In fulfillment of the information obligation arising from Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the Personal Data Controller hereby informs:

1. This Privacy Policy (hereinafter referred to as the “Policy”) is addressed to Users and Orderers using the website available at https://loove.AI (hereinafter referred to as the “Online Store”) and specifies the type, scope, and purposes of data processing. This Policy is for informational purposes and constitutes an integral part of the Online Store Terms and Conditions. All capitalized terms used in the Policy have the same meaning as those assigned to them in the Online Store Terms and Conditions, unless otherwise stated in this Policy.

2. The controller of personal data obtained from the Online Store is the Seller, operating daily on Business Days from Monday to Friday, from 8:00 a.m. to 4:00 p.m. from 10:00 AM to 12:00 PM (connection fee according to the tariff of the User’s operator), email: looveaicontact@gmail.com (hereinafter also referred to as the “Administrator”).
3. By placing an Order in the Online Store without registering an Account, and/or registering an Account, and/or contacting the Seller (by email or telephone, or via a form), and/or using other services provided by the Seller electronically (Account Password reminder, newsletter subscription) – the User provides the Seller with their personal data (name and surname, address, email address, telephone number, company name, business address, Tax Identification Number, IP address of the computer used by the User when using the Online Store).
4. Purposes and activities of personal data processing:
4.1. Placing an Order without registering an Account – providing data is voluntary, but necessary for the performance of the Sales Agreement and delivery of the Order to the address indicated by the Ordering Party. The data provided when placing an Order are used only for the purpose of executing the Sales Agreement concluded with the User, and the legal basis for their processing is Article 6 paragraph 1 letter b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the “GDPR”). The data will be processed by the Controller for the period necessary to perform the Sales Agreement, however, the Controller will continue to store the User’s data for the purpose of defending against any claims related to possible withdrawal from the Sales Agreement, considering complaints, and for tax settlement purposes, which constitutes the Controller’s legitimate interest referred to in Article 6 paragraph 1 letter f) of the GDPR;

4.2. Account registration – To avoid disclosing personal data for subsequent purchases, the User may register an Account. Providing data is voluntary, but necessary for Account registration. The data provided during registration (name, surname, email address) is used to manage the Account and execute the Sales Agreements concluded by the Ordering Party by the Administrator as the seller. The legal basis for their processing is the consent provided by the User during Account registration (in accordance with Article 6, Section 1, Letter a) of the GDPR Regulation). The data will be processed by the Administrator for the duration of the Account, unless the User terminates their Account earlier. Termination of the Account, however, does not lead to the deletion of the data from the database. The Administrator will continue to store the User’s data to defend against potential claims related to the Account, in particular to demonstrate the User’s consent to Account registration, which constitutes the Administrator’s legitimate interest referred to in Article 6, Section 1, Letter f) of the GDPR Regulation. Online Store User contacts the Administrator – when contacting the Administrator via email, telephone, or using the contact form available in the Contact tab of the Online Store, the User provides the Administrator with their email address as the sender’s address, and optionally their first and last name and contact telephone number. Providing this data is voluntary, but necessary for the Administrator to contact the Online Store User. In this case, the User’s data is processed for the purpose of contact based on actions requested and initiated by the User, and the legal basis for processing is Article 6(1)(b) of the GDPR. The legal basis for processing data after the end of contact is the legitimate purpose of archiving correspondence for the purpose of demonstrating its progress in the future (Article 6(1)(f) of the GDPR). The content of correspondence may be archived; the Administrator is unable to clearly determine when the correspondence will be deleted. The Online Store User has the right to request a history of their correspondence with the Controller (if it was subject to archiving), as well as to request its deletion, unless archiving is justified by an overriding interest of the Controller, e.g., defense against potential claims from the Online Store User;

4.4. Using the Account Password reminder service – providing data is voluntary, but necessary for the Controller to perform the contract for the provision of services electronically. The data provided by the User is used to remind the User of the Account Password by email, and the legal basis for their processing is the performance of the contract concluded with the User, in accordance with Article 6, paragraph 1, letter b) of the GDPR. The data will be processed by the Controller for the period necessary to perform the contract for the provision of services electronically. After the contract has been executed, the Controller will continue to store the User’s data for the purpose of defending against potential claims regarding the services provided by the Controller electronically and for the consideration of complaints, which constitutes the Controller’s legitimate interest referred to in Article 6, paragraph 1, letter b) of the GDPR. f) GDPR Regulation;

4.5. Newsletter – An Online Store User who wishes to subscribe to the newsletter to receive commercial information by email from the Personal Data Controller must provide their email address via the newsletter subscription form available in the Online Store or when placing an Order or registering an Account, by checking the appropriate consent checkbox. Providing data is voluntary, but necessary to subscribe to the newsletter. The data provided during registration is used to send the User the newsletter, and the legal basis for their processing is the User’s consent – in accordance with Art. 6, paragraph 1, letter a) of the GDPR Regulation. The data will be processed by the Personal Data Controller for the duration of the newsletter’s operation, unless the Online Store User opts out of receiving it earlier. However, opting out of receiving the newsletter does not result in the deletion of the data from the database. The Personal Data Controller will continue to store the User’s data in the mailing system in order to defend against any claims related to sending the newsletter, in particular for the purpose of demonstrating the User’s consent to receiving the newsletter, which constitutes the legitimate interest of the Personal Data Controller referred to in Article 6 paragraph 1 letter f) of the GDPR Regulation.

4.6. Online Store data analysis and statistics – User personal data collected in the Online Store’s system logs, e.g., when adding Products to favorites or comparing Products, are used by the Controller to analyze the activity of Online Store Users in order to improve the functionality of the Online Store and the technical and administrative support of the Online Store. This constitutes the Controller’s legitimate interest, and the legal basis for their processing is Article 6, Section 1, Letter f) of the GDPR.
5. The Controller informs that the Online Store User has, at any time, the right to data portability, referred to in Article 20 of the GDPR, the right to access personal data and the right to correct, rectify, and object to data processing. The User may withdraw consent to data processing at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The Controller may refuse to delete the User’s personal data if there are grounds arising from legal provisions. The User also has the right to lodge a complaint regarding the processing of personal data with the President of the Personal Data Protection Office. User data will not be subject to automated decision-making, including profiling. Personal data is not transferred outside the European Economic Area.
6. The principles related to the implementation of the indicated User rights are described in detail in Articles 15–21 of the GDPR.
7. The Administrator hereby informs that it never transfers, sells, or lends collected User personal data to third parties other than those indicated in this Policy and the Online Store’s terms and conditions (e.g., an electronic payment processing company, Order suppliers, an accounting firm, a company providing technical support for the server on which the Online Store is hosted), unless with the express consent or at the User’s request, or at the request of legally authorized state authorities in connection with ongoing proceedings (e.g., courts, law enforcement agencies, Trade Inspection).

8. The Administrator processes personal data provided by the User in a manner consistent with the scope of the User’s authorization and legal requirements, including the provisions of the GDPR. In particular, the Administrator protects Users’ personal data against unauthorized access, loss, or damage, and guarantees the confidentiality of all personal data provided – the Online Store has enabled connection encryption using an SSL certificate.

9. The Online Store website also contains links to other websites not administered by the Administrator (e.g., Facebook, Instagram, Twitter). Users may also be redirected to the Online Store from other websites, for example, via a tracking pixel from the Facebook social networking site. Therefore, the Administrator cannot be held responsible for the content of these websites or the level of privacy protection implemented by the administrators of these websites. The Administrator also informs that this Policy applies only to the Online Store and that after switching to other websites, it is recommended that the User review the privacy policy applicable to each website before providing their personal data there. By choosing to access and visit such websites, the User does so at their own risk.

10. The Online Store uses “cookies” (cookies) to identify the browser when using the Online Store, so that it knows which page to display. Cookies do not contain any personal data. When accessing the Online Store, certain information may be placed on the User’s computer, which may be in the form of a “cookie.” Detailed and up-to-date information on this subject can be found directly on the manufacturer’s website: http://www.google.pl/intl/pl/policies/technologies/types/

11. “Cookies” are small files consisting of a string of letters and characters, saved on the computer by the Internet when visiting a given Product Page presented in the Online Store. “Cookies” are used in the Online Store solely to better tailor the website to the User’s individual preferences. In addition, “cookies” may be used for the following purposes:

a) ensuring the proper operation and improving the functionality of the Online Store – cookies enable the storage of information provided by the User, e.g., remembering the contents of the shopping cart or remembering the Login;

b) improving the efficiency and optimization of the Online Store – cookies enable the reading of information about how Users navigate the Online Store, thus helping to improve its operation;

c) targeting informational and promotional content – cookies are used to automatically adapt the content of the Online Store to the User’s needs;

d) to prevent spam.

12. Information collected and generated by cookies in the Online Store does not allow for personalization or identification of the User, and no personal data of the User is stored as a result of their use.

13. Cookies used in the Online Store are safe and do not harm the User’s computer. The user may change the way cookies are used by the browser at any time, including withdrawing consent to their use, blocking, or deleting cookies from the Online Store. Most web browsers allow you to delete or remove cookies from your computer’s hard drive, block all cookies sent, or set a warning before saving such files. To do this, please refer to the user manual or help sections of your web browser. The process of controlling and deleting cookies may vary depending on the browser used.

14. Failure to consent to the use of minimal cookies will result in incorrect display of the content of the Online Store’s subpages. Failure to consent to the use of other cookies may limit some of the functionalities available in the Online Store. The user may only allow the use of selected cookies.

15. The Administrator uses statistical analysis of website traffic, including through Google Analytics (Google Inc., based in the USA), including the use of Google Analytics 4 – detailed information about this tool is available at: https://support.google.com/analytics/answer/10089681?hl=pl&ref_topic=9143232. No personal data of the User is transferred to the operator of this service, only anonymized information. The service relies on the use of cookies on the User’s end device. In terms of information about User preferences collected by the Google advertising network, the User can view and edit information derived from cookies using the tool: https://www.google.com/ads/preferences/. Information on how Google uses data from the Online Store is available at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/technologies/cookies.

16. The Administrator reserves the right to amend this Policy for important reasons (e.g., changes in legal regulations, changes to the rules for placing Orders in the Online Store). In the event of any changes, the User will be notified at least 14 days in advance of the effective date of the changes – appropriate information about the changes to the Policy will be posted in the Online Store, and Users with an Account or who subscribe to the newsletter will also be notified by email. If the User does not accept the amended Policy, the User has the right to terminate the Policy and thus refuse to continue providing their personal data. 17. If you have any questions, comments, requests, or suggestions regarding this Policy, please contact the Administrator. You are also asked to immediately notify the Administrator of any security breaches you discover related to your use of the Online Store by email, on Business Days between 10:00 AM and 12:00 PM (connection fees apply according to the operator’s tariff).

Poland, January 1, 2026