Information obligation RODO – GDPR
Who is the data controller?
The administrator of the Personal Data (hereinafter referred to as the Administrator) is the company “Maja Laura Jaryczewska”, conducting its business at the address: Sopot, Mickiewicza Street, No. 40A 81-866, with assigned tax identification number (NIP): 7011084234, providing services electronically via the Website
How can I contact the Administrator?
The Administrator can be contacted in one of the following ways
Postal address – Maja Laura Jaryczewska, Sopot, Mickiewicza Street, no. 40A 81-866
E-mail address – firstname.lastname@example.org
Telephone call – +48 516242949
Has the Administrator appointed a Personal Data Inspector?
Pursuant to Article 37 of RODO, the Administrator has not appointed a Data Protection Officer.
In matters concerning data processing, including personal data, please contact the Administrator directly.
Where do we obtain personal data from and what are their sources?
Data is obtained from the following sources:
from the data subjects
in the case of registration using social networking sites, with the informed consent of those persons, from those social networking sites
What is the scope of the personal data we process?
The website processes ordinary personal data provided voluntarily by the data subjects
(E.g. name, login, email address, telephone, IP address, etc.).
What are the purposes of our data processing?
Personal data voluntarily provided by Users are processed for one of the following purposes:
Realization of electronic services:
Services of registration and maintenance of the User’s account on the Website and functionalities related to it
Newsletter service (including sending advertising content with consent)
Commenting on / liking posts on the Website without the need to register
Administrator’s communication with Users on matters related to the Service and data protection
Providing the legally justified interest of the Administrator.
What are the legal bases of data processing?
The Service collects and processes Users’ data on the basis of:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
the data subject has given consent to the processing of his/her personal data for one or more specified purposes
processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party
Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
Act of 16 July 2004. Telecommunications law (Journal of Laws 2004 no. 171 item 1800)
Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24 item 83)
What is the legitimate interest pursued by the Administrator?
In order to possibly establish, pursue or defend against claims – the legal basis for processing is our legitimate interest (Article 6(1)(f) RODO) in protecting our rights, including but not limited to;
For the purpose of risk assessment of potential customers
In order to evaluate planned marketing campaigns
In order to carry out direct marketing
For how long do we process personal data?
As a general rule, the personal data indicated are kept only for the duration of the provision of the service within the service provided by the Administrator. They are deleted or anonymized within 30 days from the termination of service provision (e.g. deletion of a registered user account, unsubscribing from the Newsletter list, etc.).
In exceptional situations, in order to secure the legitimate interest pursued by the Administrator, this period may be prolonged. In such a situation the Administrator shall store the data indicated from the time of the User’s request for removal, no longer than for 3 years in the event of an infringement or suspected infringement of the provisions of the service rules by the data subject.
Who is the recipient of the data, including personal data?
As a rule, the only recipient of the data is the Administrator.
However, data processing may be entrusted to other entities providing services to the Administrator in order to maintain the activity of the Service.
Such entities may include, among others:
Hosting companies, providing hosting or related services to the Administrator
Companies through which the Newsletter service is provided
Companies intermediating in on-line payments for goods or services offered within the Service (in case of purchase transactions in the Service)
Companies responsible for delivery of physical products to the User (postal/courier services in the event of a purchase transaction on the Website)
Will your personal data be transferred outside the European Union?
Personal data will not be transferred outside the European Union unless it is published as a result of an individual action of the User (e.g. entering a comment or a post), which will make the data available to every person visiting the Website.
Will the personal data be the basis for automated decision-making?
Personal data will not be used for automated decision-making (profiling).
What rights do you have in relation to the processing of personal data?
Right of access to personal data
Users have the right to obtain access to their personal data, exercised upon request submitted to the Administrator
Right to rectification of personal data
Users have the right to request the Administrator to promptly rectify their personal data that is inaccurate and/or to complete incomplete personal data, realized upon request submitted to the Administrator
Right to erasure of personal data
Users have the right to demand from the Administrator immediate deletion of their personal data, carried out upon request submitted to the Administrator.
In case of User accounts, data removal consists in anonymisation of data enabling User identification.
In case of Newsletter service, the User has the possibility to delete his/her personal data using a link placed in each e-mail message sent.
Right to restrict processing of personal data
Users have the right to restrict the processing of personal data in cases indicated in Article 18 RODO, among others, by questioning the correctness of personal data, exercised upon request submitted to the Administrator
Right to personal data portability
Users have the right to obtain from the Administrator personal data concerning them in a structured, commonly used and machine-readable format, carried out at the request submitted to the Administrator
Right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the RODO, exercised at the request submitted to the Administrator
Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority dealing with personal data protection.