The following information is a concise, understandable and transparent summary of the information contained in the Privacy Policy regarding the Data Administrator, the purpose and method of processing personal data and your rights in connection with this processing, in the form required to fulfill the information obligation of the GDPR. Details on the method of processing and entities participating in this process are available in the indicated policy.

Who is the data administrator?

The Personal Data Administrator (hereinafter referred to as the Administrator) is the company "ZAMEL Sp. z o.o.", conducting business at the address: Zielona 27, 43-200 Pszczyna, Poland, with the assigned tax identification number (NIP): 6380000669, with the assigned KRS number: 0000384737, providing services electronically via the Service

How can you contact the data administrator?

You can contact the Administrator in one of the following ways

• Mailing address - ZAMEL Sp. z o.o., Zielona 27, 43-200 Pszczyna, Poland
• Email address - marketing@zamel.pl
• Telephone connection - +48 (32) 210 46 65
• Contact form - available at: https://zamel.com/pl/dane-teleadresowe

Has the Administrator appointed a Data Protection Officer?

Based on Art. 37 of the GDPR, the Administrator did not appoint a Data Protection Officer.

In matters related to data processing, including personal data, you should contact the Administrator directly.

Where do we obtain personal data and what are their sources?

Data is obtained from the following sources:

• from people to whom the data relates
• in the case of registration using social networking sites, with the expressed conscious consent of these people, from these social networking sites

What is the scope of personal data processed by us?

In the service, ordinary personal data are processed, voluntarily provided by the people to whom they relate
(E.g. name and surname, login, e-mail address, telephone, IP address, etc.)

The detailed scope of processed data is available in the Privacy Policy.

What are the purposes of processing data by us?

Personal data voluntarily provided by Users are processed for one of the following purposes:

• Implementation of electronic services:
  • Services of registration and maintenance of the User’s account in the Service and functionalities related to it
  • Newsletter services (including sending advertising content with consent)
  • Services of commenting / liking entries in the Service without the need to register
• Communication of the Administrator with Users in matters related to the Service and data protection
• Ensuring the legally justified interest of the Administrator

What are the legal bases for data processing?

The service collects and processes User data on the basis of:

• Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
  • art. 6 par. 1 lit. a
    the person to whom the data relates has consented to the processing of their personal data for one or more specific purposes
  • art. 6 par. 1 lit. b
    processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  • art. 6 par. 1 lit. f
    processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
• Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018 item 1000)
• Act of 16 July 2004 - Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
• Act of 4 February 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)

What is the legitimate interest pursued by the Administrator?

• For the purpose of possible determination, investigation or defense against claims - the legal basis for processing is our legitimate interest (Art. 6 par. 1 lit. f) GDPR) consisting in the protection of our rights, among others;
• For the purpose of assessing the risk of potential customers
• For the purpose of evaluating planned marketing campaigns
• For the purpose of direct marketing

For what period do we process personal data?

As a rule, the indicated personal data are stored only for the period of providing the service within the service run by the Administrator. They are deleted or anonymized within 30 days from the end of the provision of services (e.g. deletion of a registered user account, unsubscribing from the Newsletter list, etc.)

In exceptional situations, in order to secure the legitimate interest pursued by the Administrator, this period may be extended. In such a situation, the Administrator will store the indicated data, from the time of their request for deletion by the User, no longer than for a period of 3 years in the event of a violation or suspicion of violation of the service regulations by the person to whom the data relate.

Who is the recipient of the data, including personal data?

As a rule, the only recipient of the data is the Administrator.

However, data processing may be entrusted to other entities providing services for the Administrator in order to maintain the operation of the Service.

• Hosting companies providing hosting services or related services for the Administrator
• Companies through which the Newsletter service is provided
• Service and IT support companies performing maintenance or responsible for maintaining IT infrastructure

Will your personal data be transferred outside the European Union?

Personal data will not be transferred outside the European Union, unless they have been published as a result of individual action by the User (e.g. entering a comment or post), which will make the data available to every person visiting the service.

Will personal data be the basis for automated decision making?

Personal data will not be used for automated decision making (profiling).

What rights do you have in relation to the processing of personal data?

• Right of access to personal data
  Users have the right to access their personal data, implemented through the user panel available after logging in and tools enabling access to the account in case of a forgotten password.
• Right to rectify personal data
  Users have the right to request the Administrator to immediately rectify personal data that is incorrect or / and to supplement incomplete personal data, implemented through the user panel available after logging in and tools enabling access to the account in case of a forgotten password.
• Right to delete personal data
  Users have the right to request the Administrator to immediately delete personal data, implemented on request submitted to the Administrator.
  
  In the case of user accounts, data deletion involves anonymizing data that allows the User to be identified.
  
  In the case of the Newsletter service, the User has the possibility to independently delete their personal data using the link placed in each sent e-mail message.
• Right to restrict the processing of personal data
  Users have the right to restrict the processing of personal data in cases indicated in Art. 18 GDPR, including questioning the correctness of personal data, implemented on request submitted to the Administrator
• Right to transfer personal data
  Users have the right to obtain from the Administrator, personal data concerning the User in a structured, commonly used machine-readable format, implemented on request submitted to the Administrator
• Right to object to the processing of personal data
  Users have the right to object to the processing of their personal data in cases specified in Art. 21 GDPR, implemented on request submitted to the Administrator
• Right to lodge a complaint
  Users have the right to lodge a complaint with the supervisory authority dealing with the protection of personal data.