PRIVACY POLICY
Version valid from 05.07.2022
WHAT IS THE PRIVACY POLICY?
We would like to familiarize you with the details of our processing of your personal data in order to give you full knowledge and comfort in using our website.
Due to the fact that we operate in the Internet industry ourselves, we know how important it is to protect your personal data. Therefore, we make special efforts to protect your privacy and the information you provide to us.
We carefully select and apply appropriate technical measures, in particular those of a programming and organizational nature, ensuring the protection of processed personal data. Our website uses encrypted data transmission (SSL), which ensures the protection of the data that identifies you.
In our Privacy Policy you will find all the most important information regarding the processing of your personal data by us. We ask you to read it and we promise that it will not take you more than a few minutes.
Who is the administrator of the www.sofiia.org website?
The administrator of the website is SOFIIA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Gdańsk, at Szafarnia 11/F8, 80-755 Gdańsk, registered by the District Court for the m.st. Warsaw in Warsaw, XIII Commercial Division of the National Court Register, KRS 0000901244, NIP 5213929449, REGON 389013900, with share capital in the amount of: PLN 5,000.00.
PERSONAL DATA
Which legal act governs the processing of your personal data?
Your personal data is collected and processed by us in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). (Dz.Urz. UE L 119, s. 1), commonly referred to as: GDPR. To the extent not regulated by the GDPR, the processing of personal data is regulated by the Personal Data Protection Act of 10 May 2018.
Who is the controller of your personal data?
The administrator of your personal data is SOFIIA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Gdańsk, Szafarnia 11/F8, 80-755 Gdańsk, registered by the District Court for the m.st. of Warsaw in Warsaw, XIII Commercial Division of the National Court Register, KRS 0000901244, NIP 5213929449, REGON 389013900, with share capital in the amount of: PLN 5,000.00, phone: +48 531 005 649, e-mail: info@soffia.org
You can contact us about your personal data using:
- e-mail: info@sofiia.org,
- Szafarnia 11/F8, 80-755 Gdańsk,
- phone: +48531005649.
HOW DO WE PROCESS YOUR PERSONAL DATA THAT YOU PROVIDE TO US?
What personal data do we process and for what purposes do we process it?
On our website we offer you many different services, for the purposes of which we process different personal data, based on different legal bases.
Purpose | Personal data | Legal basis for processing | Data retention period |
Conclusion and performance of the contract | name, surname, correspondence address, NIP, e-mail address, telephone number, | Article 6(1)(b) of the GDPR, i.e. processing in order to take action at your request, prior to the conclusion of a contract and processing necessary for the performance of a contract to which you are a party | until the expiry of the limitation period for claims regarding the performance of the contract |
Opening and maintaining an account | name, surname, e-mail address, telephone number, correspondence address, | Article 6(1)(b) of the GDPR, i.e. processing in order to take action at your request, prior to the conclusion of a contract and processing necessary for the performance of a contract to which you are a party | until the expiry of the limitation period for claims regarding the performance of the contract |
Newsletter | name, surname, e-mail address, | Article 6(1)(a) of the GDPR, i.e. processing based on your consent to the processing of your personal data | until the withdrawal of consent to the processing of personal data |
contact form | name, surname, mailing address, e-mail address, telephone number, | Article 6(1)(f) of the GDPR, i.e. processing in order to pursue our legitimate interest, consisting in maintaining the continuity of communication and enabling contact with us in matters of business activity | until you object to the processing of your personal data |
Voluntary provision of personal data
Providing the required personal data by you is voluntary, but it is a condition for us to provide services to you (e.g. sending a newsletter or creating an account).
Recipients of personal data
The entity that is the recipient of your personal data is SOFIIA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ with its registered office in Gdańsk, at Szafarnia 11/F8, 80-755 Gdańsk, registered by the District Court for the m.st. of Warsaw in Warsaw, XIII Commercial Division of the National Court Register, KRS 0000901244, NIP 5213929449, REGON 389013900, with share capital in the amount of: PLN 5,000.00.
Automated decision-making (including profiling)
We do not make automated decisions about you or use profiling.
Will we transfer your personal data outside the EEA or to an international organisation?
Your personal data will not be transferred outside the EEA or to an international organization.
WHAT RIGHTS DO YOU HAVE IN CONNECTION WITH THE PROCESSING OF YOUR PERSONAL DATA BY US?
On the basis of the GDPR, you have the right to:
- request access to your personal data,
- request rectification of your personal data,
- request the deletion of your personal data,
- request the restriction of the processing of personal data,
- object to the processing of personal data,
- request the portability of personal data.
If you submit any of the above requests to us, we will inform you without undue delay – and in any event within one month of receipt of the request – of the action taken on your request.
If necessary, we may extend the one-month deadline by another two months due to the complexity of the request or the number of requests.
In any case, we will inform you within one month of receiving the request for an extension of the deadline and give you the reasons for the delay.
Right of access to personal data (Art. 15 GDPR)
You have the right to obtain information whether we process your personal data. If we process your personal data, you have the right to:
- access to personal data,
- obtain information about the purposes of processing, categories of personal data processed, recipients or categories of recipients of this data, the planned period of storage of your data or the criteria for determining this period, about your rights under the GDPR and about the right to lodge a complaint to the President of the Office for Personal Data Protection, about the source of this data, about automated decision-making, including profiling and about the safeguards used in connection with the transfer of these data outside the European Union;
- obtain a copy of your personal data.
If you want to request access to your personal data, please submit your request to the following address: info@sofiia.org .
Right to rectification of personal data (Art. 16 GDPR)
If your personal data is incorrect, you have the right to request us to rectify your personal data without delay. You also have the right to request that we complete your personal data. If you want to request rectification or supplementation of your personal data, please submit your request to the following address: info@sofiia.org
The right to delete personal data, the so-called “right to be forgotten” (Art. 17 GDPR)
You have the right to request the deletion of your personal data when:
- your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you have withdrawn a specific consent to the extent that personal data has been processed based on your consent;
- your personal data has been unlawfully processed;
- you have objected to the processing of your personal data for direct marketing purposes, including profiling, to the extent that the processing of personal data is related to direct marketing;
- you have objected to the processing of your personal data in connection with processing necessary to perform a task carried out in the public interest or processing necessary for the purposes of the legitimate interests pursued by us or a third party.
Despite the request to delete personal data, we may continue to process your data in order to establish, investigate or defend claims, of which you will be informed.
If you want to request the deletion of your personal data, please submit your request to the following address: info@sofiia.org.
Right to request restriction of processing of personal data (Art. 18 GDPR)
You have the right to request the restriction of the processing of your personal data when:
- you contest the correctness of your personal data – in this case, we will limit the processing of your personal data for a period of time that allows you to check the correctness of this data;
- the processing of your data is unlawful and instead of deleting your personal data, you request the restriction of the processing of your personal data;
- Your personal data is no longer necessary for the purposes of processing, but it is needed to establish, assert or defend your claims;
- you have objected to the processing of your personal data – until it is determined whether our legitimate interests override the grounds indicated in your objection.
If you want to request the restriction of the processing of your personal data, please submit your request to the following address: info@sofiia.org.
Right to object to the processing of personal data (Art. 21 GDPR)
You have the right to object at any time to the processing of your personal data, including profiling, in connection with:
- processing necessary to perform a task carried out in the public interest or processing necessary for the purposes of the legitimate interests pursued by the Administrator of personal data or a third party;
- processing for direct marketing purposes.
If you want to object to the processing of your personal data, please submit your request to the following address: info@sofiia.org.
Right to request portability of personal data (Art. 20 GDPR)
You have the right to receive your personal data from us in a structured, commonly used machine-readable format and to send it to another personal data controller.
By default, we will provide you with your personal data in CSV format. If you prefer the data to be made available to you in a different format, indicate your preferred format in your request. Where possible, we will try to provide you with data in the format you prefer.
You can also request that we transfer your personal data directly to another controller (where technically feasible).
If you want to request the transfer of your personal data, please submit your request to the following address: info@sofiia.org.
Can you withdraw your consent to the processing of personal data?
You can withdraw your consent to the processing of your personal data at any time. Withdrawal of consent to the processing of personal data does not affect the lawfulness of the processing carried out by us on the basis of your consent before its withdrawal.
If you want to withdraw your consent to the processing of your personal data, please submit your request to the following address: info@sofiia.org.
If you want to withdraw your consent to the processing of personal data for the purpose of providing the “Newsletter” service, you can opt out of it here [www.sofiia.org unsuscribe].
Complaint to a supervisory authority
If you believe that the processing of your personal data infringes data protection rules, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
In Poland, the supervisory authority within the meaning of the GDPR is the President of the Office for Personal Data Protection, who replaced GIODO on May 25, 2018.
More information can be found here: https://www.uodo.gov.pl/pl/134/233
“Cookies”
Background
When browsing the websites of the Online Store, “cookies” are used, hereinafter referred to as Cookies, i.e. small text information that is saved on your end device in connection with the use of the Online Store. Their use is aimed at the proper operation of the Online Store websites.
These files allow you to identify the software used by you and customize the Online Store individually to your needs.
Cookies usually contain the name of the domain from which they originate, the time they are stored on the device and the assigned value.
Safety
The cookies we use are safe for your devices. In particular, it is not possible to get to your devices through cookies, viruses or other unwanted software or malicious software.
Types of Cookies
We use two types of cookies:
- Session cookies: they are stored on your device and remain there until the end of the browser session. The saved information is then permanently deleted from your device’s memory. The mechanism of session cookies does not allow you to download any personal data or any confidential information from your device.
- Persistent cookies: they are stored on your device and remain there until you delete them. Ending a browser session or turning off a device doesn’t remove it from your device. The mechanism of persistent cookies does not allow you to download any personal data or any confidential information from your device.
Objectives
We also use third-party cookies for the following purposes:
- configuration of the Online Store.
To learn the rules of using cookies, we recommend that you read the privacy policies of the above-mentioned companies.
Using the settings of your web browser or using the service configuration, you can independently and at any time change the settings for Cookies, specifying the conditions for their storage and access by Cookies to your device. You can change these settings so as to block the automatic handling of cookies in the web browser settings or to inform about them each time they are placed on your device. Detailed information about the possibilities and ways of handling cookies are available in the settings of your software (web browser).