§ 1 BASIC INFORMATION ABOUT THE WEBSITE
§ 2 VOCABULARY
1) Personal Data – shall mean a set of information about a natural person that can be used to identify them;
2) Contact Form – shall mean the form used by the Guests or Users of the Website to submit information and enquiries in order to receive information about the activity of the Website;
3) Operator – shall mean Łowcy Gier Bryks Spółka Komandytowa with its registered office in Łódź, at: Henryka Sienkiewicza 85/87/3.15, 90-318, Poland, entered in the register of entrepreneurs of the National Court Register under KRS (National Court Register Number): 0000916308, REGON (National Official Business Register Number): 389668713, NIP (Tax Identification Number): 7252311223, share capital: PLN 13 200 (thirteen thousand two hundred Polish złoty);
4) Controller – shall mean the personal data controller – Łowcy Gier Bryks Spółka Komandytowa with its registered office in Łódź, at: Henryka Sienkiewicza 85/87/3.15, 90-318, Poland, entered in the register of entrepreneurs of the National Court Register under KRS: 0000916308, REGON: 389668713, NIP: 7252311223, share capital: PLN 13 200 (thirteen thousand two hundred Polish zloty);
5) Website – shall mean the website at https://gg.deals/;
6) User Account – shall mean a dedicated part of the Website complete with the IT solutions that enable the Users to use selected services; The account is created by registration, and it is updated based on the User’s data;
7) Guest – shall mean any natural person who visits the Website and uses its resources via the Internet without registering on the Website as a User;
8) User – shall mean any natural person who visits the Website and uses its resources via the Internet (Guest), after logging in as a User of the Website.
1) regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
2) Personal Data Protection Act of 10 May 2018 (Journal of Laws, item 1000);
3) Electronic Services Act of 18 July 2002 (consolidated text, Journal of Laws of 2019, item 123);
4) Telecommunications Law Act of 16 July 2004 (consolidated text, Journal of Laws of 2018, item 1954, as amended).
2. The Website is used via a secure connection. The information sent and received by the Website is private.
§ 4 VIEWING THE WEBSITE RESOURCES AVAILABLE TO THE USERS
Storing the requests sent by the Users to the server does not require any personal data processing because the data are not associated with specific Guests who view the pages of the Website. The resources viewed by the User are identified by URL addresses, and they concern the following:
1) public IP address of the terminal device sending the request;
2) User’s station name – identification via the HTTP protocol, where possible;
3) User name communicated at the time of authorisation;
4) request time;
5) first line of the HTTP request;
6) HTTP response code;
7) amount of data sent by the server;
8) URL of the website previously visited by the User (referrer link) – if the User accessed the Website via an external link;
9) information about the User’s browser;
10) information about errors in the HTTP transaction.
2. Cookies cannot be used to download any personal data or address data of the Guest or any confidential information from their computer. Cookies can only be used to determine the profile of the information the Guest is interested in. They are used to collect data needed to examine the aggregate traffic of the Guests on the Website for statistical purposes.
3. The purpose of using cookies is to ensure the correct functioning of the Website, collect anonymous statistics to help determine how the contents of the Website are used and adapt the information and advertisements displayed to the Guests to their preferences.
5. The Website uses the following types of cookies:
1) “session” cookies – kept on the terminal device of the Guest until they leave the Website or close their web browser;
2) “persistent” cookies – stored on the terminal device of the Guest for the period specified in their parameters or until they are deleted by the Guest;
3) “performance” cookies – used to acquire information about the way the Website is used;
5) “necessary” cookies – enabling the use of the services provided by the Website;
6) “own” cookies – cookies placed by the Website;
7) “external” cookies – cookies from websites other than the Website;
8) “advertising” cookies – adapting the advertisements in other websites to the preferences of the Guest;
§ 6 PERSONAL DATA PROTECTION
1. No data of the Guests will be processed on the Website unless the Guest consents to the processing of their personal data and submits their consent with the Contact Form. The following categories of User data are processed on the Website: login, e-mail address, image – if provided on the User profile – and behavioural data concerning activity on the Website.
2. The Controller of the personal data of the Guests who consent to the processing of their personal data and Users, as well as entities that submitted a complaint concerning the use of the Website, is Łowcy Gier Bryks Spółka Komandytowa with its registered office in Łódź, at: Henryka Sienkiewicza 85/87/3.15, 90-318, Poland, entered in the register of entrepreneurs of the National Court Register under KRS: 0000916308, REGON: 389668713, NIP: 7252311223, share capital: PLN 13 200 (thirteen thousand two hundred Polish zloty), fully paid up.
3. The personal data of Guests may be processed pursuant to Article 6(1)(a) of the GDPR solely for the purposes specified in the Guest’s consent to personal data processing submitted to the Operator using the Contact Form.
4. The personal data of Users are processed by the Controller pursuant to Article 6(1)(b) of the GDPR solely for the purposes of maintaining the User Account and enabling them to use the functions of the Website intended for the User.
5. The personal data of entities that submitted a complaint are processed by the Controller pursuant to Article 6(1)(c) of the GDPR solely to consider the complaint, and they are processed for as long as necessary to ensure the highest quality of service on the Website.
6. The Controller may process the personal data of the entities referred to in paragraphs 3–5 above pursuant to Article 6(1)(f) of the GDPR where required due to legitimate interests pursued by the Controller.
7. The Controller may provide the personal data of the entities referred to in paragraphs 3–5 above, pursuant to the applicable law, upon request of authorities that monitor compliance with the law, other public authorities, the police and other services. In such a situation, the consent of the persons whose data are provided will not be required.
8. The entities referred to in paragraphs 3–5 above, in connection with the processing of their personal data, have the right to access their data and rectify them, the right to data portability and the right to lodge a complaint with the supervisory authority – President of the Personal Data Protection Office (UODO).
9. The entities referred to in paragraphs 3–5 above have the right to the erasure of their data, the right to restriction of processing and the right to object to data processing, except where this would be contrary to the generally applicable law or the nature of the legal relationship between the indicated entity and the Controller.
10. The User may place personal data of other persons on the Website (including their first name and last name, address, phone number or e-mail address) only if this does not violate the generally applicable law.
11. Personal data are not provided to Third Countries outside the European Economic Area. Personal data may be provided to third parties to use the services of an e-mail provider, obtain legal services or use IT technical support.
12. In connection with the provided services, personal data may be provided to external entities that provide services to the Operator, including, in particular, to providers responsible for the operation of computer systems, entities that provide legal services and advertising agencies (regarding the marketing services provided for the Operator). In particular, personal data may be entrusted or provided to the following entities and to the following extent:
1) DigitalOcean (GDPR) – website hosting service, keeping all the data of the Website.
2) Google Analytics (GDPR) – IP address, browser, location data and history of navigation on the website.
3) Hotjar (GDPR) – data concerning the activity of Guests and the way they use the Website. The system records the way the User navigates the Website and generates maps of clicks on our Website. It also enables the Operator to send surveys to the Users.
4) Disqus (GDPR) – IP address, forum account ID, name, address, e-mail and avatar
5) Gleam (GDPR) – user name, social media profiles, IP address, e-mail address.
6) Reflinks of partner websites – history of online navigation for payment settlement purposes.
§ 7 PROCESSING PERIOD
1. The period of personal data processing by the Controller depends on the type of provided service and the purpose of processing. In principle, the data are processed for the duration of the service, until the consent is withdrawn or until a successful objection is made against data processing in situations where the legal basis for processing is a legitimate interest of the Controller.
2. The processing period may be extended if the processing is required for the establishment and exercise of claims (if any) or defence against claims and after that period only where required by the law. Upon the lapse of the processing period, the data will be irrevocably erased or anonymised.
§ 8 FINAL PROVISIONS