1. Firma dla Każdego Foundation with its registered office at ul. Lwowska 5/15 in Warsaw 00-660, registered in the Register of Associations kept by the District Court for the City of Warsaw XII Economic Department of the National Court Register under KRS No. 0000569410, NIP 5252625624, REGON 362170026 (hereinafter referred to as “Administrator”).

2. The Administrator operates the website firmadlakazdego.pl (hereinafter “Service”).

3. A user of the Service (hereinafter referred to as “User”) agrees to the processing of his/her personal data by the Administrator under the terms hereof.

4. Any statements, inquiries and information regarding personal data may be provided to the Administrator via:

-e-mail to kontakt@firmadlakazdego.pl

– via the contact form located at https://firmadlakazdego.pl/#contact;

 -in writing to the Administrator’s registered office address.

5. The User’s personal data is processed on the basis of Article 6 and other provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter “”GDPR””).

6. The User’s personal data is processed for the purpose of responding to questions and other messages sent by the User via the contact form or e-mail and for further contact with the User.

7. The Administrator processes the following categories of User data:

   1. name and surname

   2. e-mail address

   3. telephone number.

8. Recipients of the User’s personal data may be employees, contractors, subcontractors and other persons employed or cooperating with the Administrator.

9. The User’s personal data may be transferred to third countries, but only in accordance with the principles set out in Article 46 of the GDPR, i.e. provided that the recipient provides adequate safeguards. In any case, the User is entitled to receive a copy of the data concerning them.

10. The User’s personal data will be kept for the period necessary to fulfill the purposes of data processing, i.e. for the period of maintaining communication with the User, including, in particular, the period necessary to provide the User with any requested information. The User’s personal data will be permanently erased when the aforementioned period ends.

11. The User is entitled to:

    1. obtain confirmation from the Administrator as to whether personal data concerning        him/her is being processed;

    2. receive a copy of the processed data;

    3. obtain from the Administrator any information covered by the scope of this Privacy Policy.

12. The User has the right to request the Administrator to promptly rectify personal data concerning him/her that is incorrect. Taking into account the purposes of processing, the User has the right to request the completion of incomplete personal data, including by providing an additional statement.

13. The User has the right to request from the Administrator the immediate deletion of personal data concerning him/her, and the Administrator is obliged to erase the personal data without undue delay (subject to exceptions provided by law) if one of the following circumstances occurs:

    1. the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

     2. the User has withdrawn the consent on which the processing is based and there is no other legal basis for the processing;

     3. the User raises the objection referred to in Section 16;

     4. the personal data has been processed unlawfully;

     5. the personal data must be erased in order to comply with a legal obligation under the EU law or the law of a Member State to which the Administrator is subject;

     6. the personal data was collected in connection with offering information society services directly to the child, based on the consent of the child or the child’s parent (guardian).

14. The User has the right to request the Administrator to restrict processing in the following cases:

    1. when the User questions the correctness of the personal data – for a period that allows the Administrator to check the correctness of the data;

    2. when the processing is unlawful and the User objects to the deletion of the personal data, requesting instead a restriction on its use;

    3. when the Administrator no longer needs the personal data for the purposes of processing, but they are needed by the User to establish, assert or defend claims;

    4. when the User has raised the objection referred to in Section 16 – until it is determined whether the legitimate grounds on the part of the Administrator override the grounds of the data subject’s objection.

15. The User has the right to receive in a structured, commonly used machine-readable format the personal data concerning him or her that he or she has provided to the Administrator, and has the right to send this personal data to another data administrator without hindrance from the Administrator to whom the personal data was provided. In exercising the right to data portability, the User has the right to request that the personal data be sent by the Administrator directly to another administrator of personal data, if technically possible.

16. The User has the right to object at any time – on grounds relating to his or her particular situation – to the processing of personal data concerning him or her based on legitimate interests pursued by the Administrator or by a third party. The Administrator shall no longer be permitted to process such personal data unless the Administrator demonstrates the existence of compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims.

17. The User may withdraw consent to data processing at any time. Note, however, that withdrawal of consent does not affect the lawfulness of processing that was carried out before the withdrawal of consent.

18. The User has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her usual residence, his or her place of work or the place where the alleged violation was committed, if he or she believes that the processing of personal data concerning him or her violates the provisions of the GDPR.