Privacy Policy

 

Who is the Administrator of my data?

The administrator of your data, i.e. the entity deciding about the purposes and methods of their processing, is:

Online Business Star Natalia Ziajka

17/2 Dambonia St.

45-860 Opole

Poland

VAT PL 7542772122.

 

How can I contact you in related matters with personal data?

If you want to contact us about the processing of personal data, you can do so:

1. a) by e-mail at the following address: [email protected]
2. b) in writing – by traditional mail at the following address:

Online  Business Star Natalia Ziajka

17/2 Dambonia St.

45-860 Opole

Poland

 

In what situations do you process my data?

We process your data whenever:

-you use our services, in particular when you use our products,

-you take part in training, workshops, competitions, quizzes, and promotional campaigns organized by us,

-we sometimes ask our clients to participate in market research. Any kind of personal data used for research will be used only with your consent, we can use the collected information for testing, research, analysis, and product development. Thanks to this, we can improve and increase the security and protection of our services, develop new functions and products,

-in certain cases, it may be necessary to use your data to resolve legal disputes, in the case of official proceedings, in matters related to compliance with the law,

-for this purpose, we may process some personal data, such as name, surname, date of birth, data regarding the use of our services, if the claims result from how you use our services, other data necessary to prove the existence of the claim, including the size damage suffered,

-we may also process your data when we send you the Newsletter (provided that you have previously consented to it),

-we also process your data when we send you marketing information about us or about our business partners (provided that you have previously consented to it).

 

Do I have to provide you with my data?

Providing data is voluntary, but some of your data may be necessary to use our services and provide them properly. In addition, some of your data is necessary for us to be able to meet the requirements of the law referred to below.

 

What data do you process?

We process only the data that is necessary to achieve the purpose for which it was collected. Depending on the type of service provided, the scope of data may be different:

1) If you use our services or take part in events organized by us, we process your data, such as name and surname, contact details, and payment details.

2) If you participate in competitions organized by us, we process, inter alia, Your name, telephone number, email address, and in, some cases your bank account number if you won a cash prize.

3) If you have agreed to send you the Newsletter and marketing information, we process, inter alia, your full name, and email address.

4) If we issue a sales document for you, we process the following data: your name and surname, address of residence (seat), personal identity number, or tax identification number.

5) If we communicate with you electronically or with the use of telecommunications terminal equipment and automatic calling systems (after you have previously consented to such communication), then (depending on the form of communication) we process such data as your name, telephone number, address e-mail.

 

For what purpose do you process my data?

We process your data to take action on your request (e.g. response to an inquiry or request), for the purpose necessary to conclude and perform a contract or provide a service, including handling possible complaints, complaints, or claiming amounts due under concluded contracts.

The processing of some of your data is also necessary to meet our obligations under the law, regarding, for example, the obligation to store certain data for a specific period, collect certain information for user verification and identification, or transfer data to authorized bodies or entities, e.g. resulting from:

1) the Act of September 29, 1994. about accounting,

2) the Act of March 11, 2004. on tax on goods and services,

3) the Act of November 16, 2000, on counteracting money, laundering, and terrorist financing,

If we decide to process your data for a purpose other than that we have collected it, we will inform you about it and ask for your consent, if required by law.

 

Cookies

To a limited extent, we may collect personal data automatically via cookies on our websites.

Cookies are small text files saved on the user’s computer or another mobile device while using the websites. These files are used, among others using various functions provided on a given website or confirming that a given user has seen certain content from a given website. Among the cookies, some are necessary for the operation of the website www.nataliaziajka.com.

– cookies with data entered by the User (session ID) for the duration of the session (user input cookies)

– authentication cookies used for services that require authentication for the duration of the session (authentication cookies)

– cookies used to ensure security, e.g. used to detect fraud in the field of authentication (user-centric user-cookies)

– multimedia player session cookies (e.g. flash player cookies), for the duration of the session (multimedia player session cookies)

– persistent cookies used to personalize the User’s interface for the duration of the session or a little longer (user interface customization cookies)

– cookies used to monitor traffic on the website, i.e. data analytics, including Google Analytics cookies (these are files used by the Google company to analyze how the User uses the Website, to generate statistics and reports on the functioning of the Website). Google does not use the collected data to identify the User and does not combine this information to enable identification.

By using the Website, the User consents to the placement of the cookies described above on his computer or another device. However, it is possible to control and manage the installed cookies. However, it should be remembered that deleting or blocking cookies may affect the way you use the Website, as some of its areas may become inaccessible.

The Administrator reserves that after rejecting cookies, some functions offered by the Websites may not work properly, and even in some cases, it is associated with a complete disabling of the selected product.

 

On what basis you are processing my data?

We process Personal Data by applicable law, in particular following the provisions of the Regulation (GDPR) regarding personal data.

The legal basis for the processing of your data is:

– your consent or

– considering your application or request, or

– conclusion and performance of the contract, or

– implementation of legally justified interests of the Administrator or

– fulfilment of our obligations under applicable law.

 

How long will you be processing my data?

For individual cases, the data processing time is as follows:

1) if we process your data based on a contract, the processing will continue as long as the contract is in force and the period of limitation of any claims,

2) if you have consented to the processing for a specific purpose, we will process your data until you withdraw your consent, after which we will delete it immediately,

3) data that we process based on the legitimate interest of the data controller – the processing period lasts until the termination of the above-mentioned interest (e.g. the limitation period for civil law claims) or until the data subject objects to further such processing – in situations where such objection is permitted under the law,

4) data processed to fulfil our obligations under applicable law, we will process as long as it results from these provisions.

 

Who are the recipients of the data?

The recipients of the data are persons authorized by the Administrator to use the data as part of their official duties, to whom the Administrator orders such activities.

In some situations, we have the right to transfer your data if it is necessary so that we can perform our services, fulfil our obligations and properly comply with applicable law.

When performing some of the tasks (including destroying documents, storing data, accounting and HR and payroll services, legal services, marketing services, and IT services), we use the help of external entities. In justified cases, the appropriate authorities will also receive them from us.

In this case, we entrust personal data to subcontractors in the implementation of a specific purpose at our request (based on the Data Entrustment Agreement), still being the Administrator of your data and responsible for their security.

 

We will only provide data to three groups:

1) a person authorized by us, our employees, and associates who must have access to data to perform their duties properly,

2) processing entities to whom we commission this task to achieve a specific purpose (e.g. an accounting office, a law firm, an IT company),

3) other recipients of data (e.g. law enforcement authorities, banks in the event of their request for information based on an appropriate legal basis by applicable law).

 

Do you share my data and with whom?

We do not share your data with third parties or persons, except in situations where:

1) you have given your voluntary consent to such sharing. Your consent may be revoked at any time in the same simple way as it was submitted.

2) disclosure is necessary for the performance of the contract or the provision of a service.

3) in special cases, your data may be made available to entities authorized to do so based on generally applicable provisions of law (e.g. law enforcement authorities, a statutory auditor to audit the financial statements).

Each application for disclosure is thoroughly examined by us, and the transfer of data takes place only if, as a result of this analysis, we find that there is a valid and effective legal basis to request the disclosure of your data to these entities.

 

Do we transfer personal data outside the European Union?

Our partners are based mainly in Poland and other countries of the European Economic Area (EEA). Some of our suppliers are based outside the EEA. In connection with the transfer of your data outside the EEA, we made sure that our suppliers guarantee a high level of personal data protection. We minimize the scope of data sent outside the EEA. At the same time, in the case of using SCC, we verify whether there is a risk of personal data protection violation by these entities outside the EEA, e.g. what the data protection process looks like and whether the shared data may potentially be of interest to third countries.

 

How do you protect my data?

The administrator makes every effort to ensure physical, technical, and organizational measures to protect personal data against accidental or deliberate destruction, accidental loss, alteration, unauthorized disclosure, use, or access, by all applicable regulations.

 

What are my powers and how can I use them?

In connection with the processing of your data, you have the following rights:

1) to information on the processing of your data, the so-called “Information obligation” (by Articles 12 and 13 of the GDPR),

2) access to the content of your data (by Article 15 of the GDPR),

3) submit a request to rectify your data (by Article 16 of the GDPR), i.e. correct incorrect data and supplement incomplete data,

4) submit a request to limit the processing of your data (by Article 18 of the GDPR),

5) the right to submit a request to transfer your data to another Administrator (by Article 20 of the GDPR),

6) object to the processing of data for reasons related to your particular situation (by Article 21 (1) of the GDPR), however, this right is not absolute – i.e. despite the objection, we will still be able to process your data, if we prove that there are valid, legitimate grounds for the processing, overriding rights, and freedoms or grounds for establishing, investigating or defending claims,

7) object to the processing of your data for direct marketing, to the extent that the processing is related to such direct marketing. This objection does not require justification or conditions of effectiveness – in this case, we will no longer be able to process your data for direct marketing purposes.

Withdrawal of consent does not affect the lawfulness of the processing which was carried out based on consent before its withdrawal.

8) submit a request to delete your data (by Article 17 of the GDPR) – the so-called “The right to be forgotten”, you can exercise this right, for example, when:

1.  The administrator processes your data unlawfully,
2.  You object to the processing of data for marketing purposes,
3. The data must be deleted for the Administrator to fulfil the obligation resulting from legal provisions;

You can exercise the above rights by submitting to us (the Data Administrator) an appropriate statement:

1. a) by e-mail at the following address: [email protected]

or

1. b) in writing – by traditional mail at the following address:

Online Business Star Natalia Ziajka

17/2 Dambonia St.

45-860 Opole

Poland

note: personal data

9) you also have the right to complain to the supervisory body, i.e. the President of the Personal Data Protection Office (formerly GIODO).

 

How do we update the Privacy Policy?

We may update this policy from time to time. If we make material changes, we will notify you by e-mail. To the extent permitted by applicable law, your use of our services after such notification constitutes consent to update this policy.

We encourage you to review this policy periodically for the latest information about our privacy practices. We also provide you with previous versions of our privacy policy.

The policy is verified on an ongoing basis. The current version of the Policy has been adopted and is effective from January 2022. Archived versions of this document can be found on our website.

 

 

Last updated: January 2022