SIGN IN
Donate
English
English
Polish
Toggle navigation
ABOUT US
TRAINING
DZIAŁALNOŚĆ WYDAWNICZA
NAUCZANIE PRZEDSZKOLNE
3 - 4 LATKI
5 - 6 LATKI
I ETAP EDUKACYJNY
1 KLASA
2 KLASA
3 KLASA
II ETAP EDUKACYJNY
4 KLASA
5 KLASA
6 KLASA
7 KLASA
8 KLASA
SZKOŁA ŚREDNIA
1 KLASA LICEUM
MATERIAŁY DODATKOWE
ROZWAŻANIA DLA DZIECI
MATERIAŁY WAKACYJNE
MATERIAŁY ŚWIĄTECZNE
GRY DYDAKTYCZNE
CONTACT US
Home
Privacy Policy
Useful Information
Mission
Doctrine
Data Protection
Cookies Policy
Privacy Policy
Return Policy
This Privacy Policy sets out the rules for the processing of personal data obtained via the website tajemnicepokolen.org (hereinafter referred to as the " Website "). The owner of the website and the data controller is MISJA POKOLEŃ, NIP: 6761050434, hereinafter referred to as the Controller.
Personal data collected by the Administrator via the Website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), also referred to as the GDPR. The Administrator takes special care to respect the privacy of Customers visiting the Website.
1. Type of data processed, purposes and legal basis
The Administrator collects information on natural persons performing legal acts not directly related to their business activity, natural persons conducting business or professional activity on their own behalf, and natural persons representing legal persons or organizational units that are not legal persons, to which the law grants legal capacity, conducting business or professional activity on their own behalf, hereinafter collectively referred to as Customers.
Customers' personal data are collected in the event of:
using the contact form service on the Website for the purpose of performing a contract provided electronically. Legal basis: necessity for the performance of the contract for the provision of the contact form service (Article 6, paragraph 1, letter b of the GDPR)
When using the contact form service, the Customer provides the following data:
email address
name
phone number
When using the Website, additional information may be downloaded, in particular: the IP address assigned to the Customer's computer or the external IP address of the Internet provider, domain name, browser type, access time, type of operating system.
Navigational data may also be collected from Customers, including information about the links and hyperlinks they choose to click on or other actions they take on the Website. Legal basis – legitimate interest (Article 6, paragraph 1, letter f of the GDPR), consisting in facilitating the use of services provided electronically and improving the functionality of these services.
The provision of personal data to the Administrator is voluntary.
2. Who is the data shared or entrusted to and how long is it stored?
The Customer's personal data is transferred to service providers used by the Administrator to operate the Website. Depending on contractual arrangements and circumstances, the service providers to whom personal data is transferred are either subject to the Administrator's instructions regarding the purposes and methods of processing such data (processors) or independently determine the purposes and methods of processing (controllers).
1.1. Processors
The Controller uses suppliers who process personal data solely at the Controller's request. These include, among others, suppliers of hosting services, accounting services, marketing systems, Website traffic analysis systems, and marketing campaign effectiveness analysis systems.
1.2. Administrators
The Administrator uses suppliers who do not act solely on instructions and independently determine the purposes and methods of using Customers' personal data. They provide electronic payment and banking services.
Location
Service providers are based primarily in Poland and other countries of the European Economic Area (EEA).
Customers' personal data are stored:
3.1. If consent is the basis for personal data processing, the Customer's personal data will be processed by the Controller until consent is revoked, and after revocation, for a period corresponding to the limitation period for claims that may be brought by the Controller and against it. Unless specific provisions provide otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to business operations, three years.
3.2. If the basis for data processing is the performance of a contract, the Client's personal data is processed by the Controller for as long as necessary to perform the contract, and thereafter for a period corresponding to the limitation period for claims. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business – three years.
In the event of a request, the Controller makes personal data available to authorized state authorities, in particular organizational units of the Prosecutor's Office, the Police, the President of the Office for Personal Data Protection, the President of the Office of Competition and Consumer Protection or the President of the Office of Electronic Communications.
3. Cookie mechanism, IP address
The website uses small files called cookies. They are stored by the Administrator on the end device of the website visitor, if the web browser allows it. A cookie typically contains the name of the domain from which it originates, its expiration time, and an individual, randomly selected number identifying the file. Information collected using this type of file helps tailor the products offered by the Administrator to the individual preferences and actual needs of website visitors.
The Administrator uses two types of cookies:
2.1. Session cookies: after the browser session ends or the computer is turned off, the stored information is deleted from the device's memory. The session cookie mechanism does not allow the collection of any personal data or any confidential information from Customers' computers.
2.2. Persistent cookies: These cookies are stored in the memory of the Customer's end device and remain there until they are deleted or expire. The persistent cookie mechanism does not allow the collection of any personal data or any confidential information from the Customer's computer.
The Administrator uses its own cookies for the following purposes:
3.1. analyses, research and audience audits, in particular to create anonymous statistics that help understand how Customers use the Website, which enables the improvement of its structure and content.
The Administrator uses external cookies for the following purposes:
4.1. presenting a map indicating the location of the Controller's office on the Website's information pages, using the website maps.google.com (external cookie administrator: Google Inc., based in the USA)
The cookie mechanism is safe for the computers of Customers visiting the Website. In particular, it is impossible for viruses or other unwanted software or malware to enter Customers' computers this way. However, Customers have the option of limiting or disabling cookie access to their computers in their browsers. If this option is used, the Website will still be usable, except for functions that, by their nature, require cookies.
The Administrator may collect Customer IP addresses. An IP address is a number assigned to the computer of a Website visitor by the Internet service provider. The IP number enables access to the Internet. In most cases, it is assigned to the computer dynamically, meaning it changes with each Internet connection and is therefore generally treated as non-personally identifiable information. The Administrator uses the IP address to diagnose technical problems with the server, create statistical analyses (e.g., to determine which regions receive the most visits), as information useful in administering and improving the Website, as well as for security purposes and to identify server-burdening, unwanted automated programs used to view Website content.
4. Rights of data subjects
Right to withdraw consent – legal basis: Article 7(3) of the GDPR.
1.1. The Client has the right to withdraw any consent he has given
1.2. Withdrawal of consent takes effect from the moment of withdrawal of consent.
1.3. Withdrawal of consent does not affect the processing carried out by the Administrator in accordance with the law before its withdrawal.
1.4. Withdrawal of consent does not entail any negative consequences for the Customer, but may prevent further use of services or functionalities which, according to the law, the Administrator may only provide with consent.
Right to object to data processing – legal basis: Article 21 GDPR.
2.1. The Customer has the right to object at any time – for reasons related to his or her particular situation – to the processing of his or her personal data, including profiling, if the Controller processes his or her data based on a legitimate interest, e.g. marketing of the Controller's products and services, maintaining statistics on the use of individual functionalities of the Website and facilitating the use of the Website, as well as satisfaction surveys.
2.2. Opting out of receiving marketing communications regarding products or services via email will constitute the Customer's objection to the processing of his or her personal data, including profiling, for these purposes.
2.3. If the Customer's objection proves to be justified, the Administrator will have no other legal basis for processing the personal data, and the Customer's personal data to which the Customer has objected will be deleted.
Right to erasure (“right to be forgotten”) – legal basis: Article 17 GDPR.
3.1. The Customer has the right to request the deletion of all or some of their personal data.
3.2. The Customer has the right to request the deletion of personal data if:
3.2.1. the personal data are no longer necessary for the purposes for which they were collected or processed
3.2.2. withdrew a specific consent to the extent that personal data were processed based on his/her consent
3.2.3. objected to the use of his/her data for marketing purposes
3.2.4. personal data are processed unlawfully
3.2.5. personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State to which the Controller is subject
3.2.6. personal data were collected in connection with the provision of information society services
3.3. Despite a request to delete personal data, in connection with an objection or withdrawal of consent, the Controller may retain certain personal data to the extent that processing is necessary to establish, pursue, or defend legal claims, as well as to comply with a legal obligation requiring processing under EU or Member State law to which the Controller is subject. This applies in particular to personal data including: first name, last name, and email address, which are retained for the purpose of handling complaints and claims related to the use of the Controller's services, and additionally, residential/mailing address and order number, which are retained for the purpose of handling complaints and claims related to concluded sales contracts or the provision of services.
Right to restrict data processing – legal basis: Article 18 GDPR.
4.1. The Customer has the right to request the restriction of the processing of their personal data. Submitting a request, until it is considered, prevents the use of certain functionalities or services that would involve the processing of the data covered by the request. The Administrator will also not send any communications, including marketing communications.
4.2. The Customer has the right to request the restriction of the use of personal data in the following cases:
4.2.1. when the data subject questions the accuracy of his/her personal data – the Controller limits their use for the time needed to verify the accuracy of the data, but no longer than for 7 days
4.2.2. when the data processing is unlawful and instead of deleting the data, the Customer requests the restriction of their use
4.2.3. when personal data are no longer necessary for the purposes for which they were collected or used, but are still needed by the Client to establish, pursue or defend claims.
4.2.4. when he has objected to the use of his data – then the restriction takes place for the time needed to consider whether – due to the specific situation – the protection of the Client's interests, rights and freedoms outweighs the interests pursued by the Controller in processing the Client's personal data.
Right of access to data – legal basis: Article 15 GDPR.
5.1. The Customer has the right to obtain confirmation from the Controller as to whether or not he is processing personal data, and if so, the Customer has the right to:
5.1.1. Access your personal data
5.1.2. obtain information about the purposes of processing, the categories of personal data being processed, the recipients or categories of recipients of this data, the planned period of storage of the Customer's data or the criteria for determining this period (when determining the planned period of data processing is not possible), the Customer's rights under the GDPR and the right to lodge a complaint with a supervisory authority, the source of this data, automated decision-making, including profiling, and the safeguards applied in connection with the transfer of this data outside the European Union
5.1.3. obtain a copy of your personal data.
Right to rectification – legal basis: Article 16 of the GDPR.
6.1. The Customer has the right to request immediate rectification of inaccurate personal data concerning them by the Controller. Taking into account the purposes of processing, the Customer whose data is processed has the right to request the completion of incomplete personal data, including by providing an additional statement, by sending a request to the email address specified in §6 of the Privacy Policy.
Right to data portability – legal basis: Article 20 GDPR.
7.1. The Customer has the right to receive their personal data provided to the Controller and then have it transferred to another personal data controller of their choice. The Customer also has the right to request that the Controller send their personal data directly to such controller, if technically feasible. In such a case, the Controller will transfer the Customer's personal data in a CSV file, which is a commonly used, machine-readable format that allows the data to be transferred to another personal data controller.
If the Customer exercises the above rights, the Administrator will either comply with the request or refuse to comply with it immediately, but no later than one month after receiving it. However, if – due to the complex nature of the request or the number of requests – the Administrator is unable to comply with the request within one month, it will comply within the next two months, informing the Customer within one month of receiving the request of the intended extension and the reasons therefor.
The Customer may submit complaints, inquiries and requests to the Administrator regarding the processing of his personal data and the exercise of his rights. The Customer has the right to lodge a complaint with the President of the Personal Data Protection Office regarding a violation of his or her rights to personal data protection or other rights granted under the GDPR.
5. Changes to the Privacy Policy
The Privacy Policy may change, of which the Administrator is not obliged to inform.
Please send any questions regarding the Privacy Policy to: biuro misjapokolen.org
Last modified: November 18, 2022
