Tabel of content
The administrator of the Website and of your personal data is Blend PR Magdalena Gajek with its registered office at os. Sobieskiego 26c/131, 60-688 Poznań, with NIP: 5961728254.
Administrator – Blend PR Magdalena Gajek with its registered office at os. Sobieskiego 26c/131, 60-688 Poznań, with NIP: 5961728254.
User – every person visiting and using the Website www.blendpr.pl.
Website and Online Store – www.blendpr.pl.
Form/Forms – places on the Website where the User can provide personal data for a specified reason such as Newsletter subscription, placing an order, contact with the User.
GDPR – the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?
The Administrator of your personal data is Blend PR Magdalena Gajek with its registered office at os. Sobieskiego 26c/131, 60-688 Poznań, with NIP: 5961728254.
IS PROVIDING YOUR PERSONAL DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING YOUR PERSONAL DATA?
Providing your personal data is voluntary, however, not providing the required personal data (marked as obligatory on the Website) means that the Administrator will not be able to provide the service.
Any personal data that is not obligatory or necessary are provided by the User voluntarily and the Administrator processes such personal data on the basis of Article 6 section 1 letter a) of GDPR (consent). The User gives consent for such personal data being processed and made anonymous by the Administrator.
FOR WHAT PUPROSES AND ON WHAT LEGAL BASIS ARE YOUR PERSONAL DATA PROCESSED?
The Administrator processes the User’s personal data for the following purposes and on the basis of the following legal grounds:
- in order to provide a service, perform a contract, or send an offer (such as a marketing offer) at the request of the User – legal basis: Article 6 section 1 letter b) of GDPR;
- in order to issue an invoice or a bill and to meet other tax law obligations when the User placed an order in the Online Store or offline – legal basis: Article 6 section 1 letter c) of GDPR;
- in order to grant a discount or inform about interesting sale offers from the Administrator or from the recommended subjects – legal basis: Article 6 section 1 letter a) of GDPR;
- in order to process a complaint or claims related to the contract – legal basis: Article 6 section 1 letter a) of GDPR and Article 6 section 1 letter c) of GDPR;
- in order to establish, exercise or defend legal claims – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to contact the User by phone regarding the service provided by the Administrator – legal basis: Article 6 section 1 letter b) of GDPR;
- in order to contact the User by phone to present an offer (also direct marketing) – legal basis: Article 6 section 1 letter a) of GDPR and Article 6 section 1 letter f) of GDPR;
- in order to create registers required by GDPR and other legal regulations – legal basis: Article 6 section 1 letter c) of GDPR and Article 6 section 1 letter f) of GDPR;
- in order to archive personal data and collect evidence – legal basis: Article 6 section 1 letter f) of GDPR;
- for the analytical purpose – to made the analyses of data collected automatically while using the Website, including cookies (for example Google Analytics, Facebook Pixel) – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to manage the Website or any websites of the Administrator on other platforms – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to study the satisfaction of the provided services – legal basis: Article 6 section 1 letter f) of GDPR;
- in order for the User to post opinions about provided services – legal basis: Article 6 section 1 letter a) of GDPR;
- in order for the Administrator to contact the User – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to adjust the content of the Administrator’s websites to individual needs of the User and to constantly improve the quality of provided services – legal basis: Article 6 section 1 letter f) of GDPR;
- for direct marketing of the Administrator’s products and services or of products and services of third parties recommended by the Administrator – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to create the Users data bases – legal basis: Article 6 section 1 letter f) of GDPR;
- in order to manage social media (accounts of Blend PR on Facebook, LinkedIn, and Instagram) and interact with the Users – legal basis: Article 6 section 1 letter f) of GDPR;
Article 6 of GDPR: Lawfulness of processing:
Section 1 letter a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
Section 1 letter b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
Section 1 letter c) processing is necessary for compliance with a legal obligation to which the controller is subject;
Section 1 letter f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
HOW ARE YOUR PERSONAL DATA COLLECTED?
The Administrator collects and processes only personal data provided by the User (the exception are automatically collected data such as cookies and login data – more information on those can be found below).
WHAT ARE YOUR RIGHTS?
The User has rights regarding their personal data under the provisions of Articles 15-21 of GDPR:
- the right to access personal data ,
- the right to transmit personal data,
- the right to rectify personal data,
- the right to delete personal data – if there are no legal bases to process personal data,
- the right to restrict the processing of personal data – if processing of personal data is incorrect or there are on legal bases for it,
- the right to object to processing of personal data – based on the provision that it is necessary for the purposes of the legitimate interests of the Administrator,
- the right to file a complaint with the supervisory authority – the President of the Personal Data Protection Office – if the User believes that the processing of their personal data is unlawful,
- the right to be forgotten – if there is no other legal grounds for the processing.
The Administrator shall draw attention to the fact that the abovementioned rights are not absolute and there are exceptions to them. The rights shall not adversely affect the rights and freedoms of others such as copyrights or professional secrecy. To find out more, please read the GDPR document.
However, the User can always exercise the right to file a complaint with the supervisory authority.
CAN YOU WITHDRAW YOUR CONSENT TO PROCESS YOUR PERSONAL DATA?
The User has the right to withdraw their consent to process their personal data at any given time, which will result in deleting the e-mail address of the User from the e-mailing list of the Administrator. The consent withdrawal does not affect the processing of personal data prior to the withdrawal.
In some cases, not all personal data will be deleted. In such cases, personal data might be stored for defense against claims for as long as it is required by legal regulations.
The Administrator shall process each and every request from the User, informing the User about the actions required by legal regulations.
DO WE TRANSFER YOUR PERSONAL DATA TO A THIRD COUNTRY?
The User’s personal data might be transferred to a non-EU country (third country). In such a case, personal data will be transferred only to the recipients who joined the Privacy Shield agreement or to those recipients that guarantee the highest level of data protection.
Because the Administrator uses the services from Google, Facebook, LinkedIn, and Instagram, the User’s personal data might be transferred to the United States of America (the USA) where the personal data are stored on the servers.
Detailed information on data protection can be found in the privacy policies available on the websites of each of the abovementioned providers:
Google LLC: https://policies.google.com/privacy?hl=pl
Facebook Ireland Ltd.: https://www.facebook.com/privacy/explanation
HOW LONG DO WE STORE YOUR PERSONAL DATA?
The User’s personal data are stored by the Administrator as long as there are services being provided, there are legal bases for processing of personal data, and:
- for the time period of cooperation/providing a service, for the period required by law for the establishment, exercise or defense of legal claims (personal data provided by the clients),
- for the time period of business agreements and negotiations prior to entering into contract or providing a service (personal data provided in the quote),
- for the time period required by the law regulations, including tax law (personal data required by the law regulations),
- until the effective opposition based on Article 21 of GDPR is filed (personal data processed for the purpose of the legitimate interests pursued by the Administrator, including direct marketing purposes),
- until the withdrawal of consent or achieving the goal of processing or a business goal (personal data processed based on the consent). After the withdrawal of consent, personal data might be processed for the period required by law for the establishment, exercise or defense of legal claims, or for shorter time period provided to the User.
- until personal data are no longer up-to-date or useful (personal data processed for the analytical and statistical purposes, cookies, and for the administration of the Administrator’s websites).
LINKS TO OTHER WEBSITES
The User’s personal data are stored and protected with due diligence, according to the internal procedures implemented by the Administrator. The Administrator processes personal data using appropriate technical and organizational measures required by the law regulations, especially by legal regulations regarding personal data. This is to protect personal data against unauthorized access. The access to personal data is granted only to authorized persons who are obliged to keep them confident.
The User shall ensure the security of personal data provided to the Administrator via Internet – in particular, does not share the login details with third parties, uses an antivirus and updates the software.
WHO MIGHT BE THE RECIPIENTS OF YOUR PERSONAL DATA?
The Administrator uses external service providers. The recipients of the User’s personal data (such as courier service providers, payment system operators, accountants, newsletter providers) guarantee they use the appropriate technical and organizational measures required by the law regulations, including GDPR. The User’s personal data are disclosed to the following recipients:
- pl SA – personal data are stored on the servers,
- Zakład Usług Księgowych Joanna Śmigaj-Olszewska – in order to issue accounting documents,
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland – Google services,
- pl SA – domain and e-mail server services,
- Other contractors providing technical, administration, and legal services to the Administrator or its clients such as accounting, IT, graphic design, copywriting, debt collection, legal help,
- Government offices such as Revenue Office – to meet the tax law obligations.
HAVE WE APPOINTED THE DATA PROTECTION OFFICER?
The Administrator has not appointed the Data Protection Officer and performs the tasks of the Data Protection Officer autonomously.
The User acknowledges that their personal data might be disclosed to the authorized government bodies – for the purpose of compliance with a legal obligation – at their request and after ensuring there are grounds for obtaining such personal data from the Administrator.
DO WE USE PROFILING WITH YOUR PERSONAL DATA?
The User’s personal data are not used for the automated decision-making which affects the rights, obligations and freedom of the User, as stipulated in GDPR.
The User’s personal data (obtained on the Website) might be subject to profiling in order to personalize the Administrator’s offer (mainly through behavioral advertising). It should not, however, have any effect on the legal situation of the User, especially on the contracts they entered into or will enter into. It only helps to adjust the content of the advertising to the interests of the User. That information is anonymous and is not associated with any personal data provided by the User (for example, during the online purchase). It includes only statistical data such as sex, age, interests, approximate location, and behavior on the Website.
Every User has the right to object to profiling if it has any negative effect on the rights and obligations of the User.
- The content of the Website does not constitute professional advice and does not reflect a factual situation. If you wish to obtain help with a specific problem, contact an authorized person or the Administrator (contact details). The Administrator is not responsible for the use of the content of the Website or for any actions or omissions that might be the result of it.
- The Administrator owns the copyrights to the entire content of the Website (photos, wording, videos, free materials, etc.). The Administrator does not allow to copy any of the content, in entirety or in parts, without a prior and written consent of the Administrator.
- The content of the Website is up-to-date on the day of the publication unless stated otherwise.
To be able to use the Website, the User is required to have:
- a device with Internet access,
- a browser,
software allowing to read the content in the given formats such as .pdf, video, mp3, mp4.
- The Website does not collect in any automatic way any other information except for cookies.
- Cookies contain IT data (small text files) that are stored on your device, such as your computer, tablet, and smartphone, while you visit the Website.
- There might two types of cookies: the first-party cookies (coming directly from the Website you are visiting) and third-party cookies (set by other websites).
- Cookies help to adjust the content of the Website to the individual preferences of the users. They also help to create statistics which show how the users use the Website. All this is very helpful in improving the Website – its content, structure and how it looks.
- The Administrator uses the following third-party cookies:
a) Facebook Pixel – it manages Facebook ads and marketing actions (legitimate interest pursued by the Administrator). This tool is provided by Facebook Inc. and its affiliates. This analytical tool measures how effective ads are, shows what actions the Users take, and helps to reach the target group (Facebook Ads, Facebook Insights). Information collected by Facebook Pixel is anonymous and does not identify you. It shows general data about the users: location, age, sex, interests. The provider can combine these data with other data that you provide on your Facebook account and then use the combined data according to their goals.
The Administrator recommends to read the details of Facebook Pixel and ask directly the provider for any clarification you might need. Also, you should manage the privacy settings on your Facebook account. More information can be found at https://www.facebook.com/privacy/explanation.
b) Google Analytics – it analyzes the Website statistics. Google Analytics uses its own cookies to analyze actions and behavior of the Users. The files store information such as from what website a user entered other website. It helps to create and use statistics to improve the services provided by the Administrator and to optimize the Website (legitimate interest pursued by the Administrator). This tool is provided by Google LLC. While using Google Analytics, the Administrator does not collect any data that could be used to identify the User. The Administrator recommends to read the details of Google Analytics, turn off cookies and ask directly the provider for any clarification you might need at https://support.google.com/analytics#topic=3544906.
c) Plug-ins to social media – Facebook, Instagram, LinkedIn.
When the User clicks on the plug-in icon, they are redirected to the website of an external provider – in this case to the specific social media portal such as Facebook. Next, the User can click ‘like it’ or ‘Share’ and to like the Administrator’s fan page on Facebook or to share the content (a post, article, video, etc.).
- The Website uses two main types of cookies: session cookies – temporary files stored on your device until you log out, close the website, or turns off the software and persistent cookies – these files are stored on your device for a set period (a parameter of a cookie file) or until you delete them – this makes it possible to recognize the browser next time you visit the Website.
- In many cases, the browser stores cookies on your device by default. This can be changed in the browser’s cookies policy. You can block automatic cookies or be informed every time cookies are stored on your device. Information on how to do that can be found in your browser’s settings.
- Some functionalities of the Website may not function properly when the cookies settings are changed.
- More information on cookies can be found at http://wszystkoociasteczkach.pl/ or in ‘Help’ section of your browser.
When you enter the Website for the first time, you have to accept cookies or take other actions specified in the message on the Website to be able to use the Website. By using the Website, you accept cookies. If you do not want to give such consent, leave the Website. You can also change the cookies settings in your browser – clear or turn them off. You can find all the necessary information in ‘Help’ section of your browser.
- Using the Website means that data is transmitted to the server that stores the Website.
- Transmitted data are saved in the server logs. Logs include the User’s IP, date and time, browser and operational system information used by the User.
- Logs are saved and stored on a server.
- Server logs are used to manage the Website and they are disclosed only to people and subjects authorized to administer the server.
- The Administrator does not use the logs in any way to identify the User.
Date of the latest update: 02.04.2020