Privacy Policy

Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)

1. Data Controller

The Controller of your personal data is – Magdalena Assanowicz, prowadząca działalność gospodarczą pod firmą „Hello Warsaw Magdalena Assanowicz“ ul. Filtrowa 69/11, 02-055 Warszawa, NIP: 7010074647. The Controller has not appointed a Data Protection Officer.

2. Purpose of Processing

The Controller processes data for the purpose of: Initiating discussions regarding potential cooperation; Responding to messages sent to the Controller; Entering into a contract.

3. Legal Basis for Processing

The processing of your personal data will be carried out, depending on the process, on the basis of Article 6(1)(a), Article 6(1)(b), and Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”.

4. Categories of Personal Data

The Controller will process personal data such as: first name, last name, national identification number (PESEL), identity card number, as well as address and contact details (address, phone number, email address).

5. Recipients of Data

Your personal data may be transferred to entities processing it on our behalf, including: employees and contractors, accounting offices, and insurers. Your data will not be transferred to a third country or international organisation, except in situations arising from legal provisions or consent granted by you.

6. Data Retention Period

Your data will be processed for the duration of: Negotiations aimed at concluding a contract, and after their conclusion, for the period of limitation of claims that may be raised by the Controller and that may be raised against the Controller in connection with the concluded contract. If processing is based on consent, data will be processed until the consent is withdrawn, and after that period for the duration of limitation of claims that may be raised by or against the Controller. Performance of the contract, and after its conclusion, for the period of limitation of claims that may be raised by the Controller and that may be raised against the Controller in connection with the concluded contract. If processing is based on consent, data will be processed until the consent is withdrawn, and after that period for the duration of limitation of claims that may be raised by or against the Controller.

7. Source of Data

Personal data is collected directly from you and obtained from publicly available sources (e.g., KRS and CEiDG databases, the Internet).

8. Rights Related to the Processing of Personal Data

You have the right to: access your data and receive a copy thereof; rectification (correction) of your data; erasure of data – if you believe there are no grounds for the Controller to process your data; restriction of processing – if you believe the Controller holds incorrect data about you or processes it without grounds; or you do not want the Controller to delete it because you need it for establishing, pursuing or defending claims; or for the duration of an objection you have raised against the processing of your data; object to the processing of data for direct marketing purposes, as well as to the processing of data based on a legitimate interest for purposes other than direct marketing, and also where processing is necessary for the Controller to perform a task in the public interest or exercise official authority; data portability – you have the right to receive from the Controller, in a structured, commonly used and machine-readable format, your personal data that you have provided to the Controller on the basis of a contract or consent; you may also request the Controller to transmit such data directly to another entity; lodge a complaint with a supervisory authority – if you believe the Controller is processing your data unlawfully, you may file a complaint with the President of the Personal Data Protection Office or another competent supervisory authority; withdraw consent to the processing of personal data – at any time you have the right to withdraw consent to the processing of those personal data that the Controller processes on the basis of your consent; withdrawal of consent will not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

Mają Państwo prawo do: dostępu do swoich danych oraz otrzymania ich kopii; sprostowania (poprawiania) swoich danych; usunięcia danych - jeżeli Państwa zdaniem nie ma podstaw do tego, aby Administrator przetwarzał Państwa dane; ograniczenia przetwarzania danych - jeżeli Państwa zdaniem Administrator ma nieprawidłowe dane na Państwa temat lub przetwarza je bezpodstawnie; lub nie chcą Państwo, aby Administrator je usunął, bo są Państwu potrzebne do ustalenia, dochodzenia lub obrony roszczeń; lub na czas wniesionego przez Państwa sprzeciwu względem przetwarzania danych; wniesienia sprzeciwu wobec przetwarzania danych w celu prowadzenia marketingu bezpośredniego oraz prawo sprzeciwu wobec przetwarzania danych na podstawie prawnie uzasadnionego interesu w celach innych niż marketing bezpośredni, a także, gdy przetwarzanie jest Administratorowi niezbędne do wykonania zadania realizowanego w interesie publicznym lub do sprawowania powierzonej władzy publicznej; przenoszenia danych – mają Państwo prawo otrzymać od Administratora w ustrukturyzowanym, powszechnie używanym formacie nadającym się do odczytu maszynowego swoje dane osobowe, które dostarczyliście Państwo Administratorowi na podstawie umowy lub zgody, mogą Państwo też zlecić Administratorowi przesłanie tych danych bezpośrednio innemu podmiotowi; wniesienia skargi do organu nadzorczego - jeżeli uważają Państwo, że Administrator przetwarza dane niezgodnie z prawem, mogą Państwo złożyć w tej sprawie skargę do Prezesa Urzędu Ochrony Danych Osobowych lub innego właściwego organu nadzorczego; prawo do cofnięcia zgody na przetwarzanie danych osobowych - w każdej chwili mają Państwo prawo cofnąć zgodę na przetwarzanie tych danych osobowych, które Administrator przetwarza na podstawie Państwa zgody; cofnięcie zgody nie będzie wpływać na zgodność z prawem przetwarzania, którego dokonano na podstawie zgody przed jej wycofaniem.

The Controller makes every effort to ensure all physical, technical and organisational measures for the protection of personal data against accidental or intentional destruction, accidental loss, alteration, unauthorised disclosure, use or access, in accordance with the GDPR and applicable national law.