The security of your data is of paramount importance to us.
- Personal Data – any information relating to an identified or identifiable natural person.
- Processing – any operation or set of operations performed on Personal Data or on sets of Personal Data.
- Data Subject – natural person whose Personal Data is being processed.
- Administrator – Persooa sp. z oo ul. Rondo ONZ 1; 00-124 Warsaw.
- Data Protection Inspector – whom we have appointed in Persooa and with whom you can contact at the address: firstname.lastname@example.org.
- Service – means the web page or application, under which the Administrator runs the Internet service
- Device – means an electronic device, by means of which the User accesses the Service.
- User – means an entity to whom, in accordance with the Regulations and legal provisions, electronic services may be provided or with whom an Agreement for the provision of services by electronic means may be concluded.
- Cookies – means IT data, in particular small text files, recorded and stored on devices through which the User accesses the websites of the Website.
- Administrator Cookies – means Cookies placed by the Administrator, related to the provision of electronic services by the Administrator through the Website.
- External Cookies – means Cookies placed by the Administrator’s partners, via the website of the Service
Data protection principles
We promise to comply with the following data protection principles:
- Processing is lawful, fair and transparent. Our processing activities have a legal basis. We always consider your rights before processing your personal data. We will provide you with information about the processing upon request.
- Processing is limited to the purpose. Our processing activities are relevant to the purpose for which the personal data was collected.
- The processing is carried out with a minimum amount of data. We collect and process only the minimum amount of personal data required for any purpose.
- Processing is limited by a period of time. We will not keep your personal data for longer than necessary.
- We will make every effort to ensure the accuracy of the data.
- We will make every effort to ensure the integrity and confidentiality of the data.
Rights of the data subject
The data subject has the following rights:
- The right to information – which means you have the right to know if your personal data is being processed; what data is collected, where it is obtained from and why and by whom it is processed.
- Right of access – which means you have the right to access the data collected from/about you. This includes the right to request and obtain a copy of the personal data collected.
- Right of rectification – which means you have the right to request the rectification or erasure of your personal data that is inaccurate or incomplete.
- The right to erasure – which means that in certain circumstances you may request that your Personal Data be deleted from our records.
- Right to restrict processing – which means that when certain conditions apply, you have the right to restrict the processing of your Personal Data.
- Right to object to processing – which means that in certain circumstances you have the right to object to the processing of your Personal Data, for example in the case of direct marketing.
- Right to object to automated processing – which means you have the right to object to automated processing, including profiling; and not be subject to a decision based solely on automated processing. You can exercise this right whenever the result of profiling produces legal effects concerning or significantly affecting you.
- Right to data portability – you have the right to obtain your Personal Data in machine-readable format or, where feasible, by direct transfer from one Processor to another.
- Right to complain – if we reject your request under your Access Rights, we will give you a reason why. If you are not satisfied with the way your request has been handled, please contact us.
Right to assistance / supervisory authority – which means you have the right to assistance from a supervisory authority and the right to other remedies such as seeking compensation.
- Right to withdraw consent – you have the right to withdraw any consent you have given for the Processing of your Personal Data.
Data we collect
- information you have provided to us. This can be your email address, name, billing address, home address etc. – mainly information that is necessary to provide you with a product / service or to improve customer service. We record the information you provide to us for the purpose of commenting or performing other activities on the site. This information includes, for example, your name and email address.
- Information collected automatically about you. This includes information that is automatically stored by cookies and other session tools. For example, your shopping cart information, IP address, purchase history (if any), etc. This information is used to improve the customer experience. When you use our services or browse our website content, your actions may be recorded.
- Information from our partners. We collect information from our trusted partners with confirmation that they have a legal basis to share this information with us. This is information that you have provided to them directly or that they have collected about you on other legal bases.
- Information available to the public. We may collect information about you that is publicly available.
How we use your personal data
We use your personal data for legitimate reasons and/or with your consent. On the basis of entering into a contract or fulfilling contractual obligations. We process your Personal Data for the following purposes:
- providing our services. This includes, for example, registering for an account; providing other products and services you have requested; providing you with promotional items at your request and communicating with you in relation to those products and services; communicating and interacting with you and notifying you of changes to any services.
- improve customer service;
- to comply with a legal or contractual obligation;
- to identify you;
- to provide you with a service or send / offer you a product;
- to communicate for sales or invoicing purposes;
- to send you a Newsletter, with your consent, to the e-mail address you have indicated;
- in connection with the recruitment process, to the extent specified in the advertisement;
- to arrange a meeting with us
- to send you personalised offers * (from us and / or our carefully selected partners);
- to administer and analyse our customer base (behaviour and purchase history) in order to improve the quality, variety and availability of the products / services offered / provided;
- to conduct customer satisfaction surveys;
Until you have told us otherwise, we believe that offering you products / services that are similar or the same as your purchase history / browsing behaviour is our legitimate interest. With your consent we process your personal data for the following purposes:
- to send newsletters and campaign offers (from us and/or our carefully selected partners);
- for other purposes where we have asked for your consent;
We process your Personal Data in order to comply with legal obligations and/or use your Personal Data to the extent permitted by law. We reserve the right to anonymize the Personal Data collected and to use such data. We will only use data outside the scope of this Policy if it is anonymized. We will retain your billing information and other information collected about you for as long as necessary for accounting purposes or other legal obligations.
The Administrator’s legal basis for processing your personal data is:
- 6(1)(b) GDPR i.e. performance of a contract or taking action on requests prior to entering into a contract;
- 6(1)(c) GDPR i.e. fulfilment of a legal obligation of the Administrator;
- 6(1)(f) GDPR i.e. the Administrator’s legal interest.
We may process your personal data for additional purposes not listed here, but which are compatible with the original purpose for which they were collected. To do so, we will ensure that:
- the relationship between the purposes, context and nature of the personal data is appropriate for further processing;
- the further processing would not harm your interests and there would be adequate protection for the processing;
We will inform you of further processing and purposes.
The Administrator provides the following Electronic Services:
- Contact form;
- Arranging an appointment;
- Using the Newsletter Electronic Service shall take place through submitting a declaration of intent to use this Service by entering your data in the designated form and approval of consent.
- The Newsletter Electronic Service is provided free of charge for an indefinite period of time. The User shall have the right to resign from the Newsletter Service at any time and without giving reasons by sending an appropriate request to the Administrator.
- Providing personal data in order to send information to the indicated e-mail address (Newsletter subscription) is voluntary. The legal basis for the processing of personal data is the consent given by the User. Providing personal data in order to use the contact form is voluntary, but necessary to answer the question. If you do not wish to provide your personal data, please contact the Administrator by telephone.
Who can access your personal data
We do not share your personal information with strangers. Your personal data is in some cases shared with our trusted partners in order to enable us to provide you with a service or improve our customer service.
Our processing partners:
- Google Analytics (Google Inc.) Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the data collected to track and study the use of this Website, to prepare reports on its activities and to share these with others.
- Other entities we work with to fulfill the purpose of processing your Personal Data;
We only work with processing partners who are able to provide an adequate level of protection for your Personal Data. We disclose your Personal Data to third parties or public officials when we are legally obliged to do so. We may disclose your Personal Data to third parties where you have consented or there are other legal grounds to do so.
How we secure your data
We make every effort to keep your personal data secure. We use secure protocols for communication and data transfer (e.g. HTTPS). We use anonymisation and pseudonymisation where appropriate.
We monitor our systems for possible vulnerabilities and attacks. Although we make every effort, we cannot guarantee the security of your information. However, we promise to notify the relevant authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything in our power to prevent security breaches and assist the authorities in the event of any breach.
If you have an account with us, please note that you must keep your username and password confidential.
Cookies and other technologies we use
A cookie is a small text file stored on your computer. Cookies store information that helps websites work. Only we have access to the cookies created by our website. You can control your cookies from within your browser. Choosing to disable cookies may make it difficult to use certain features.
Transfer of personal data outside the EU
The Administrator may use the tools of entities which are based outside the European Economic Area (hereinafter: EEA) or which may store data outside the EEA. Personal data will not be transferred to international organisations. The Administrator will use all legally available safeguards to secure the transfer of this data. Transfers of data outside the EEA may occur under the exceptions provided for in Article 49 of the GDPR, provided that the conditions set out in that Article apply. For information on the applicable safeguards and the scope of data transferred outside EGO, please contact the Controller or the DPO.
Users’ personal data shall not be processed in an automated manner, including in the form of profiling, i.e. no decisions producing legal effects or similarly significantly affecting a person shall be based solely on the automated processing of personal data and shall not involve such an automatically taken decision.
Activity on social networks
The administrator is the owner of the social media accounts:
The Administrator maintains and manages accounts on social networking sites in order to promote products, services and his/her activity. Within the framework of these activities, it administers personal data of the users of social networks who observe the Administrator’s profiles, including participation in competitions, events and dialogues with both the Administrator and other users via accounts managed by the Administrator.
If the user wants to stop processing personal data made available through social networking sites, he/she should stop observing the Administrator’s profiles, using the options used by the portal, e.g. by clicking the “Like” button on Facebook.
All rights to signs (including logos), copyrights, database rights and all other intellectual property rights to the content of the website and social network profiles belong to the Administrator.
It is forbidden to copy, modify, use in any form and reproduce, in whole or in part, the content of the website for commercial purposes without the prior written consent of the Administrator and the author of the test.
The content presented on the website and social networking profiles is intended to promote the Administrator’s activity. Using the materials for any other purpose is forbidden.
The materials made available on the Administrator’s social networking profiles are his/her property or have been made available with the consent of the authors of the content.
The User who uses profiles on the Administrator’s social media accounts declares that the Content posted by them:
- will not be inappropriate. Content is considered inappropriate when: constitutes plagiarism, is defamatory, offensive, harassing, untrue, misleading, derogatory, discriminatory, threatening, harassing, expresses racial or sexual prejudice;
- contains elements that are ridiculous, rude, offensive, insulting, offensive suggestions, swearing;
- quotes other users’ statements out of context in order to create a false or negative impression;
- is obscene, indecent, or pornographic; or
- violates the confidentiality or privacy rights of another person,
- will not prejudice any pending legal proceedings of which you are aware;
- will not contain allegations of indecency or personal criticism directed at the Administrator’s employees;
- are not likely to: (i) cause fear, uncertainty or distress to another person; (ii) incite a breach of the rules of social intercourse; or (iii) incite racial or religious aggression or hatred,
- not infringe any copyright, trademark, patent, or other intellectual property right of Administrator or any third party
- Not be technically harmful (including, without limitation, computer viruses, logic bombs, Trojan horses, computer worms, harmful components, corrupted data or other malicious software, harmful data or activities)
- Not constitute an offer, advertisement or promotion of any product or service or solicitations for grants or financial support;
- Not constitute spam or obtrusive advertising by mail;
- Impersonate or otherwise misrepresent your identity, affiliation or position;
- Represent or encourage conduct that would be considered a criminal offence, give rise to civil liability, or be contrary to law.
The User may include links to other websites and sub-sites on the Administrator’s profile if:
- the terms and conditions of use of such websites or sub-sites allow for links to such websites or sub-sites;
- they are clearly and visibly identified as links;
- the content of the linked website or sub-site has a clear link to the Linked Content; and the linking website or sub-site does not automatically download any files.
The Administrator stipulates that any content that does not comply with the above rules, especially comments of a nature:
- defamatory, untrue or misleading;
- Abusive, insulting or threatening;
- of a non-censual or sexual nature;
- of a harassing, racist, sexist, homophobic or discriminatory nature against any religion or other group of persons.
They will be deleted immediately.
Without the express permission of the Administrator, you are not authorized to re-post any Content or other materials or applications that you have previously removed.
Types of Cookies used
Cookies used by the Administrator are safe for the User Device. In particular, this way it is not possible to get into the Device Users viruses or other unwanted software or malware. These cookies allow to identify the software used by the User and to customise the Website for each individual User. Cookies usually contain the name of the domain they come from, the time they are stored on the Device and the assigned value.
The Administrator uses two types of cookies:
- Session cookies: are stored on the User’s Device and remain there until the end of the session of the respective browser. The stored information is then permanently deleted from the memory of the Device. The mechanism of session cookies does not allow collecting any personal data or any confidential information from the User Device.
- Permanent cookies: are stored on the User’s Device and remain there until they are deleted. Ending the session of a given browser or switching off the Device does not delete them from the User Device. The mechanism of permanent cookies does not allow collecting any personal data or any confidential information from the User Device.
- Essential cookies – these cookies are required to enable you to use some important features of our website, such as logging in. These cookies do not collect any personal information.
- Functional cookies – these cookies provide functionality that makes using our site more convenient and enables us to provide more personalised features. For example, they can remember your name and email address in comment forms, so you don’t have to re-enter this information the next time you comment.
- Analytical cookies – these cookies are used to track the usage and performance of our website and services
- Advertising cookies – these cookies are used to deliver advertising that is relevant to you and your interests. In addition, they are used to limit the number of times you see an advertisement. They are usually placed on the website by advertising networks with the permission of the website operator. These cookies remember that you have visited the website and this information is shared with other organisations such as advertisers. Often targeting or advertising cookies are linked to website features provided by another organisation.
You can delete cookies stored on your computer using your browser settings. Alternatively, you can control some third-party cookies by using a privacy-enhancing platform such as optout.aboutads.info or youronlinechoices.com. For more information on cookies, visit allaboutcookies.org.
See how to disable the cookie mechanism:
Persooa sp. z oo
Rondo ONZ 1
Data Protection Officer:
- Act of 23 April 1964. – Civil Code,
- Act of 2 March 2000 on the protection of certain consumer rights and liability for damage caused by a dangerous product,
- The Act of 27 July 2002 on special conditions of consumer sale and amendments to the Civil Code,
- Act of 18 July 2002 on the provision of services by electronic means,
- Act of 10 May 2018 on the protection of personal data,
You can always ask us a question via the contact form.
Skontaktuj się z Persooa