REGULATIONS FOR THE PROTECTION / PROCESSING OF PERSONAL DATA

 

  1. GENERAL PROVISIONS
  1. This Privacy Policy sets out the rules for the protection of privacy (i.e. rules for the collection, use, processing and protection) of users’ personal data (“Users”) of the website available at www.palacboglewice.pl (hereinafter referred to as the “Website”), which is the property of the Artis Foundation Causae with headquarters in Warsaw.
  2. The administrator of personal data of Website users within the meaning of art. 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (“GDPR” ) is the Artis Causae Foundation with headquarters in Warsaw, address: ul. Nowogrodzka 10/8, 00-511 Warsaw, operating under the REGON number: 141 317 325; NIP (tax identification number): 701 010 95 12, e-mail address: kontakt@palacboglewice.com, phone number: +48 605 078 650, Website owner (“Administrator”).

 

  1. SCOPE OF COLLECTED DATA
  1. The Administrator collects Users’ personal data to the extent required for contact in order to submit an offer of the Boglewice Palace.
  2. The scope of collected data includes: name and surname, e-mail address, phone number, company name, bank account number, TIN. The scope of processed data depends on the type of service selected by the User.

 

  1. PURPOSE OF DATA PROCESSING
  1. The administrator processes Users’ personal data only for the purpose of:
    • use of personal data for telephone consultation and arranging an appointment or contact via e-mail;
    • determining the appropriate variant of the Administrator’s service for the User;
    • enabling Users to use the Website, which should be understood as the implementation of services provided by the Boglewice Palace, including in particular the sending of offers related to the services provided by the Administrator in the field of photo sessions, film realizations etc. of recordings at the Palace in Boglewice, ensuring contact with the User , billing and invoicing;
    • conducting direct marketing of services provided by the Administrator, including primarily the implementation of a voluntary free newsletter service containing commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services (i.e. Journal of Laws of 2017, item 1219);
    • conducting competitions, loyalty programs or promotional campaigns organized by the Administrator;
    • ensuring the security of services provided by the Administrator by electronic means, including in particular to prevent and counteract fraud and abuse;
    • performance of obligations arising directly from applicable law;
    • statistical and archiving;
    • pursuing claims resulting from the Administrator’s business activities.
  2. The Administrator processes Users’ personal data only for the purposes indicated above.
  3. Users’ personal data will not be transferred to countries outside the European Economic Area (to countries other than European Union countries as well as Iceland, Norway and Liechtenstein).
  4. Providing data is voluntary, but necessary to provide services by the Administrator.

 

  1. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
  1. The basis for the processing of personal data is the consent of the User, in accordance with art. 6 clause 1 lit. a GDPR, which the User can always revoke;
  2. If, at any stage, a contract is concluded regarding the organization of photo sessions, filming, etc. of recordings at the Palace in Boglewice, the provided personal data will be processed as necessary for the proper performance of the ordered service, pursuant to art. 6 clause 1 lit. b GDPR.
  3. The administrator has the right to process personal data pursuant to art. 6 clause 1 lit. f GDPR, if it proves necessary for the purposes of legitimate interests pursued by the Administrator.

 

  1. USER PERMISSIONS
  1. Users’ personal data is collected at the Administrator’s seat, i.e. at the following address: Fundacja Artis Causae, ul. Nowogrodzka 10/8, 00-511 Warsaw.
  2. The User has the right to:
    • access his personal data stored by the Administrator;
    • request rectification of personal data if it believes that the personal data stored by the Administrator are out of date, incomplete or false;
    • requests to limit the processing of personal data;
    • requests to delete personal data;
    • requesting a copy of personal data;
    • object to the use of specific personal data for a specific purpose;
    • request transfer of personal data to another personal data administrator, if it is technically possible;
    • withdrawal of consent to the processing of personal data at any time (without affecting the lawfulness of the processing which was carried out on the basis of consent before its withdrawal),
  3. The User may exercise the rights referred to in point B. above by submitting to the Administrator a proper declaration of intent:
    • in person at the Administrator’s seat (Artis Causae Foundation in Warsaw, Nowogrodzka Street 10/8, 00-511 Warsaw);
    • by post to the Administrator’s registered address indicated above;
    • via email to the following address:  kontakt@palacboglewice.pl;
    • through the account panel held on the Website.
  4. The User also has the right to lodge a complaint to the supervisory body for the protection of personal data, i.e. the President of the Office for Personal Data Protection (PUODO).
  5. The Administrator reserves the right to refuse to delete User’s data, if their retention is necessary for the implementation of claims or if required by applicable law.

 

  1. COOKIES AND OPERATING DATA
  1. The website uses text files called Cookies.
  2. Cookies are saved by the server on the User’s computer.
  3. In order to use the Website, it is necessary to allow cookies to be stored on the User’s computer. Lack of permission may mean the impossibility or impediment to using the Website.
  4. Cookies are not used to collect User’s personal data.
  5. Cookies do not change the configuration of the User’s computer, they are not used to install or uninstall any computer program, they do not interfere with the integrity of the User’s system or data.
  6. The administrator reserves the right to use the services of third parties to compile statistics on the use of the website. The Administrator declares that in such a case no data identifying Users will be made available to such entities.
  7. The Website uses three types of cookies: session cookies, persistent cookies and analytical cookies. Session cookies are temporary files that are stored on the User’s end device until logging out (leaving the website). Persistent cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User. “Analytical” cookies allow better understanding of how the User interacts in the content of the website. They collect information on how the website is used, the type of page from which the User has been redirected, and the number of visits and the time of the User’s visit to the Website. This information does not record specific User’s personal data, but is used to compile statistics on the use of the website.
  8. In accordance with the applicable provisions of the Telecommunications Law of 16 July 2004 (Journal of Laws of 2014, item 243), the User has the right to decide on the access of Cookies to his computer by selecting them in his browser window.
  9. How to manage cookies – instructions from web browser manufacturers:

 

  1. IP ADDRESS
  1. The Administrator reserves the right to collect IP addresses visiting the Website’s pages, which can be helpful in diagnosing technical problems with the server, creating statistical analyzes (e.g. determining from which regions the most visits are recorded). In addition, they can be useful when administering and improving the Website’s website.

 

  1. ACCESS TO THIRD PARTY DATABASE
  1. Users’ personal data will not be disclosed by the Administrator to other entities or third parties, except in cases where:
    • The User agrees;
    • it is necessary to implement the services provided by the Administrator while respecting the principle of data minimization and limiting data processing; personal data is transferred to enterprises cooperating with the Administrator that provide specialized services – such as accounting offices, law firms and companies that help the Administrator in maintaining servers and IT systems;
    • it is necessary to ensure the security of the IT structure and necessary to fulfill the obligations arising from tax regulations;
    • it is required by applicable law or justified request of state institutions and judicial authorities;
    • enterprises providing specialist services cooperating with the Administrator – such as accounting offices, law firms and companies that help the Administrator in maintaining servers and IT systems.

 

  1. PERIOD OF STORING PERSONAL DATA
  1. Users’ personal data will be stored as long as it is necessary for the proper provision of services within the Website, as well as for a period of 6 years from the date of termination of the contract due to the applicable legal provisions regarding the limitation of civil law claims that the Administrator is entitled to against the User.
  2. All personal data processed on the basis of consent, in accordance with art. 6 clause 1 lit. and the GDPR will be stored until consent to their use is withdrawn.

 

  1. SECURITY AND PROTECTION OF PERSONAL DATA
  1. The Administrator declares that he processes Users’ personal data in accordance with the requirements of the GDPR and other applicable provisions on the protection of personal data, which supplement and / or implement the GDPR, in particular that he uses technical and organizational measures to ensure the protection of processed data adequate to the threats and categories of data covered by protection, and in particular protects Users’ personal data against disclosure to unauthorized persons, loss or damage.
  2. The administrator observes the principle of data minimization and restriction of processing for purposes necessary to ensure the security of the IT structure and fulfillment of obligations arising from tax regulations.
  3. Copies of documents are stored using external servers and carefully protected against unwanted incidents in such a way that the Administrator cooperates only with companies that are able to secure stored information using the latest and most effective technological tools and are aware of the importance of information collected by meeting the conditions specified in art. 28 GDPR.

 

  1. DISCLAIMER OF LIABILITY
  1. This Privacy Policy does not cover any information on services or goods of entities other than the Administrator, which have been posted on the pages of the Website commercially, guest-friendly, on a reciprocal basis or not intended to achieve a commercial effect.

 

  1. CONTACT
  1. All additional questions related to the Privacy Policy should be directed to the Administrator’s registered address ( Nowogrodzka Street 10/8, 00-511 Warsaw) or via e-mail address: kontakt@palacboglewice.pl.

 

  1. CHANGES TO THE PRIVACY POLICY
  1. The Administrator reserves the right to make changes to the Privacy Policy if required by law or changes introduced to the Website. The Administrator will inform the User about the planned change and the date of its entry into force via the Website’s website, the newsletter service, and in relation to registered Users, information will also be placed via the Account.
  2. The User using the Website is subject to the current Privacy Policy.
  3. The date specified below is the date of the Privacy Policy in its latest version. Date: May 25, 2018