EURODEBT.EU PRIVACY POLICY
Wprowadzenie
Policy. This document, hereinafter referred to as "Privacy policy”, sets out the rules for the processing of personal data of people visiting and using the website https://eurodebt.eu or a dedicated web application, hereinafter jointly referred to as "portal.” These persons will be hereinafter referred to as "Users".
Administrator. The owner of the Portal and at the same time personal data administrator within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation data), hereinafter referred to as "RODO"), Is Eurodebt limited liability company with its registered office in Warsaw (00-095) at Plac Bankowy 2, NIP 6182186461, hereinafter referred to as "administrator. "
Data Protection Officer. The Administrator has appointed a data protection officer who should be contacted regarding any questions related to the processing of personal data by the Administrator, as well as in order to exercise the rights of natural persons on the basis of RODO. To contact the data protection officer, please send an e-mail to: inspector@eurodebt.eu.
Purposes and scope of data processed via the Portal
Users' personal data is processed via the Portal for the following purposes:
- registering an account on the Portalleading to the creation of an individual User account and the management of this account. Legal basis: article 6 sec. 1 lit. b) RODO;
- enabling the use of the functionality of the Portal. Legal basis: article 6 sec. 1 lit. b) RODO;
- contacting the User and handling complaints. Legal basis: art. 6 sec. 1 lit. to beat) RODO.
- pursuing possible claims from the User, arising in particular as a result of unlawful or unlawful use of the Portal. Legal basis: article 6 sec. 1 lit. f) RODO.
The User's personal data will not be profiled.
In order to achieve the above-mentioned goals, the following categories of User's personal data will be subject to processing:
- first name and last name,
- company name (if any),
- Address for correspondence,
- e-mail adress,
- Phone number.
The User provides the above-mentioned personal data at the time of registering an account on the Portal. Providing personal data is voluntary, but necessary to provide the User with services via the Portal.
Cookies. When using the Portal, additional information may be downloaded, in particular: the IP address assigned to the User's computer or the external IP address of the Internet provider, domain name, browser type, access time, operating system type. Rules for the processing of the above categories of personal data are specified in cookie policy available HERE.
Users' rights resulting from RODO
- Right of access to data. Legal basis: art. 15 RODO.
The User has the right to obtain confirmation from the Administrator whether he processes personal data, and if this is the case, the User has in particular the right to obtain:
- access to your personal data;
- information about the purposes of processing, categories of personal data being processed, about the recipients or categories of recipients of this data, the planned period of storing the User's data or about the criteria for determining this period (when determining the planned period of data processing is not possible), about the rights of the User under RODO and about the right to lodge a complaint with the supervisory authority, about the source of this data, about automated decision-making, including profiling, and about the safeguards applied in connection with the transfer of this data outside the European Union;
- a copy of your personal data.
- Right to rectification. Legal basis: art. 16 RODO.
The User has the right to request the Administrator to immediately rectify his personal data if he finds that they are incorrect. Taking into account the purposes of processing, the User has the right to request completion of incomplete personal data, including by submitting an additional statement, sending a request to the e-mail address: inspector@eurodebt.eu.
- Right to erasure ("right to be forgotten"). Legal basis: art. 17 RODO.
The user has the right to request the deletion of personal data, in particular if:
- the personal data are no longer necessary for the purposes for which they were collected or processed;
- withdrew a specific consent to the extent that personal data was processed on its basis;
- objected to the use of his data for marketing purposes;
- personal data is processed unlawfully;
- personal data must be deleted in order to comply with a legal obligation provided for in Union law or the law of a Member State to which the Administrator. subject to;
- the personal data has been collected in relation to the offering of information society services.
- Right to restriction of data processing. Legal basis: art. 18 RODO.
- The user has the right to request the restriction of the processing of his personal data. Submitting a request, until it is considered, prevents the use of specific functionalities or services, the use of which will involve the processing of data covered by the request. The administrator will also not send any messages, including marketing ones.
- The user has the right to request the restriction of the use of personal data when:
- questions the correctness of their personal data - then the Administrator limits their use for the time needed to verify the correctness of the data, but not longer than for 7 days;
- data processing is unlawful, and instead of deleting the data, the User requests restriction of their processing;
- personal data are no longer necessary for the purposes for which they were collected or used, but they are needed by the User to establish, pursue or defend claims;
- objected to the use of his data - then the restriction takes place for the time needed to consider whether - due to the particular situation - the protection of the interests, rights and freedoms of the User outweighs the interests pursued by the Administrator when processing the User's personal data.
- Right to data portability. Legal basis: art. 20 RODO.
The User has the right to receive his personal data that he provided to the Administrator, and then send it to another personal data administrator of his choice. The User also has the right to request that personal data be sent by the Administrator directly to such an administrator, if it is technically possible. In this case, the Administrator will send the User's personal data in the form of a file in the .csv format, which is a commonly used, machine-readable format and allows the received data to be sent to another personal data administrator.
- Right to object to data processing. Legal basis: art. 21 RODO.
- The User has the right to object at any time - for reasons related to his particular situation - to the processing of his personal data, including profiling, if the Administrator processes his data based on a legitimate interest, e.g. marketing of the Administrator's products and services, keeping usage statistics individual functionalities of the Portal and facilitating the use of the website, as well as satisfaction surveys.
- Resignation in the form of an e-mail from receiving marketing messages regarding products or services will mean the User's objection to the processing of his personal data, including profiling for these purposes.
- If the User's objection turns out to be justified and the Administrator has no other legal basis for the processing of personal data, the User's personal data will be deleted, the processing of which the User has objected to.
- The right to lodge a complaint to the President of the Office for Personal Data Protectionin the scope of violation of the User's rights to the protection of personal data or other rights granted under RODOto the address of the Personal Data Protection Office ul. Stawki 2, 00-193 Warsaw (tel. 22 531-03-00; e-mail: rekrutia@uodo.gov.pl).
Response time. In the event that the User has the right resulting from the above rights, the Administrator fulfills the request or refuses to comply with it immediately, but not later than within a month after receiving it.
However, if - due to the complicated nature of the request or the number of requests - the Administrator will not be able to meet the request within a month, he will meet them within the next two months informing the User in advance within one month of receiving the request - about the intended extension of the deadline and its reasons.
Recipients of personal data
The User's personal data is transferred to entities cooperating with the Administrator in ensuring the functioning of the Portal. These include providers providing hosting services, accounting services, marketing systems, systems for analyzing website traffic, or systems for analyzing the effectiveness of marketing campaigns;
Territorial scope of data processing
Users' personal data will be processed only within the territory of the European Economic Area (EEA).
Personal data processing time
Where the basis for the processing of personal data is agreement (Article 6(1)(a) RODO), then the User's personal data is processed by the Administrator until the consent is revoked, and after the consent is revoked, for a period of time corresponding to the period of limitation of claims that the Administrator may raise against him. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business - three years.
Where the basis for data processing is the performance of a contract (Article 6(1)(b) RODO), then the User's personal data are processed by the Administrator as long as it is necessary to perform the contract, and after that time for a period corresponding to the period of limitation of claims. Unless a special provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to running a business - three years.
In addition, despite the request to delete personal data in connection with raising an objection or withdrawing consent, the Administrator may retain certain personal data to the extent that processing is necessary to establish, pursue or defend claims, as well as to fulfill a legal obligation requiring processing on under Union law or the law of a Member State to which the Administrator is subject. This applies in particular to personal data including: name, surname, e-mail address, which data is retained for the purpose of handling complaints and claims related to the use of the Administrator's services, or additionally the address of residence / correspondence address, order number, which data are kept for the purpose of considering complaints and claims related to concluded sales contracts or the provision of services.