Privacy policy

PRIVACY POLICY

DEFINITIONS
• Administrator - Maja Kowalczyk running a business activity under the name Maja Kowalczyk Art with registered office in Warsaw, 2a Mysikrólika Street, 02-809 Warsaw, Tax Identification Number (NIP) 9511929055.
• Personal data - information about a natural person identified or identifiable through one or more factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity, including the IP device, location data, the Internet ID, and information collected through cookies and other similar technology.
• Policy - this Privacy Policy.
• RODO - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
• Service - the website operated by the Administrator at https://majakowalczykart.com/
• User - any natural person visiting the Service or using one or more services or functionalities described in the Policy

DATA PROCESSING IN CONNECTION WITH THE USE OF THE SERVICE
• In connection with the use of the Service by the User, the Administrator collects data to the extent necessary to provide the individual services offered, as well as information on the User's activity on the Service. Below there are described detailed principles and purposes of the processing of Personal Data collected in connection with the use of the Service by the User.

PURPOSES AND LEGAL BASIS OF DATA PROCESSING ON THE SERVICE
• USE OF THE SERVICE
• Personal data of all persons using the Service (including IP address or other IDs and information gathered through cookies or other similar technologies) are processed by the Administrator:
• for the purpose of providing services electronically in the scope of making available to Users the content collected in the Service - then the legal basis of the processing is the indispensability of the processing for the performance of the agreement (Article 6.1.b RODO);
• for analytical and statistical purposes - then the legal basis of the processing is the Administrator's legitimate interest (Article 6.1.f RODO), consisting in conducting analyses of User activity, as well as of their preferences in order to improve functionalities and services provided;
• in order to possibly determine and pursue claims or to defend against claims - the legal basis of the processing is the Administrator's legitimate interest (Article 6(1)(f) RODO) consisting in the protection of the Administrator's rights;
• User activity on the Service, including his/her Personal Data, are recorded in system logs. The information collected in the logs is processed primarily for the purposes related to the provision of services. The Administrator may also process them for technical, administrative purposes, for the purpose of ensuring the security of the IT system and its management, as well as for analytical and statistical purposes - in this regard the legal basis of the processing is the Administrator's legitimate interest (Article 6(1)(f) RODO).
• CONTACT FORMS
• The Administrator provides a possibility to contact him/her using electronic contact forms. Using the form requires providing Personal Data necessary to make contact with the User and respond to the inquiry. The User may also provide other data in order to facilitate contact or handling of the inquiry. Providing data marked as obligatory is required for accepting and servicing the inquiry, and their omission results in the impossibility of servicing. Provision of other data is voluntary.
• Personal data is processed:
• for the identification of the sender and the handling of his/her inquiry sent through the form provided - the legal basis for processing is the necessity of processing for the performance of the contract for the provision of services (Article 6.1.b RODO); with regard to the data provided optionally, the legal basis for processing is consent (Article 6.1.a RODO);
• for analytical and statistical purposes - the legal basis of the processing is the Administrator's legitimate interest (Article 6.1.f RODO), consisting of statistics concerning queries made by Users through the Service in order to improve its functionality.

COOKIES AND SIMILAR TECHNOLOGY
• Cookies are small text files installed on a User's device when browsing the Service. Cookies collect information making website use easier e.g. by storing User's visits to the Service and actions performed by them.
• SERVICE COOKIES
• The Administrator uses so-called service cookies primarily to deliver services provided electronically to the User and to improve the quality of such services. In this regard the Administrator and other entities providing analytical and statistical services to the Administrator use cookies to store information or gain access to information already stored in the User's telecommunications terminal equipment (computer, telephone, tablet, etc.). Cookies used for this purpose include:
• cookies with data entered by the User (session identifier) for the duration of the session (user input cookies);
• authentication cookies used for services that require authentication (authentication cookies);
• security cookies, such as those used to detect authentication abuses (user-centric security cookies);
• multimedia player session cookies (e.g. flash player cookies), for the duration of the session (multimedia player session cookies);
• persistent cookies used to personalize the user interface for the duration of the session or slightly longer (user interface customization cookies).

ANALYTICAL AND MARKETING TOOLS USED BY ADMINISTRATOR'S PARTNERS
• Administrator and Administrator's Partners use various solutions and tools used for analytical and marketing purposes. Below you will find basic information about these tools. Detailed information in this regard may be found in the privacy policy of the relevant partner.
• GOOGLE ANALYTICS
• Google Analytics cookies are files used by Google to analyze your use of the Service, to compile statistics and reports on the Service operation. Google does not use the collected data to identify the User nor does it combine this information to enable identification. Detailed information on the scope and principles of data collection in connection with this service can be found under the link: https://www.google.com/intl/pl/policies/privacy/partners

MANAGING COOKIE SETTINGS
• The use of cookies to collect data via them, including gaining access to data stored on the User's device, requires the User's consent. This consent can be withdrawn at any time.
• Consent is not required only in the case of cookies, the use of which is necessary to provide a telecommunications service (data transmission to display content).
• Withdrawal of consent for the use of cookies is possible through the browser settings. Detailed information on this can be found at the following links:
• Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
http://help.opera.com/Windows/12.10/pl/cookies.html
• Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl HYPERLINK “http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647″& HYPERLINK “http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647″answer=95647
• Opera: http://help.opera.com/Windows/12.10/pl/cookies.html
• Safari: https://support.apple.com/kb/PH5042?locale=en-GB

PERIOD OF PERSONAL DATA PROCESSING
• The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, the data is processed for the duration of the service provision, until the withdrawal of the expressed consent or filing an effective objection to data processing in cases where the legal basis of data processing is the legitimate interest of the Administrator.
• The period of data processing may be extended if the processing is necessary to establish and assert possible claims or to defend against claims, and after that time only in the case and to the extent required by law. After the end of the processing period, the data shall be irreversibly deleted or anonymized.

USER'S RIGHTS
• The User has the right to access the data and to demand their rectification, erasure, restriction of processing, the right to data portability, and the right to object to the processing of the data, as well as the right to file a complaint to the supervisory authority in charge of personal data protection.
• To the extent that the User's data is processed on the basis of consent, the consent may be withdrawn at any time by contacting the Administrator or using the functionalities made available in the Service.
• The User has the right to object to the processing of data for marketing purposes if the processing is carried out in connection with the Administrator's legitimate interest, and also - for reasons connected to the User's specific situation - in other cases where the legal basis of the data processing is the Administrator's legitimate interest (e.g. in connection with the performance of analytical and statistical purposes).
• More information about the rights under RODO can be found https://majakowalczykart.com/polityka-przetwarzania-danych-osobowych/

RECIPIENTS OF THE DATA
• In connection with the provision of services, Personal Data may be disclosed to external entities, including in particular providers of IT services, in particular hosting services, providers responsible for the operation of IT systems, or providers of analytical services.
• The Administrator reserves the right to disclose selected information concerning the User to competent authorities or third parties who will submit a request for such information based on an appropriate legal basis and in accordance with the provisions of the applicable law.

TRANSFER OF DATA OUTSIDE THE EEA
• The level of protection for Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator transfers Personal Data outside the EEA only when necessary and with an adequate level of protection, primarily by:
• cooperating with processors of Personal Data in countries for which a relevant decision of the European Commission has been issued regarding the finding of an adequate level of protection for Personal Data;
• applying standard contractual clauses issued by the European Commission;
• Use of binding corporate rules approved by the relevant supervisory authority;
• in case of transferring data to the U.S., cooperation with entities participating in the Privacy Shield program, approved by a decision of the European Commission.

SECURITY OF PERSONAL DATA
• The Administrator conducts risk analysis on an ongoing basis in order to ensure that the Personal Data is processed by him/her in a secure manner - ensuring above all that only authorized persons have access to the data and only to the extent necessary for the performance of their tasks. The Administrator ensures that all operations on the Personal Data are recorded and performed only by authorized employees and co-workers.
• The Administrator shall take all necessary measures to ensure that also its subcontractors and other cooperating entities guarantee that appropriate security measures are applied whenever they process Personal Data on behalf of the Administrator.

CONTACT DETAILS
• Contact with the Administrator is possible through the e-mail address majakowalczykart@gmail.com or the mail address: 2a Mysikrólika Street, 02-809 Warsaw.

CHANGES TO THE PRIVACY POLICY
• This Policy shall be reviewed on an ongoing basis and updated when necessary.
• The current version of the Policy has been adopted and is effective from 17.05.2021