Privacy Policy

Last updated: March 31, 2026

1. Data controller

The data controller is the site owner (hereinafter: "Controller"). For data protection inquiries, please contact: kontakt@justcolor.pl

2. What data we collect

The Store collects minimal data necessary to fulfill orders:

• Payment data — processed exclusively by Stripe. The Controller does not store credit card data.
• Email address — if provided during Stripe checkout, used solely for purchase confirmation.
• Technical data — IP address, browser type, device info — collected automatically for technical and statistical purposes.

3. Purpose of data processing

Personal data is processed for the purpose of:

• Fulfilling orders and delivering digital products.
• Processing payments via Stripe.
• Handling complaints.
• Fulfilling legal obligations (e.g., tax requirements).

4. Legal basis

Data is processed based on:

• Art. 6(1)(b) GDPR — necessity for contract performance (order fulfillment).
• Art. 6(1)(c) GDPR — legal obligation (tax regulations).
• Art. 6(1)(f) GDPR — legitimate interest (statistics, security).

5. Data sharing

Data may be shared with the following parties:

• Stripe, Inc. — payment processor. Privacy policy: stripe.com/privacy
• Vercel, Inc. — website hosting. Privacy policy: vercel.com/legal/privacy-policy

Data is not sold or shared with third parties for marketing purposes.

6. Cookies

The website may use essential cookies for technical purposes (e.g., payment session handling). We do not use marketing or tracking cookies.

7. Data retention

Data is retained for the period necessary to fulfill processing purposes:

• Transaction data — for the period required by tax regulations (5 years).
• Technical data (logs) — up to 12 months.

8. Your rights

Under GDPR, you have the right to:

• Access your data.
• Rectify your data.
• Erase your data ("right to be forgotten").
• Restrict processing.
• Data portability.
• Object to processing.
• Lodge a complaint with a supervisory authority.

To exercise these rights, please contact: kontakt@justcolor.pl

9. Security

We implement appropriate technical and organizational measures to protect personal data, including SSL/TLS encryption and secure payment processing through certified Stripe services.

10. Changes to this policy

The Controller reserves the right to amend this Privacy Policy. Changes are published on this page with an updated date.