1. The administrator of personal data is CluePR Alicja Wysocka-Świtała Karol Świtała sc, with headquarters in Warsaw 00-696, ul. Jana Pankiewicza 1/10, NIP: 7010358540, REGON: 146369700 (hereinafter “the Administrator”).
2. The administrator runs the website www.cluepr.pl (hereinafter referred to as “Website”).
3. The Website User (hereinafter the “User”) consents to have his personal data processed by the Administrator on the terms set out in this privacy policy.
4. All statements, inquiries and information regarding personal data may be delivered to the Administrator via:
4.1.1. electronic mail to the e-mail address office@cluepr.com;
4.1.2. via the contact form at cluepr.pl/kontakt;
4.1.3. in writing addressed to the headquarters of the Administrator.
5. The User’s personal data is processed on the basis of art. 6 and other provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general regulation on data protection) (hereinafter “GDPR”).
6. The User’s personal data are processed in order to answer questions and other messages sent by the User via the contact form or electronic mail and for further contact with the User.
7. The administrator processes the following categories of User’s data:
7.1.1. first name and last name
7.1.2. e-mail address
7.1.3. place of employment
8. The recipients of the User’s personal data may be employees, contractors, subcontractors and other persons employed or cooperating with the Administrator.
9. The User’s personal data may be transferred to third countries, but only on the principles described in art. 46 of GDPR, i.e. provided the recipient ensures adequate security. In any event, the User is entitled to receive copies of his data.
10. The User’s personal data will be stored for the period necessary to achieve the purposes of data processing, i.e. during the period of communication with the User, particularly the period necessary to provide the User with all requested information. The User’s personal data will be permanently deleted when the above-mentioned period ends, unless the Administrator obtains a different basis for data processing, e,g. in connection with concluded service agreements.
11. The User has the right to:
11.1.1. obtain from the Administrator a confirmation whether personal data concerning him are being processed by the Administrator;
11.1.2. receive a copy of the processed data;
11.1.3. obtain from the Administrator all information covered by this Privacy Policy.
12. The User has the right to request the Administrator to immediately correct personal data concerning him which is incorrect. Taking into account the purposes of processing, the User has the right to request filling in incomplete personal data, e.g. by providing an additional statement.
13. The User has the right to request the Administrator to delete personal data concerning him immediately, and the Administrator is obliged to delete personal data without undue delay (subject to the exceptions provided by law) if one of the following circumstances occurs:
13.1.1. personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
13.1.2. The user has withdrawn the consent on which the processing is based and there is no other legal ground for processing;
13.1.3. The User raises an objection referred to in point 18 or 19;
13.1.4. personal data have been processed unlawfully;
13.1.5. personal data must be removed in order to comply with a legal obligation under Union law or the law of the Member State to which the Administrator is the subject;
13.1.6. personal data were collected in relation to offering services of information society directly to the child, based on the consent of the child or his / her parent (guardian).
14. The User has the right to request the Administrator to limit processing in the following cases:
14.1.1. when the User questions the correctness of personal data – for a period allowing the Administrator to check the correctness of such data;
14.1.2. when the processing is unlawful and the User opposes the removal of personal data, requesting instead to limit their use;
14.1.3. when the Administrator no longer needs personal data for processing, but it is needed by the User to establish, assert or defend claims;
14.1.4. when the User has lodged an objection referred to in item 18 – until it is determined whether the legitimate grounds on the part of the Administrator are overriding the grounds for objection of the data subject.
15. The User has the right to receive in a structured, commonly used machine-readable format personal data that he provided to the Administrator, and has the right to send this personal data to another data administrator without any problems on the part of the Administrator to whom this personal data was provided. By exercising the right to transfer data, the User has the right to request that personal data be sent by the Administrator directly to another administrator of personal data, if it is technically possible.
16. The User has the right to object at any time – for reasons related to his specific situation – to the processing of his personal data based on legitimate interests pursued by the Administrator or by a third party. The administrator is no longer allowed to process such personal data, unless he demonstrates the existence of valid legally valid grounds for processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims.
17. The User has the right to object at any time to the processing of personal data concerning him for the purpose of direct marketing, and the Administrator is obliged to take into account such objection.
18. The User may at any time withdraw consent to the processing of data. However, it should be remembered that the withdrawal of consent does not affect the lawfulness of the processing that was carried out before the consent was withdrawn.
19. The User has the right to lodge a complaint with the supervisory body, in particular in the Member State of his habitual residence, his place of work or the place where the alleged infringement was committed, if he thinks that the processing of personal data concerning him violates the provisions of the GDPR.