PERSONAL DATA CONTROLLER
- The Controller of personal data of Customers–natural persons is MRT Philosophy Sp. z o.o. with its registered office in Łódź, ul. Traktorowa 126 apartment 501, entered into the register of entrepreneurs in the District Court for Łódź Śródmieście in Łódź, 20th Commercial Division of the National Court Register, KRS number: 0000464699, NIP (Tax Identification Number): 9471982421, REGON (National Business Reg. No.): 101617662. Contact with the Controller is also possible via electronic mail: firstname.lastname@example.org
REQUIREMENT TO PROVIDE AND CATEGORIES OF PERSONAL DATA PROCESSED
- The Controller processes the following personal data of Customers:
- e-mail address,
- Providing personal data specified in item 2 is not a statutory requirement and is voluntary, however, it constitutes a condition for the conclusion of a Service Provision Agreement, hereinafter referred to as “Agreement”, with the Controller. If the Customer fails to provide the data, the Agreement will not be concluded.
- During the term of the Agreement, the Controller may obtain other data of a Customer, e.g. IP number used by the Customer or data concerning the Customer’s use of a specific IT network, software or terminal equipment, as well as a way of using the website of the Controller.
PURPOSES OF PERSONAL DATA PROCESSING
- The Controller processes personal data of Customers for the following purposes:
- conclusion and performance of the Agreement binding both parties, in particular, ensuring appropriate quality of services and handling complaints,
- pursuing claims and defence against them,
- detecting and preventing abuse,
- direct marketing,
- creating analyses and statistics, for the Controller’s own needs, in particular, reporting, marketing research and market investigation, service development planning, determining Customer’s preferences and behaviour, for the purposes of improvement of quality of services provided by the Controller,
- specified in items 5e and f after termination of the Agreement – upon the Customer’s consent,
- providing to third parties – upon the Customer’s consent, in the scope and for the purpose covered by the consent.
LEGAL BASIS FOR PERSONAL DATA PROCESSING
- The legal basis for the processing of data of the Customers for the purpose specified:
- in item 5a – constitutes Article 6.1 (b) of GDPR (performance of the Agreement),
- in item 5b – constitutes Article 6.1 (c) of GDPR (legal obligation),
- in items 5c–f – constitutes Article 6.1 a of GDPR (legally justified interest of the Controller),
- in items 5g and h – constitutes Article 6.1 (a) of GDPR Customer’s consent).
DURATION OF STORAGE OF PERSONAL DATA
- The Controller will store personal data processed for the purpose specified:
- in item 5a – for the term of the Agreement and settlements after its termination,
- in item 5b – for the time the Controller is required to do so under the provisions of law,
- in items 5c and d – until the period of limitations has expired for any and all claims resulting from the Agreement,
- in items 5e and f – for the term of the Agreement,
- in item 5g and h – until withdrawing the consent by the Customer.
- Pursuant to Article 19.2 of the Act on electronic provision of services, after the end of use of a service provided electronically, the Controller may process only the personal data of a Customer which are:
- necessary for the settlement of a service and pursuing claims on account of payments for the use of a service,
- necessary for the purposes of advertising, market investigation and research in the behaviour and preferences of a customer, dedicating the results to research aimed at improvement of the quality of services provided by the Controller – upon the Customer’s consent,
- necessary for explaining the circumstances of unauthorised use of a service,
- accepted for processing based on mandatory provisions of law or an agreement.
PERSONAL DATA RECIPIENTS
- The Controller shall not transfer Customers’ personal data to third parties, unless it obtains a prior, explicit consent of the Customer, or if the law or an obligation of transferring the data results from generally applicable provisions of law.
- The Controller transfers Customers’ personal data to the following processors:
- processors providing marketing and advertising services on behalf of the Controller,
- processors handling IT systems of the Controller,
- processors providing the Controller with postal, courier, payment, audit, legal assistance and accounting services.
TRANSFER OF PERSONAL DATA
TO THIRD PARTIES AND INTERNATIONAL ORGANISATIONS
- Customers’ personal data shall not be transferred outside the European Economic Area.
- The Customer shall have the following rights:
- the right to demand access to his/her data, that is, obtaining a confirmation whether the personal data processed concern him/her,
- the right to rectify data, i.e., to demand rectification of the personal data concerning him/her which are incorrect,
- the right to demand removing his/her personal data,
- the right to demand limiting his/her personal data,
- the right to raise an objection with regard to the processing of data,
- the right to data portability.
- The scope of each of the right as specified in item 12 and situations in which one may exercise them are laid down by generally applicable provisions of law, in particular, the Regulation of the European Parliament and of Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).
- The Customer may exercise his/her rights specified in item 12, by contacting the Controller in writing or sending an application to the e-mail address provided in item 1.
RIGHT TO WITHDRAW THE CONSENT
- If the processing of Customer’s personal data takes place based on his/her consent, the Customer has the right to withdraw it at any time, without affecting the legitimacy of the processing performed on its basis before its withdrawal.
- For the purposes specified in items 5c–f, the Controller may perform an automated analysis of Customers’ data and develop a forecast concerning their preferences or future behaviours. Profiling may, in particular, serve for analyses and forecasts of personal preferences or interests of Customers. This activity of the Service Provider shall not have any legal effects with regard to the Customers, or affect similarly their situation.
- For the purposes specified in items 5c–f, the Controller may use the so-called cookie files. They are small text files, sent to the terminal equipment of a Customer based on which information is collected that enables in particular identify the Customer’s terminal equipment, his/her IP number and a browser used by the Customer.
- The Customer may set his/her browser thanks to appropriate options available in order to disable automatic installation of cookies, prevent from their use or remove them from you terminal equipment. Disabling the cookies may hinder, and in some cases, prevent from using Services. The cookies support procedure differs depending on the browser used.
- Cookie files can be divided into:
- temporary (session) cookies – files temporarily stored in the browser memory which stay there until a session ends,
- persistent cookies – files staying in the browser memory as long as the browser settings selected by the Customer allows for it,
- own cookies – files managed by the Controller,
- external cookies – files managed by third parties,
- configuration cookies– files related to the navigating around the pages of the Internet website of the Controller, hereinafter referred to as “Website” and ensuring correct navigation. The allow, in particular, tracking choices made by a Customer (language choice, size of font used), recognising the computer or a mobile device used by the Customer and managing browsing session,
- essential cookies – files without which the use of the Website is impossible,
- analytic cookies – files used for the purposes of statistics and analyses,
- advertising cookies – files used for advertising purposes, e.g. in order to display personalised advertisements.
- The Website uses the cookie files listed in item 23. List of Cookies
COMPLAINT WITH A SUPERVISORY AUTHORITY
- The Customer has the right to file a complaint with the Inspector General for the Protection of Personal Data, ul. Stawki 2, 00-193 Warsaw, if the Customer thinks that the processing of his/her personal data infringes the provisions of law.
SECURING CUSTOMERS’ PERSONAL DATA
- The Service Provider applies appropriate technical and organisational measures aimed at the protection of personal data of Customers against their loss, improper use or modification. The access rights to the Customers’ personal data were limited in a restrictive manner in order to prevent from unauthorised access.
- LIST OF COOKIES
- pl – own cookies:
|Name||Type||Kind||Data which they collect||Functions|
|ci_session||Persistent||Configuration||IP address, default unique browser identifier, browser version identifier||It enables the proper functioning of the website.|
|Persistent||Configuration||IP address, default unique browser identifier, browser version identifier||It enables the proper functioning of the website.|
|PHPSESSID||Session||Variables||It enables the proper functioning of the website.|
|pll_language||Persistent||Configuration||Information on the language version||It enables the proper functioning of the website.|
|Information whether the filter panel in the application is visible or hidden.|
|cookie||Persistent||Configuration||Numeric value||Information whether the window with the information on cookies was displayed.|
- pl – external cookies:
|Name||Type||Kind||Source||Rules of application|
|_gat_gtag_UA_*||Persistent||Analytic||Google Analytics||The file is used to control the number of queries of a user’s browser to the server.|
|_ga||Persistent||Analytic||Google Analytics||The file is used to differentiate between users.|
|_gid||Persistent||Analytic||Google Analytics||The file is used to differentiate between users.|