Privacy Policy

Jump to content

GDPR – commentary

A continuously updated commentary on the General Data Protection Regulation.
We only write about what is important in practice.

Home Privacy Policy

Privacy Policy

1. What is the purpose of this policy?

The use of the https://komentarzRODO.pl website (hereinafter: "the Site") involves the processing of Site users’ personal data.

This policy provides information about the processing of personal data of Site users related to their use of the Site in accordance with the GDPR (i.e. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC).
 

2. What will you learn from this policy?

You will find information in this policy on:

  • Who is responsible for processing of your personal data in connection with your use of the Site (Pos. 4);
  • How to contact us (Pos. 5);
  • What are the purposes of processing your personal data (Pos. 6);
  • What rights you have in relation to our processing of your personal data (Pos. 11).
     

3. What do the terms used in this policy mean?

Here are the definitions of key terms used in this policy:

  • Data – personal data of Site users processed in connection with their use of the Site, including the elements and pages on the Site which they browse, logs, information about the devices they use, IP address, browser settings, device information (e.g. IMEI), information about errors that occurred when connecting to the Site;
  • Policy – this privacy policy;
  • Cookies Policy – a document containing information on cookies used at the Site available at: https://komentarzrodo.pl/en/cookie-policy;
  • You – the Site user.

4. Who is the controller of Site users’ personal data processed in connection with the operation of the Site?

The controller of personal data processed in connection with the use of the Site is WiW Services sp. z o.o. with its registered office in Warsaw, postal code 00-478, Al. Ujazdowskie 10 (“Data Controller” or “we”).

As the Data Controller, we are responsible for processing your Data in accordance with the law and have a number of regulatory obligations in this connection – you should contact us on any matters relating to your Data.

5. How to contact us?

In matters relating to your Data, in particular in matters relating to the exercise of your rights under the Data protection legislation referred to in Pos. 11 below, please contact us by writing to the Controller’s registered office address indicated in Pos. 4 or by email to dane.osobowe@wardynski.com.pl.
 

6. What is the purpose and basis for our processing of your Data, and what are the possible consequences of failing to provide your Data?

Purpose of Data processing

Legal basis for Data processing

Consequences of failure to provide Data

To enable you to use the Site properly and without interruption, in accordance with its features and the terms and conditions of use of the Site

GDPR Article 6(1)(b)

Data collected automatically

In some cases, to comply with our legal obligations, including tax and accounting obligations

GDPR Article 6(1)(c)

The right to request Data derives from the law. Failure to provide Data will prevent us from duly fulfilling our legal obligations and may involve other legal consequences depending on the case

In some cases, to respond to enquiries or complaints

GDPR Article 6(1)(f), i.e. our legitimate interest, including our right to respond to your requests

Your provision of Data is voluntary, but necessary to the handling of your enquiry

In some cases, to establish, exercise and  defend against claims

GDPR Article 6(1)(f), i.e. our legitimate interest, including our right to take steps to establish, exercise or defend against claims

Data collected automatically

To detect potential threats or failures to ensure the secure and undisturbed operation of the Site, in particular to detect, prevent and mitigate the effects of failures, cyber-attacks and similar incidents

GDPR Article 6(1)(f), i.e. our legitimate interest, including the right to ensure the secure and undisturbed operation of the Site

Data collected automatically

For analytical and statistical purposes to improve the Site

GDPR Article 6(1)(f), i.e. our legitimate interest, including the right to conduct analytical research to improve the Site

Data collected automatically


7. Where do we acquire Data? What are its categories?

Data Source

Data Collection Methods and Categories of Collected Data

Data collected directly from you when you use the Site (for example, when you send us an enquiry)

You provide us with your Data when by you send us an enquiry

Data that we collect automatically (without your direct involvement) when you use the Site, such as activity logs

Data may include the pages and sub-pages you view, logs, information about your device (e.g. IMEI), IP address, browser settings, information about errors that occurred during your connection to the Site, etc.


8. Will we transfer your Data to other recipients? Who can receive your Data?

In some cases, we will transfer your Data to other parties – if and to the extent permitted by data protection legislation, including compliance with any conditions imposed by such legislation.

Data may be transferred to companies that provide services to the Controller, including IT service and solution providers, marketing agencies, insurance providers, postal and courier service providers, auditors and companies belonging to the same group as the Controller.

In addition, Data may be disclosed to courts and government authorities (e.g. tax authorities) if this is necessary in connection with the defence or assertion of claims or if required by law.
 

9. Will we transfer your Data outside the European Economic Area?

We will not transfer your Data outside the European Economic Area.
 

10. How long will we keep your Data?

We will keep your Data for as long as necessary for the purposes of its collection.

This means the following:

  1. Data collected to respond to your enquiry/request will be processed until the enquiry/request has been answered and for the statutory limitation period for potential claims;
  2. Data collected for analytical and statistical purposes will be processed for the time necessary to achieve the objective of the proper functioning and development of the Site;
  3. In the case of Data processed on the basis of your consent, it will be kept for no longer than the period until you withdraw your consent;
  4. Data processed by us for the purpose of establishing, asserting or defending claims will be processed for the time necessary for this purpose, but not beyond the expiry of the statutory limitation period;
  5. Where the obligation to store Data arises from law (e.g. tax or accounting law), we will keep it for the period required by that law.
     

11. What are your rights in relation to our processing of your Data?

You have the following rights in relation to our processing of your Data: to object to the processing of your Data, to request access to your Data, to rectify, erase or restrict the processing and the right to data portability. Your ability to exercise the above rights may depend on the reason for processing the particular category of Data.

In addition, where we process Data on the basis of your consent, you have the right to withdraw your consent at any time by contacting us in writing or by email (dane.osobowe@wardynski.com.pl). Withdrawal of consent will not affect the lawfulness of any processing that took place before your consent was withdrawn.

If your Data is processed for direct marketing purposes, you have the right to object at any time to the processing for the purposes of such marketing, including profiling, insofar as the processing is related to such direct marketing.

You also have the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for the Protection of Personal Data.
 

12. Will we use your Data for automated decision-making, including profiling?

We will not use your Data for these purposes.
 

13. Policy changes

This policy may change from time to time, particularly if the operation of the Site changes (e.g. new features are added) or if legislation changes. Here is the date of the last Policy update:

The date of the Policy was last updated: 22 March 2024.