GDPR Compliance Policy

GDPR Compliance Policy – gozoo.store

1. Data Controller

The controller of your personal data on gozoo.store is:

BTI PET SUPPLIES PET FOODS AND FEED PRODUCTS PRODUCTION COMPANY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
ul. Jaszowiecka 10 / 121
02-934 Warsaw, Poland
E-mail: info@gozoo.store

2. Legal Basis for Processing

We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Polish law. The legal grounds include:

  • Article 6(1)(b) GDPR – Performance of a contract: For order processing, account creation, and other contractual obligations.

  • Article 6(1)(c) GDPR – Legal obligation: To meet tax, accounting, and other statutory requirements.

  • Article 6(1)(a) GDPR – Consent: For newsletters, marketing communications, and non-essential cookies.

  • Article 6(1)(f) GDPR – Legitimate interests: For fraud prevention, system security, and customer support.

3. Principles of Data Processing

We are committed to processing personal data:

  • Lawfully, fairly, and transparently.

  • For specified, explicit, and legitimate purposes only.

  • Limited to what is necessary for the intended purposes.

  • Accurate and up-to-date.

  • Retained only as long as necessary.

  • Protected with appropriate technical and organizational measures.

4. Your Rights as a Data Subject

You have the right to:

  • Access your personal data.

  • Correct any inaccurate information.

  • Request erasure (“right to be forgotten”).

  • Restrict data processing.

  • Data portability.

  • Object to processing based on legitimate interests.

  • Withdraw consent at any time (without affecting prior processing).

Requests concerning your personal data can be sent to: info@gozoo.store

5. Data Sharing

We only share personal data with trusted partners necessary to provide our services, including:

  • Payment providers: PayPal, Mollie

  • Logistics partners: Apaczka, DHL, DPD

  • Accounting and legal service providers

  • IT and hosting providers: Shopify

Some of these providers may process data outside the EEA (e.g., Shopify servers in Canada or the USA). In such cases, transfers are safeguarded by:

  • Adequacy decisions (e.g., Canada)

  • Standard Contractual Clauses (SCCs) approved by the European Commission

6. Data Security

We protect your personal data using industry-standard technical and organizational measures, including:

  • Encryption

  • Pseudonymization

  • Secure access controls

  • System monitoring

These measures help prevent unauthorized access, alteration, or loss of personal data.

7. Supervisory Authority

You have the right to lodge a complaint with the Polish Data Protection Authority:

Prezes Urzędu Ochrony Danych Osobowych (UODO)
Website: www.uodo.gov.pl

8. Updates to this Policy

This GDPR Compliance Policy may be updated periodically to reflect changes in law, technology, or our business practices. Any updates will be published on gozoo.store.