Privacy policy

Your privacy is our priority. We make sure that the personal data entrusted to us is safe and processed in accordance with the law. This means maximum transparency of processing processes and ensuring our clients control over their data. Below you will find the most important information regarding the processing of personal data by ALD STUDIO.

PERSONAL DATA ADMINISTRATOR

The administrator of your personal data is Anna Dybiec, running a business under the name ANNA DYBIEC ALD STUDIO, NIP: 5130202638, REGON: 385429437 (hereinafter: Administrator).

CONTACT DETAILS OF THE ADMINISTRATOR

e-mail: biuro@aldstudio.pl

phone: 690 520 434

You can also use the contact form available on our website.

WHY DO YOU PROCESS YOUR PERSONAL DATA?

Below you will find the answer to this question along with the legal basis for the processing of personal data.

PURPOSE OF PROCESSING

LEGAL BASIS FOR PROCESSING

The current activity of the Administrator consisting in the design of websites, online stores and web applications, as well as the handling and implementation of orders placed by our customers, including providing individual customer accounts and e-mail tools.

Necessity to perform the contract - art. 6 sec. 1 point b) GDPR, i.e. processing is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject, prior to entering into a contract.

Marketing purposes - promoting our services, sending invoices, answering questions sent via the form available on the Administrator's website.

Consent of the data subject - art. 6 sec. 1 point a) of the GDPR, i.e. the data subject has consented to the processing of his personal data for one or more specific purposes.

Processing of personal data for the purposes of analytical and statistical operations, including customer satisfaction surveys.

Legal interest of the Administrator - art. 6 sec. 1 point f) GDPR, the economic interest consisting in improving the quality of services provided while ensuring the security and correct operation of the IT tools used.


IS THE TRANSFER OF PERSONAL DATA NECESSARY?

We need your personal data to properly provide our services. If you do not want to provide us with your personal data, we reserve the right to refuse to cooperate with you and to refuse to provide the service.

HOW LONG DO YOU KEEP MY DATA?

We do not store personal data indefinitely, we strive to shorten the period of their storage and delete or anonymize data when they are no longer needed. We adjust the period of data storage to the purposes for which it was collected. The criteria for determining the period of storage of personal data are the provisions of generally applicable law, e.g. provisions of civil law regarding limitation periods. We allow the possibility of extending or shortening the period of storage of personal data due to a legitimate legal interest, e.g. in connection with pending court proceedings.

DO YOU PROFILE MY DATA?

We do not conduct profiling processes that may result in making decisions that have legal effects or affect you in a similarly significant way.

WILL YOU SEND MY DATA TO OTHER ENTITIES?

We transfer your personal data to the following categories of recipients of personal data:

  • IT sector companies that provide us with IT tools for our day-to-day operations (e.g. hosting companies, Google, Facebook);
  • A company dealing with accounting and bookkeeping activities.

WILL YOU TRANSFER MY DATA OUTSIDE THE EUROPEAN ECONOMIC AREA?

We may transfer your data to countries outside the European Economic Area (EEA), because some of the recipients of the data are based outside the EEA. We only use the services of those recipients who, in our opinion, guarantee an appropriate level of security. Data transfer outside the EEA is based on the use of Standard Contractual Clauses by data recipients.

FACEBOOK - https://pl-pl.facebook.com/legal/terms/businesstools

GOOGLE -  https://support.google.com/adspolicy/answer/10042247?hl=en

We use Google Analytics and Facebook Pixel for analytical purposes and optimization of the services provided. More information on these services can be found at the following links:

FACEBOOK - https://pl-pl.facebook.com/policies/cookies/

GOOGLE - https://policies.google.com/technologies/partner-sites

Using Google Analytics and Facebook Pixel may display personalized internet advertisements on your devices. To avoid displaying such ads on your devices, please use the links below:

FACEBOOK - https://www.facebook.com/settings/?tab=ads

GOOGLE - https://www.google.com/settings/ads/anonymous


WHAT ARE MY RIGHTS WITH REGARD TO PERSONAL DATA?

You have the right to:

  • requests from the Administrator to access their personal data, rectify personal data, delete or limit the processing of personal data, object to processing, as well as transfer personal data.
  • withdraw the consent granted for processing at any time, which, however, does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal.

With regard to personal data processed for the purposes of direct marketing, you have the right to object to the processing of your personal data for the purposes of such marketing at any time.

You can exercise the above rights through direct contact with the Administrator.

You also have the right to lodge a complaint with the supervisory authority. The supervisory body in Poland is performed by the President of the Personal Data Protection Office, whose contact details are:

Address: ul. Stawki 2, 00-193 Warsaw

Phone: 22 531-03-00, Helpline: 606-950-000

E-mail: kancelaria@uodo.gov.pl


WHAT ARE THE DUTIES OF ALD STUDIO AS ADMINISTRATOR OF PERSONAL DATA?

We process the personal data entrusted to us on the basis of a legal basis and in accordance with the law, reliably, transparently for our clients, for specific purposes, with care for the correctness of data, no longer than necessary and ensuring data security.

We keep a Register of Personal Data Processing Activities (hereinafter: the Register), where we document data processing activities, including the method of personal data processing. In the Register, for each separate data processing activity, we record: (i) the name of the activity, (ii) the purpose of processing, (iii) description of the category of persons, (iv) description of the data category, (v) planned date of deletion of the data category, (vi) description categories of recipients of personal data (including processors), (vii) description of technical and organizational security measures, (vii) information about the transfer outside the EU / EEA.

We register all personal data breaches, regardless of the seriousness of the breach, in order to implement the principle of accountability and ensure transparency of personal data processing. In the event of a breach of personal data protection, we assess whether the breach could have caused the risk of violating the rights or freedoms of natural persons. If the breach could cause a risk of violation of the rights or freedoms of natural persons, we report the breach of data protection rules to the supervisory authority for the processing of personal data without undue delay - if feasible - no later than 72 hours after the breach has been found. If the risk of violation of rights and freedoms is high, we also notify the data subject about the incident.

In addition, we ensure an appropriate level of data security by:

  • risk analysis procedure for data processing activities or their categories;
  • the data protection impact assessment procedure where the risk of violation of the rights and freedoms of persons is high;
  • adaptation of data protection measures to the identified risks.

SHARE YOUR EMAIL BOX - DO YOU HAVE ACCESS TO MY EMAIL?

As part of the services provided, we create and provide clients with personalized user accounts and e-mail boxes, to which only our clients have access.

When the login data is transferred to the e-mail box, the customer becomes the administrator of personal data processed using it. We remind you that the GDPR does not apply to the processing of personal data if it is done by a natural person for personal purposes. For example, if you only use a mailbox for your personal email address and address book.

We do not monitor the data stored in your web space (user account) or in e-mail messages. It is your responsibility to comply with the provisions on the protection of personal data, including the GDPR, as well as to ensure the confidentiality of login data to avoid disclosing them to unauthorized persons.


WHAT ARE COOKIES AND ARE YOU USING THEM?

We use cookies to ensure the proper functioning of our website.

A cookie is a text file saved on your device by the website when you enter the website. Cookies are then sent to the website on each subsequent visit to record the history of your activity.

Most of the cookies used on our website can be activated or deactivated by changing your browser settings. To disable cookies, check your browser settings - you'll usually find them under "Help", "Tools" or "Edit". Disabling cookies does not delete cookies from your device - to do this, use the option to clear the history of pages viewed. However, it should be noted that such action may also remove other useful information from the device (e.g. login data, website preferences). It is also possible to set the browser to block the storage of cookies on the device, but in some cases it may be necessary to change these preferences in the browser settings each time you visit the website. For more information on managing cookies, please check your browser's cookie settings.


WHEN WAS THE PRIVACY POLICY LAST UPDATED?

The Privacy Policy has been updated recently July 23, 2021. We reserve the right to update the Privacy Policy.