Information obligation GDPR
Who is the data controller?
The Administrator of Personal Data (hereinafter referred to as the Administrator) is the company "Fala Park SP. Z O. O.", operating at the following address: ul. Poznańska 1, 64-200 Wolsztyn, with a tax identification number (NIP): 9231666353, with a KRS number: 0000329484, providing electronic services via the Website
How can I contact the data controller?
You can contact the Administrator in one of the following ways
Postal address – Fala Park SP. Z O. O., ul. Poznanska 1, 64-200 Wolsztyn
E-mail address – email@example.com
Call – +48 606 586 888
Contact form – available at: /contact
Has the Administrator appointed a Personal Data Inspector?
Pursuant to Article 4(2) of Regulation (EC) 37 GDPR, the Administrator has not appointed a Data Protection Officer.
In matters related to the processing of data, including personal data, please contact the Administrator directly.
Where do we obtain personal data from and what are their sources?
Data is obtained from the following sources:
- from data subjects
- in the case of registration using social networks, with the informed consent of those persons, from those social networks
What is the scope of personal data we process?
The website processes ordinary personal data provided voluntarily by the persons to whom they relate
(e.g. name and surname, login, e-mail address, telephone, IP address, etc.)
What are the purposes of our data processing?
Personal data voluntarily provided by Users are processed for one of the following purposes:
- Implementation of electronic services:
- Services for registration and maintenance of the User's account on the Website and functionalities related to it
- Newsletter services (including sending advertising content with consent)
- Services for commenting / liking posts on the Website without having to register
- Communication of the Administrator with Users in matters related to the Service and data protection
- Ensuring the legitimate interest of the Administrator
What are the legal bases for data processing?
The Service collects and processes users' data on the basis of:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Joke. Article 6 (1) Article 1(a)
of the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes
- Joke. Article 6 (1) Article 1(b)
processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract
- Joke. Article 6 (1) Article 1(f)
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
- Joke. Article 6 (1) Article 1(a)
- Act of 10 May 2018 on the Protection of Personal Data (OJ C 104, 11.12.2018, p. 1). 2018 item 1000)
- Act of 16 July 2004 Telecommunications Law (OJ 2004 No. 171 item. 1800)
- Act of 4 February 1994 on copyright and related rights (Journal of Laws) U. 1994 No. 24 item. 83)
What is the legitimate interest pursued by the Administrator?
- In order to possibly establish, investigate or defend against claims – the legal basis for processing is our legitimate interest (Art. Article 6 (1) 1 lit. f GDPR) to protect our rights, including but not limited to;
- To assess the risk of potential customers
- To evaluate planned marketing campaigns
- For the purpose of direct marketing
For what period of time do we process personal data?
As a rule, the indicated personal data are stored only for the period of providing the service as part of the website run by the Administrator. They are deleted or anonymized within a period of up to 30 days from the end of the provision of services (e.g. deletion of the registered user account, unsubscribing from the Newsletter list, etc.)
In exceptional situations, in order to secure the legitimate interest pursued by the Administrator, this period may be extended. In such a situation, the Administrator will store the indicated data from the time of the request to delete them by the User, no longer than for a period of 3 years in the event of a breach or suspicion of violation of the provisions of the website regulations by the data subject.
Who is the recipient of the data, including personal data?
As a rule, the only recipient of data is the Administrator.
However, data processing may be entrusted to other entities providing services to the Administrator in order to maintain the operation of the Website.
Such entities may include, among others:
- Hosting companies providing hosting services or related services to the Administrator
- Companies through which the Newsletter service is provided
- Companies intermediating in on-line payments for goods or services offered on the Website (in the case of making a purchase transaction on the Website)
Will your personal data be transferred outside the European Union?
Personal data will not be transferred outside the European Union, unless they have been published as a result of an individual action of the User (e.g. entering a comment or post), which will make the data available to every person visiting the website.
Will personal data be the basis for automated decision-making?
Personal data will not be used for automated decision-making (profiling).
What are your rights related to the processing of personal data?
Right of access to personal data
Users have the right to gain access to their personal data, implemented at the request submitted to the Administrator
Right to rectification of personal data
Users have the right to request from the Administrator immediate rectification of personal data that are incorrect or / or supplement incomplete personal data, carried out at the request submitted to the Administrator
Right to erasure of personal data
Users have the right to request from the Administrator the immediate deletion of personal data, carried out at the request submitted to the Administrator.
In the case of user accounts, the deletion of data consists in anonymizing data enabling the identification of the User.
In the case of the Newsletter service, the User has the option of deleting their personal data themselves using the link placed in each e-mail sent.
Right to restriction of processing of personal data
Users have the right to limit the processing of personal data in the cases indicated in Article 1. 18 GDPR, m.in. to question the accuracy of personal data, implemented upon request submitted to the Administrator
Right to portability of personal data
Users have the right to obtain from the Administrator, personal data concerning the User in a structured, commonly used and machine-readable format, implemented at the request submitted to the Administrator
Right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases specified in Article 2. 21 GDPR, implemented on request submitted to the Administrator
Right to lodge a complaint
Users have the right to lodge a complaint with the supervisory body dealing with the protection of personal data.
[/ html] [/ background_width] [/ section] [/ align_content]