GDPR INFORMATION CLAUSE ON THE PROCESSING OF PERSONAL DATA
Personal Data Administrator
The Administrator of Personal Data is DealDone sp.z o.o. with its registered office in Warsaw (postal code 02-989) at ul. Marszałkowska 58, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of St. Warsaw in Warsaw, XIII Commercial Division under the number KRS 0000422682, NIP: 5213631922, REGON: 146146443 share capital: PLN 50,000 paid up in full.
Categories of processed data
The scope of the Personal Data entrusted to the Processor includes:
a) as to the category of persons mentioned in sec. 1 letter a):
a. name, surname, email address, place of work
b) as to the category of persons mentioned in sec. 1 letter b):
a.name and surname, email address, telephone number, fax number, workplace address
Purposes and basics of processing
Personal data are provided by you voluntarily when submitting an inquiry. The information received is processed, among others in order to:
Replies to inquiries and sending an offer;
Providing additional information regarding the provided solution;
Trial version launch;
Maintain appropriate customer service;
Informing about new system functionalities;
Service delivery;
Performance of the concluded Agreement.
Principles of entrusting and processing
Before starting the processing of Personal Data, DealDone takes security measures referred to in art. 32 GDPR, and in particular is obliged to:
a) Applying for the entire duration of the processing of Personal Data organizational and technical measures ensuring an appropriate level of security of Personal Data, in particular by securing Personal Data against their disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.
b) Keeping the data protection documentation required by the applicable provisions on the protection of personal data, including all policies, registers, lists, analyzes.
c) To cooperate, at any request, with the supervisory authority authorized to control compliance with data protection provisions to the extent and in the manner specified by this authority;
d) Documenting any breaches of Personal Data protection, including the circumstances of the breach of personal data protection, its effects and the remedial actions taken;
e) Ensure that: only persons authorized to do so and trained in the protection of personal data have access to Personal Data, persons authorized to process Personal Data keep them and the security measures secret.
Transmission of personal data
Your data will not be transferred to a third country or an international organization; with the exception of state institutions authorized to receive and process this data and payment service providers.
Data storage
Your personal data will be kept for the duration of the legitimate interest of the administrator, unless you object to the processing of data.
Your rights
You have the right to access your data and the right to rectify, delete, limit processing, the right to transfer data, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing, which was made on the basis of consent before its withdrawal .
You have the right to lodge a complaint with the supervisory body dealing with the protection of personal data, which is the President of the Office for Personal Data Protection, if you believe that the processing of your personal data violates the provisions of the Act of 10 May 2018 on the protection of personal data (consolidated text, Journal U. of 2018, item 1000) or the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general regulation on data protection) of 27 April 2016 (Journal of Laws EU L No. 119, p. 1).
Responsibility
1. The solution provider is responsible for compliance with the law on the processing and protection of Personal Data according to the GDPR.
2. The solution provider is responsible for damages caused by own actions and omissions as well as actions and omissions of subprocessors.