This document is the implementation of the Administrator’s information policy towards users of the website at https://collectomate.io (Website) in all aspects of the processing and protection of personal data. We attach great importance to the protection, collection, processing and use of your personal data in accordance with applicable regulations.
1. Information on the Administrator and the collection of personal data. Source from which the personal data originate.
1.1. Administrator within the meaning of art. 4 point 7 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the Regulation) in relation to your personal data, subject to point 1.2., is COLLECTOMATE SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its seat in Łódź, registered office and address: ul. St. Teresa from Dzieciątka Jezus 100, 91-341 Łódź, registration authority, register, registry number: District Court for Łódź Śródmieście in Łódź, XX Commercial Division of the National Court Register, register of entrepreneurs of the National Court Register, KRS number: 0000714802, NIP: 9471994861; REGON: 369288788, share capital: PLN 14,500, fully paid up (hereinafter referred to as the Administrator).
1.3. Processing is based on:
a) art. 6 sec 1 poit b) of the Regulations – in the scope of personal data necessary to perform the contract, as well as in the field of personal data provided by you in order to take action at your request before the conclusion of the contract, e.g. for the purpose of contact before the conclusion of the contract, answering questions, communication, including via the contact form, messenger etc.
b) art. 6 sec 1 point. c) of the Regulations – regarding personal data, the processing of which is necessary to fulfill the legal obligation incumbent on the administrator, e.g. for issuing invoices, as well as for the purposes of accounting and financial reporting
c) art. 6 sec. 1 point f) of the Regulations – in the scope of personal data whose processing is necessary for purposes resulting from legitimate interests pursued by the Administrator, i.e. sending commercial information, as well as for direct marketing
d) art. 6 sec 1 point a) of the Regulations – if consent is given, if the processing of data is optional.
1.4. The administrator processes the personal data provided by you in the contact form or messenger in order to perform the service provided electronically – contact form or messenger. For this purpose, the Administrator collects your personal data such as: name, gender, e-mail address. Providing an e-mail address is necessary to answer the question submitted via the contact form or messenger by e-mail. Processing takes place on the basis of art. 6 clause 1 lit. b) Regulations. For further communication, the Administrator may ask for the name (contact form) and telephone number.
1.6. With regard to your personal data, the Administrator does not make automated decisions, decisions resulting from automated processing, including profiling within the meaning of the Regulation.
2. The rights of the data subject
2.1. You have the right to obtain confirmation from the Administrator whether he processes your personal data, the right to request access to this data and the right to obtain from the Administrator information regarding the purposes of processing and the categories of personal data processed, information about recipients or categories of recipients to whom personal data is disclosed, the planned period of storage of personal data, the data source in the event that it was collected not from the person to whom it relates, and information whether the Administrator makes automated decisions towards the data subject, including based on profiling. You also have the right to obtain a copy of the data.
2.2. In addition, you have the right to request the rectification of personal data, the right to request the deletion of personal data, the right to request restriction of processing, the right to transfer data and the right to object to the processing. You can exercise these rights:
2.2.1. regarding the request to rectify data: when your data is incorrect or incomplete;
2.2.2. regarding the request to delete data: when your data are no longer necessary for the purposes for which they were collected by the Administrator; you withdraw your consent to data processing; you object to the processing of your data; Your data will be processed unlawfully; the data should be deleted in order to fulfill the obligation arising from the law or the data was collected in connection with the offering of information society services;
2.2.3. in relation to the request to limit data processing: when your data is incorrect – you can request a restriction of their processing for a period allowing the Administrator to check the correctness of this data; your data is processed unlawfully, but you do not want them to be deleted; Your data will no longer be needed by the Administrator, but you will need it to determine, pursue or defend claims; or you have objected to the processing of data – until it is determined whether the legitimate grounds on the part of the Administrator prevail over the grounds for the objection;
2.2.4. in relation to the request for data transfer: when the processing of your data takes place on the basis of consent or contract granted, and when the processing takes place in an automated manner;
2.2.5. regarding the right to object: when the processing of your personal data is based on a legitimate interest and the objection is justified due to your particular situation, as well as when your personal data is processed for the purposes of direct marketing, including profiling.
2.3. You also have the right to lodge a complaint to the supervisory body if you find that the processing of personal data concerning you violates the provisions of the Regulation. In Poland, the supervisory body is the President of the Office for Personal Data Protection (ul. Stawki 2, 00-193 Warsaw).
2.4. The implemented security procedures mean that we can ask for proof of identity before exercising your rights.
3. Consent for personal data processing
3.1. If the Administrator processes personal data that are not indispensable for the performance of the service of using the Application and the contract for the use of the Application and in any other case where the processing of data is optional, data will be processed on the basis of consent, i.e. art. 6 par. 1 letter a) of the Regulation. In such case, you are always free to provide such data and you must express prior consent for personal data processing.
3.2. Consent is given after reading this policy. In this case, you consent to the collection and processing by the Administrator of the personal data is provided for the purpose expressly indicated when giving consent, in the manner specified in the consent e.g. by ticking the appropriate box.
3.3. You may withdraw your consent at any moment using the same way in which you granted your consent, i.e. by unticking the relevant box.
3.4 Besides, you may withdraw your consent by sending to the Administrator an appropriate declaration on withdrawing your consent using the method indicated in point 6 hereof.
3.5. Withdrawing your consent has no impact on the lawfulness of processing effectuated on the basis of your consent before your consent was withdrawn.
4. Information on personal data recipients/categories of personal data recipients
4.1. The Administrator also uses external service providers who may process personal data on behalf of the Administrator e.g. providers of hosting services. Transfer of data may only be done for the purpose of providing such services. The Administrator uses the services only of such entities who provide sufficient guarantee of protection of data subjects’ rights. Personal data processing by such entities is performed on the basis of written agreements concluded with the Administrator. Such entities follow the Administrator’s guidelines and are subject to the Administrator’s audits.
5. Security of personal data
5.1. The Administrator processes your personal data pursuant to the provisions of the Regulation. The Administrator uses appropriate technical and organizational measures for the purpose of ensuring security and sufficient confidentiality and integrity of personal data, including protection against unauthorized access to personal data, against illegal or unlawful processing or against accidental loss, unauthorized change, destruction or damage.
6. Contact data
6.1. Any requests, demands, notifications, or inquiries regarding personal data processing should be submitted by e-mail to firstname.lastname@example.org or by mail to the following address: COLLECTOMATE SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its seat in Łódź, ul. św. Teresy od Dzieciątka Jezus 100, 91-341 Łódź.
Valid from January 12, 2020.