PRIVACY POLICY

  1. Who processes your personal data? In accordance with Art. 13 para. 1 and para. 2 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“RODO“), we inform you that the data Administrator of your personal data (referred to as the “Organizer”) is Event UI sp. z o.o. with its registered office in Olsztyn (10-683), ul. Władysława Trylińskiego 2, KRS number 894588, email address:support@eventUI.pl , tel.: 600 900 888 („Administrator”).Regarding matters related to personal data protection, please contact the Administrator at the email address: e-mail: support@eventUI.pl , tel.: +48 600 900 888
  2. Who may have access to personal data? The Organizer’s personal data may be disclosed by the Administrator to data recipients to whom the Administrator entrusts the processing of personal data, i.e. entities providing accounting, IT, marketing, legal and organizational services enabling the Administrator to provide services, conduct marketing campaigns, run a website, prepare and distribute newsletters (“Cooperating Entities“), and to competent authorities (Police, Prosecutors, Courts, Tax Offices, etc.) to the extent necessary for them to carry out their statutory tasks at their request, with all guarantees and technical measures ensuring the security of the transmitted data being preserved.The Administrator takes particular care when selecting Cooperating Entities and then ensures that they provide an adequate level of protection with regard to the processing of personal data in the contracts concluded with them.
  3. Where do we store your personal data? We store collected personal data within the European Economic Area (“EEA”). Each personal data transmission operation is carried out in accordance with applicable law and this Privacy Policy. If the Administrator transfers data to entities located outside the EEA, the Administrator will require those entities to guarantee a high level of protection for personal data, to comply with European data protection standards, and to conclude appropriate agreements based on standard contractual clauses in the field of data protection adopted by the European Commission.In the case of processing data as part of using cookies, in connection with the Administrator’s use of Google Analytics tools, the person who consents to the use of cookies also consents to the data being transferred to a company located in the USA: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The user hereby declares that they are aware that the data transmitted may not be secured to the extent required by the GDPR, will remain outside the Administrator’s control, and that entities authorized under applicable US law, such as US intelligence agencies, may have access to this data.
  4. Guarantees and statements of the Administrator. The Administrator guarantees the protection of personal data and the processing of personal data in accordance with the GDPR. The Administrator only collects data to the extent necessary for the performance of the contract – that is, determining the parties to the contract and their address, contact, and settlement data – for the proper performance of the subject matter of the contract, processing data on the customer’s claims against the Administrator, and their rights related to data processing.The Administrator takes care to protect the interests of the persons whose data are concerned, in particular by ensuring that the data collected by him/her are processed in accordance with the law; they are collected for specified, lawful purposes and not further processed in a manner that is incompatible with those purposes; they are factually correct and appropriate in relation to the purposes for which they are processed and stored in a form that allows for the identification of the persons concerned, no longer than necessary to achieve the purpose of processing.
  5. On what basis does the Administrator process your personal data? Processing of personal data is carried out for the following purposes and on the basis of the following legal grounds:
    1. in the scope of receiving and archiving statements of will of the Organizer in connection with the concluded contract, including archiving statements of will in relation to contracts concluded in document form, as the realization of the rights of persons using services provided by the Administrator, in order to enable the provision of services in accordance with the Regulations – Article 6(1)(b), (c) and (f) of the GDPR;
    2. in order to consider any claims made by the Organizer – Article 6(1)(b) and (c) of the GDPR – the Administrator processes personal data in order to enable the Organizer to pursue claims for improper performance of services by the Administrator;
    3. in the scope of pursuing claims arising from business activity – Article 6(1)(f) of the GDPR (legitimate interest of the Administrator);
    4. in the scope of keeping accounting books and settling payments for services provided – Article 6(1)(b), (c) and (f) of the GDPR (performance of the contract, performance of a legal obligation imposed on the Administrator and legitimate interest of the Administrator) – the Administrator processes personal data of the Organizer in connection with obligations imposed by the law, including the Act on Goods and Services Tax and the Accounting Act – in case it is necessary to demonstrate facts before the competent authorities;
    5. in order to directly offer our services (direct marketing), including tailoring them to the Organizer’s needs, sending newsletters (based on Article 6(1)(a) of the GDPR) – only on the basis of separate consent;
    6. after separate consent has been given, on the basis of Article 6(1)(a) of the GDPR, data may also be processed for the purpose of sending newsletters through communication channels provided by the Organizer (including in the form of SMS/MMS messages sent to the phone number provided by the Organizer) – only on the basis of separate consent.
    The Administrator assures that providing all data is voluntary, but in a scope other than for receiving newsletters or direct marketing (processing bases specified in point (5) subpoint 5-6), providing personal data is necessary to perform the contract. Failure to provide personal data or a request for their deletion or limitation of processing will result in the impossibility of providing services in the aforementioned scope.
  6. How long does the Administrator store your personal data? The administrator stores personal data processed:
    1. for the purposes described in point (5) sub-point 1 and 2 above for the period of service provision and then the statute of limitations for claims arising from the Administrator’s business activities or the enforcement of claims by the client as determined by applicable law;
    2. for the purposes described in point (5) sub-point 3 above for the statute of limitations for claims;
    3. in the case of processing data for the purpose referred to in point (5) sub-point 4 above – for the period required by law requiring the administrator to keep accounting books, but not for a period shorter than the statute of limitations for claims arising from the Administrator’s business activities;
    4. for the purposes described in point (5) sub-points 5-6 above for the period of the Administrator’s business activities, unless consent to the processing of data in this scope is withdrawn earlier.
  7. What are your rights? The Administrator stores personal data on secure servers. Access to the data is only available to authorized employees and collaborators of the Administrator. The place and method of data storage must ensure their complete safety.Organizer’s rights related to the processing of personal data:
    1. the right to withdraw consent to the processing of data,
    2. the right to access personal data and receive a copy of it,
    3. the right to request correction (rectification) of personal data,
    4. the right to request erasure of personal data,
    5. the right to request restriction of the processing of personal data,
    6. the right to object to the processing of data due to a particular situation that justifies discontinuing the processing objected to,
    7. the right to data portability, i.e. the right to receive personal data in a structured, commonly used machine-readable format. The right to data portability applies only to data processed based on a contract or consent.
    To exercise the above rights, the Organizer should contact the Administrator. To ensure that the authorized person contacts the Administrator to submit the application, the Administrator may ask for additional information allowing for effective authentication and identification. To the extent that data is processed based on consent, the consent may be withdrawn at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Consent may be withdrawn by sending a statement of withdrawal of consent to the postal address or our email address. If you believe that your data is being processed unlawfully, you will be able to lodge a complaint with the supervisory authority, which is the President of the Personal Data Protection Office.