The Controller of your personal data is Edisonda spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered office in Kraków (31-039) at ul. Dietla 52/9, entered into the Register of Entrepreneurs under KRS number 0000335987, NIP (Tax Identification Number): 6793017492, share capital: PLN 190,000.00.
Edisonda spółka z ograniczoną odpowiedzialnością (limited liability company) as the controller of personal data (hereinafter referred to as the “Controller”) attaches great importance to the privacy protection and confidentiality of personal data entered by Internet users in electronic forms made available on the edisonda.com website (hereinafter referred to as “edisonda.com”).
The Data Protection Supervisor details are as follows: Hubert Turaj email@example.com
The Controller, with due diligence, selects and uses appropriate technical and organizational measures to protect the personal data processed. Full access to the databases is only granted to persons duly authorized by the Controller.
The Controller protects personal data against unauthorized access, as well as against its processing in violation of the applicable laws.
Visitors to edisonda.com can browse the edisonda.com websites without providing personal data.
Basis for Personal Data Processing
Personal data is processed by the Controller in accordance with the law, in particular in accordance with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter referred to as “GDPR”) in order to:
- provide answers to the questions asked in connection with the users’ contacting the addresses specified on the website, pursuant to Article 6 Paragraph 1(b) GDPR,
- perform the contract in connection with the user’s applying to take part in the training, conference and participation in them, pursuant to Article 6 Paragraph 1(b) GDPR,
- fulfil the Data Controller’s legal obligations, pursuant to Article 6 Paragraph 1(c) GDPR (e.g. arising from accounting and tax regulations),
- pursue or secure claims, pursuant to Article 6 Paragraph 1(f) GDPR,
- conduct marketing activities of own products or services, pursuant to Article 6 Paragraph 1(f) GDPR.
Providing personal data is voluntary, but the consequence of not providing the data, depending on the case, shall be inability to obtain answers to the questions asked, or inability to participate in the training or conference.
The user should not provide the Controller with personal data of third parties. However, when the user provides such data, the user each time declares that he has the consent of the third parties to transfer the data to the Controller.
Personal Data Processing Scope
The Controller shall process the following scope of data:
- provided by the user in the content of the issue addressed to the Controller,
- in the event of an inquiry concerning the offer using the form available at edisonda.com, the data provided by the user in the form, i.e. first and last name, email address, telephone number, company name,
- in the event of signing up for the training using the form available at edisonda.com, the data provided by the user in the form, i.e. first and last name, email address, telephone number, company name.
The data provided by the users shall be used in order to: answer the questions asked, conduct the training, conference, carry out direct marketing activities, as well as for statistical purposes.
The Controller uses IP addresses collected during Internet connections for technical purposes related to server administration. In addition, IP addresses are used to collect general, statistical demographic information (e.g. about the region from which the connection is made).
Personal Data Processing Control
The user is required to provide complete, up-to-date and real data.
Each user whose personal data is processed by the Controller has the right to access the data and the right to rectify, delete, limit its processing, transfer the data, object to the processing of the data based on the legitimate interest of the Controller or direct marketing, withdraw consent at any time without affecting the lawfulness of the processing (where the processing takes place on the basis of a consent) carried out based on the consent before its withdrawal.
he rights specified in the above paragraph may be exercised by sending a relevant request stating the user’s name and e-mail address to firstname.lastname@example.org
The user has the right to appeal to a supervisory authority where he considers that the processing of his personal data violates the GDPR provisions.
Sharing of Personal Data
Users’ data can be made available to entities authorized to receive the data under applicable law, including the relevant judicial authorities. Personal data may be transferred to entities commissioned to process it, i.e. entities assisting in the conduct of the trainings, partners providing technical services (development and maintenance of IT systems and websites), an accounting entity; Personal data shall not be transferred to a third country/international organization.
Data Retention Period and Other Information Concerning Data Processing
Personal data shall be stored only for the period necessary to achieve a particular purpose for which it was sent, or in order to comply with the law, in the scope concerning:
- answering questions, personal data shall be processed for the period not longer than three years from the end of the contact,
- implementing the contract concerning the conduct of the trainings, your personal data shall be processed for the duration of the contract, and after the expiration of the contract for the period necessary for after-sales services (e.g. complaints), or pursuing or securing claims, or fulfilling a legal obligation of the Controller (e.g. resulting from tax or accounting regulations),
- conducting marketing activities of own products or services (based on a legitimate legal interest), personal data shall be processed until the data subject objects to its processing.
Personal data shall not be processed in an automated way by the Controller.