Privacy policy


  1. CLTHS S.A., a joint stock company incorporated under the laws of Poland, with its seat in Warsaw (with a tax identification number (NIP): 1132976572, and a statistics register number (REGON): 380485129), registered in the register of entrepreneurs maintained by the District Court for the Capital City of Warsaw in Warsaw under the KRS number: 0000735885, with a share capital of PLN 301,000.00, paid up in full, who carries out sale of products under the “Nago” brand through the website (hereinafter referred to as the “Seller”, “CLTHS” or “us”) is the controller within the meaning of applicable personal data protection provisions, in particular within the meaning of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). Our registered address is: ul. Złoczowska 13, 03-972 Warsaw, Poland. In order to manage the handling of your personal data please contact us:
  1. in writing at CLTHS S.A., ul. Złoczowska 13, 03-972, Warsaw, Poland,
  2. by phone under the number +48797404038,
  3. by e-mail at  
  1. We process your personal data in a manner that ensures its safety, in accordance with applicable law, which includes the GDPR. 
  2. We process the personal data of in order to fulfill any contracts between us and our Users (which includes account maintenance contracts and sales contracts – under Art. 6.1.b GDPR), and in pursuit of our legitimate interests (under Art. 6.1.f. GDPR), as well as to ensure compliance with legal obligations that we are subject to (Art. 6.1.c. GDPR), and where the data subject consented to their data being processed for a specific purpose, then that person’s data will also be processed for that purpose, under the consent given (Art. 6.1.a GDPR). 
  3. Provision of personal data by you is voluntary, although failure to provide that data during the conclusion of a given contract may result in it being impossible to conclude such a contract (e.g. sales contract or account maintenance contract).
  4. Personal data provided by the User will be processed for the following purposes:
  1. performance of sales contracts and account maintenance contracts (Art. 6.1.b GDPR),
  2. marketing of our Products (Art. 6.1.f GDPR) and newsletter subscription (Art. 6.1.b and 6.1.f GDPR),
  3. evaluation of how effective our marketing is (Art. 6.1.f GDPR),
  4. evaluation of whether our IT systems and sales platform performs properly (Art. 6.1.b and 6.1.f GDPR)
  5. accounting and financial reporting purposes (Art. 6.1.b and 6.1.c GDPR),
  6. handling of queries and complaints addressed at us (Art. 6.1.b, 6.1.c and 6.1.f GDPR),
  7. defense against claims and formulating claims (Art. 6.1.f GDPR). 
  1. For the abovementioned purposes we collect the following data:
  1. account data – in order to verify account access (Art. 6.1.b GDPR)
  2. basic personal data – verification purposes, handling queries, conclusion of contracts, contract performance verification, assistance with contract conclusion and performance, product delivery, query and complaint handling (Art. 6.1.b, 6.1.c, 6.1.f GDPR),
  3. address data – delivery of products, handling complaints, queries and claims (Art. 6.1.b, 6.1.c, 6.1.f GDPR),
  4. contact data – handling complaints and queries, providing delivery status information, delivery assistance, marketing of our products, including distribution of our newsletter (Art. 6.1.b, 6.1.f GDPR),
  5. login data – verification of the use of our services (logins and logouts), usage statistics, handling complaints and claims (Art. 6.1.b, 6.1.c, 6.1.f GDPR),
  6. transaction history – account maintenance and providing access to the history of sales, order tracking, usage statistics, business and market analytics, handling complaints and claims (Art. 6.1.b, 6.1.f GDPR), 
  7. payment data – performance of sales contracts, handling complaints and queries (Art. 6.1.f GDPR),
  8. access data – assessment of interest in given brands or products (Art. 6.1.f GDPR). 
  1. Our main data retention policy guideline is to store personal data for as it is necessary for the purpose for which we collected the data. We will usually store your data for the duration of any contract between us (and, where a sales contract is concluded by an Unregistered User – until it has been performed) and after that until periods provided by law, including tax law on storing accounting documents and statute of limitation period expire, which my take, according to current Polish law up to 7 years. 
  2. You may:
  1. request access to your personal data and information on how it’s being processed subject to Art. 15 GDPR, which also includes the right to obtain a copy of your personal data undergoing processing,
  2. request that we rectify your personal data subject to Art. 16 GDPR,
  3. request that we erase your personal data subject to Art. 17 GDPR,
  4. request that we restrict the processing of your personal data subject to Art. 18 GDPR,
  5. request that we provide your personal data subject to Art. 20 GDPR, which includes transmitting your data to a different controller if such a technical possibility exists,
  6. object to us processing your personal data under Art. 6.1.e or 6.1.f GDPR, where the effects and scope of such objection are governed by Art. 21 of the GDPR. 
  1. The person, to whom the personal data pertains, may lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or pace of the alleged infringement if they consider the processing of personal data relating to them infringes the GDPR. The supervisory authority operating in the territory of Poland it the Prezes Urzedu Ochrony Danych Osobowych, with its address at: ul. Stawki 2, 00-193 Warsaw, Poland. 
  2. We protect data entrusted to us and use our best efforts to ensure that they are secure and safe from any unauthorized access or use. We use our best efforts to provide the best possible technical, physical and organizational protection measures in order to protect personal data from their accidental or deliberate loss, disclosure, change or use. We process personal data in accordance with the processing grounds and applicable law, which includes the GDPR. 
  3. In order to perform a contract we may appoint a processor such as a courier services broker, such as e.g. Omnipack sp. z o.o., R2G Polska sp. z o.o., a courier firm, such as DHL Parcel Polska sp. z o.o., Inpost Paczkomaty sp. z o.o., DPD Polska sp. z o.o., the Shopify platform operator, any analytic or marketing tool provider, payment agents, such as PayU S.A. (such processors are appointed under Art. 28 GDPR). In such cases the scope of data transferred to the processor is limited to the necessary minimum. Also, your personal data may be provided to the public authorities, if required by law. 
  4. You may voluntarily provide your e-mail in the space provided for that purpose in the Shop and sign-up for our newsletter service. In this case your e-mail will be processed for the purpose of marketing materials distribution. At any time you may sign out of the newsletter, by sending us an e-mail to containing such a request. 

Cookie Policy

  1. We do not collect any data automatically, except for information contained in cookie files. 
  2. Cookie files are informatic data, including text files, stored on the endpoint device of the Shop’s user and are used for visiting the Shop’s websites. Cookie files usually contain the name of the website that they come from, time of their storage on the endpoint device and a unique number. 
  3. The cookie files stored on the Shop’s User device are placed there and accessed by us. 
  4. Cookie files are used in order to:
  1. adjust the contents of the Shop’s website to the User’s preferences and to optimize their use of the websites – in particular those files allow for the recognition of the Shop’s User’s device and to properly display the website, in accordance with their individual preferences,
  2. gather statistics data that allows us to understand how the Shop’s Users use websites, which allows us to improve their contents and structure. 
  1. Two general types of cookie files are used within the Shop: session cookie and persistent cookies. Session cookies are temporary files that are stored in the User’s endpoint device until the leave the website or turn off the internet browser. Persistent cookies are stored in the User’s endpoint device for the time defined in cookie file parameters or until removed by the User. 
  2. We use the following cookie files in our Shop:
  1. necessary cookies that allow access to services available in the Shop, such as verification cookies used for services that require authentication in the Shop,
  2. security cookies used e.g. to identify security risks during the authentication process,
  3. performance cookies allowing to gather information on how the Shop’s websites are used,
  4. functional cookies that allow us to “remember” settings picked by the User and interface personalization, e.g. in respect of language or region chosen, font size, website layout, etc.,
  5. advertising cookies that allow for advertising materials better matched to the User’s interests to be presented. 
  1. In many cases internet browsers by default allow for cookie files to be stored in the User’s endpoint device. Shop users may at all times adjust their cookie file preferences. They may be adjusted so that automatic handling of cookies is blocked or the User is informed of every cookie placed on their device. Detailed cookie information should be available in your browser settings. 
  2. Please be informed that restricting the application of cookie files may have a negative impact on certain functionalities of the Shop. 
  3. Cookie files placed on the Shop’s User’s endpoint device may also be used by advertisers and partners who cooperate with us. 
  4. More information on cookies may be found under or in the Help section of your internet browser.