These Terms of Use are a contractual template and define the principles and technical conditions, as well as the method of performance by the Service Provider for the Service User of the Agreement concluded electronically in the scope referred to in Section II, and the rules of using the MiB Wishlist application.
The Terms of Use are made available to the Service User free of charge via a public URL indicated by the Service Provider (e.g. documentation website or support page) in a manner that allows the Service User to read them before ordering the Service.
The Terms of Use are made available in a form that allows them to be downloaded, recorded, saved and printed.
The condition for using the Services provided by the Service Provider is to become acquainted with these Terms of Use and accept their provisions.
The terms used in the Terms of Use mean:
LUNNEA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office at: ul. Nowa Wola Gołębiowska 40, 26-613 Radom, Poland, entered into the Register of Entrepreneurs of the National Court Register (Krajowy Rejestr Sądowy) by: SĄD REJONOWY W LUBLIN-WSCHÓD W LUBLINIE Z SIEDZIBĄ W ŚWIDNIKU, VI WYDZIAŁ GOSPODARCZY KRS under KRS no.: 0001191608, NIP (tax ID): 7963040480, REGON: 54257963500000, share capital: 5,000.00 PLN, fully paid-up, e-mail: blewandowski.2221@gmail.com, acting as a provider of the Application and Services.
means a natural person of age, a legal person or an organizational unit without legal personality who uses or intends to use the Application in connection with running an online store via Shopify, under these Terms of Use and applicable law (typically a Shopify merchant).
means a natural person, a legal person or an organizational unit without legal personality who uses the online store operated by the Service User (end-customer of the merchant).
provision of functionalities of the Application aimed at enabling Users of the Service User's online store to create and manage wishlists (saving products for future purchase) and enabling the Service User to manage these wishlists and related analytics, provided remotely via Shopify.
"MiB Wishlist", a software system created by the Service Provider to improve the functionality of the online store run by the Service User, made available in the Shopify App Store, in accordance with Shopify's regulations, whose main purposes are: (i) increasing the functionality of the online store by offering wishlist features (saving, managing and optionally sharing products for later purchase), (ii) providing the Service User with configuration options and analytics related to wishlists and saved products.
a contractual relationship between the Service User and the Service Provider, concluded when the Application is installed/launched in the Service User's Shopify store, regarding the Service User's use of the Application and Services.
a limited, non-exclusive, non-transferable and revocable right to use the Application by the Service User in terms of access to it. The License is valid until the Agreement is terminated.
this document, specifying, among others, the terms and conditions for the provision of Services provided by the Service Provider electronically.
Appendix No. 1 to these Terms of Use, defining the method of data processing; it is an integral part of the Terms of Use.
Polish Act of February 4, 1994 on copyright and related rights (consolidated text, Polish Journal of Laws).
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
as defined in the GDPR, means information about an identified or identifiable natural person (data subject).
as defined in GDPR, means any operation performed on personal data, such as collecting, storing, using, deleting, etc.
Service User (merchant) in relation to the personal data of Users of the online store, processed via the Application.
Service Provider, in relation to processing of personal data on behalf of the Service User as described in the Privacy Policy (Appendix No. 1).
means total or partial damage to the Internet, power grid failure, act of war or terrorism or other similar event beyond the Service Provider's control; Force majeure also includes failure of Shopify's services beyond the Service Provider's control.
Shopify Inc. with its registered office at 151 O'Connor Street, Ground floor, Ottawa, ON K2P 2L8, Canada, and its affiliates.
means the Shopify app store, regardless of the actual name of the store.
The subject of the Agreement is to add wishlist-related functionality to the Service User's online store, which functionality is provided by the Application.
Under the Agreement, the Service Provider in particular:
read_orders, read_customers, read_themes, read_locales, write_products, write_app_proxy).If the Service User needs technical support, they may be obliged to grant appropriate staff access to the store for the Service Provider by accepting the collaborator access request or similar access request sent via Shopify. Without such access, the Service Provider may not be able to provide technical support.
The Application may be used only on the terms and within the scope specified in the Terms of Use, in accordance with the documentation made available by the Service Provider and with applicable law.
Installing or using the Application constitutes acceptance of these Terms of Use and the Privacy Policy.
The Service Provider and the Service User undertake to refrain from any actions that may hinder or destabilize the functioning of the Application. The Service Provider may temporarily suspend access to the Application in order to perform maintenance, updates or in case of Force Majeure.
Technical requirements for the use of the Application:
If the Service User uses equipment or software that does not meet the technical requirements specified above, the Service Provider does not guarantee the correct operation of the Application and reserves that this may negatively affect the quality and ability to provide the Services.
When using the Application, it is prohibited to use viruses, bots, worms or other code, scripts or programs that may threaten the Application or technical infrastructure or enable unauthorized access.
The Service Provider informs and the Service User acknowledges that using the Internet may involve risk (e.g. hacking, phishing, malware). The Service Provider is not liable for damages resulting from such risks, unless caused solely by the Service Provider's intentional fault.
The Service Provider grants the License to the Application to the Service User in exchange for remuneration received via Shopify. All billing for the License is made between the Service Provider and Shopify using the Shopify Billing API, according to Shopify's rules.
The fee for the License (subscription fee, usage-based fee or combined fee, as applicable) is paid via the payment gateway provided by Shopify, in advance, on the dates specified in the information displayed in the Shopify App Store listing and/or after installing the Application.
Payments are typically automatically renewed at the end of each billing period, unless the Service User uninstalls the Application or cancels the subscription in Shopify.
Shopify issues invoices or billing documents related to the use of the Application, in accordance with Shopify's rules and tax regulations applicable to Shopify.
If the fee is not paid or if Shopify cannot collect payment, access to the Application may be automatically suspended until payment is successfully completed.
The Service Provider may change the fee (including introducing new plans) upon prior notice through the Application, Shopify App Store listing or e-mail and in accordance with Shopify's rules. Continued use of the Application after the effective date of the change constitutes acceptance of the new fee. The Service User may reject the new fee by uninstalling the Application before the change takes effect.
The Agreement is concluded for an indefinite period.
The Service User may terminate the Agreement at any time by uninstalling the Application or cancelling the subscription within the Shopify admin.
The Service Provider may terminate the Agreement with immediate effect in the event of:
Termination of the Agreement takes effect when the subscription is cancelled/uninstalled in Shopify. After termination, the Application may stop functioning in the Service User's store and stored wishlist data may be deleted in accordance with the Privacy Policy.
The Service User acknowledges that if the fee is not paid, the Application will be unavailable and wishlist functionality in the store may stop working.
The Service User may submit complaints regarding the functioning of the Application, billing issues or other matters related to the Agreement via the e-mail address: blewandowski.2221@gmail.com.
A complaint should include:
The Service Provider will consider the complaint within 14 days from the date of receipt. In particularly complex cases, this period may be extended, and the Service User will be informed.
The response to the complaint will be sent to the e-mail address provided in the complaint.
Complaints that do not contain contact details enabling a response may not be considered.
The rules of processing and protection of personal data in connection with the Application are set out in Appendix No. 1 - Privacy Policy, which constitutes an integral part of these Terms of Use.
For data of Users (customers of the Shopify store) that are processed via the Application, the Service User acts as the Controller, and the Service Provider acts as the Processor, within the meaning of GDPR.
For data of Service Users and their staff (e.g. name, e-mail, billing details used for support, communication, invoicing), the Service Provider acts as the Controller.
The Application is a work within the meaning of the Copyright Law and is made available to the Service User under the License described in these Terms of Use. The Application and its content (including code, design, graphics, texts, configuration logic) are protected by copyright and other intellectual property laws.
The Service Provider declares that it holds the necessary intellectual property rights to the Application and grants the Service User a non-exclusive, non-transferable License to use the Application in accordance with these Terms of Use and only for the needs of the given Shopify store(s) where the Application is installed.
The Service User may not:
The Service Provider may temporarily make the Application unavailable in order to:
To the extent permitted by mandatory law, the Service Provider's liability towards the Service User is limited to:
The Service Provider is not liable for:
Nothing in these Terms of Use excludes or limits liability where such exclusion or limitation is not allowed under applicable law.
The Service Provider is not responsible for any consequences of incorrect performance of services by the Service User towards Users (customers of the store).
If any provision of the Terms of Use is found invalid or ineffective under mandatory law or by a final court decision, the remaining provisions remain in force. The invalid provision will be replaced by a provision that best reflects its original intent and complies with law.
The Service Provider may amend the Terms of Use. Any changes or modifications are effective when posted at a public URL indicated by the Service Provider (e.g. documentation page) and, where required, after prior notice to the Service User (for example via e-mail or in-app notification), with at least 15 days' notice before the effective date, unless a shorter period is required by law or Shopify rules.
In the event of a conflict between these Terms of Use and Shopify policies, Shopify's terms apply to the extent required by Shopify, and the remaining provisions of these Terms of Use remain valid.
Any disputes arising from the implementation of the Terms of Use shall be resolved by a competent common court having jurisdiction over the registered office of the Service Provider, unless mandatory law provides otherwise.
These Terms of Use have been prepared in Polish and English. In the event of discrepancies, the Polish version (if published) shall prevail.
These Terms of Use are governed by the law applicable in the territory of the Republic of Poland.
The current wording of these Terms of Use is valid from: 01.12.2025.
This Privacy Policy defines the rules for the processing and protection of personal data of natural persons using the Application (hereinafter: "Users") in online stores which have installed the "MiB Wishlist" Application.
For the purposes of this Privacy Policy:
For personal data of Users (customers of the Shopify store) processed via the Application, the Administrator is the merchant who installed the Application, and the Processor processes such data only on behalf of and according to documented instructions of the Administrator, under Article 28 GDPR.
For personal data of Service Users (merchants) and their staff used for support, communication and billing, the Service Provider acts as the Controller.
Personal data are processed in accordance with GDPR, the Polish Act on the provision of electronic services and other applicable data protection laws.
To provide wishlist features, the Processor may process the following categories of data received from the Administrator or from the User's browser:
The Application uses Shopify App Proxy calls that rely on identifiers stored in the User's browser (e.g. session/anonymous IDs) to keep a wishlist for a given device or logged-in account. These identifiers may be stored in cookies, localStorage or Shopify cart attributes (e.g. _mib_wishlist_session) to let the wishlist persist between visits and to attribute orders to wishlists when the merchant enables that feature.
When the Administrator enables attribution/cleanup features, the Application reads order data through the Shopify read_orders scope to detect purchases containing wishlist items. The Processor may store:
When the merchant grants read_customers, the Application queries Shopify for customer profile data to display in analytics (e.g. display name, tags, number of orders, amount spent, account state). These data are fetched on demand for the merchant's view and are not persisted beyond the analytics queries, except where minimal identifiers (customer ID) are already part of the wishlist profile.
The Application may process store locale/language/currency data and translation strings configured by the merchant to localize storefront widgets; these do not contain customer personal data.
The legal basis for processing User data by the Administrator is determined by the Administrator (e.g. Article 6(1)(b) GDPR - performance of a contract with the customer, or Article 6(1)(f) - legitimate interest of the merchant in providing wishlist functionality). The Processor processes data under Article 28 GDPR based on a data processing agreement embodied in these Terms of Use and this Privacy Policy.
As a Controller, the Service Provider may process personal data of Service Users (merchants) and their staff, such as:
These data are processed for:
The legal basis for this processing is in particular Article 6(1)(b) GDPR (performance of a contract), Article 6(1)(c) GDPR (legal obligation), and Article 6(1)(f) GDPR (legitimate interest in support, security, product improvement and defence of claims).
To provide the Application, the Processor may use sub-processors (hosting providers, database hosting, logging/monitoring tools, analytics tools used within the admin interface, communication channels such as Discord webhooks).
These entities process data only to the extent necessary to provide infrastructure or services for the Application and are bound by contracts ensuring protection of personal data in accordance with Article 28 GDPR.
The Administrator authorises the Processor to use such sub-processors. A current list or categories of sub-processors may be made available on request by contacting the Service Provider at the support e-mail address. Typical categories include: cloud hosting (e.g. Vercel or equivalent), managed PostgreSQL database hosting, file/CDN hosting for static assets, and messaging/notification services (currently Discord webhooks for support/feedback alerts). If additional third-party tools are added (e.g. logging, monitoring, analytics libraries), the list will be updated and the Administrator will be notified where required.
Data of Users (customers) processed via the Application are stored:
After the Administrator uninstalls the Application or the Agreement is terminated, the Processor triggers automated cleanup that removes store-specific data (wishlist profiles, items, events, visits, share links, translations, settings, sessions) without undue delay and typically within a maximum of 30 days, unless applicable law requires longer retention (e.g. for limited security logs). Order attribution records are deleted together with the store's data. Short-lived application logs and error traces (if any) are kept only as long as necessary to diagnose issues and are then deleted or anonymized.
The Administrator may request earlier deletion of specific data (e.g. for a given store or given User) by contacting the Processor, provided that such deletion is technically feasible and does not conflict with legal obligations.
Data of Service Users (merchants) processed by the Service Provider as Controller are stored for the time necessary to:
Users whose data are processed via the Application have rights under GDPR, including:
Because the Administrator is the Controller, Users should primarily address their requests to the Administrator (the merchant operating the Shopify store).
The Processor will support the Administrator in fulfilling data subject requests, to the extent technically possible and required under Article 28 GDPR, and may directly respond to a data subject request only in situations allowed or required by law.
Service Users (merchants) whose data are processed by the Service Provider as Controller may exercise their rights by contacting the Service Provider at blewandowski.2221@gmail.com.
The Processor applies appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or alteration, in accordance with Article 32 GDPR.
Data are stored on servers located in the European Economic Area or other locations ensuring an adequate level of protection (e.g. based on standard contractual clauses), if applicable.
In the event of a personal data breach affecting data processed via the Application, the Processor will cooperate with the Administrator in fulfilling obligations under GDPR (including notification to the supervisory authority and/or data subjects, where required).
If data are transferred outside the European Economic Area (EEA), such transfers will take place only:
Information about specific transfers may be obtained by contacting the Service Provider.
The Processor may amend this Privacy Policy, in particular in case of:
The Processor will inform Service Users (merchants) about material changes with at least 15 days' notice, for example via e-mail or in-app notification, unless immediate changes are required by law.
The new content of the Privacy Policy will be effective from the date indicated in the notice, but not earlier than 15 days after notifying the Service User, unless law or Shopify rules require a different date.
For any questions related to this Privacy Policy or data protection in connection with the "MiB Wishlist" Application, you can contact:
LUNNEA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
ul. Nowa Wola Gołębiowska 40
26-613 Radom, Poland
KRS: 0001191608, NIP: 7963040480, REGON: 54257963500000
E-mail: blewandowski.2221@gmail.com