We care about your privacy
By using cookies and related technologies (e.g. pixels, SDK), as well as by processing your personal data (including unique identifiers, browser data), we can better adapt the displayed content to your needs.By giving your consent to the storage of information on your terminal equipment, and to the access and processing of data, including in the sphere of profiling as well as market and statistical analysis, you will easily find exactly what you are searching for and what you need on Allegro. The controller of your personal data will be Allegro or, in certain cases, our partners (10 partners), including "IAB Europe Trusted Partners" (2 partners). Information about the purposes of personal data processing by our partners can be found in their privacy policies.
Store and/or access information on a device. Personalised advertising and content, advertising and content measurement, audience research and services development. Ensure security, prevent and detect fraud, and fix errors. Deliver and present advertising and content. Save and communicate privacy choices. Match and combine data from other data sources. Link different devices. Identify devices based on information transmitted automatically.
Your personal data are also processed to make it easier for you to use our web pagesThe purposes of processing are described in detail in the settings under "CHANGE MY CONSENTS" and in the Cookie Policy.Your consent is voluntary and is valid for 12 months. You may withdraw it at any time or renew it in the Cookie settings on the home page. Withdrawal of your consent does not affect the lawfulness of processing performed before the withdrawal.
With this option, you can select the marketplace — Poland (allegro.pl), Czechia (allegro.cz), Slovakia (allegro.sk) or Hungary (allegro.hu). With that, you can read articles about rules applicable to a foreign marketplace in your default language. If you want to browse articles in a different language, click here.
GDPR ― general information
From May 25, 2018, the GDPR (Regulation on the Protection of Personal Data) has been in force in the European Union.
1. What is GDPR?
GDPR (General Data Protection Regulation) is a legal act enforced by the European Union, which regulates the rules of personal data protection. You can find the full contents of the regulation here.
2. When did GDPR come into force?
GDPR took effect on May 25, 2018, in all member states of the European Union.
3. How does GDPR affect the Polish regulations on personal data protection?
The GDPR provisions replaced the Act of August 29, 1997, on personal data protection. Starting May 25, 2018, the GDPR provisions are effective directly in all EU member states.
4. Who is and is not subject to GDPR?
Any business that provides services to the natural persons in the European Union is subject to GDPR. It also applies to businesses that are not based in the European Union, but offer their services to EU residents. It means that both Allegro and any entrepreneur selling on Allegro need to comply with the GDPR.
GDPR does not apply to personal or domestic activity. It means that a natural person who runs a business needs to comply with the GDPR when processing personal data of their customers or employees ― but it does not apply to data processed solely for private purposes (such as sending Christmas cards).
5. What is personal data?
This is information regarding a specific natural person that may directly or indirectly help identify them. It includes: first name and last name, phone number, residence address, email address. Other personal data examples include details of sales and purchases concluded by a given person, information about their race, health, or sexual orientation.
6. What are the conditions to process personal data?
You need a legal basis to process personal data. The most common legal bases include:
- a consent of the person whose data you want to process
- the necessity to process the data to perform the agreement with the person whose data it is
- the necessity to process the data to fulfil a legal obligation by the administrator
- the necessity to process the data for the purposes arising from legally justified interests pursued by the administrator or a third party, such as a payment service provider, Poczta Polska, and others.
7. What is the personal data minimization principle?
According to this principle, you can process only personal data that is necessary to accomplish a purpose of personal data processing. For example: if the purpose of personal data processing is to complete a buyer’s order, you should not ask them about their family arrangements.
8. What is profiling?
Profiling is automatic data processing meant to evaluate a given person and predict their behavior. There are 2 types of profiling:
- “Regular” profiling ― for example, for the purposes of direct marketing, which includes selecting an online ad to be displayed based on the user’s earlier activity. In this case, every person may object to profiling and not be subject to it.
- Profiling “for the purposes of solely automated decision-making” ― it includes automatic calculation of an insurance premium or a loan based on the information provided on the websites. In this case, the IT system processes data and makes a complicated evaluation of numerous factors, also with the use of data that does not relate directly to a specific person (statistical data).
9. What is the right to be forgotten?
It is a popular name for the right to erase personal data after the purpose and legal basis of personal data processing expire.
10. What is the right to data portability?
Every person registered on Allegro has the right to obtain the data we process in a structured, widely used format. We have ensured that you can safely download and send the data to another administrator.
11. Where can I learn more about GDPR?
Check out the following sources:
- the online information of the Polish Ministry of Digital Affairs (available only in Polish)
- articles written by the Panoptykon Foundation.
12. Is there an equivalent of the Inspector General for the Protection of Personal Data (GIODO) under the new regulations?
Yes, this role is now served by the President of the Personal Data Protection Office (PUODO), who has taken over the competencies of GIODO and performs new duties resulting from implementing GDPR.
