GDPR information obligation
Who is the data controller?
The Personal Data Administrator (hereinafter referred to as the Administrator) is "Polworks GmbH", operating at the following address: Leher Landstraße 37, D-27607 Geestland, with the assigned tax identification number (NIP): USt.-IdNr.: DE303430210, providing services electronically via the Website
How to contact the administration data controller ?
The controller can be contacted in one of the following ways
- Postal address - Polworks GmbH, Leher Landstraße 37, D-27607 Geestland
- E-mail address - – email@example.com
- Telephone call – +48 696 499 949
- Contact form
Has the controller appointed a personal data inspector?
Pursuant to Article 37 of the GDPR, the Controller has not appointed a Data Protection Officer
For matters concerning data processing, including personal data, the administrator should be contacted directly.
Where do we receive the personal data from and what are it’s sources
Data is obtained from the following sources:
- From the data subjects
- In the case of registration using social networks, with the informed consent of those individuals, from those social networks
What is the scope of personal data processed by us?
The website processes ordinary personal data, provided voluntarily by the individual them selves (Np. imię i nazwisko, login, adres e-mail, telefon, adres IP, itp.) (e.g. forename, surname , login, e-mail address, phone number, IP address etc.)
What are the purposes of our data processing?
Personal data voluntarily provided by users are processed for one of the following purposes:
- Implementation of electronic services
- Services of registration and maintenance of the User's account on the Website and functionalities related to it
- Newsletter services (including sending advertising content with consent)
- Services of commenting/ liking posts on the website without the need of registration
- Administrator’s Communication with users in matters related to the Website and data protection
- Ensuring the legitimate interest of the Administrator
What are the legal bases for data processing
The website collects and processes the users date on the basis of:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
- Article 6 (1)(a)
The data subject has consented to the processing of his/her personal data for one or more purposes
- Article 6 (1)(b)
processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
- Article 6 (1)(f)
Processing is necessary for the purpose of legitimate interests pursued by the controller or by a third party
- Article 6 (1)(a)
- Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018, item 1000)
- Law of 16 July 2004 Telecommunications Law (Journal of Laws of 2004, No. 171, item 1800)
- Act of 4 February 1994 , on copyright and related rights (Journal of laws 1994, no 24, item 83)
What is the legitimate interest perused by the administrator ?
- In order to possibly establish,pursue or defend claims- the legal basis for processing is our legitimate interests (Article 6(1)(f) of the GDPR) consisting in the protection of our rights including but not limited to;
- To assess the risk of potential customers
- To evaluate planned marketing campaigns
- To carry out direct marketing
For how long do we process your personal data?
As a rule, indicated personal data is kept only for the period of providing the service as part of the website run by the administrator. They are deleted or anonymized within 30 days of the end of the service(e.g. deleting the registered user account, unsubscribing from the newsletter, etc.).
In exceptional situations in order to source the legitimate interest pursued by the administrator, this period might be extended. In such situations the administrator will source the indicated data until the user requests for them to be deleted, no longer than 3 years in the case of violation or suspected violation of the provisions of the Terms of Service by the data subject.
Who is the recipient of data including personal data?
As a rule, the only receiver of data is the administrator
However, the processing of data may be entrusted to other entities providing services to the Administrator in order to maintain the operation of the Website.
Such entities might include, but are not limited to
- Hosting companies, providing hosting or related services to the administrator
- Companies through which the newsletter service is provided
Will your personal data be shared outside of European Union ?
Personal date will not be shared outside of European union, unless it has been published as a result of an individual action by the user(e.g. entering a comment or a post) this allows all the visitors of the website to access the data
Will personal data be the basis for automated decision making?
Personal data will not be used for automated decision making (profiling).
What rights do you have related to the processing of your personal data?
- The right to access personal data
Users have the right to gain access to their own personal data, carried out at the request submitted to the administrator
- The right to reclify personal data
personal data Users have the right to request from the Administrator the immediate rectification of personal data that is incorrect and/or the completion of incomplete personal data, carried out at the request submitted to the Administrator
- The right to delete personal data
Użytkownikom przysługuje prawo żądania od Administratora niezwłocznego usunięcia danych osobowych, realizowane na żądanie złożone do Administratora.W przypadku kont użytkowników, usunięcie danych polega na anonimizacji danych umożliwiających identyfikację Użytkownika.W przypadku usługi Newsletter, Użytkownik ma możliwość samodzielnego usunięcia swoich danych osobowych korzystając z odnośnika umieszczonego w każdej przesyłanej wiadomości e-mail.
- The right to restrict the processing of personal data
Users have the right to limit the processing of personal data in the cases indicated in Article 18 of the GDPR, m.in. to question the accuracy of personal data, carried out at the request submitted to the Administrator
- The right to transfer personal data
Users have the right to obtain from the Administrator personal data concerning the User in a structured, commonly used and machine-readable format, carried out upon request submitted to the Administrator
- The right to object to the processing of personal data
Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the GDPR, carried out at the request submitted to the Administrator
- Right to lodge a complaint
Users have the right to lodge a complaint with a supervisory authority dealing with the protection of personal data.