Privacy Policy

PRIVACY POLICY
Piotr Zylbert Music – Online Store
Effective date: 30 November 2025
License number issued by Legal Geek Creator: e9473fac-5027-4c31-9e15-ee25b294c86b
This Privacy Policy explains how we process your personal data when you use our online store available at
https://piotrzylbert.com (“Store”).
We care about your privacy and want you to feel comfortable while browsing and making purchases. Below you
will find clear and essential information about:

  • how your personal data is processed,
  • your rights under the GDPR,
  • the use of cookies and similar technologies,
  • the external service providers we work with.
    This Policy has been prepared in accordance with the General Data Protection Regulation (GDPR).
  1. DATA CONTROLLER
    The controller of your personal data is:
    Piotr Zylbert, operating a business under the name PIOTR ZYLBERT MUSIC
    NIP: 7712556967, REGON: 528167731
    Business address: Stodolna 76, 97-500 Radomsko, Poland
    E-mail: p.zylbert@wp.pl
  2. YOUR RIGHTS UNDER GDPR
    You have the right to request:
  • access to your personal data (including a copy),
  • rectification of your data,
  • erasure (“right to be forgotten”),
  • restriction of processing,
  • data portability to another controller.
    You also have the right to object:
  • on grounds relating to your particular situation, where data is processed based on our legitimate interests,
  • at any time, if your data is processed for direct marketing purposes.
    To exercise your rights, contact us via email at p.zylbert@wp.pl.
    If you believe your data is being processed unlawfully, you may lodge a complaint with the President of the
    Personal Data Protection Office (UODO) in Poland.
  1. HOW WE PROCESS YOUR DATA
    3.1 Placing an order
    Purpose: processing and fulfilment of your order.
    Legal basis: contract performance (Art. 6(1)(b) GDPR) and legal obligations (Art. 6(1)(c) GDPR).
    Retention: for the duration of the contract and for the required statutory period.
    3.2 Contacting us
    Purpose: responding to your message.
    Legal basis: contract performance or pre-contractual steps (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f)
    GDPR).
    Retention: for the duration of the contract or limitation periods.
    3.3 Browser settings enabling analytical activities
    Purpose: analysing Store navigation to improve usability.
    Legal basis: legitimate interest (Art. 6(1)(f) GDPR).
    Retention: until cookies expire or are deleted.
    3.4 Marketing communications (if you consent)
    Purpose: sending marketing messages and analysing their effectiveness.
    Legal basis: consent (Art. 6(1)(a) GDPR) and legitimate interest (Art. 6(1)(f) GDPR).
    Retention: until consent withdrawal or objection.
    3.5 Using Store features
    Purpose: providing digital services.
    Legal basis: contract for service provision.
    Retention: duration of contract plus limitation periods.
    3.6 Legal claims
    Purpose: establishing, pursuing or defending legal claims.
    Legal basis: legitimate interest (Art. 6(1)(f) GDPR).
    Retention: until limitation periods expire.
  2. ANALYTICS
    We carry out analytical activities to improve UX, layout and general Store performance. With consent, we may
    analyse:
  • time spent on pages,
  • clicks and navigation paths,
  • impact of marketing messages.
  1. DATA SECURITY
    We use GDPR-compliant organisational and technical safeguards, including SSL/TLS encryption and controlled
    access to data.
  2. COOKIES
    The Store uses cookies stored on your device for:
  • maintaining your session,
  • statistical and analytical purposes.
    You can delete or block cookies in your browser settings. If disabled, cookies will not be processed.
    Example cookie:
  • _ga – expiry 2 years – traffic and visit statistics (Google Analytics).
  1. EXTERNAL SERVICE PROVIDERS / DATA RECIPIENTS
    We cooperate with external providers who process data solely on documented instructions. This includes:
  • hosting provider,
  • Store software provider,
  • payment provider,
  • delivery companies,
  • business tools (e.g., accounting systems),
  • accounting office,
  • public authorities when legally required.
  1. TRANSFERS OF DATA OUTSIDE THE EU
    Some payment providers are based in the USA. Data is transferred under the EU-US Data Privacy Framework,
    ensuring adequate protection.
    For questions regarding this Privacy Policy, contact: p.zylbert@wp.pl
Your shopping cart

Basket