+48 730 229 292+48 602 195 260info@gospain.pl

Privacy policy of the gospain.pl website

Gospain.pl - Monika Ziółek. Address: ul. Leśna 1, 81-876 Sopot, Tax Identification Number (NIP): 5841329439, National Business Registry Number (REGON): 220966531. E-mail: info@gospain.pl. Telephone: +48 730 229 292

  1. GENERAL PROVISIONS

    1. The controller of personal data collected through the website gospain.pl is Monika Ziółek conducting business activity under the name NM Monika Ziółek entered in the Central Register and Information on Business Activity of the Republic of Poland maintained by the minister responsible for economy, place of business: Leśna 1, 81-876 Sopot, address for service: Leśna 1, 81-876 Sopot, Tax ID: 5841329439, REGON: 220966531, email address: info@gospain.pl, hereinafter referred to as the “Controller”.
    2. Personal data collected by the Controller through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, and the Act on the Protection of Personal Data of 10 May 2018.

  2. TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION

    1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes personal data through the website gospain.pl in the case of:
      1. use of the contact form by the user. Personal data are processed on the basis of Article 6(1)(f) GDPR as the legitimate interest of the Controller.
      2. subscription by the user to the Newsletter for the purpose of sending commercial information electronically. Personal data are processed after separate consent is given, on the basis of Article 6(1)(a) GDPR.
    2. TYPE OF PERSONAL DATA PROCESSED. The Controller processes the following categories of user personal data:
      1. First and last name,
      2. Email address,
      3. Phone number,
    3. PERIOD OF PERSONAL DATA RETENTION. Personal data of users are stored by the Controller:
      1. in the case where the basis for data processing is the performance of a contract, for as long as is necessary to perform the contract, and thereafter for a period corresponding to the limitation period for claims. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic performance and claims related to business activity – three years.
      2. in the case where the basis for data processing is consent, until the consent is withdrawn, and after withdrawal of consent for a period of time corresponding to the limitation period for claims that the Controller may raise and that may be raised against it. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic performance and claims related to business activity – three years.
    4. During use of the website, additional information may be collected, in particular: IP address assigned to the user’s computer or external IP address of the Internet provider, domain name, browser type, access time, operating system type.
    5. Navigation data may also be collected from users, including information about links and references they choose to click or other actions taken on the website. The legal basis for this type of activity is the legitimate interest of the Controller (Article 6(1)(f) GDPR), consisting in facilitating the use of services provided electronically and improving the functionality of these services.
    6. Provision of personal data by the user is voluntary.
    7. Personal data will also be processed in an automated manner in the form of profiling, provided that the user consents to this on the basis of Article 6(1)(a) GDPR. The consequence of profiling will be assigning a profile to a given person for the purpose of making decisions concerning them or analyzing or predicting their preferences, behaviors and attitudes.
    8. The Controller takes particular care to protect the interests of data subjects, and in particular ensures that the data it collects are:
      1. processed in accordance with the law,
      2. collected for specified, lawful purposes and not subjected to further processing incompatible with those purposes,
      3. substantively correct and adequate in relation to the purposes for which they are processed and stored in a form enabling identification of the persons concerned, for no longer than is necessary to achieve the purpose of processing.

  3. DISCLOSURE OF PERSONAL DATA

    1. Personal data of users are transferred to service providers used by the Controller in operating the website. Service providers to whom personal data are transferred, depending on contractual arrangements and circumstances, either are subject to the Controller’s instructions regarding the purposes and methods of processing such data (processors) or independently determine the purposes and methods of their processing (controllers).
    2. Personal data of users are stored exclusively within the European Economic Area (EEA).

  4. RIGHT OF CONTROL, ACCESS TO CONTENT OF OWN DATA AND THEIR CORRECTION

    1. The data subject has the right to access the content of their personal data and the right to rectify, delete, restrict processing, the right to data portability, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
    2. Legal bases for user requests:
      1. Access to data – Article 15 GDPR
      2. Rectification of data – Article 16 GDPR.
      3. Erasure of data (the so-called right to be forgotten) – Article 17 GDPR.
      4. Restriction of processing – Article 18 GDPR.
      5. Data portability – Article 20 GDPR.
      6. Objection – Article 21 GDPR
      7. Withdrawal of consent – Article 7(3) GDPR.
    3. In order to exercise the rights referred to in point 2, an appropriate email message can be sent to: info@gospain.pl.
    4. In the event that the user exercises a right arising from the above rights, the Controller fulfills the request or refuses to fulfill it without delay, but no later than within one month of receiving it. However, if – due to the complex nature of the request or the number of requests – the Controller will not be able to fulfill the request within one month, it will fulfill it within the next two months, informing the user in advance within one month of receiving the request – of the intended extension of the deadline and its reasons.
    5. In the event that it is found that the processing of personal data violates the provisions of GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.

  5. COOKIES

    1. The Controller’s website uses “cookies”.
    2. Installation of “cookies” is necessary for the proper provision of services on the website. “Cookies” contain information necessary for the proper functioning of the website, and also provide the possibility of developing general statistics of website visits.
    3. Within the website, the following types of “cookies” are used: session and persistent
      1. “Session” “cookies” are temporary files that are stored in the user’s terminal device until logging out (leaving the website).
      2. “Persistent” “cookies” are stored in the user’s terminal device for the time specified in the parameters of the “cookies” or until they are deleted by the user.
    4. The Controller uses its own cookies to better understand the user’s interaction with the website content. The files collect information about how the user uses the website, the type of website from which the user was redirected, and the number of visits and duration of the user’s visit to the website. This information does not record specific personal data of the user, but is used to develop statistics on website usage.
    5. The user has the right to decide on the access of “cookies” to their computer by making a prior selection in their browser window. Detailed information about the possibility and methods of handling “cookies” is available in the software (web browser) settings.

  6. FINAL PROVISIONS

    1. The Controller applies technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data covered by protection, and in particular secures data against disclosure to unauthorized persons, taking by an unauthorized person, processing in violation of applicable regulations, as well as alteration, loss, damage or destruction.
    2. The Controller provides appropriate technical measures preventing the acquisition and modification by unauthorized persons of personal data transmitted electronically.
    3. In matters not regulated by this Privacy Policy, the provisions of GDPR and other applicable provisions of Polish law shall apply accordingly.