The Controller of personal data is TRIBE47 Sp. z o.o. with its registered office in Warsaw, plac Trzech Krzyży 10/14, 00-499 Warszawa, entered in the register of businesses held by the District Court for the capital city of Warsaw in Warsaw, 13th Economic Division of the National Court Register under KRS number: 0000734938, (“the Controller”). Contact with the Controller is possible by post to the above address of the Controller’s registered office or by e-mail: [email protected]
In connection with its business activity, the Controller collects and processes personal data, making every effort to ensure that the processed personal data is adequately secured. Data is collected directly from data subjects. The processing of personal data is based on the applicable law, in particular, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“the GDPR”).
The legal basis for the personal data processing is defined in Article 6 of the GDPR which governs general rules on the compliance of the personal data processing. In any case, the Controller shall process the data relevant to a given case and for the purpose for which it was collected, ensuring its appropriate protection. The controller processes personal data for the purposes related to the conducted business activity, in particular in order to:
To the extent that the data is processed for the contract performance, the provision of the data is a condition for the contract conclusion. The data provision is voluntary but necessary for the conclusion and performance of the contract. If personal data is not provided, the contract may not be concluded. Providing certain information is also a legal obligation, e.g. necessary to issue an invoice or to pay remuneration.
If personal data is collected for the purpose of performing an order or concluding a contract, the personal data is stored from the moment of data collecting until the contract termination or contract performance after the moment of its termination. In the case of personal data collection in order to fulfil obligations resulting from the law, the data shall be kept for the period of fulfilling obligations and tasks resulting from individual law provisions. In the case of personal data processing for the purposes of the legitimate Controller’s interests, the data shall be kept for no longer than is necessary to achieve these aims or until a reasoned objection is raised to the processing for such purposes.
In the case of personal data collection on the basis of consent, until the consent is revoked.
The period of personal data processing may be extended when the processing is necessary to establish, assert or defend against a possible claim, and after that period only if required by law and to the extent required by law.
You have rights to :
In addition, the data subject has the right to lodge a complaint with the supervisory authority. In Poland, since 25 May 2018, the supervisory authority has been the President of the Office for Personal Data Protection.
The platform provider for sending the email information is ActiveCampaign LLC. with the seat in the USA. Because Active Campaign is an american tool, your personal data may be transferred to third countries outside the European Economic Area (EEA) and located on servers outside the European Economic Area (EEA). You can read the system’s privacy policy here. According to the above, the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection shall be in accordance with the basis of art. 49 GDPR to fulfil contract’s obligations or your explicit consent. The Controller informs that he does not ensure an adequate level of protection of personal data. The Controller declares that he uses services offered by global suppliers of the services which are part of global organizations, such as Google Inc., operating in the European Economic Area (“EEA”), and which may transfer data from the EEA outside the EEA . These companies offer the Controller cloud solutions and declare that they implemented appropriate level of protection and adequate security resulting from the GDPR. The processing of personal data also takes place on the basis of standard contractual clauses which are part of the data processing agreements concluded between the Controller and the service providers.
Your data will be processed automatically, as also, will the form of its profiling, however, it will not have any legal effect or similar effect on your situation. Personal data profiling consists of the automatic processing of data, by using them to evaluate some of your information, in particular, to analyze your personal preferences, behaviours and interests.
Information on personal data processing is updated in order to adapt it to the Controller’s business activity.
Zgodnie art. 13 oraz art. 14 rozporządzenia Parlamentu Europejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (Dz. Urz. UE L 119/1 z 4.5.2016 r. – dalej jako „RODO”, informuję, że:
2) podmioty zewnętrzne dostarczające i wspierające systemy teleinformatyczne Spółki (zarówno ogólną infrastrukturę teleinformatyczną, pocztę elektroniczną, jak i systemy informatyczne), usługi związane z bieżącą działalnością Spółki – na mocy stosownych umów powierzenia przetwarzania danych osobowych oraz przy zapewnieniu stosowania przez ww. podmioty adekwatnych środków technicznych i organizacyjnych zapewniających ochronę danych.