PERSONAL DATA ADMINISTRATOR
REQUEST AND CATEGORIES OF PROCESSED PERSONAL DATA
PERSONAL DATA PROCESSING OBJECTIVES
LEGAL BASIS FOR PROCESSING OF PERSONAL DATA
TIME OF STORING PERSONAL DATA
RECIPIENTS OF PERSONAL DATA
TRANSMISSION OF PERSONAL DATA FOR THIRD COUNTRIES AND INTERNATIONAL ORGANIZATIONS
RIGHTS OF CUSTOMERS/RECIPENTS
RIGHT TO WITHDWAW THE CONSENT
COMPLAINT TO THE SUPERVISORY BODY
PERSONAL DATA OF SERVICE RECIPENTS SECURITY
- The administrator of personal data of recipients of physical persons is Polski Internet Komórkowy Sp. z o.o. with headquarters in Łódź, 90-418, al. Kościuszki 1, company documents are kept by the District Court for Łódź-Śródmieście in Łódź, XX Commercial Department of the National Court Register, entered into the Register of Entrepreneurs under No. 59523, with the tax identification number NIP 895-14-78-745, statistical number REGON 931043974. The share capital of the company is PLN 813,000. The contact with the Administrator is also possible via the e-mail address [email protected]
- The administrator processes the following personal data of the service recipients: e-mail address.
- Providing personal data specified in point 2 is not a statutory requirement and is voluntary, but it is a condition of concluding an agreement on provision of electronic services with the Administrator, hereinafter referred to as the “Agreement”. If the recipient does not provide this data, then the Agreement will not be concluded.
- During the term of the Agreement, the Administrator may enter into other data of the recipient – the IP number of the device used by the recipient and data on the recipient using a specific telecommunications network, software or devices, as well as the usege of the Administrator’s website.
- The administrator processes the personal data of the service recipients for the following purposes:
- conclusion and execution of the Contract connecting the parties, in particular a proper performance of services and consideration of complaints,
- fulfilling the legal obligations of the Administrator, in particular issuing and storing invoices and other accounting documents,
- pursuing claims and defending against them,
- detection and prevention of fraud,
- direct marketing,
- creating analyzes and statistics, for the Administrator’s own needs, in particular reporting, marketing and market research, service development planning, testing preferences and behaviors of service recipients, for the purpose of improving the quality of services provided by the Administrator,
- specified in 5e and f points after the Contract has been executed – with the consent of the recipient,
- transfer to third parties – with the consent of the recipient, to the extent and purpose covered by this consent.
- Legal basis for the processing of personal data of service recipients for the purpose defined:
- in point 5a – constitutes art. 6 par. 1 b GDPR (performance of the Contract),
- in point 5b – constitutes art. 6 par. 1 c GDPR (legal obligation),
- in points 5c-f – constitutes art. 6 par. 1 f. GDPR (legally justified interest of the Administrator),
- in points 5g and h – constitutes art. 6 par. 1 and GDPR (consent of the recipient).
- The Administrator will store personal data processed for the purpose specified:
- in point 5a – for the duration of the Agreement and settlements after its completion,
- in point 5b – for the period in which the Administrator orders the law,
- in points 5c and d – until the claims under the Agreement are time-barred,
- in points 5e and f – for the duration of the Agreement,
- in points 5g and h – until the customer withdraws his consent.
- According to art. 19 para. 2 of the Act on the provision of electronic services, after using the services, the Administrator may process only personal data of service recipients which is:
- necessary to settle the service and claim for payments for using the service,
- necessary for the purposes of advertising, market research and behavior and preferences of recipients with the purpose of research results for the purpose of improving the quality of services provided by the Administrator – with the consent of the recipient,
- necessary to explain the circumstances of unauthorized use of the service,
- allowed for processing on the basis of mandatory legal provisions or contract.
- The administrator does not provide the personal data of the service recipients to third parties, unless he obtains the prior explicit consent of the recipient or if the right or obligation to provide such data results from the generally applicable provisions of law.
- The administrator entrusts the personal data of the service recipients to the following processors:
- Providing marketing and advertising services on behalf of the Administrator,
- serving the Administrator’s IT systems,
- providing the Administrator with postal, courier, payment, audit, legal and accounting services.
- The personal data of the service buyers will not be transferred outside the European Economic Area.
- The recipient has the following rights:
- the right to request access to his data, i.e. obtain confirmation of whether personal data concerning it are processed,
- the right to rectify data, i.e. to demand the rectification of personal data concerning him that is incorrect,
- the right to request the deletion of his personal data,
- the right to demand the restriction of his personal data,
- the right to object to data processing,
- the right to transfer data.
- The scope of each of the powers specified in point 12 and the situations in which they can be exercised are determined by generally applicable laws, in particular by the GDPR.
- The Service Recipient may use the powers specified in point 12 by contacting the Administrator.
- If the processing of personal data of the recipient takes place on the basis of his consent, the service recipient has the right to withdraw it at any time without affecting the legality of the processing which was made on its basis prior to its withdrawal.
- For the purposes set out in points 5c-f, the Administrator may perform automated analysis of data of service recipients and prepare predictions about their preferences or future behaviors. Profiling may in particular be used to analyze and forecast personal preferences or interests of service recipients. Such action of the Administrator will not cause any legal consequences in relation to the service recipients, nor will it significantly affect their situation.
- For the purposes set out in points 5c-f, the Administrator may use so-called cookies. These are small text files placed on the service recipient’s device, on the basis of which information is collected that allows in particular to identify the service recipient’s device, its IP number and the browser used by the recipient.
- The service recipient can set his/her browser – thanks to the appropriate options available in it – to disable automatic installation of cookies, prevent their use or completely remove them from their device. The procedure for handling and deleting cookies varies depending on the browser used by the recipient.
- Cookies are divided into:
- temporary (session) – files temporarily contained in the browser cache, which remain in it until the session ends,
- permanent – files remaining in the browser cache as long as the browser settings selected by the recipient allow it,
- own – files managed by the Administrator,
- external – files managed by third parties,
- configuration – files related to the movement of the service recipient on the Administrator’s website and ensuring proper navigation. They allow in particular to follow the choices made by the recipient (choice of language, size of the font used), recognize the device used by the recipient and manage the browsing session,
- analytical – files used for statistical and analytical purposes,
- advertising – files used for advertising purposes, e.g. for displaying personalized ads.
- Detailed rules of operation of cookies placed on the Administrator’s website are defined below:
- The Service Recipient has the right to lodge a complaint to the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, if it considers that the processing of his personal data violates the law.
- The administrator applies appropriate technical and organizational measures to protect the personal data of service recipients against their loss, misuse or modification. The access rights to the personal data of recipients have been limited in a restrictive way so that this data is not in the hands of unauthorized persons.