logo

PRIVACY POLICY

I. General Provisions

  1. 1. This Privacy Policy defines the method of collecting, processing and storing personal data necessary to provide electronic services via the website in the emporiumconsulting.com.pl domain (hereinafter: the Website).
  2. 2. The administrator of Users' personal data is [EMPORIUM CONSULTING SP. Z O.O., ul. Grzybowska 4/134, 00-131 Warsaw] (hereinafter: Administrator).
  3. 3. Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ EC (General Data Protection Regulation) (hereinafter: GDPR).
  4. 4. The data collected by the Administrator will be:
    • – processed in accordance with the law,
    • – processed for clearly defined purposes and not subject to further processing incompatible with these purposes,
    • – factually correct and adequate in relation to the purposes for which they are processed,
    • – stored no longer than it is necessary to achieve the purpose of processing.

II. Purpose and legal basis for data processing

  1. 1. The Administrator processes personal data necessary for the provision and development of the offered services available through the Website and its individual functionalities.
  2. 2. Personal data will be processed for the following purposes:
    1. a. account registration, verification of the User's identity and implementation of the contract for the provision of electronic services in accordance with the Act of July 18, 2002 on the provision of electronic services, including in particular by ensuring the possibility of using the User's account - based on the acceptance of the terms of the Regulations ( Article 6(1)(b) of the GDPR);
    2. b. communication with the User in order to provide him with the necessary information and build positive and reliable relations with him, which is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR);
    3. c. promoting the Administrator's own products and/or services and its Partners by sending Marketing Information (newsletter) electronically, provided that the User has agreed to receive such notifications via e-mail (Article 6(1)(a) of the GDPR);
    4. d. granting access to information about news from the industry directly related to the Administrator's activity, provided that the User has agreed to receive such notifications via e-mail (Article 6(1)(a) of the GDPR),
    5. e. for analytical and statistical purposes based on the legitimate interest of the Administrator consisting in verifying the activity of Users and their preferences for the optimization of services and products and the functionalities of the Website (Article 6(1)(f) of the GDPR);
    6. f. possible determination, pursuit of claims or defense against them based on the Administrator's legitimate interest in protecting its rights (Article 6(1)(f) of the GDPR).
  3. 3. In each of the above-mentioned cases (paragraph 2), providing data is voluntary, but necessary to conclude a contract or use other functionalities of the Website.

III. The period of personal data processing

  1. 1. Personal data will be processed for the period in which the person remains an active User of the Website (has a User account), and after that time for the period necessary to comply with the law, investigate or defend against any claims, but not longer than 3 years counted from the date of termination of the contract for the provision of electronic services.
  2. 2. Data processed on the basis of consent will be processed until the consent is withdrawn, with the proviso that the withdrawal of this consent does not affect the compliance of data processing that was carried out before this withdrawal.

IV. Processing information

  1. 1. Personal data, depending on the purpose of processing, may be disclosed:
    1. a. entities related to the Administrator
    2. b. entities cooperating with the Administrator,
    3. c. subcontractors, in particular entities providing and servicing selected IT systems and solutions,
    4. d. entities servicing online payments,
    5. e. entities providing courier a nd postal services,
    6. f. law firms.
  2. 2. Personal data processed by the Administrator will be transferred outside the European Economic Area or to international organizations.

V. Rights of data subjects

  1. 1. The Website User has the right to:
    • - access to the content of your personal data
    • - rectification of data
    • - deletion of data
    • - restrictions on data processing
    • - data portability
    • - object to processing based on the legitimate interest of the administrator
    • - withdrawal of consent at any time without affecting the lawfulness of the processing that was made on the basis of this consent before its withdrawal
  2. 2. The user has the right to lodge a complaint to the President of the Office for Personal Data Protection in a situation where he considers that the processing violates his rights and freedoms