The administrator of personal data is Dopak Sp. z o. o., ul. Sokalska 2, 54-614 Wrocław.
Subscribers can contact the administrator:
by correspondence to the above-mentioned address of the registered office;
by e-mail to the following address: email@example.com
[Purposes, legal bases and time of data processing]
a) The administrator processes the e-mail addresses of newsletter subscribers in order to perform the ordered newsletter service, provided electronically on the basis of the regulations available. The administrator processes the data:
- name and surname, company name, e-mail address;
- subscription date;
- information about sending newsletters.
c) These data are processed in accordance with Art. 6 sec. 1 lit. b GDPR in order to provide the newsletter service.
a) In order to consider the complaint, the service provider processes the personal data of subscribers submitting complaints, in particular the e-mail address, name, content of the complaint, circumstances of the event giving rise to the complaint, information obtained in the course of considering the complaint, including explaining the event giving rise to it. In the course of considering the complaint, the service provider may process a number of other information, including the user’s name and surname, information about the subscriber’s use of the newsletter service, cookies or other similar technologies, information about devices.
b) These data are processed in accordance with Art. 6 sec. 1 lit. b GDPR in order to provide the newsletter service, i.e. contracts for the provision of electronic services, in accordance with the regulations, and are processed for the time necessary to consider the complaint and not longer than for a year after the complaint procedure is completed for archiving purposes in accordance with the Accounting Act, if it is necessary to defend against any claims against the service provider, according to the information below.
3. Explanatory proceedings, pursuing claims
a) In the event of undertaking an investigation regarding a possible breach of the provisions of the regulations or provisions of law, rules of social coexistence or good manners, the administrator may process the personal data of certain subscribers until the end of the pending proceedings and until the expiry of the limitation period for the administrator’s claims against the subscriber, which is usually 3 years, but in special cases provided for by law may be longer.
b) The data will then be processed, including made available in accordance with art. 6 sec. 1 lit. f GDPR, i.e. in the legitimate interest of the administrator consisting in pursuing his claims against the user. The legitimate interest of the administrator
it will then be a priority over the rights and freedoms of the subscriber.
[Odbiorcy danych subskrybentów]
The administrator discloses the personal data of subscribers only to processors under the concluded contracts for entrusting the processing of personal data for the purpose of providing services to the administrator, e.g. hosting and operating the Website, IT services, marketing and PR services, legal or advisory services.
[Przesyłanie danych osobowych do państw trzecich]
Personal data will not be processed in third countries.
[Rights of persons whose personal data concern]
1.Every data subject has the right to:
- access – obtaining confirmation from the administrator whether or not their personal data is being processed. If data about a person is processed, he is entitled to access them and obtain the following information: about the purposes of processing, categories of personal data, recipients or categories of recipients to whom the data has been or will be disclosed, about the period of data storage or the criteria for determining them, on the right to request rectification, deletion or limitation of the processing of personal data due to the data subject, and to object to such processing (Article 15 of the GDPR);
- to receive a copy of the data – to obtain a copy of the data subject to processing, the first copy being free of charge, and the administrator may charge a reasonable fee for subsequent copies, resulting from administrative costs (Article 15 (3) of the GDPR);
- for rectification – requesting rectification of incorrect personal data concerning her or supplementing incomplete data (Article 16 of the GDPR);
- to delete data – request to delete their personal data, if the administrator no longer has a legal basis for their processing or the data is no longer necessary for the purposes of processing (Article 17 of the GDPR);
- to limit processing – requests to limit the processing of personal data (Article 18 of the GDPR), when:
a) the data subject questions the accuracy of the personal data – for a period enabling the controller to check the accuracy of the data,
b) the processing is unlawful and the data subject opposes their removal, requesting the restriction of their use,
c) the controller no longer needs these data, but they are needed by the data subject to establish, assert or defend claims,
d) the data subject has objected to the processing – pending verification whether the legitimate grounds of the controller override those of the data subject;
- for data portability – receiving in a structured, commonly used and machine-readable format personal data concerning him, which he provided to the administrator, and requesting this data to be sent to another administrator, if the data is processed on the basis of the consent of the data subject or a contract concluded with him, and if the data is processed in an automated manner (Article 20 of the GDPR);
- to object – to object to the processing of her personal data for the legitimate purposes of the administrator, for reasons related to her particular situation, including profiling. Then the controller assesses the existence of valid, legitimate grounds for processing that override the interests, rights and freedoms of data subjects, or the grounds for establishing, investigating or defending claims. If, according to the assessment, the interests of the data subject override those of the controller, the controller will be obliged to stop processing the data for these purposes (Article 21 of the GDPR).
2. In order to exercise the above-mentioned rights, the data subject should contact the administrator using the contact details provided and inform him which right and to what extent he wants to exercise.
[Prezes Urzędu Ochrony Danych Osobowych]
The data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office with its seat in Warsaw, ul. Stawki 2, which can be contacted in the following way:
by letter: ul. Stawki 2, 00-193 Warsaw;
via the electronic inbox available at: https://www.uodo.gov.pl/pl/p/kontakt;
by phone: (22) 531 03 00.
[Inspektor ochrony danych]
In any case, the data subject may also contact the controller’s data protection officer directly:
by e-mail at the following e-mail address: iod @ pl;
to the above-mentioned correspondence address with the note: Data Protection Officer.
[Zmiany polityki prywatności]
[Akty prawne przywoływane w klauzuli]
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (OJ. UE L 2016 No. 119, p. 1);
art. 74 sec. 2 point 6 of the Act of September 29, 1994. on accounting (i.e. Journal of Laws of 2018, item 395 as amended).