Fundusze Europejskie Logo

Rzeczpospolita Polska Logo

PARP Logo

UE Logo

Fundusze Europejskie Logo

Rzeczpospolita Polska Logo

PARP Logo

UE Logo


Risk S.A. (limited liability company) implements the following project: “International Promotion of the Polish Brand ‘RISK MADE IN WARSAW’ Within the Scope of Industry Promotion Program ‘POLISH FASHION’ ” under Smart Growth Operational Program 2014–2020, Priority Axis III: Support for innovation in enterprises, Measure 3.3: Support for promotion and internationalisation of innovative enterprises, Sub-measure 3.3.3: Support for SMEs in the promotion of Polish product brands “Go to Brand”, co-financed by the European Regional Development Fund.
The objective of the project No. POIR.03.03.03-14-0035/18 is the increase in brand awareness and scale of activity of the Polish brand “RISK MADE IN WARSAW” through expansion into 3 foreign markets, including 1 promising foreign markets. Participation in the project facilitates promotion of the Polish economy, and RISK S.A. expects an increase in the number of contracting parties and an increase in international sales by 2021 to the level projected by project indicators.

Project duration: 01.09.2018 – 30.06.2020

Contact details:
RISK S.A.
ul. Szpitalna 6a/9
00-031 Warszawa

Cooperation
For enquiries regarding B2B/B2C cooperation and sales, please contact us at the following e-mail address: wholesale@riskmadeinwarsaw.com
Project co-financed by the European Union through the European Regional Development Fund.
Manifesto
RISKY MANIFESTO

A good dress has to emphasise figure, beauty, and intelligence.

Comfort and quality are most important to us. Trends–we let them pass.

Our “celebrities” are Women. Writers, Scientists, Musicians, Philosophers, Mothers, Sculptresses, Doctors, Athletes. People who wear our designs while doing things we admire.


We form long-distance relationships, not only with people, but also with our planet–that’s why we use European fabrics in our production, some of which obtained Oekotex, Ecolabel, FSC, EU Ecocert, GOTS, GRS or DETOX certificates.

We sew everything in Poland, because it’s worth it.

PRIVACY POLICY

 

1. GENERAL PROVISIONS

  1. This Privacy Policy sets out the principles of privacy protection (i.e. the rules for the collection, use, processing, and protection) of personal data of the users („Users”) of the online store available at the URL www.riskmadeinwarsaw.com (hereinafter referred to as the „Website”), owned by the company „RISK” S.A. with its registered office in Warsaw.
  2. The data controller of the personal data of Website users, within the meaning of art. 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/WE (General Data Protection Regulation – „GDPR”) is „RISK” S.A. with its registered office in Warsaw, address: ul. Szpitalna 6A/9, 00-031 Warsaw, entered into the commercial register maintained by the District Court for the capital city of Warsaw in Warsaw, XII Commercial Division of the National Court Register (KRS) under the following number: 0000953550, VAT identification number (NIP): 1132855615, National Business Registry Number (REGON): 146129025, equity capital: 100.000,00 zł, e-mail address: customercare@riskmadeinwarsaw.com, phone number: +48 22 490 20 51, the owner of the Website, hereinafter referred to as the „Data Controller”.
  3. The Website users are its customers, i.e. persons using the services provided by the Data Controller via the Website, specified in the RISK Store Terms and Conditions („Terms and Conditions”). This Privacy Policy is an integral part of the Terms and Conditions.

2. SCOPE OF THE DATA COLLECTED

  1. The Data Controller collects Users' personal data to the extent required to complete the orders made through the Website, complete registration at the Website or render other services specified in the Terms and Conditions, as well as compliance with the Administrator's obligations stemming from the provisions of law.
  2. The scope of data collected includes: name and surname, e-mail address, phone number, bank account number, delivery address including: street, postal code, city, country, IP adress as well as profile data from Facebook. The scope of data processed depends on the type of service chosen by the User.

3. PURPOSE AND LEGAL BASIS OF DATA PROCESSING

  1. The Data Controller collects, uses, and processes Users' personal data only for the following purposes and on the following legal bases:
    1. for the purpose of registration and maintenance (including technical maintenance) of a User account on the Website pursuant to art. 6 par. 1(a) of GDPR – the data subject has given consent to the processing of their personal data, whereas the personal data shall be processed until the withdrawal of consent (including the case of deleting the User account);
    2. for the purpose of completing orders placed on the Website and carrying out a possible complaint procedure pursuant to art. 6 par. 1(b) of GDPR – the processing is necessary to perform the contract a party whereto is the data subject or to carry out actions, upon request of the data subject, before the conclusion of the contract, whereas the personal data shall be processed until necessary to complete the order and carry out the possible complaint procedure;
    3. for the purpose of enforcement of claims and defending against claims pursuant to art. 6 par. 1(f) of GDPR, i.e. processing is necessary for the purposes of the legitimate interest of the Data Controller, which is the defending of the Data Controller’s interests, whereas the personal data shall be processed until the end of the limitation period of the claims;
    4. for the purpose of complying with the legal obligations to which the Data Controller is subject pursuant to art. 6 par. 1(c) of GDPR in conjunction with art. 74 of the Accounting Act and other tax regulations, whereas the personal data shall be processed over the period of five calendar years counted from the end of the calendar year wherein the order had been placed;
    5. within the scope of processing of Users’ IP addresses for the purpose of complying with the legal obligations to which the Data Controller is subject pursuant to art. 6 par. 1(c) of GDPR in conjunction with art. 24 sec. 2 of the Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act), whereby personal data will only be processed for a period of 6 full calendar months after collection;
    6. for the purpose of rendering, via e-mail, of the Newsletter service pursuant to art. 6 par. 1(a) of GDPR, i.e. the consent, in conjunction with art. 10 of the Act on Providing Services by Electronic Means and art. 172 of Telecommunications Act, whereas the personal data shall be processed until the withdrawal of consent.
  2. The Data Controller processes Users' personal data only for the purposes indicated above.
  3. Users' personal data will not be transferred to countries outside the European Economic Area (to countries other than European Union countries and Iceland, Norway, and Liechtenstein).
  4. The Data Controller shall not conduct processes that consist of automated decision-making, including profiling.
  5. Providing data is voluntary, but necessary in order for the Data Controller to render services through the Website.

4. USER’S RIGHTS

  1. Users' personal data is collected at the Data Controller's registered office, i.e. at the following address: „RISK” S.A., ul. Szpitalna 6A/9, 00-031 Warsaw.
  2. The User has the right to:
    1. access their personal data stored by the Data Controller;
    2. obtain the rectification of their personal data if the User suspects that the personal data stored by the Data Controller is out of date, incomplete or untrue;
    3. obtain the restriction of processing their personal data;
    4. obtain the erasure of their personal data;
    5. object to the processing of their personal data in cases specified in art. 21 of GDPR;
    6. obtain the transfer of their personal data to another data controller, if it is technically possible;
    7. withdraw the consent at any time if the personal data is processed on the basis of consent (without affecting the legality of the processing which was carried out on the basis of the consent before the withdrawal thereof).
  3. Execution of the rights referred to in section 4.2. above may be conducted by the User through submitting to the Data Controller the appropriate statement of will:
    1. iin person at the Data Controller's registered office („RISK” S.A., ul. Szpitalna 6A/9, 00-031 Warsaw);
    2. by mail to the aforementioned address of the Data Controller’s registered office;
    3. by e-mail to the following address: customercare@riskmadeinwarsaw.com:
    4. through the control panel of the User’s Website account.
  4. The User is also entitled to file a complaint to the supervisory body for personal data protection, i.e. the President of the Office for Personal Data Protection (PUODO).

5. COOKIES MECHANISM

  1. The Website uses text files called Cookies.
  2. The cookies are saved by the server on the User's computer.
  3. In order to use the Website, it is necessary to allow cookies to be stored on the User's computer. Lack of authorization may mean that there is no possibility or difficulty in using the Website.
  4. The cookies are not used to collect the User’s personal data.
  5. The cookies do not interfere with the configuration of the User's computer, they are not used to install or uninstall any computer program, they do not interfere with the integrity of the system or the User's data.
  6. The Data Controller reserves the right to use third-party services in the area of developing statistical data about the use of the Website. The Data Controller hereby declares that in such case, no data identifying the Users shall be made available to such entities.
  7. The Website uses three types of cookies: „session cookies”, „persistent cookies” and „analytical cookies”. „Session cookies” are temporary files that are stored on the User's device until log out (leaving the site). „Persistent cookies” are stored on the User's device for the period specified in the parameters of the cookie files or until deletion by the User. „Analytical cookies” allow for a better understanding of the manner in which the User interacts with the content of the Website. They collect information on the manner of the use of the Website, the type of website from which the User was redirected, and the number of visits and the time of the User's visit to the Website. This information does not record the User's specific personal data, but it is used to develop statistics on the use of the Website.
  8. Data Controller processes the cookie files in three (3), separate categories based on the following legal basis:

     

    Category

    Name

    Basis for data processing

    Managing

    The purpose of data processing

    First category

     

    Objecting to the processing will result in lack of possibility to ensure correct functioning of the Controller's Website.

    Necessary Cookies

    Required for the performance of a contract to which the User is party or in order to take steps at the request of the data subject prior to entering into a contract– Article 6 (1) (b) of the GDPR.

    Controller

    They are necessary for the Controller's Website to function correctly. They are used to maintain the User's session while visiting the Website.

     

    They ensure that the Website is displayed correctly.

     

    They identify the User's http session. They are commonly used in all Internet applications in order to identify Users’ requests during sessions.

     

    They allow for identifying the User’s navigation status on the Website.

    Second Category

     

    Objecting to the processing will not result in the inability to operate the Website.

     

    Website will operate correctly, but the Controller will lose the possibility to optimise the services rendered with the use of the Website.

    Analytical cookies

    Legitimate interest of the Controller – Article 6 (1) (f) of the GDPR.

    Google Analytics – Third Party

     

    Controller – within the remaining scope

    The Controller measures movement on the Website with the use of the Analytical Cookies, and also studies the effectiveness of actions as well as improves the Website's functioning, and also prevents undesirable activities (e.g. bot movements, endangering users by exposing them to undesired contents).

     

    As for the Google Analytics – the use of which enables the monitoring of the Website. The Google Analytics service is provided by Google Ireland Limited with its registered seat in Dublin, Ireland.

     

    They are used to obtain information about the User's access to the Website, e.g. to determine the number of the User’s visits, the date of the first and last visit, visit duration, the browser used to access the Website or a link that was used to redirect to the Website.

     

    The Controller does not have controll over the contents or technical qualities of these files; they are determined and stored by Google Ireland Limited. That is why the Controller advises to read the Google Analytics privacy policy

    https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

    Third category

     

    Lack of consent for processing will not result in the inability to operate the Website. The controller will not be able to provide the User with personalised advertising.

     

    Marketing cookies

    The User's consent – Article 6 (1)(a) of the GPDR

    Google Ads - Third Party

     

    Controller

    The Controller uses them to personalise advertisements displayed on the Website and on external websites, taking into consideration the User’s actions and preferences expressed while using the Website, adjusting the contents of advertising messages to the User’s preferences.

     

    As for the Google Ads – the use of which enables the monitoring of the Website. The Google Analytics service is provided by Google Ireland Limited with its registered seat in Dublin, Ireland.

     

    They are used to gather information on the Users’ preferences and adjustment of advertisements.

     

    The Controller does not have controll over the contents or technical qualities of these files; they are determined and stored by Google Ireland Limited. That is why the Controller advises to read the Google Ads privacy policy: https://policies.google.com/privacy.

  9. In accordance with the applicable provisions of the Telecommunications Law of 16 July 2004 (Journal of Laws of 2018, item 1954), the User is entitled to decide on the access of cookies to their computer by selecting cookies in their browser window.
  10. How to manage cookies – instructions from web browser developers:
    1. Mozilla Firefox
    2. Internet Explorer
    3. Google Chrome
    4. Safari
    5. Opera
  11. Edit your saved consents: Manage Yours cookies consents

6. IP ADDRESS

  1. The Data Controller reserves the right to collect the IP addresses visiting the Website, which may be helpful in diagnosing technical problems with the server, creating statistical analyses (e.g. determining from which regions the most visits are recorded). In addition, they can be useful when administering and improving the Website.

7. ACCESS TO THE DATABASE BY THIRD PARTIES

  1. Users' personal data will not be made available by the Data Controller to other entities or third parties, except when:
    1. the User consents to this;
    2. it is necessary for the purpose of rendering services by the Data Controller through the Website, i.e. the Users' personal data may be made available to entities such as Poczta Polska S.A. with its registered office in Warsaw, courier companies (DHL, DPD, Let's Deliver), payment system operators (PayU, PayPal, TPay), etc. In such case, the Data Controller makes available only such personal data that is necessary for the provision of the aforementioned services. More information on the manner in which these entities use the Users' personal data can be found in their privacy and cookies policies;
    3. it is necessary to detect and prevent fraud, as well as to resolve other problems related to fraud, security, and technical issues;
    4. it is required by applicable laws or legitimate requests of state institutions and judicial authorities.
  2. In addition, the Data Controller may make Users' personal data available to entities that were authorized or entrusted by the Data Controller with the processing of personal data, i.e.:
    1. providers of legal and advisory services in the event of pursuing by the Data Controller of claims arising from its business activity;
    2. providers of technical and organizational services enabling the Data Controller to render services through the Website;
    3. employees and associates.

8. SECURITY AND PROTECTION OF PERSONAL DATA

  1. The Data Controller declares that it processes Users' personal data in accordance with the requirements of GDPR, the Act of 10 May 2018 on the Protection of Personal Data (i.e. Journal of Laws of 2019, item 1781), and other applicable provisions on the protection of personal data that complement and/or implement GDPR, including primarily that the Data Controller applies technical and organizational measures to ensure data protection appropriate to the threats and categories of data protected, in particular, protects Users' personal data against making them available to unauthorized persons, loss or damage.

9. LIABILITY DISCLAIMER

  1. This Privacy Policy does not include any information on services or goods provided by entities other than the Data Controller which have been published on the Website on a commercial, guest, or reciprocal basis, or for non-commercial purposes.

10. CONTACTING US

  1. We kindly request that any additional inquiries related to the Privacy Policy be sent to the address of the Data Controller's registered office (ul. Szpitalna 6A/9, 00-031 Warsaw) or to the following e-mail address: customercare@riskmadeinwarsaw.com.

11. AMENDMENTS TO PRIVACY POLICY

  1. The Data Controller reserves the right to amend the Privacy Policy, should it be required by applicable laws or changes to the Website. The Data Controller will inform the User about a planned change and the date of its entry through the Website, the Newsletter service, and - for registered Users - the information will also be placed through the Account.
  2. While using the Website, the User is subject to the current Privacy Policy.
  3. The date specified below is the date of application of the Privacy Policy in its latest version.
Date: 23/03/2024.