extent necessary to achieve the given purpose of processing consistent with this privacy policy.

4.3. The Controller does not transfer data in every case and not to all recipients or categories of recipients indicated in the privacy policy – the Controller transfers data only where it is necessary to achieve the given purpose of processing and only to the extent necessary to achieve it. For example, if a Customer uses personal collection, their data will not be transferred to the carrier cooperating with the Controller.

4.4. The personal data of the Service Recipients and Customers of the Online Store may be transferred to the following recipients or categories of recipients:

4.4.1. carriers / freight forwarders / courier brokers / entities handling the warehouse and/or shipping process – in the case of a Customer who uses postal or courier delivery in the Online Store, the Controller discloses the collected personal data of the Customer to the selected carrier, forwarder or intermediary handling shipments on the Controller’s behalf, and where the shipment is made from an external warehouse – to the entity handling the warehouse and/or shipping process – to the extent necessary to complete the delivery of the Product to the Customer.

4.4.2. entities handling electronic or payment card payments – in the case of a Customer who uses electronic or payment card payments in the Online Store, the Controller discloses the collected personal data of the Customer to the selected entity handling the above payments in the Online Store on the Controller’s behalf, to the extent necessary to handle the payment made by the Customer. In particular, electronic and card payments in the Online Store are handled by Stripe Payments Europe, Limited, with its registered office in Ireland (The One Building, 1 Grand Canal Street Lower, Dublin 2, D02 H210, Ireland), together with affiliated Stripe entities. The rules for the processing of personal data by Stripe are available in Stripe’s privacy policy at: https://stripe.com/privacy.

4.4.3. providers of survey/review systems – in the case of a Customer who has agreed to submit a review of the concluded Sales Agreement, the Controller discloses the collected personal data of the Customer to the selected entity providing the review-survey system for Sales Agreements concluded in the Online Store on the Controller’s behalf, to the extent necessary for the Customer to submit a review via the review-survey system.

4.4.4. providers of services supplying the Controller with technical, IT and organisational solutions enabling the Controller to conduct its business activity, including the Online Store and the Electronic Services provided through it (in particular providers of computer software for running the Online Store, providers of email and hosting services, and providers of software for business management and technical support to the Controller) – the Controller discloses the collected personal data of the Customer to the selected provider acting on its behalf only where and to the extent necessary to achieve the given purpose of processing consistent with this privacy policy.

4.4.5. providers of accounting, legal and advisory services providing the Controller with accounting, legal or advisory support (in particular an accounting office, law firm or debt-collection company) – the Controller discloses the collected personal data of the Customer to the selected provider acting on its behalf only where and to the extent necessary to achieve the given purpose of processing consistent with this privacy policy.

4.4.6. providers of social plugins, scripts and other similar tools placed on the Online Store’s website enabling the browser of a person visiting the Online Store’s website to download content from the providers of such plugins (e.g. logging in via social network login credentials) and to transfer, for this purpose, the personal data of the visiting person to those providers, including:

4.4.6.1. Meta Platforms Ireland Ltd. – the Controller uses on the Online Store’s website social plugins of the Facebook service (e.g. the Like, Share or login button via Facebook login credentials) as well as Instagram, and in connection with this collects and discloses the personal data of the Service Recipient using the Online Store’s website to Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), to the extent and in accordance with the privacy rules available – for Facebook – at: https://www.facebook.com/about/privacy/ and – for Instagram – at: https://help.instagram.com/519522125107875/ (this data includes information about actions on the Online Store’s website – including information about the device, websites visited, purchases, ads viewed and the manner of using the services – regardless of whether the Service Recipient has a Facebook or Instagram account and whether they are logged in to Facebook or Instagram).

5. PROFILING IN THE ONLINE STORE

5.1. The GDPR imposes on the Controller an obligation to provide information about automated decision-making, including profiling referred to in Article 22(1) and (4) GDPR, and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. With this in mind, the Controller provides in this section of the privacy policy information concerning possible profiling.

5.2. The Controller may use profiling in the Online Store for direct marketing purposes, but the decisions taken on its basis by the Controller do not concern the conclusion or refusal to conclude a Sales Agreement, nor the possibility of using Electronic Services in the Online Store. The effect of using profiling in the Online Store may be, for example, granting a person a discount, sending them a discount code, reminding them of unfinished purchases, sending a Product suggestion that may correspond to a person’s interests or preferences, or offering better terms compared to the standard offer of the Online Store. Despite profiling, the person freely decides whether they wish to use the discount received in this way, or the better terms, and make a purchase in the Online Store.

5.3. Profiling in the Online Store consists in the automatic analysis or prediction of a given person’s behaviour on the Online Store’s website, e.g. by adding a specific Product to the basket, viewing the page of a specific Product in the Online Store, or by analysing the previous history of purchases made in the Online Store. The condition for such profiling is that the Controller holds the personal data of the given person, in order to be able to subsequently send them, e.g., a discount code.

5.4. The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

6. RIGHTS OF THE DATA SUBJECT

6.1. Right of access, rectification, restriction, erasure or portability – the data subject has the right to request from the Controller access to their personal data, its rectification, erasure (“right to be forgotten”) or restriction of processing, and has the right to object to processing, as well as the right to data portability. Detailed conditions for exercising the above rights are set out in Articles 15–21 GDPR.

6.2. Right to withdraw consent at any time – a person whose data is processed by the Controller on the basis of consent given (pursuant to Article 6(1)(a) or Article 9(2)(a) GDPR) has the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

6.3. Right to lodge a complaint with a supervisory authority – a person whose data is processed by the Controller has the right to lodge a complaint with a supervisory authority in the manner and mode specified in the provisions of the GDPR and applicable law. Data subjects may lodge a complaint with the supervisory authority in their EU Member State of residence. The supervisory authority in Poland is the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych).

6.4. Right to object – the data subject has the right at any time to object – on grounds relating to their particular situation – to the processing of personal data concerning them based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the Controller), including profiling based on those provisions. In such a case the Controller may no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of claims.

6.5. Right to object regarding direct marketing – where personal data is processed for direct marketing purposes, the data subject has the right at any time to object to the processing of personal data concerning them for such marketing, including profiling, to the extent that the processing is related to such direct marketing.

6.6. To exercise the rights referred to in this section of the privacy policy, you may contact the Controller by sending an appropriate message in writing or by email to the Controller’s address indicated at the beginning of the privacy policy (contact@ragidog.com), or using the contact form available on the Online Store’s website.

7. COOKIES IN THE ONLINE STORE AND ANALYTICS

7.1. Cookies are small pieces of text information in the form of text files, sent by the server and saved on the side of the person visiting the Online Store’s website (e.g. on the hard drive of a computer or laptop, or on the memory card of a smartphone – depending on the device used by the visitor). Detailed information about cookies, as well as the history of their origin, can be found, among others, here: https://en.wikipedia.org/wiki/HTTP_cookie.

7.2. The cookies that may be sent by the Online Store’s website can be divided into different types, according to the following criteria: (a) by provider – (1) first-party cookies (created by the Controller’s Online Store website) and (2) third-party cookies (belonging to persons/entities other than the Controller); (b) by retention period on the device of the person visiting the website – (1) session cookies (stored until logging out of the Online Store or closing the web browser) and (2) persistent cookies (stored for a defined period, as set by each file’s parameters, or until manually deleted); (c) by purpose of use – (1) necessary cookies (enabling the proper functioning of the website), (2) functional/preference cookies (enabling the website to be adapted to the visitor’s preferences), (3) analytical and performance cookies (collecting information about how the website is used), and (4) marketing, advertising and social cookies (collecting information about the visitor in order to display ads, personalise them, measure their effectiveness and carry out other marketing activities, including on websites separate from the Online Store).

7.3. The Controller may process data contained in cookies while visitors use the Online Store’s website for the following specific purposes: identifying Service Recipients as logged in to the Online Store and showing that they are logged in (necessary cookies); remembering Products added to the basket in order to place an Order (necessary cookies); remembering data from completed Order Forms, surveys or Online Store login data (necessary and/or functional/preference cookies); adapting the content of the Online Store’s website to the individual preferences of the Service Recipient (e.g. colours, font size, page layout) and optimising the use of the Online Store’s pages (functional/preference cookies); keeping anonymous statistics presenting how the Online Store’s website is used (analytical and performance cookies); displaying and rendering ads, limiting the number of ad impressions, ignoring ads the Service Recipient does not wish to see, measuring the effectiveness of ads, and personalising ads, i.e. studying the behavioural characteristics of visitors through anonymous analysis of their actions in order to create their profile and deliver ads tailored to their predicted interests, including when they visit other websites in the advertising networks of Google Ireland Ltd. and Meta Platforms Ireland Ltd. (marketing, advertising and social cookies).

7.4. Most web browsers available on the market accept the saving of cookies by default. Everyone has the ability to define the conditions for using cookies through their own web browser settings. This means that you can, for example, partially restrict (e.g. temporarily) or completely disable the ability to save cookies – in the latter case, however, this may affect some functionalities of the Online Store (for example, it may be impossible to complete the Order path via the Order Form due to Products not being remembered in the basket during the successive steps of placing an Order).

7.5. Web browser settings regarding cookies are relevant from the point of view of consent to the use of cookies by our Online Store – in accordance with the applicable rules, such consent may also be expressed through web browser settings. Detailed information on changing cookie settings and deleting them independently in the most popular web browsers is available in the help section of the web browser and on the respective browser support pages (Chrome, Firefox, Internet Explorer, Opera, Safari, Microsoft Edge).

7.6. The Controller may use Google Analytics services provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) in the Online Store. These services help the Controller keep statistics and analyse traffic in the Online Store. The data collected is processed within the above services to generate statistics helpful in administering the Online Store and analysing traffic. This data is aggregate in nature. Using the above services in the Online Store, the Controller collects such data as the sources and medium of acquisition of visitors to the Online Store and their behaviour on the website, information about the devices and browsers from which the website is visited, IP address and domain, geographic data and demographic data (age, gender) and interests.

7.7. It is possible for a person to easily block the sharing with Google Analytics of information about their activity on the Online Store’s website – for this purpose, for example, you can install the browser add-on provided by Google Ireland Ltd., available here: https://tools.google.com/dlpage/gaoptout.

7.8. In connection with the Controller’s possible use of advertising and analytical services provided by Google Ireland Ltd. in the Online Store, the Controller indicates that full information on the rules for processing the data of persons visiting the Online Store (including information stored in cookies) by Google Ireland Ltd. is available in the privacy policy of Google’s services at: https://policies.google.com/technologies/partner-sites.

8. FINAL PROVISIONS

8.1. The Online Store may contain links to other websites. The Controller encourages you, after navigating to other sites, to read the privacy policy established there. This privacy policy applies only to the Controller’s Online Store.


Last updated: 7 July 2026. Controller: LMC TRISS Sp. z o.o., email: contact@ragidog.com.