The following information provides a concise, understandable, and transparent summary of the information included in the Privacy Policy regarding the Data Controller, the purpose and method of processing personal data, and your rights related to this processing, in the form required to fulfill the information obligation of GDPR. Details regarding the processing method and entities involved in this process are available in the indicated policy.
Who is the data controller?
The Personal Data Controller (hereinafter the Controller) is the company "elnino Pawel Gniadkowski", conducting business at the address: Sygneczow 311, with the assigned tax identification number (VAT ID): PL5732576742, providing services electronically via the Service
How can you contact the data controller?
You can contact the Controller in one of the following ways
Postal address - elnino Paweł Gniadkowski, Sygneczów 311
Email address - prive@privegame.com
Has the Controller appointed a Data Protection Officer?
Based on Art. 37 GDPR, the Controller has not appointed a Data Protection Officer.
For matters related to data processing, including personal data, please contact the Controller directly.
Where do we obtain personal data from and what are their sources?
Data is obtained from the following sources:
- from the individuals to whom the data pertains
What is the scope of personal data we process?
In the service, the following data is processed
- ordinary personal data, voluntarily provided by the individuals concerned
(e.g., name, email address, IP address, etc.) - sensitive personal data, voluntarily provided by the individuals concerned
(e.g., sexual preferences)
The detailed scope of processed data is available in the Privacy Policy.
What are the purposes of processing our data?
Personal data voluntarily provided by Users is processed for one of the following purposes:
- Provision of electronic services:
- Couple Game Services
- Newsletter Services (including sending advertising content with consent)
- Communication between the Controller and Users regarding the Service and data protection
- Ensuring the Controller's legitimate interest
What are the legal bases for data processing?
The Service collects and processes Users' data based on:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of
natural persons with regard to the processing of personal data and on the free movement of such data, and
repealing Directive 95/46/EC (General Data Protection Regulation)
- art. 6 sec. 1 lit. a
the data subject has given consent to the processing of their personal data for one or more specific purposes - art. 6 sec. 1 lit. b
processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract - art. 6 sec. 1 lit. f
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
- art. 6 sec. 1 lit. a
- Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018 item 1000)
- Act of 16 July 2004 Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
- Act of 4 February 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)
What is the legitimate interest pursued by the Controller?
- For the purpose of potential determination, investigation, or defense against claims – the legal basis for processing is our legitimate interest (art. 6 sec. 1 lit. f) GDPR) consisting of protecting our rights, including among others;
- For the purpose of assessing the risk of potential clients
- For the purpose of evaluating planned marketing campaigns
- For the purpose of direct marketing
For how long do we process personal data?
As a rule, the indicated personal data is stored only for the duration of the service provided by the Controller within the conducted service. They are deleted or anonymized within 30 days from the end of service provision (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.)
In exceptional situations, to secure the legitimate interest pursued by the Controller, this period may be extended. In such a situation, the Controller will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the event of a violation or suspicion of violation of the service regulations by the person to whom the data pertains.
Who is the recipient of the data, including personal data?
As a rule, the only recipient of the data is the Controller.
However, data processing may be entrusted to other entities providing services to the Controller to maintain the Service's operation.
Such entities may include, among others:- Hosting companies providing hosting or related services for the Controller
- Companies through which the Newsletter service is provided
- Service and IT support companies performing maintenance or responsible for maintaining IT infrastructure
- Companies intermediating in online payments for goods or services offered within the Service (in case of making purchase transactions in the Service)
Will your personal data be transferred outside the European Union?
Personal data is transferred outside the European Union.
The transfer of data outside the EU
is caused by the use of services of entities located outside the EU, or as a result of publication due to an
individual action of the User (e.g., entering a comment or post), which will make the data available to anyone
visiting the service.
In the case of transfer or entrustment of personal data processing outside the EU,
these data are processed based on an agreement concluded between the Controller and the Service
Provider.
Will personal data be the basis for automated decision-making?
Personal data is used for automated decision-making (profiling).
Profiling of personal data
does not have legal effects or similarly significantly affect the person whose data is subject to automated
decision-making.
What rights do you have related to the processing of personal data?
Right of access to personal data
Users have the right to access their personal data, exercised upon request submitted to the ControllerRight to rectify personal data
Users have the right to request the Controller to promptly rectify personal data that is incorrect or / and complete incomplete personal data, exercised upon request submitted to the ControllerRight to delete personal data
Users have the right to request the Controller to promptly delete personal data, exercised upon request submitted to the Controller.
In the case of user accounts, data deletion involves anonymizing data that allows User identification.
In the case of the Newsletter service, the User can independently delete their personal data using the link included in each sent email message.Right to restrict the processing of personal data
Users have the right to restrict the processing of personal data in cases indicated in art. 18 GDPR, including questioning the accuracy of personal data, exercised upon request submitted to the ControllerRight to data portability
Users have the right to obtain from the Controller, personal data concerning the User in a structured, commonly used, machine-readable format, exercised upon request submitted to the ControllerRight to object to the processing of personal data
Users have the right to object to the processing of their personal data in cases specified in art. 21 GDPR, exercised upon request submitted to the ControllerRight to lodge a complaint
Users have the right to lodge a complaint with the supervisory authority dealing with personal data protection.