PERSONAL DATA PROTECTION POLICY

 

                                  I.    Identification of the personal data administrator

                                II.    The legal basis of the personal data processing

                                                                                     III.    The goals of the personal data processing                                                                 

                                                                                                         IV.    The range of the processed personal data                                                                                   

                                                                                                                          V.    The source of the personal data acquisition                                                                                                 

  VI.    Personal data provision obligation

                                                              VII.    Information regarding the recipients of the personal data

                      VIII.    The periods of personal data processing

                      IX.    Profiling and automated decision-making

                  X.    The rights of the personal data owner:

a.   The right of access to personal data, its correction, cessation of its processing and its removal

b.   The right to lodge a complaint with supervisory authority

 

Personal data processing for the users of the 5zywiolow.com Portal

 

Wording used in this policy has the following meaning:

1)      Agency – 5 Żywiołów – Dastin Wawrzyniak, engaged in an economic activity under the company 5 Żywiołów Dastin Wawrzyniak, headquatered in Głogówek, Powstańców 34 street (45-250, Głogówek), VAT Number: 7551926607, REGON: 161503207. The company is also the administrator of the personal data collected via this website;

2)      personal data – all information regarding an identified or possible to identify individual;

3)      Portal – the 5zywiolow.com website;

4)      user – an individual using the 5zywiolow.com website;

5)      GDPR – a regulation that serves as a legal basis for processing of personal data by the Agency, full name: regulation (EU) 2016/679 of the Parliament and of the Council of 27 April 2016 on the protection of personal data, free movement of such data and the repeal of Directive 95/46 / EC (General Data Protection Regulation). The supplementary legal regulation for the processing of personal data the July 18, 2002 regulation on provision of such service via electronic means, in particular Chapter IV of this act. Read the GDPR (hiperłącze) and the Act on the Provision of Electronic Services (hiperłącze);

6)      Newsletter – commercial information (about promotions, advertisements, new services or products) sent to Users by e-mail at their request.

 

Basis for the processing of personal data

The processing of personal data is based on the GDPR and the Act of 18 July 2002 on the provision of electronic services. The exact grounds for the processing of personal data can be found in the following GDPR regulations::

1)      in the case of subscription to the Newsletter, creation of an account or sending an inquiry, the processing is carried out on the basis of art. 6 (1)(a) of GDPR, i.e. the User's consent;

2)      in the case of purchase of a product or service - pursuant to art. 6 (1)(a) and (b) of GDPR, i.e. to the extent necessary to perform the contract and on the basis of consent.

Users' personal data is collected, stored and used by the Agency with the consent of the persons they relate to, in accordance with the law and in compliance with due procedures and in a manner that guarantees their safety.

Personal data is not transferred to entities outside the European Economic Area ("EEA") or to international organizations.

 

Purposes of personal data processing

The Agency processes personal data only in order to provide proper service to Users, for the purposes of:

1)      providing Services or selling Products (including considering complaints, withdrawing from contracts concluded via the portal and other consumer rights);

2)      communication with Users who contacted the Agency by phone or e-mail;

3)      sending the Newsletter.

The Agency may incidentally use personal data to perform the obligations imposed by the provisions of generally applicable law, when it is necessary. At the same time, the Agency ensures that the processing of these data by third parties will take place to the extent necessary to perform these obligations and in a safe manner.

 

The scope of processed personal data

The agency cares about the privacy of website visitors by collecting only the data necessary to achieve the purpose for which they are collected, i.e. sending commercial information (newsletter) and selling the products and services offered. Providing personal data is voluntary and only applies to situations where the User intends to:

1)      use the offer contained on the website, i.e. purchase a product or service contained on the website - the first name, surname, e-mail address will be processed, and, in the case of providing services to a third party (e.g. your child), the data of that person. The address to which the product is to be shipped may be necessary;

2)      subscribe to the Newsletter - only the e-mail address and name will be processed;

3)      make inquiries via the Portal - first name, surname, date of birth, e-mail address will be processed. Optionally, you can also provide a telephone number to enable the Agency to contact you by phone.

In order to facilitate the use of certain services available on the Portal, the forms proposed on the dedicated pages may indicate other personal data the provision of which is necessary in order to use the service or goods offered on the Portal. In particular, it may be the shipping address of the goods.

 

The source of personal data acquisition

The Agency acquires personal data from Users only.

Users may also provide personal data of third parties on behalf whom the contract is concluded. In such a situation, along with the carrying out of the obligation entailed by the concluded contract, the Agency will inform the third party about:

1)     its identity as the administrator of personal data;

2)     the purpose for which personal data is processed;

3)     the legal basis for data processing;

4)     categories of personal data processed (e.g. name, surname, age, address);

5)     the information on other entities that may possibly process the data of a third party (the Agency will not inform the postal operator about the transfer of personal data, due to the obligation of that entity to maintain postal secrecy, which also includes personal data);

6)     the criteria for determining the period of personal data processing;

7)     rights of a third party relating to data processing;

8)     the right to lodge a complaint with the supervisory authority;

9)     the source of the personal data.

 

Obligation to provide data

In order to get acquainted with the Portal's offer, it is not necessary to disclose any personal data. The website uses only the so-called cookies. To learn more about how they work, click here. The cookies collect the IP address from the user's computer in order to collect statistical data, while maintaining your anonymity.

Providing personal data is necessary if you agree to subscribe to the Newsletter or to purchase a service or product offered by the Agency or to answer an inquiry sent through the Portal (more on this in the "The scope of processed personal data" section), and also in the case of creating an account.

The Agency ensures that all personal data will be processed only to the extent necessary to perform the contract concluded with contractors (consumers), therefore the legal basis for processing in this case is the basis of art. 6 (1)(b) GDPR. Moreover, for this purpose, the User agrees to the processing of personal data for the purpose of using certain services, which means that the legal basis for the processing is Art. 6 (1)(a) GDPR as well.

If the User creates an account, they agree to the processing of their personal data in order to perform an electronic service  permanent of acquiring permanent access to a personalized Account on the Portal, which means that the legal basis for processing is also Art. 6 (1)(a) GDPR.

 

Information on data recipients

The Agency does not transfer (sell or lend in any way) the collected personal data of Users to third parties, except for the exceptions indicated below. The data that the Agency may disclose to entities cooperating with it are general statistical summaries that do not allow for the identification of individual Users. For technical reasons, the Agency may entrust processing, pursuant to Art. 28 GDPR, to another entity by way of a contract or other legal instrument without changing the purpose of their processing.

The Agency may provide the collected e-mail addresses to the Company Mailchimp for the purpose of the collective transmission of messages via the computer program provided by it as part of the Newsletter service.

The Agency may transfer the collected personal data to BR Dorgo - in order to fulfil tax and legal obligations, settle transactions concluded with the user, if it proves necessary to fulfil these obligations in connection with the request addressed to the Agency by the tax authorities.

The Agency provides User Data to the payment provider Tpay to complete the prepaid transaction. Information on payment data is also provided to banks, which are obliged to keep confidential all data concerning transactions carried out by them under separate provisions of banking law. The processing of personal data is based on these cases.

 

Data processing period

The Agency will process personal data for the period in which we will have a legal basis for it, i.e. until:

1)      the service is fully implemented or the product is delivered to the User, and the User exhausts their consumer rights (or any other) resulting from the concluded contract;

2)      the User withdraws consent to the processing of personal data (including cancellation of the Newsletter subscription);

3)      the User removes their Account from the Portal;

4)      the legal obligation obliging the Agency to process personal data expires;

5)      your objection to the processing of your personal data is accepted and the objection is considered justified by the Agency.

 

The agency does not profile your data!

Users' personal data processed within the Portal are not subject to profiling.

The agency collects information contained in system logs (e.g. an IP address). They are used for technical purposes. IP addresses are also used to collect general statistical demographic information about visitors to the Agency Portal. In the course of creating statistics, these data are anonymized and deleted after their creation.

 

User rights related to data processing

The User has the right to access, request correction, limitation of processing or deletion of his personal data provided to the Agency by sending a request to the e-mail address: [email protected] The User's request will be fulfilled within 3 working days from the date of the filing. Deletion of the electronic mail address submitted with the newsletter service will terminate the subscription to commercial information provided by the Agency. The Agency will only refuse to comply with the request if further processing of personal data is necessary for the purposes for which they were collected.

The User may also lodge a complaint with the supervisory body competent for the protection of personal data, i.e. the President of the Office for Personal Data Protection (correspondence address: Office for Personal Data Protection, Stawki street 2, 00-193 Warsaw). The complaint may also be submitted via the website of the Personal Data Protection Office: https://uodo.gov.pl/pl/p/kontakt. The Agency informs that, according to the law, the submission of a complaint must be preceded by an objection to the processing of personal data - this allows us to respond to your request before you submit a complaint.

For security purposes, if you suspect that the User's data may have been compromised, you should immediately contact the administrative staff of the Portal at the e-mail address [email protected]

 

The method of storing and protecting personal data

The Agency has implemented technical and organizational measures adapted to the degree of risk of violating the rights and freedoms of Users related to the leakage of their data.

Data provided to the Agency is protected against access by third parties both at the level of physical access and at the digital level. In particular, the Agency uses security software to prevent leakage of personal data.

All persons processing Users' personal data for the purposes of the Portal have appropriate authorizations issued by the Agency and are properly instructed on the principles of how to process personal data in a manner that is safe for the User.

 

The image of the participants of the courses offered by the Agency

The Agency obtained a written consent from the participants of its events to publish their image. If the Agency wants to publish your image on the Portal, or in any social media, it will ask you and your parent for a free-of-charge written consent for this publication, and will present the scope of its request for consent to share the image.

 

 

 

 

Latest blog posts See older posts