The following information is a concise, understandable, and transparent summary of the information contained in the Privacy Policy regarding the Data Controller, the purpose and method of processing personal data, and your rights in relation to this processing, in the form required to fulfill the information obligation under GDPR. Details on the processing method and entities involved in this process are available in the indicated policy.
Who is the data controller?
The Data Controller (hereinafter referred to as the Controller) is the company “ZP20 Piotr Markowski”, operating at the address: Al. KEN 36 / 112B, WARSZAWA, with the assigned tax identification number (TID): 9482256434, providing services electronically through the Service
How can you contact the data controller?
You can contact the Controller in one of the following ways:
- Postal address – ZP20 Piotr Markowski, Al. KEN 36 / 112B, WARSZAWA
- Email address – office@zp20.pl
- Phone call – +48 733 644 002
- Contact form – available at: /en/contact
Has the Controller appointed a Data Protection Officer?
The Controller has appointed a Data Protection Officer, who is Piotr Markowski.
The Officer can be contacted via:
- email at: iod@zp20.pl,
- phone at: +48 530 909 998,
- or by writing to the following addressat Al. KEN 36 / 112B, WARSZAWA.
The Data Protection Officer can be contacted on all matters regarding the processing of personal data.
Where do we get personal data from and what are their sources?
Data is obtained from the following sources:
- from the individuals to whom the data pertains
- in the case of registration using social media, with the conscious consent of these individuals, from those social media
What is the scope of the personal data we process?
The service processes basic personal data, voluntarily provided by the individuals concerned
(e.g. name, username, email address, phone number, IP address, etc.)
The detailed scope of the processed data is available in the Privacy Policy.
What are the purposes of processing our data?
Personal data voluntarily provided by Users is processed for one of the following purposes:
- Provision of electronic services:
- Registration and maintenance of a User account in the Service and related functionalities
- Newsletter service (including sending advertising content with consent)
- Commenting / liking posts in the Service without registration
- Communication between the Controller and Users regarding the Service and data protection
- Ensuring the legitimate interests of the Controller
What are the legal bases for data processing?
The Service collects and processes Users data based on:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- art. 6 sec. 1 lit. a
the data subject has given consent to the processing of their personal data for one or more specific purposes - art. 6 sec. 1 lit. b
processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract - art. 6 sec. 1 lit. f
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
- art. 6 sec. 1 lit. a
What is the legitimate interest pursued by the Controller?
- For the purpose of possible determination, investigation, or defense against claims – the legal basis for processing is our legitimate interest (art. 6 sec. 1 lit. f) GDPR) consisting in protecting our rights, including but not limited to;
- For the purpose of assessing the risk of potential clients
- For the purpose of evaluating planned marketing campaigns
- For the purpose of direct marketing
For how long do we process personal data?
As a rule, the indicated personal data is stored only for the duration of the service provided within the Service by the Controller. They are deleted or anonymized within 30 days from the end of the service (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.)
In exceptional situations, in order to secure the legitimate interest pursued by the Controller, this period may be extended. In such a case, the Controller will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the event of a breach or suspicion of a breach of the Service`s terms by the person to whom the data pertains.
Who is the recipient of the data, including personal data?
As a rule, the only recipient of the data is the Controller.
However, the processing of data may be entrusted to other entities providing services to the Controller in order to maintain the operation of the Service.Such entities include, among others:
- Hosting companies providing hosting or related services for the Controller
- Companies through which the Newsletter service is provided
Will your personal data be transferred outside the European Union?
Personal data will not be transferred outside the European Union, unless they have been published as a result of individual action by the User (e.g., posting a comment or entry), which will make the data available to any visitor to the service.
Will personal data be used for automated decision-making?
Personal data will not be used for automated decision-making (profiling).
What rights do you have regarding the processing of personal data?
- Right of access to personal data
Users have the right to access their personal data, realized upon request submitted to the Controller - Right to rectification of personal data
Users have the right to request the Controller to immediately rectify personal data that is incorrect or / and complete incomplete personal data, realized upon request submitted to the Controller - Right to erasure of personal data
Users have the right to request the Controller to immediately erase personal data, realized upon request submitted to the Controller.
In the case of user accounts, data deletion involves anonymization of data enabling User identification.
In the case of the Newsletter service, the User can independently delete their personal data using the link provided in each sent email. - Right to restriction of processing of personal data
Users have the right to restrict the processing of personal data in the cases indicated in art. 18 of GDPR, e.g., questioning the correctness of personal data, realized upon request submitted to the Controller - Right to data portability
Users have the right to obtain from the Controller the personal data concerning the User in a structured, commonly used format suitable for machine reading, realized upon request submitted to the Controller - Right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases specified in art. 21 of GDPR, realized upon request submitted to the Controller - Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority dealing with data protection.
Generated by: GDPR Information Creator