Privacy Policy
Last updated: 27 April 2026
1. Who we are
Dial & Crown is a trading name of MW Consulting, a sole proprietorship registered in Poland.
- Business name: MW Consulting (trading as Dial & Crown)
- Address: S. Batorego 18/108, 02-591 Warsaw, Poland
- Tax ID (EU NIP): PL6631037932
- Statistical number (REGON): 291178844
- Email: michael@dialcrown.eu
- Phone / WhatsApp: +48 572 607 703
In this policy, “we”, “us”, and “our” refer to Dial & Crown. “You” refers to any person visiting our website, contacting us, or making a purchase.
We are the data controller for the personal data we collect through dialcrown.eu, in accordance with Regulation (EU) 2016/679 (GDPR).EU
2. What data we collect
We collect personal data only when necessary to provide our services, fulfil legal obligations, or with your explicit consent.
Data you provide directly
- Contact details — name, email address, phone number, postal address, message content (when you contact us, place an order, or sign up for our newsletter)
- Order details — items purchased, delivery preferences, billing information
- Payment information — handled by our payment processors. We do not store credit card details on our servers.
Data collected automatically
- Technical data — IP address, browser type, device type, operating system, referring URL
- Usage data — pages visited, time spent, click patterns, search queries on our site
- Cookies and similar technologies — see Section 7 below
Data from third parties
- Payment confirmations — from Mollie, PayPal, or other authorised payment processors
- Shipping updates — from DHL Express, UPC
- Insurance confirmations — from Secursus
3. Why we collect your data (legal basis)
We process personal data on the following legal grounds under GDPR Article 6:
| Purpose | Legal basis |
|---|---|
| Processing your order and delivery | Contract performance (Art. 6(1)(b)) |
| Issuing invoices and tax records | Legal obligation (Art. 6(1)(c)) |
| Responding to enquiries via email or WhatsApp | Legitimate interest (Art. 6(1)(f)) |
| Sending newsletters and marketing | Consent (Art. 6(1)(a)) |
| Preventing fraud and securing the site | Legitimate interest (Art. 6(1)(f)) |
| Maintaining cookies (analytics, functional) | Consent (Art. 6(1)(a)) |
| Cookies strictly necessary for site operation | Legitimate interest (Art. 6(1)(f)) |
4. How long we keep your data
We retain personal data only as long as necessary for the purposes stated above:
- Customer order data: 6 years from the end of the year of purchase (Polish tax law obligation)
- Newsletter subscribers: until you unsubscribe (we’ll remove your data within 30 days of opt-out)
- Contact form / WhatsApp enquiries: up to 24 months unless a purchase results, in which case the customer retention rule above applies
- Cookies: see Section 7 for individual cookie lifetimes
- Analytics data: 26 months (or as configured in our analytics tool)
After these periods, data is securely deleted or anonymised.
5. Who we share your data with
We share personal data only with trusted partners necessary to deliver our service. All processors are bound by GDPR-compliant data processing agreements.
| Processor | Purpose | Country |
|---|---|---|
| Mollie B.V. | Payment processing | Netherlands (EU) |
| PayPal (Europe) S.à r.l. | Payment processing | Luxembourg (EU) |
| DHL Express | Shipping and delivery | Germany / international (EU) |
| Secursus | Shipment insurance | France (EU) |
| home.pl S.A. | Web hosting | Poland (EU) |
| Mailchimp / MailerLite (TBD) | Newsletter delivery | EU / USA (with SCCs) |
| Google LLC | Analytics, fonts (if used) | USA (with SCCs and DPF) |
| Meta Platforms Ireland Ltd. | Instagram contact, Meta Pixel (if used) | Ireland (EU) |
We do not sell your personal data to anyone, ever.
International transfers
Some processors (e.g. Google, Mailchimp if hosted in the US) may process data outside the EU. In such cases, transfers are safeguarded by Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework, in accordance with GDPR Articles 44–49.
6. Your rights under GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — correct any inaccurate or incomplete data
- Right to erasure (“right to be forgotten”) — request deletion of your data, subject to legal retention obligations
- Right to restriction of processing — limit how we use your data
- Right to data portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interest, including direct marketing
- Right to withdraw consent — at any time, where processing is based on consent
- Right to lodge a complaint — with the Polish Data Protection Authority (Urząd Ochrony Danych Osobowych — UODO, uodo.gov.pl)
To exercise any of these rights, contact us at michael@dialcrown.eu. We respond to all requests within 30 days.
7. Cookies and similar technologies
Our website uses cookies to function correctly and to improve your experience.
Categories of cookies we use
- Strictly necessary cookies — required for the site to function (e.g. session, cart, security). Cannot be disabled.
- Functional cookies — remember your preferences (e.g. language, currency)
- Analytics cookies — help us understand how visitors use the site (e.g. Google Analytics, if active)
- Marketing cookies — used to display relevant content and measure campaign performance (e.g. Meta Pixel, if active)
Managing cookies
When you first visit our site, you’ll see a cookie banner allowing you to accept or reject non-essential cookies. You can change your preferences at any time through the cookie settings link in the footer. You can also disable cookies entirely through your browser settings, though this may affect site functionality.
Cookie lifetimes
- Session cookies: deleted when you close your browser
- Persistent cookies: typically 30 days to 24 months depending on purpose
8. Newsletter
If you subscribe to our newsletter, we collect your email address and (optionally) your name to send you updates about new arrivals, market insights, and occasional special offers.
- We use double opt-in — you’ll receive a confirmation email after signing up
- You can unsubscribe at any time via the link in every newsletter
- We will never share your email with third parties for marketing purposes
9. Security
We take data security seriously. Measures include:
- HTTPS encryption across the entire site
- Secure hosting with home.pl (ISO 27001 compliant infrastructure)
- Regular WordPress and plugin updates
- Strong access controls and authentication for admin accounts
- Payment data handled exclusively by PCI-DSS compliant processors (Mollie, PayPal)
No system is perfectly secure. In the event of a data breach affecting your rights, we will notify you and the supervisory authority within 72 hours, in accordance with GDPR Article 33–34.
10. Children
Dial & Crown is not directed at children under 16. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent version. Material changes will be communicated via email (for newsletter subscribers) or a banner on the site.
12. Contact
For any privacy-related questions or requests, contact us:
- Email: michael@dialcrown.eu
- Post: MW Consulting, S. Batorego 18/108, 02-591 Warsaw, Poland
- WhatsApp: +48 572 607 703