Privacy policy

I. DEFINITIONS

  1. Administrator – entity specified in the Terms and Conditions;
  2. Personal data – all information about an individual that can be identified directly or indirectly, including IP address, location data, internet ID, and data collected via cookies or similar technology;
  3. Policy – this Privacy Policy;
  4. GDPR – Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC;
  5. User – individual using the Site;

II. PURPOSE OF PROCESSING DATA

  1. Data, including Personal data, are collected and used for the following purposes:
    1. using the Site;
    2. accessing the Content;
    3. marketing activities, including contextual and behavioral advertising;
    4. direct marketing, if User’s consent was obtained.
  2. Personal data of all Users using the Site (including IP addresses and information gathered via cookies and similar technologies) is processed by the Administrator:
    1. to provide electronic services (clause 6.1.b of the GDPR);
    2. to grant access to the Content (clause 6.1.b of the GDPR);
    3. for analytical and statistical purposes (clause 6.1.f of the GDPR);
    4. to conduct contextual marketing (clause 6.1.f of the GDPR);
    5. for technical purposes (clause 6.1.f of the GDPR).
  3. Accessing the Content involves processing the User's Personal data. Providing mandatory data is required to access the Content. Personal data is processed by the Administrator:
    1. to grant access to the Content (clause 6.1.b of the GDPR);
    2. to fulfill legal obligations (clause 6.1.c of the GDPR);
    3. for analytical and statistical purposes (clause 6.1.f of the GDPR);
    4. to pursue any claims (clause 6.1.f of the GDPR);
    5. for satisfaction surveys (clause 6.1.f of the GDPR).
  4. The Administrator processes Personal data for marketing purposes, including:
    1. displaying non-preselected marketing content (clause 6.1.f of the GDPR);
    2. sending SMS or email messages with offers or content, based on previous consent (clause 6.1.f of the GDPR).

III. PERIOD OF DATA STORAGE & PROCESSING

  1. Data is stored for the duration of service provision, until consent is withdrawn or an objection to data processing is submitted, where processing is justified by the Administrator’s legitimate interest.
  2. The data processing period may be extended if necessary for identifying and pursuing claims or defending against them, and afterwards, only as permitted by relevant legal provisions. After the processing period, data is irreversibly deleted or anonymized.

USER’S RIGHTS

  1. Right to be informed about data processing – Users can request information on data processing, including the purpose, legal grounds, scope, processing entities, and planned deletion time.
  2. Right to receive a copy of data – Users can request a copy of their data held by the Administrator.
  3. Right to amend – Users can request correction, supplementation, or updating of their data.
  4. Right to delete data – Users can request the deletion of data no longer necessary for the purposes for which it was collected.
  5. Right to restrict processing – Users can request the cessation of data processing, except for operations they consented to, and data storage per retention rules.
  6. Right to transfer data – Users can request their data in a machine-readable format or have it transferred to a third party, if technically feasible.
  7. Right to object to processing for marketing purposes – Users can object to their data being processed for marketing purposes at any time.
  8. Right to object to processing for surveying purposes – Users can object to their data being processed for surveys at any time.
  9. Right to object to processing for other purposes – Users can object to their data being processed for legitimate interest purposes, with justification to be assessed by the Administrator.
  10. Right to withdraw consent – Users can withdraw their consent for data processing at any time, without affecting the legality of prior processing.
  11. Right to complain – Users can file a complaint with the appropriate authority if they believe data processing violates the GDPR or other data protection regulations.
  12. Communication regarding these rights should be directed to the Administrator’s address provided in the email granting access to the Content.

IV. TRANSMITTING AND SECURITY OF DATA

  1. Personal data may be shared with third parties, including banks, payment processors, accounting firms, law firms, transport companies, marketing companies, and entities related to the Administrator.
  2. Personal data of Users is not transmitted outside the European Economic Area (EEA).
  3. The Administrator continuously assesses risk to ensure Personal data is processed securely, restricting access to authorized personnel only as needed for their duties. All data operations are recorded and conducted by authorized personnel.
  4. The Administrator ensures that subcontractors and other associated entities apply appropriate security measures when processing Personal data.

FINAL PROVISIONS

  1. The Administrator reserves the right to amend this Privacy Policy at any time.
  2. Unless binding legal provisions state otherwise, this Privacy Policy is governed by the laws of the Administrator’s jurisdiction.