Who is the data controller?
The controller of the Personal Data (hereinafter referred to as the Administrator) is the company “PAR HOUSE Agency”, operating at: Rynek Główny 34/15, 31-010 Kraków, with assigned tax identification number (NIP): 6783010494, providing services electronically via the Website
How can you contact the data controller?
The Administrator may be contacted in one of the following ways
- Postal address – PAR HOUSE Agency, Rynek Główny 34/15, 31-010 Kraków
- E-mail address – firstname.lastname@example.org
- Telephone call – +48 12 612 66 08
- Contact form – available at: /contact
Has the Administrator appointed a Personal Data Inspector?
Pursuant to Article 37 RODO, the Administrator has not appointed a Data Protection Officer.
In matters concerning data processing, including personal data, you should contact the Administrator directly.
Where do we obtain personal data from and what are its sources?
Data is obtained from the following sources:
- from the data subjects
- in the case of registrations using social networks, with the informed consent of those persons, from those social networks
What is the scope of the personal data we process?
The service processes ordinary personal data voluntarily provided by the persons concerned
(E.g. name, login, email address, telephone, IP address, etc.).
What are the purposes of our data processing?
Personal data voluntarily provided by Users are processed for one of the following purposes:
- Provision of electronic services:
- The service of registration and maintenance of the User’s account on the Website and the functionalities associated with it
- Newsletter services (including sending advertising content with consent)
- Commenting on / liking posts on the Website without registering
- Administrator’s communication with Users on matters related to the Service and data protection
- Ensuring the legitimate interest of the Administrator
What are the legal bases for data processing?
The Website collects and processes Users’ data on the basis of:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Article 6(1)(a)
the data subject has given his or her consent to the processing of his or her personal data for one or more specified purposes
- article 6(1)(b)
processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
- Article 6(1)(f)
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
- Article 6(1)(a)
- Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
- Act of 16 July 2004. Telecommunications law (Journal of Laws 2004 no. 171 item 1800)
- Act of 4 February 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)
What is the legitimate interest pursued by the Administrator?
- For the purposes of possibly establishing, investigating or defending against claims – the legal basis for the processing is our legitimate interest (Article 6(1)(f) RODO) in protecting our rights, including but not limited to;
- For the purpose of risk assessment of potential customers
- In order to assess planned marketing campaigns
- In order to carry out direct marketing
For how long do we process personal data?
As a general rule, the personal data indicated are kept only for the duration of the service provided within the service provided by the Administrator. They are deleted or anonymised up to 30 days after the termination of the service (e.g. deletion of a registered user account, unsubscribing from the Newsletter list, etc.).
In exceptional situations, in order to safeguard the legitimate interest pursued by the Administrator, this period may be extended. In such a situation, the Administrator shall store the indicated data from the time of the User’s request for deletion, no longer than for a period of 3 years in the case of violation or suspected violation of the provisions of the Terms of Service by the data subject.
Who is the recipient of the data including personal data?
As a rule, the Administrator is the only recipient of the data.
However, data processing may be entrusted to other entities performing services for the Administrator in order to maintain the activity of the Service.
Such entities may include, but are not limited to:
- Hosting companies, providing hosting or related services to the Administrator
- Companies through which the Newsletter service is provided
- IT service and support companies that perform maintenance or are responsible for the maintenance of the IT infrastructure
- Companies intermediating in on-line payments for goods or services offered within the Service (in case of purchase transactions on the Service)
- Providers of mobile payments for goods or services offered through the Website (when making a purchase on the Website).
- Companies that are responsible for the Administrator’s bookkeeping (if you are making a purchase transaction on the Website)
- Companies responsible for the delivery of physical products to you (postal/courier services in the event of a purchase transaction on the Website)
Will your personal data be transferred outside the European Union?
Personal data will not be transferred outside the European Union, unless it has been published as a result of an individual action by the User (e.g. entering a comment or a post), which will make the data available to any visitor to the Website.
Will personal data be the basis for automated decision-making?
Personal data will not be used for automated decision-making (profiling).
What rights do you have in relation to the processing of personal data?
- Right of access to personal data
Users have the right to access their personal data, exercised upon request made to the Controller
- Right to rectification of personal data
Users have the right to request from the Administrator the immediate rectification of their personal data that is inaccurate and/or the completion of incomplete personal data, exercised upon request made to the Administrator
- Right to erasure of personal data
Users have the right to request from the Administrator the immediate deletion of their personal data, exercised upon request submitted to the Administrator.In the case of user accounts, the deletion of data consists in the anonymisation of data enabling the identification of the User.In the case of the Newsletter service, the User has the possibility of deleting his/her personal data himself/herself by using the link included in each e-mail message sent.
- Right to limit processing of personal data
Users have the right to restrict the processing of their personal data in the cases indicated in Article 18 of the RODO, such as questioning the correctness of their personal data, exercised upon request made to the Administrator
- Right to personal data portability
Users have the right to obtain from the Administrator, personal data concerning the User in a structured, commonly used format suitable for machine reading, exercised upon request made to the Administrator
- Right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases set out in Article 21 of the RODO, exercised upon request made to the Administrator
- Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority in charge of personal data protection.