Information on the processing of personal data
According to Art. 13 par. 1 and par. 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, we provide the following information.
Purpose of this document
This document is intended for the following categories of persons: użytkownicy strony www/www users.
Data controller
Data controller of Your personal data is Bartosz Gawinkowski, Gdańsk ul. Tamka 29D50, 80-627 Polska, hereinafter referred to as the Controller. You can contact the Controller using the above traditional address or by writing to the e-mail address: admin@my.oodo.pl
The purposes of personal data processing, legal basis for the processing, the legitimate interests pursued by the Controller, the period of personal data storage, automated decision-making, the conditions and requirements for providing data and the consequences of not providing data
Below we provide detailed information on the purposes of data processing, legal basis for the data processing , the legitimate interests of the Administrator, automated decision-making - for each person and data category. Individual categories of data are stored by Controller until a given category of data is erased. Information about time limits for data erasure is provided for each category of data. If the same category of data is processed for different purposes and based on different legal grounds for this category of data, the longest period of data storage/deletion will apply.
Individual categories of persons and personal data:
Individual categories of persons and personal data:
I. Użytkownicy strony www/www users. Your personal data will be processed for the following, general purposes: analizowanie aktywności użytkowników/user's activity analysis; wypełnienie przepisów prawa/compliance with a legal obligation. Below we provide information on individual categories of personal data:
1. adres IP/IP adress, dane przeglądarki/browser data (user agent), referrer data/strona odsyłająca, data i czas wywołania strony/date and time of page load (normal data category)
purposes and legal basis of processing:
• processing is necessary for compliance with a legal obligation to which the controller is subject. Legal obligations result from following legal acts: Ogólne Rozporządzenie o Ochronie Danych/General Data Protection Regulation. The legal basis is Art. 6 par. 1 lett. c GDPR.
• processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party. The legal basis is Art. 6 par. 1 lett. f GDPR. The legitimate interests pursued by the Controller or by a third party are: analiza ruchu/traffic analysis, zabezpieczenie przed atakami na serwis/protection against attacks on the website, ochrona własnych roszczeń i praw/protection of own claims and rights.
sources the personal data originate, the conditions and requirements for providing data and the consequences of not providing data:• processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party. The legal basis is Art. 6 par. 1 lett. f GDPR. The legitimate interests pursued by the Controller or by a third party are: analiza ruchu/traffic analysis, zabezpieczenie przed atakami na serwis/protection against attacks on the website, ochrona własnych roszczeń i praw/protection of own claims and rights.
• personal data has been obtained from You. Provision of personal data is not statuatory requirement. Provision of personal data is not contractual requirement. Provision of personal data is not requirement necessary to enter into a contract. You are not obliged to provide the personal data. Consequences of failure to provide personal data are: brak możliwości korzystania ze strony/no being able to use the website.
automated decision-making: the Controller use automated decision making based on this category of data. Decisions made by the Controller are based solely on automated processing. Decisions made by the Controller do not have legal effects concerning You or do not similarly significantly affect you. Therefore, You do not have the right described in Art. 22 par. 1 GDPR to not to be subject to such decisions and You do not have the right to question such decisions based on Art. 22 GDPR.time limit for data erasure or criteria used to determine that limit: po okresie przedawnienia roszczeń/after the limitation period for legal claims.
Personal data recipients
Your personal data may be disclosed by Controller to the following recipients or categories of recipients: You; Your representatives; Controller and it's employees.
Your rights
You have the right to request the Controller to access your personal data, the right to rectify it, the right to erease it in justified cases or the right to restrict processing of data. You also have the right to object to the processing, the right to lodge a complaint with the supervisory authority, as well as the right to data portability.
Right to object
You have the right to object, on grounds relating to Your particular situation, at any time to processing of personal data concerning You which is based on Article 6 par. 1 lett. e or lett. f of GDPR, including profiling based on those provisions. The Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override Your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, You have the right to object at any time to processing of personal data concerning You for such marketing, which includes profiling to the extent that it is related to such direct marketing.
---
Polski:
Niezależnie od faktu przetwarzania wyżej wymienionych danych dane powyższe przeważnie nie będą wypełniały dla Administratora definicji danych osobowych, ponieważ Administrator nie będzie w stanie bezpośrednio lub pośrednio zidentyfikować na ich podstawie osoby fizycznej. Dane w postaci adresu IP są chronione tajemnicą telekomunikacyjną przez operatora telekomunikacyjnego i wskazują jedynie na osobę, która zawarła z operatorem telekomunikacyjnym umowę, a nie rzeczywistego użytkownika komputera czy przeglądarki.
English:
Regardless of the fact of processing the above-mentioned data, the above data will usually not meet the definition of personal data for the Controller, because the Controller will not be able to directly or indirectly identify a natural person on their basis. Data in the form of an IP address are protected usually by telecommunications secrecy by the telecommunications operator and indicate only the person who has concluded a contract with the telecommunications operator, not the actual user of the computer or browser.
Polski:
Niezależnie od faktu przetwarzania wyżej wymienionych danych dane powyższe przeważnie nie będą wypełniały dla Administratora definicji danych osobowych, ponieważ Administrator nie będzie w stanie bezpośrednio lub pośrednio zidentyfikować na ich podstawie osoby fizycznej. Dane w postaci adresu IP są chronione tajemnicą telekomunikacyjną przez operatora telekomunikacyjnego i wskazują jedynie na osobę, która zawarła z operatorem telekomunikacyjnym umowę, a nie rzeczywistego użytkownika komputera czy przeglądarki.
English:
Regardless of the fact of processing the above-mentioned data, the above data will usually not meet the definition of personal data for the Controller, because the Controller will not be able to directly or indirectly identify a natural person on their basis. Data in the form of an IP address are protected usually by telecommunications secrecy by the telecommunications operator and indicate only the person who has concluded a contract with the telecommunications operator, not the actual user of the computer or browser.