>

PRIVACY AND COOKIE POLICY

Using the website www.gadoland.pl and the online store under the name GADOLAND SHOP means accepting the following terms of the Privacy Policy and Cookies Policy.

As a User, read its provisions. The following table of contents will help you with this. In it, I inform you how I care for Users' data, how I process it, to whom I entrust it and many other important issues related to personal data.

CONTENTS:

WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA? 4

IS THE PROVISION OF DATA VOLUNTARY? WHAT IS THE CONSEQUENCE OF FAILURE TO PROVIDE THEM? 5

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA PROVIDED AS PART OF THE USE OF THE WEBSITE? 5

WHAT ARE THE USER'S RIGHTS? 11

CAN THE USER WITHDRAW THE EXPRESSED CONSENT? 13

DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES? 13

HOW LONG DO WE KEEP YOUR DATA? 14

LINKS REFERRING TO OTHER PAGES 16

ACTIVITIES IN SOCIAL MEDIA - FACEBOOK 16

ACTIVITIES IN SOCIAL MEDIA - INSTAGRAM 17

ACTIVITIES IN SOCIAL MEDIA - YOUTUBE 20

  DATA SECURITY 22

WHO MAY BE THE RECIPIENTS OF PERSONAL DATA? 22

HAVE WE APPOINTED A DATA PROTECTION INSPECTOR? 24

DO WE PROFILE USER DATA? 24

 
§1 GENERAL PROVISIONS

This Privacy Policy and Cookie Policy define the rules for the processing and protection of personal data provided by Users and Cookies, as well as other technologies appearing on the website www. gadoland.pl and in the online store under the name www.gadoland.pl/shop/

Administratorem strony i danych osobowych przekazywanych w jej ramach jest Krokodyl & Spółka Mariusz Zastawny, Rumia, 84-230, ul. Kolejowej 44/2, NIP: 588-212-09-89.

Mariusz Zastawny prowadzący działalność gospodarczą pod firmą  Krokodyl & Spółka Mariusz Zastawny Rumia, 84-230, ul. Kolejowa 44/2, NIP: 588-212-09-89

I care about the security of personal data and the privacy of the Website User. I'm glad you visited my site.

In case of any doubts regarding the provisions of this Privacy Policy and Cookies Policy, please contact the Administrator via the e-mail address: gadolandshop@gmail.com

The Administrator reserves the right to make changes to the privacy policy, and each User of the website is obliged to know the current privacy policy. The reason for the changes may be: the development of Internet technology, changes in generally applicable law or the development of the Website through, for example, the use of new tools by the Administrator. At the bottom of the page is the date of publication of the current Privacy Policy. 

§2 DEFINITIONS

Administrator – Krokodyl & Spółka Mariusz Zastawny Rumia, 84-230, ul. Kolejowa 44/2, NIP: 588-212-09-89

User - any entity staying on the website and using it.

Website and Online Store - website, blog and located at www.gadoland.pl and www.gadoland.pl/shop.

User Account or Account - a User account set up on the Internet platform of the Online Store, enabling access to purchased trainings and products in accordance with the Regulations of the Store, which the User is obliged to accept when registering the Account.

Training Platform– a platform through which the Administrator provides the Customer with Digital Content, Digital Services or provides Services.

Form or Forms - places on the Website that allow the User to enter personal data for the purposes indicated therein, e.g. to send a newsletter, to place an order, to contact the User.

Regulations - regulations available on the Store's website, which specify the rules related to the subscription to the Newsletter and the implementation of the Newsletter Service.

Newsletter - means a free service provided electronically, a digital service, by the Administrator to the User by sending e-mails through which the Administrator informs about events, services, products and other elements important from the point of view of the Administrator and / or in order to implement the Administrator's legitimate purpose, which is direct marketing, including sending marketing and commercial content with the User's consent. Detailed information on sending the Newsletter can be found in the further part of this privacy policy and in the Newsletter Regulations.

GDPR - means the Regulation of the European Parliament and of the Council EU 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ EC (General Data Protection Regulation).

Act on the protection of personal data - the Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000, as amended).

Act on the provision of electronic services - the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2020, item 344, as amended).

The Telecommunications Law Act - the Telecommunications Law Act of July 16, 2004 (Journal of Laws of 2021, item 576, as amended).

§3 PERSONAL DATA AND PRINCIPLES OF THEIR PROCESSING
WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?
 

The administrator of the User's personal data is Krokodyl & Spółka Mariusz Zastawny, Rumia, 84-230, ul. Kolejowa 44/2, NIP: 588-212-09-89.

The Administrator co-administers with the providers of social media platforms, e.g. Facebook, TikTok, etc. indicated in this document in the scope of data of persons using social media and following the Administrator's profile on a given social media platform and interacting with the Administrator. The rules of co-administration are indicated below for each social media platform on which the Administrator has a profile.

IS THE PROVISION OF DATA VOLUNTARY? WHAT IS THE CONSEQUENCE OF FAILURE TO PROVIDE THEM?

Providing data is voluntary, however, failure to provide certain information, as a rule marked on the Administrator's websites as mandatory, will result in the inability to perform a given service and achieve a specific goal or take certain actions.

Providing by the User data that is not mandatory or excess data that the Administrator does not need to process takes place on the basis of the User's own decision and then the processing takes place on the basis of the premise contained in art. 6 sec. 1 lit. a GDPR (consent). The User consents to the processing of such data and to the anonymization of data that the Administrator does not require and does not want to process, and yet the User has provided them to the Administrator.

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA PROVIDED AS PART OF THE USE OF THE WEBSITE?

The User's personal data on the Administrator's Website may be processed in the following ways

Lp.

Purpose of data processing

Legal basis for processing

processing time

1.   

performance of a service or performance of a concluded contract, sending an offer (e.g. advertising) at the User's request

article 6 sec. 1 lit. b GDPR (necessity to conclude and/or perform a contract or to take action on request)

the data is processed for the duration of the contract / time necessary to send the offer and the User's response, and then the time until the expiry of the limitation period for claims

2 years or 6 years from the performance of the contract, depending on whether the User is an entrepreneur

2.   

issuance of an invoice, bill and fulfillment of other obligations under the tax law in the case of orders in the Online Store or other products and services

article 6 sec. 1 lit. c GDPR (obligation resulting from legal regulations)

data is processed for 5 years from the end of the tax year in which the tax event occurred

3.   

granting a discount or informing about promotions and interesting offers of the Administrator or entities recommended by him, including sending a newsletter

article 6 sec. 1 lit. a GDPR (consent)

data is processed until the consent is withdrawn, then for a period of 2 years in the case of persons who have withdrawn their consent or after a period of 6 months of inactivity of the recipient

4.   

storage of unpaid orders

article 6 sec. 1 lit. f) GDPR (legitimate interest of the administrator)

the data is processed until it becomes useless

14 days from placing the order

5.   

consideration of complaints or claims related to the contract

article 6 sec. 1 lit. b GDPR (necessity to conclude and/or perform the contract) and pursuant to art. 6 sec. 1 lit. c GDPR (obligation resulting from legal regulations)

the data is processed for the duration of the procedure or claim

1 year from the expiry of the claim execution deadline or 5 years from the end of the tax year in the case of data stored under tax regulations

6.   

determination, investigation or defense against claims

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until the basis for processing ceases to exist

2 years or 6 years from the performance of the contract, depending on whether the User is an entrepreneur

7.   

telephone contact in matters related to the implementation of the service, contract

article 6 sec. 1 lit. b GDPR (necessity to conclude and/or perform the contract)

the data is processed for the duration of the contract / time necessary to send the offer and the User's response, and then the time until the expiry of the limitation period for claims

2 years or 6 years from the performance of the contract, depending on whether the User is an entrepreneur

8.   

telephone contact in order to present the offer and direct marketing

article 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn

9.   

creating registers related to the GDPR and other regulations

article 6 sec. 1 lit. c GDPR (obligation resulting from legal provisions) and art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until the basis for processing ceases to exist or until it becomes useless for the administrator

10.    

archiving for the purpose of securing information that can be used to prove facts

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed to raise an objection or to lose its usefulness for the administrator

2 years or 6 years from the performance of the contract, depending on whether the User is an entrepreneur

11.    

analytical purpose, including the analysis of data collected automatically when using the website, including cookies, e.g. Google Analytics cookies or Meta Pixel

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until the cookies are deleted from the browser by the User

12.    

the use of cookies on the Website and its subpages

article 6 sec. 1 lit. a GDPR (consent)

the data is processed until the cookies are deleted from the browser by the User

13.    

managing the Website and the Administrator's websites on other platforms

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until an objection is raised or the data becomes useless for the administrator

14.    

survey of satisfaction with the services offered

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until an objection is raised or the data becomes useless for the administrator

15.    

posting by the User opinions about the services provided by the Administrator

article 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or it is no longer useful to the administrator, unless the consent is withdrawn earlier

16.    

internal administrative purposes of the Administrator related to managing contact with the User

6 ust. 1 lit. f RODO (prawnie uzasadniony interes administratora)

the data is processed until the basis for processing ceases to exist

2 years or 6 years from the performance of the contract, depending on whether the User is an entrepreneur

17.    

adjusting the content displayed on the Administrator's websites to individual needs and continuous improvement of the quality of the services offered

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until an objection is raised or the data becomes useless for the administrator

18.    

direct marketing to the User of products or Services or recommended third parties

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator)

the data is processed until an objection is raised or the data becomes useless for the administrator

19.    

Facebook fanpage support and interaction with users

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator) and art. 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

20.    

maintaining the profile on the Instagram platform and interacting with users

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator) and art. 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

21.    

servicing the profile on the YouTube platform and interacting with users

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator) and art. 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

22.    

maintaining a profile on the TikTok platform and interacting with users

article 6 sec. 1 lit. f GDPR (legitimate interest of the administrator) and art. 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

23.    

targeting advertising in social media and on websites, the type of ads created using the Facebook Ads Manager, and targeting remarketing

article 6 sec. 1 lit. a GDPR (consent) and pursuant to Art. 6 sec. 1 lit. f of the GDPR (legitimate interest of the administrator) consisting in the promotion and advertising of the Administrator's services through remarketing directed to people subscribed to the mailing or visiting a given website)

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

24.    

contact with the Administrator via chatbot

article 6 sec. 1 lit. a GDPR (consent) or Art. 6 sec. 1 lit. b GDPR (consent) the data is processed in order to answer the website user's question

the data is processed until the consent is withdrawn or an objection is raised or the data becomes useless for the administrator

25.    

posting comments by the User

article 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or it is no longer useful to the administrator

26.    

posting an opinion by the User

article 6 sec. 1 lit. a GDPR (consent)

the data is processed until the consent is withdrawn or it is no longer useful to the administrator

27.    

conducting recruitment

for the purpose and for the time necessary to take steps necessary before concluding the contract - art. 6 sec. 1 lit. b of the GDPR, and up to 6 months after the end of recruitment, and in the case of data provided voluntarily by the candidate or redundant data - pursuant to art. 6 sec. 1 lit. a GDPR (consent), and art. 9 sec. 2 lit. a GDPR (consent) - in the case of sensitive data provided by the candidate,

for the purposes of future recruitment - based on the consent given pursuant to art. 6 sec. 1 lit. and GDPR,

for the purpose and for the period necessary to implement the legitimate interests pursued by the Administrator, e.g. pursuing claims and defending against claims, marketing own products and services (to the extent that processing is necessary for this purpose) - pursuant to art. 6 sec. 1 lit. f GDPR.

Until the conclusion of the contract or withdrawal of consent.

No longer than 6 months from the end of recruitment.

For a maximum period of 1 year (this period is counted from the end of the year in which the data was obtained)

Until an objection is filed.

Providing by the User data that is not mandatory or excess data that the Administrator does not need to process takes place on the basis of the User's own decision and then the processing takes place on the basis of the premise contained in art. 6 sec. 1 lit. a GDPR (consent). The User consents to the processing of such data and to the anonymization of data that the Administrator does not require and does not want to process, and yet the User has provided them to the Administrator.

WHAT ARE THE USER'S RIGHTS?

The user is entitled at any time to the rights contained in art. 15-21 GDPR, i.e.:

  • the right to access the content of his data,
  • the right to transfer data,
  • the right to correct data, 
  • the right to rectify data,
  • the right to delete data if there are no grounds for their processing,
  • the right to limit processing, if it occurred incorrectly or without legal basis,
  • the right to object to data processing based on the legitimate interest of the administrator,
  • the right to lodge a complaint with the supervisory body - the President of the Office for Personal Data Protection (on the terms set out in the Personal Data Protection Act), if he considers that the processing of his data is inconsistent with the currently applicable data protection law.
  • the right to be forgotten, if further processing is not provided for by the currently applicable law.

The Administrator points out that these rights are not absolute and do not apply to all activities of processing the User's personal data. This applies, for example, to the right to obtain a copy of the data. This right may not adversely affect the rights and freedoms of other persons, such as copyrights, professional secrecy. In order to learn about the restrictions on the User's rights, we refer to the content of the GDPR. 

However, the user always has the right to lodge a complaint with the supervisory authority.

In order to exercise their rights, the User may contact the Administrator via the e-mail address: or by post to the address of the Administrator's place of business, if it has been provided in this privacy policy, indicating the scope of his requests. The response will be provided no later than 30 days from the date of receipt of the request and its justification, unless it is justified to extend this period in accordance with the GDPR.

CAN THE USER WITHDRAW THE EXPRESSED CONSENT?

 If the User has consented to a specific action, such consent may be withdrawn at any time, which will result in the removal of the e-mail address from the Administrator's mailing list and the cessation of the indicated actions (in the case of recording based on consent). Withdrawal of consent does not affect the processing of data which was made on the basis of consent before its withdrawal.

In some cases, the data may not be completely deleted and will be retained in order to defend against possible claims for a period in accordance with the provisions of the Civil Code or, for example, in order to fulfill legal obligations imposed on the Administrator.

Each time, the Administrator will refer to the User's request, duly justifying further actions resulting from legal obligations.

DO WE TRANSFER YOUR DATA TO THIRD COUNTRIES?

The User's data may be transferred outside the European Union - to third countries. 

Due to the fact that the Administrator uses external providers of various services, e.g. Meta Platforms Ireland Limited (etc., User data may be transferred to the United States of America (USA) in connection with their storage on American servers (in whole or in part). Google and Facebook use compliance mechanisms provided for by the GDPR (e.g. certificates) or standard contractual clauses in relation to their services. They will be transferred only to recipients who guarantee the highest protection and data security, including through:  

  1. cooperation with entities processing personal data in countries for which a relevant decision of the European Commission has been issued,
  2. the use of standard contractual clauses issued by the European Commission (as is the case, for example, with Google),
  3. application of binding corporate rules approved by the competent supervisory authority,

or those for which the User has consented to the transfer of personal data.

Detailed information is available in the content of the privacy policy of each of the providers of these services, available on their websites. For example:

Google Ireland Limited: https://policies.google.com/privacy?hl=pl

Meta Platforms Ireland Limited: https://www.facebook.com/privacy/explanation

UAB MailerLite: https://www.mailerlite.com/legal/privacy-policy

Currently, the services offered by Google Ireland Limited and Meta Platforms Ireland Limited are provided mainly by entities located in the European Union. However, you should always read the privacy policy of these providers in order to receive up-to-date information on the protection of personal data. MailerLite may store some data in the United States or use service providers from this country, however, data is mainly processed in the European Union.

HOW LONG DO WE KEEP YOUR DATA?

The User's data will be stored by the Administrator for the duration of the implementation of individual services / achievement of the goals indicated in the table above, and:

  1. for the period of service and cooperation, as well as for the period of limitation of claims in accordance with the law - in relation to data provided by contractors and customers or Users,
  2. for the period of talks and negotiations preceding the conclusion of the contract or performance of the service - in relation to the data provided in the inquiry,
  3. for the period required by law, including tax law - in relation to personal data related to the fulfillment of obligations arising from applicable regulations,
  4. until an effective objection is filed pursuant to Art. 21 of the GDPR - in relation to personal data processed on the basis of the legitimate interest of the administrator, including for direct marketing purposes,
  5. until the consent is withdrawn or the purpose of processing, business purpose is achieved - in relation to personal data processed on the basis of consent. After withdrawing the consent, the data may still be processed in order to defend against any claims in accordance with the limitation period for these claims or the period (shorter) indicated to the User,
  6. until it becomes outdated or loses its usefulness - in relation to personal data processed mainly for analytical and statistical purposes, the use of cookies and the administration of the Administrator's Websites,
  7. Data storage periods indicated in years are counted at the end of each year in which the data processing began. This is to improve the data processing and management process.

Detailed periods of personal data processing regarding individual processing activities can be found in the register of the Administrator's processing activities.

LINKS TO OTHER SITES

The Website may contain links to other websites. They will open in a new browser window or in the same window. The administrator is not responsible for the content provided by these websites. The user is obliged to read the privacy policy or regulations of these websites.

ACTIVITIES IN SOCIAL MEDIA - FACEBOOK

The administrator administers the User's data on the fanpage under the name Gadoland Reda

The User's personal data provided on the Fanpage will be processed in order to administer and manage the Fanpage, communicate with the User, interact, direct marketing content to the User and create the Fanpage community.

The basis for their processing is the User's consent and the legitimate interest of the administrator consisting in interacting with Users and Fanpage Followers. The User voluntarily decides to like/follow the Fanpage.

The rules governing the Fanpage are set by the Administrator, however, the rules of staying on the Facebook social network result from the Facebook regulations.

At any time, the User may unfollow the Fanpage. However, the Administrator will then not display to the User any content from the Administrator and related to the Fanpage.

The Administrator sees the User's personal data, such as e.g. name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by the Facebook social network and under the conditions contained in its regulations.

The User's personal data will be processed for the period of running/existence of the Fanpage on the basis of consent expressed by liking/clicking "Follow" the Fanpage or interacting, e.g. or defense against claims.

The User's personal data may be made available to other data recipients, such as Facebook, cooperating advertising agencies or other subcontractors servicing the Administrator's Fanpage, IT service, virtual assistant, if there is contact outside Facebook.

Other User rights are described in this Privacy Policy.

User data may be transferred to third countries in accordance with Facebook's regulations.

These data may also be profiled, which helps in better personalizing the advertising offer addressed to the User. However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

Facebook privacy policy:

https://www.facebook.com/privacy/explanation.

ACTIVITIES IN SOCIAL MEDIA - INSTAGRAM

The administrator administers the User's data on the profile page under the name gadoland_reda available at the URL: www.instagram.com/gadoland_reda/ on Instagram (hereinafter referred to as Profile).

The User's personal data provided on the Profile will be processed for the purpose of administering and managing the Profile, communicating with the User, interacting, directing marketing content to the User and creating the Profile community.

The basis for their processing is the User's consent and the legitimate interest of the administrator consisting in interacting with Users and Profile Followers. The User voluntarily decides to like/follow the Profile.

The rules governing the Profile are set by the Administrator, however, the rules of staying on the Instagram social network result from the Instagram regulations.

At any time, the User may stop following the Profile. However, the Administrator will then not display to the User any content from the Administrator and related to the Profile.

The Administrator sees the User's personal data, such as e.g. name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by the Instagram social network and under the conditions contained in its regulations.

The User's personal data will be processed for the period of maintaining/existence of the Profile on the basis of consent expressed by liking/clicking "Follow" the Profile or interacting, e.g. leaving a comment, sending a message and in order to pursue the Administrator's legitimate interests, i.e. marketing of own products or services or defense against claims.

The User's personal data may be made available to other data recipients, such as cooperating advertising agencies or other subcontractors servicing the Administrator's Profile, IT service, virtual assistant, if there is contact outside of Instagram.

Other User rights are described in this Privacy Policy.

User data may be transferred to third countries in accordance with the Instagram regulations.

These data may also be profiled, which helps in better personalizing the advertising offer addressed to the User. However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

Instagram privacy policy:

https://help.instagram.com/519522125107875

ACTIVITIES IN SOCIAL MEDIA - TIK TOK

The administrator administers the User's data on the profile page under the name gadoland_reda available at the URL: www.tiktok.com/@gadoland_reda/ on TikTok (hereinafter referred to as Profile).

The User's personal data provided on the Profile on the Tik Tok website will be processed for the purpose of administering and managing the account, communicating with the User, interacting, directing marketing content to the User and creating the Profile community.

The basis for their processing is the User's consent and the legitimate interest of the administrator consisting in interacting with Users and Profile Followers on the Tik Tok website. The User voluntarily decides to like the content/follow the Profile.

The rules governing the Profile on the Tik Tok website are set by the Administrator, however, the rules of staying on the Tik Tok social network result from the regulations of Tik Tok.

At any time, the User may stop following the Profile on the Tik Tok website belonging to the Administrator. However, the Administrator will then not display to the User any content from the Administrator and related to the Profile.

The Administrator sees the User's personal data, such as e.g. name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by the Tik Tok social network and under the conditions contained in its regulations.

Tik Tok and the Administrator have the status of Co-Administrators in the scope of activities related to the implementation of common economic goals as part of the processing of personal data, e.g. as part of using the Tik Tok portal plug-in on the Website, processing data of persons visiting the Profile.

The User's personal data will be processed for the period of maintaining/existence of the Tik Tok account on the basis of consent expressed by liking the content / clicking "Follow" or interacting, e.g. leaving a comment, sending a message and in order to implement the Administrator's legitimate interests, i.e. marketing of own products or services, or to defend against claims.

The User's personal data may be made available to other data recipients, such as the Tik Tok portal, cooperating advertising agencies or other subcontractors servicing the Administrator's Tik Tok account, IT service, virtual assistants, if there is contact outside the Tik Tok portal.

Other User rights are described in this privacy policy.

User data may be transferred to third countries in accordance with the regulations of Tik Tok, located outside the European Economic Area. The Tik Tok portal uses compliance mechanisms in the form of standard contractual clauses adopted by the European Commission.

As part of using the Tik Tok portal, the data will not be profiled and will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

The administrator recommends that you read the privacy policy of the Tik Tok portal:

https://www.tiktok.com/legal/privacy-policy?lang=pl.

ACTIVITIES IN SOCIAL MEDIA - YOUTUBE

The administrator administers the User's data on the profile page under the name GADOLAND available at the URL: www.youtube.com/@GADOLAND on You Tube (hereinafter referred to as Profile).

The User's personal data provided on the Profile will be processed for the purpose of administering and managing the Profile, communicating with the User, interacting, directing marketing content to the User and creating the Profile community.

The basis for their processing is the User's consent and the legitimate interest of the administrator consisting in interacting with Users and Profile Followers. The User voluntarily decides to like/follow the Profile.

The rules governing the Profile are set by the Administrator, however, the rules of staying on the You Tube portal result from the You Tube (Google) regulations.

At any time, the User may stop following the Profile. However, the Administrator will then not display to the User any content from the Administrator and related to the Profile.

The Administrator sees the User's personal data, such as e.g. name, surname or general information that the User places on their profiles as public. The processing of other personal data is carried out by You Tube and under the conditions contained in its regulations.

The User's personal data will be processed for the period of maintaining/existence of the Profile on the basis of consent expressed by liking/clicking "Follow" the Profile or interacting, e.g. leaving a comment, sending a message and in order to pursue the Administrator's legitimate interests, i.e. marketing of own products or services or defense against claims.

The User's personal data may be made available to other data recipients, such as YouTube, cooperating advertising agencies or other subcontractors servicing the Administrator's Profile, IT service, virtual assistant, if there is contact outside of YouTube.

Other User rights are described in this Privacy Policy.

User data may be transferred to third countries in accordance with the You Tube (Google) regulations.

These data may also be profiled, which helps in better personalizing the advertising offer addressed to the User. However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the rights and freedoms of the User).

You Tube privacy policy:

https://www.youtube.com/intl/ALL_pl/howyoutubeworks/user-settings/privacy/

DATA SAFETY

The User's personal data is stored and protected with due diligence, in accordance with the implemented internal procedures of the Administrator. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of generally applicable law, in particular the provisions on the protection of personal data. These measures are primarily intended to protect Users' personal data against access by unauthorized persons.

In particular, only authorized persons who are obliged to keep this data secret or entities entrusted with the processing of personal data on the basis of a separate data entrustment agreement have access to Users' personal data.

At the same time, the User should exercise due diligence in securing their personal data transmitted over the Internet, in particular not to disclose their login details to third parties, use anti-virus protection and update the software.

WHO MAY BE THE RECIPIENTS OF PERSONAL DATA?

The administrator informs that he uses the services of external entities. The entities entrusted with the processing of personal data (such as e.g. courier companies, intermediaries in electronic payments, companies offering accounting services, companies enabling the sending of newsletters) guarantee the use of appropriate personal data protection and security measures required by law, in particular by the GDPR.

The Administrator informs the User that he entrusts the processing of personal data to i.a. the following entities:

1.      Mail operator - in order to send the newsletter and use the mailing system

2.      Server operator - to store personal data on the server,

3.      Accounting office - in order to issue accounting documents,

4.      An external company dealing with electronic payments - to operate the payment system and electronic transactions,

5.      Business owners - to manage the company,

6. To business owners - in order to use Google services, including e-mail,

7.      Virtual Assistant - the purpose of servicing the domain and mail server,

8.      IT specialists - for IT support or Website management from the IT side,

     9. Other contractors or subcontractors involved in technical and administrative support, or to provide legal assistance to the Administrator and its clients, e.g. accounting, IT, graphic, copywriting assistance, debt collection companies, lawyers, etc.

Personal data may also be made available to other recipients, e.g. offices, e.g. the tax office - in order to fulfill legal and tax obligations related to settlements and accounting.

Entities that process personal data, such as the Administrator, ensure compliance with European standards in the field of personal data protection, including standards set by legal acts and decisions of the European Commission, and apply compliance mechanisms also when transferring data outside the EEA, e.g. in the form of standard contractual clauses adopted by the European Commission, decision 2021/915 of June 4, 2021 on standard contractual clauses between controllers and processors pursuant to art. 28 sec. 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council and art. 29 sec. 7 of Regulation (EU) 2018/1725 of the European Parliament and of the Council https://eur-lex.europa.eu/legal-content/PL/TXT/PDF/?uri=CELEX:32021D0915&from=PL.

HAVE WE APPOINTED A DATA PROTECTION INSPECTOR?

The Personal Data Administrator hereby informs that the Inspector for Personal Data Protection (IODO) and independently performs the duties related to the processing of personal data.

The User acknowledges that his personal data may be transferred to authorized state authorities in connection with their proceedings, at their request and after meeting the conditions confirming the necessity to obtain such data from the Administrator.

DO WE PROFILE USER DATA?

The User's personal data will not be used for automated decision-making affecting the rights and obligations or freedoms of the User within the meaning of the GDPR.

As part of the website and tracking technologies, the User's data can be profiled, which helps in better personalizing the company's offer, which the Administrator directs to the User (mainly through the so-called behavioral advertising). However, this should not have any effect on the legal situation of the User, in particular on the terms of the contracts concluded by him or the contracts he intends to conclude. It can only help to better match the content and targeted ads to the User's interests. The information used is anonymous and is not associated with personal data provided by the User, e.g. in the purchase process. They result from statistical data, e.g. gender, age, interests, approximate location, behavior on the Website.

Each User has the right to object to profiling if it would have a negative impact on the User's rights and obligations.

If you want to learn more about behavioral advertising, click here: https://www.youronlinechoices.com/ pl/about-behavioral-advertising

§4 FORMS

The administrator uses the following types

  1. Newsletter subscription form - requires entering your name and e-mail address in the appropriate place. These fields are mandatory. Then, in order to add his e-mail address to the Administrator's subscriber database, the User must confirm the willingness to subscribe. The data obtained in this way is added to the mailing list in order to send the newsletter.

Subscription/subscription means that the User agrees with this Privacy Policy and agrees to be sent marketing and commercial information via electronic means of communication, e.g. e-mail, within the meaning of the Act of 18 July 2002 on the provision of electronic services (Journal U. No. 144, item 1204 as amended).

By subscribing to the newsletter, the User also consents to the Administrator's use of the User's telecommunications terminal equipment (e.g. telephone, tablet, computer) for the purpose of direct marketing of the Administrator's products and services and to present commercial information to the User in accordance with art. 172 section 1 of the Telecommunications Law (Journal of Laws of 2014, item 243, as amended)

The above consents are voluntary, however, necessary to send the newsletter, including e.g. to inform about services, new blog entries, products, promotions and discounts offered by the Administrator or third party products recommended by him. Consents may be withdrawn at any time, which will stop sending the newsletter in accordance with the rules contained in this privacy policy.

The newsletter is sent for an indefinite period, from the moment of activation until the consent is withdrawn. After withdrawing the consent, the User's data may be stored in the newsletter database for up to 3 years, in order to prove the fact that the User has given consent to communicate via the newsletter, the User's actions (emails openness) and the time of its withdrawal, as well as any related to including claims, which is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).

The sending of the newsletter may be discontinued if the User has not been active for a minimum of 6 months from the start of the newsletter service or from reading the last e-mail (sent newsletter). In this case, the Administrator will remove the User's data from the system for sending the newsletter (supplier). The User will not be entitled to receive any message from the Administrator, unless he decides to subscribe again in the Newsletter subscription form or contacts the Administrator in another way selected for this purpose.

The mailing system used to send the newsletter records all activity and actions taken by the User related to the e-mails sent to him (date and time of opening the message, clicking on links, the moment of unsubscribing, etc.).

The administrator may also conduct remarketing pursuant to art. 6 sec. 1 lit. f of the GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services addressed to persons subscribed to the newsletter, in such a way that the subscribers' e-mail addresses are uploaded to the marketing tool offered by Meta Platforms Ireland Limited, the so-called advertising manager, and then an advertisement created by the Administrator or authorized persons is sent to them through the Administrator's advertising account, provided that the newsletter subscribers are also users of the Facebook platform (they have an account there). Each time these data are deleted after the end of the advertising campaign. advertising campaign, an updated subscriber base is uploaded to the tool). Accurate information about the groups of non-standard recipients, the principles of data hashing and data processing can be found in the privacy policy of Facebook under this link: https://www.facebook.com/legal/terms/customaudience# and https://www.facebook .com/legal/terms/dataprocessing, and the Administrator recommends that each User and subscriber read these rules.

  1. Contact form - allows you to send a message to the Administrator and contact him by e-mail. Personal data in the form of name, surname, e-mail address and data provided in the content of the message are processed by the Administrator in accordance with this Privacy Policy in order to contact the User.

After the end of contact with you, the data may be archived, which is the legitimate interest of the Administrator. The administrator is not able to determine the exact period of archiving and thus deletion of messages. However, the maximum period will not be longer than the limitation periods for claims under the law.

  1. Order form in the Store - When placing an order in the Administrator's online store, you must provide specific data in accordance with the rules contained in the sales regulations in order to complete the order, fulfill the legal obligations imposed on the Administrator, settlements, consideration of claims, for statistical and archival, as well as for direct marketing in relation to customers, which is the legitimate interest of the Administrator.

The administrator stores data for the duration of the order or service, and after its performance for the period necessary to protect against claims. In addition, for the time indicated by law, e.g. tax law (including the period of storing invoices).

  1. Form complaints and withdrawal from the contract in the online store - If you use the Administrator's services or products, you can submit a complaint or withdraw from the concluded contract. For this purpose, the Administrator enables you to fill in the complaint form and the contract withdrawal form attached to the sales regulations. You can also do these activities without filling out the form, however, providing the necessary data.

The data required in this case are: name, surname or possibly username, address of residence or address of the company's registered office (if the order was made on behalf of the company), e-mail address, telephone number (if applicable), bank account number (if a refund is required). ).

Providing data is voluntary, but necessary to consider the complaint in accordance with the law and the sales regulations. The data will be stored in order to carry out the complaint procedure / withdraw from the contract and for archival purposes and defense against claims.

  1. Registration form for setting up a User account in the online store - the User has the option of setting up an account in the online store and for this purpose he should register appropriately and provide the following data: name, surname, e-mail address, address of residence, company address, tax identification number, and then password.

Setting up an account takes place on the terms set out in the sales regulations and is a service provided electronically. The rules for maintaining an account and its possible deletion are included in the regulations.

Data marked as such is mandatory and without it it will not be possible to set up a user account. Providing other data is voluntary.

The Administrator may entrust the processing of personal data to third parties without the User's separate consent (based on the entrustment agreement). Data obtained from the forms may not be transferred to third parties.

 If the User uses the services of external providers, such as Google or Disquis, he should read their privacy policy, available from the providers of these services, on their websites.

§5 DISCLAIMER AND COPYRIGHT
  1. The content presented on the Website does not constitute specialist (e.g. educational) advice or guidance and does not refer to a specific factual situation. If the User wants to get help in a specific matter, he should contact the person authorized to provide such advice or the Administrator using the contact details provided. The Administrator is not responsible for the use of the content contained on the Website or actions or omissions taken on their basis.
  2. All content posted on the Website is subject to the copyright of certain persons and/or the Administrator (e.g. photos, texts, other materials, etc.). The Administrator does not agree to copying this content in whole or in part without his express prior consent.
  3. The Administrator hereby informs the User that any dissemination of content made available by the Administrator constitutes a violation of the law and may give rise to civil or criminal liability. The Administrator may also demand appropriate compensation for material or intangible losses in accordance with applicable regulations.
  4. The administrator is not responsible for the use of materials available on the website in a way that is unlawful.
  5. The content posted on the Website is valid as of the date of its posting, unless otherwise indicated.
 
§6 TECHNOLOGIES

In order to use the Administrator's website, it is necessary to have:

  1. Devices with Internet access,
  2. An active electronic box that receives e-mails,
  3. A web browser that allows you to view websites,
  4. Software that allows you to read content in the presented formats, e.g. pdf, video, mp3, mp4.
 
§7 COOKIES POLICY
  1. Like most websites, the Administrator's Website uses the so-called cookies. tracking technologies, i.e. cookies ("cookies"), which allows improving the Website in terms of the needs of users visiting it.
  2. The website does not automatically collect any information, except for information contained in cookie files.
  3. Cookie files (so-called "cookies") are IT data, small text files that are stored on the end device, e.g. computer, tablet, smartphone, when you use the Website.
  4. These may be own cookies (originating directly from the Website) and third party cookies (originating from websites other than the Website).
  5. Cookies allow the content of my website to be adapted to the individual needs of the User and the needs of other users visiting it. They also enable the creation of statistics that show how users of the Website use it and how they move around it. This allows me to improve my website, its content, structure and appearance.
  6. The Administrator uses the following third-party cookies as part of the Website:

a. Facebook conversion pixel and ads created via Facebook Facebook Ads (Facebook Custom Audiences) - to manage Facebook ads and conduct remarketing activities, which is the legitimate interest of the Administrator. The Administrator may also direct advertising content to the User via Facebook as part of contact advertising.

The Facebook Pixel is provided by Meta Platforms Ireland Limited. and its related companies. This is an analytical tool that helps measure the effectiveness of advertisements, shows what actions are taken by Website Users and helps to reach a specific group of people (Facebook Ads, Facebook Insights). The Administrator may also direct advertising content to the User via Facebook as part of contact advertising.  

The administrator may also conduct remarketing pursuant to art. 6 sec. 1 lit. f GDPR (legitimate interest of the administrator, consisting in the promotion and advertising of services addressed to people who have consented to the sending of offers (or people similar to them or to users who liked the Fanpage) in such a way that the provided e-mail addresses are uploaded to the marketing tool offered by Meta Platforms Ireland Limited, the so-called advertising manager, and then an advertisement created by the Administrator or authorized persons is directed to them through the Administrator's advertising account, provided that these persons are also users of the Facebook platform (they have an account there Each time these data are deleted after the end of the advertising campaign. In the case of the implementation of another advertising campaign, the updated contact database is uploaded to the tool). Accurate information about the groups of non-standard recipients, the principles of data hashing and data processing can be found in the privacy policy of Facebook at this link https://www.facebook.com/legal/terms/customaudience# and https://www.facebook.com/legal/ terms/dataprocessing, and the Administrator recommends that each User read these rules. 

The information collected as part of the use of the Facebook Pixel is anonymous and does not allow for identification of the User. They show general data about users: location, age, gender, interests. The Facebook provider may combine this information with the information that the User provides to him as part of his Facebook account, and then use it in accordance with his own assumptions and purposes. 

The Administrator recommends that you familiarize yourself with the details related to the use of the Meta Pixel (Facebook) tool and, if necessary, ask questions to the provider of this tool, as well as manage your privacy settings on Facebook. More information can be found under the link: https://www.facebook.com/privacy/explanation and https://www.facebook.com/business/help /742478679120153?id=1205376682832142&_ga=2.140230195.1899084027.1676390445-251481724.1675757116. You can opt out of cookies responsible for displaying remarketing ads at any time, e.g. at https://www.facebook.com/help/1075880512458213/.

By using the website, the user agrees to the installation of the indicated cookie on his end device. 

  1. TikTok Piksel - in order to manage advertisements on TikTok and conduct remarketing activities, which is the legitimate interest of the Administrator.

You can find more about the Tik Tok analytical tool and the principles of data processing within it here: https://ads.tiktok.com/help/article/tiktok-pixel?redirected=1&_ga=2.99858206.1899084027.1676390445-251481724.1675757116.

This tool helps to reach new recipients by directing advertising to them, in particular to those who have already visited the Website. If the User uses the TikTok platform, this data may be associated with data collected by TikTok as part of the TikTok social platform. However, they are anonymous within the Website and are only used to collect statistical and analytical data, as well as to direct advertising to generally defined recipients.

You can read more about the privacy policy on TikTok here: https://www.tiktok.com/legal/page/eea/new-privacy-policy/en-PL?_ga=2.98704798.1899084027.1676390445-251481724.1675757116.

  1. Built-in Google Analytics code - to analyze Website statistics. Google Analytics uses its own cookies to analyze the actions and behavior of Website Users. These files are used to store information, e.g. from which page the User came to the current website. Help to improve the Website.

This tool is used under an agreement with Google Ireland Limited and is provided by Google LLC. Actions taken as part of the use of the Google Analytics code are based on the Administrator's legitimate interest in creating and using statistics, which then allows improving the Administrator's services and optimizing the Website.

As part of using the Google Analytics tool, the Administrator does not process any User's data enabling his identification.

The administrator recommends that you familiarize yourself with the details related to the use of the Google Analytics tool, the possibility of disabling the tracking code, and possibly asking questions to the provider of this tool under the link: https://support.google.com/analytics#topic=3544906 or read the privacy policy at the link: https://policies.google.com/privacy?hl=en&_ga=2.64139695.1899084027.1676390445 -251481724.1675757116.

  1. Web push notifications from the browser level - in order to better communicate with the User and provide him with valuable content or offers faster, the Administrator allows consent to receive web push notifications from the User's browser level.

In order to agree to receive web push notifications, the User should select the "display notifications" or other equivalent option in the message sent by his web browser (each browser may call this option differently).

Consent to receive the above notifications may be withdrawn at any time by changing the User's web browser settings. The Administrator does not process any personal data of Users using web push notifications. Users are identified only on the basis of information that is stored by their web browsers, to which the Administrator has no access.

  1. Plugins directing to social media

After clicking on the icon of a given plugin, the user is sent to the website of an external provider, in this case the owner of a given social networking site, e.g. Facebook. Then he has the option of clicking "Like" or "Share" and liking the Administrator's fanpage on Facebook or directly sharing its content (post, article, video, etc.).

The administrator recommends that you read the Facebook privacy policy before creating an account on this portal. The administrator has no influence on the data processed by Facebook. From the moment the User clicks on the plug-in button referring to social media, personal data is processed by the social network, e.g. Facebook, which becomes their administrator and decides on the purposes and scope of their processing. Cookies left by the Facebook plugin (or other third parties) may also be applied to the User's device after entering the Website and then associated with data collected on the Facebook portal. By using the Website, the User accepts this fact. The administrator has no influence on the processing of data by third parties in this way. 

The above guidelines should also apply to the operation of:

Facebook - fanpage located at the URL: https://www.facebook.com/gadolandreda

Profile on the Instagram social network, located at the following URL: https://www.instagram.com/gadoland_reda/,

You Tube channel located at the URL: https://www.youtube.com/channel/UCAgZXoXuLNFvGfChuKsfkOA

Kanału w serwisie TikTok znajdujący się pod adresem URL:  https://www.tiktok.com/@gadoland_reda.

  1. Tools used to assess the effectiveness of Google Ads advertising campaigns - to conduct advertising and remarketing campaigns, which is the legitimate interest of the Administrator.

The Administrator does not collect any data that would allow the identification of the User's personal data. The Administrator recommends that you read Google's privacy policy in order to learn the details of how these functions work and, if necessary, disable them from the level of the User's browser.

  1. Cookies used to recover abandoned baskets and User activity on the online store website,

in order to direct advertising communication to the User related to the unfinished order, which is the legitimate interest of the Administrator.

  1. Content from portals and websites of external providers,

The Administrator may embed content from portals, websites, blogs and other websites of external entities on the Website. In particular, these may be videos from You Tube or Vimeo and sound recordings on the SoundCloud portal.

These third parties may record certain data about content playbacks made by the User. 

If you do not want this to take place, log out of a given portal (if you have an account there and are logged in) before visiting my Website or do not play the content on the Website. You can also change your browser settings and block certain content from certain websites from being displayed to you. 

By playing the recordings available on the SoundCloud portal, you use the services provided by SoundCloud, which is an independent entity providing electronic services to the User. Details regarding the processing of personal data by SoundCloud are contained in the privacy policy of this portal: https://soundcloud.com/pages/privacy and cookies policy: https://soundcloud.com/pages/cookies, as well as regulations: https://soundcloud.com/terms-of-use.

YouTube

YouTube is operated by Google Ireland Limited and allows you to play recordings on the Administrator's websites. You Tube may save cookies on the User's device about the playback of recordings and assigns them to the User's YouTube account if logged in.

By using recordings posted on YouTube, the User uses services provided electronically by Google Ireland Limited. Details regarding the processing of personal data by YouTube are contained in the Privacy Policy and regulations of this portal: https://policies.google.com/ privacy and https://www.youtube.com/t/terms.

  1. Affiliate links and affiliate programs

The Administrator's Website may contain affiliate links to specific products or services of third parties. It is a method of monetizing the content on the Website, which is generally available free of charge. Clicking on the link will not result in charging any fees on the part of the User. If you go to a third-party website by clicking on an affiliate link and purchase a product, I may earn a commission. By using the Website, you agree to the use of cookies in this regard.

Advertising windows with third party products may also appear on the Website, as part of the so-called Google AdSense. The administrator informs that he has no influence on the content of these advertisements or their appearance, which are determined by the provider's algorithm, in this case Google Ireland Iimited. You can modify the settings and personalization of ads directly from your browser by going to: https://adssettings.google.com/authenticated.

  1. The Administrator again recommends that you read the privacy policy of each of the providers of the above services in order to learn about the possibilities of making changes and settings that ensure the protection of User's rights.
  2. The website uses two types of cookies: session cookies, which are deleted after closing the browser, logging out or leaving the website, and permanent cookies, which are stored in the user's end device, which allows the browser to be recognized the next time the website is accessed, for the time specified in parameters of cookies or until they are deleted by the User.
  3. In many cases, the software used for browsing websites (web browser) allows cookies to be stored on the User's end device by default. Website users may change their cookie settings at any time. These settings can be changed, in particular, in such a way as to block the automatic handling of cookies in the web browser settings or inform about each time they are placed on the Website User's device. Detailed information on the possibilities and ways of handling cookies are available in the software (web browser) settings.
  4. The administrator informs that restrictions on the use of cookies (disabling them, limiting them) may affect some of the functionalities available on the websites of the Website and hinder its functioning.
  5. More information on cookies is available at http://wszystkoociasteczkach.pl/ or in the "Help" section in the menu web browser.
 
§8 CONSENT TO COOKIES

When you first enter the Website, you must agree to cookies or take other possible actions indicated in the message in order to continue using the content of the Website. By using the Site, you consent. If you do not want to express such consent - leave the Website. You can always change your browser settings, disable or delete cookies. The "help" tab in the User's browser contains the necessary information.

§9 SERVER LOGS
  1. Using the Website involves sending queries to the server where the Website is stored.
  2. Each query addressed to the server is saved in the server logs. Logs include e.g. User's IP address, server date and time, information about the web browser and operating system used by the User.
  3. Logs are saved and stored on the server.
  4. Server logs are used to administer the Website, and their content is not disclosed to anyone except persons and entities authorized to administer the server.
  5. The Administrator does not use server logs to identify the User in any way.

     Date of publication of the Privacy Policy: June 13, 2023

Date of last update: 06/13/2023

This privacy and cookie policy has been drawn up on a template legally purchased from a lawyer on the website legalnybiznesonline.pl. Do not copy it in whole or in part, as you will infringe copyright. Get your own legal license

en_GB