In connection with the implementation of the requirements of Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repeal of Directive 95/46/EC (general data protection regulation), hereinafter referred to as "GDPR", we inform about the rules of processing your personal data and about your rights connected with it.
The following rules apply from 25 May, 2018.
- Administrator of personal data.
The administrator of your personal data is Lead Labs sp. z o.o. with its headquarters in Warsaw, ul. Lirowa 13, 02-387 Warsaw, REGON: 365802521, NIP: 5213754412, entered into the register of entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register under the number KRS 0000645402, share capital (fully paid up) PLN 10,000.00 (hereinafter referred to as the "Administrator" or "LL").
- Contact details
LL has set one contact point for all personal data issues. If you would like to contact us, please write us an e-mail to the following address: firstname.lastname@example.org or send a letter to: Lead Labs sp. z o.o., ul. Lirowa 13, 02-387 Warszawa with the note: "GDPR".
- Where do we get your personal data from?
1) Most of the data we receive directly from you. This data is provided by:
- completing the contact form or subscribing to the newsletter on one of our portals: muanimation.pl; mu.pl; muproduction.pl ("Portals"), or possibly during a conversation with a person from our staff;
- by calling us with a request for proposal to the telephone number provided on one of the Portals;
- downloading our product, such as an e-book, from our Portals or other websites (such as our Facebook profile, LinekdIn);
2) We also may have your data from publicly available sources, as well as from our partners who collect personal data in the execution of their own plans (i.e. for their own purposes) making it available to us in a commercial cooperation, if you agreed to it by providing them with this data;
- What is the scope of the data processed?
We process the following data:
- first and last name,
- e-mail address,
- telephone number,
- the company in which you work (including your own business, if you run it);
4) occupied position;
- name, address of your business, NIP, REGON, bank account number, if you run it and as a result of the contact you have become our Client;
- additional information about you that you could have included in the e-mail correspondence or that you could have provided during the telephone conversation with our staff (although the calls are not recorded by us);
- your consent (if, for example, you gave us permission to process your data for marketing purposes);
- data from the analysis of server cookies or logs, such as, for example, the IP address.
- For what purpose and on what basis do we process your personal data?
We process your personal data in connection with the performance of our business, i.e. offering our Clients the opportunity to use our services and then their performance. Due to the above, we process your personal data for various purposes indicated below:
- preparing personalized offers for you for using our services, and then performing the contract concluded with you, if you decide to become our Client (art. 6 para. (1) (b) GDPR),
- legal provisions also require us to process your personal data for accounting and tax purposes (art. 6 para. 1(c) GDPR).
- if you consent to this, we process your data in order to send marketing messages to you (art. 6 para. 1(f) GDPR, i.e. marketing purposes as a legitimate interest of the personal data administrator);
- if you subscribe to our newsletter, we process your data in order to carry out the service you ordered (art. 6 para. (1) (b) GDPR),
- Your personal data is also processed to collect debts, conduct court, arbitration and mediation proceedings, archiving and the possibility of settling the correctness of processing your data and performing your statutory functions, which is the legitimate interest of the administrator (art. 6 para. 1 letter f) of GDPR;
- data from the analysis of cookie files and server logs is processed for the purpose of building anonymous statistics of visits to our Portals, including for marketing purposes (including for the purpose of analyzing and profiling data for marketing purposes, in particular to adapt messages to your preferences), handling their functionality (login, content presentation, forms support).
- How long do we process your personal data?
The period for which we process your personal data depends on the purpose of processing. And so:
- to prepare for you a personalized offer for using our services - for this we process your data for the time when we are negotiating with you to conclude a contract with you, but not longer than 3 years from the date of obtaining your data;
- to execute the contract concluded with you, if you decide to become our Client - for this we process your data for the duration of its performance, and after its completion until the expiration of our mutual claims related to this contract;
- as regards accounting purposes, we will process your data for a period of 5 years, counting from the beginning of the year following the accounting year covered by the accounting documents (art. 74 para. 2 and 3 of the Act of 29 September 1994 on accounting (Journal of Laws of 2018, item 395 as amended). However, as far as tax purposes are concerned, data will be processed for a period of 5 years, counting from the end of the calendar year in which the payment deadline for a given tax has expired (art. 207 of the Act of 29 August, 1997. Tax Ordinance (Journal of Laws of 2015, item 201 as amended);
- to send you marketing messages other than newsletters - for this we process your data until you object to such processing, but no longer than 10 years from the date of obtaining your data for this purpose;
- to send the newsletter - for this purpose we process your data until the time when you are a registered user of this service, or until you file an objection to such processing, depending on which of these events occurs first;
- collection of receivables, conducting court, arbitration and mediation proceedings, archiving, ensuring the possibility of us settling the correctness of data processing and fulfilling other obligations under the law - we process personal data for this purpose until the end of the limitation period (this period will depend on type of claim in accordance with the Civil Code or other legal acts regulating the principles of non-civil liability);
- building anonymous statistics of visits to our Portals, including for marketing purposes (including for the purpose of analyzing and profiling data for marketing purposes, in particular to adapt messages to your preferences) and to support their functionality (login, content presentation, form support) ) - for this purpose, we process data throughout the period in which you use our Portals or services provided electronically (such as a newsletter) and later for a period of 5 years from the time you stopped using our Portals or services.
- Who is the recipient of your personal data?
We only share your data when it is necessary. We do not sell your data.
We can transfer your personal data to our contractors, i.e .:
1) companies that provide us with the services necessary for our proper functioning, e.g.
- companies providing for us the services of delivery and maintenance of database software, suppliers of business management systems, through which we can run our Portals, send newsletters, keep relevant sales records, etc.;
- entities providing hosting services;
- marketing agencies that help us understand what our Clients are interested in that help us create interesting offers, promotions and help us with ongoing communication with Clients, including you;
- consulting and law firms, as well as accountancy offices that support us in our daily activities;
2) our subcontractors, with whom we cooperate in order to provide services to our Clients, including companies affiliated with the Administrator, such as MU Interactive sp. z o.o. in Warsaw or MU Interactive Media sp. z o.o. with its registered office in Warsaw;
3) to our partners to whom we share your data in the framework of commercial cooperation, if we asked for permission for such action, and you gave it to us by providing us with your details.
For entities in each category, we only provide data that is necessary to achieve the goals of our cooperation with it.
- Do we process your personal data automatically (including via profiling) in a way that impacts your rights?
Your personal data may be processed automatically (including in the form of profiling); however, this will not have any legal consequences in relation to you or similarly will not significantly impact the situation that you are in.
As part of our marketing, we want to be able to present you content tailored to your interests. Profiling of personal data by the Administrator consists in processing your data (including in an automatic way) by using them to assess some information about you, especially for the purpose of analysis of forecast of personal preferences or interests.
- How do we process your personal data?
We process your personal data in accordance with applicable law, in particular in accordance with the GDPR. We have in mind the following rules when processing your personal data:
- Adequacy rule. We process only data that is necessary to achieve a given processing purpose; we have analyzed the fulfillment of this rule for each process;
- Transparency rule. You should have full knowledge of what is happening to your data. This document, in which we try to provide you with full information about the rules of processing your personal data by us, is its manifestation;
- Regularity rule. We strive to keep your personal data in our systems up-to-date and truthful;
- Integrity and confidentiality rule. We apply the necessary measures to safeguard the confidentiality and integrity of your personal data. We are constantly improving them, along with the changing environment and technological progress. Security includes physical and technological measures restricting access to your data, as well as appropriate measures to prevent loss of your data;
- Accountability rule. We want to be able to account for each of our actions on personal data, so that in the event of your inquiry, we can give you full and reliable information about what actions we have carried out on your data.
- What are your rights?
The provisions on the protection of personal data give you a number of rights that you can use at any time. Unless you abuse these rights (e.g. unreasonable daily requests for information), the use of them will be free for you and should be easy to implement.
Your rights include the following:
- The right to access your personal data. This rule means that you can ask us to export from our databases the information we have about you and send it to you in one of the commonly used formats (e.g. XLSX, DOCX etc.);
- The right to correct data. If you find out that the data processed by us is incorrect, you have the right to ask us to correct it and we will be obliged to do so. In this case, we have the right to ask you to provide a document or other proof of change of data;
- The right to restrict data processing. If, despite our adherence to the adequacy rule, you think that we process an overly extensive range of your personal data for a particular process, you have the right to request that we limit this scope of processing. Unless your request is against the requirements imposed on us by applicable law, we will accept your request;
- The right to request the deletion of data. This right, also known as the right to be forgotten, means your right to demand that we remove any information that contains your personal data from our database systems and our records. Remember that we will not be able to do this if, under the law, we have an obligation to process your data (e.g. transaction documents for tax purposes, an obligation to ensure the accountability of our activities). In each case, however, we will remove your personal data to the fullest extent possible, and where it is not possible we will ensure their pseudonymisation (which means the inability to identify the data person without a relevant key), so that your data, which we must keep in accordance with applicable law, will be available only to a very limited group of people;
- The right to transfer data to another data admnistrator. According to the GDPR, you can ask us to export the data you provided to us in the course of all our contacts to a separate file for further transfer to another data administrator;
- The right to withdraw consent. If we process your personal data on the basis of your consent, you can withdraw this consent at any time. Withdrawal of consent will not affect the lawfulness of the processing we have made on the basis of consent expressed prior to its withdrawal. However, we would like to inform you that your personal data in the scope covered by the withdrew consent, i.e. in the scope of the consent of which it was requested, will cease to be processed for this purpose. However, your personal data covered by the consent will be further processed in order to fulfill our obligations under the law, including, in particular, the obligation to account for the correctness of personal data processing, possibly for purposes based on our legitimate interest.
You can perform the above mentioned permissions by contacting us at the e-mail address email@example.com or by mail to the address of MU Interactivesp. z o.o., ul. Lirowa 13, 02-387 Warszawa with the note: "GDPR".
In matters related to personal data, you can also write to us when any action or situation you encounter will raise your concerns about whether it is legally compliant or does not violate your rights or freedoms. In this case, we will answer your questions and concerns and immediately address the issue.
If you feel that we have violated the rules for processing your personal data in any way, then you have the right to file complaints directly with the supervisory authority (from 25 May 2018 it is the President of theOffice for the Protection of Personal Data). As part of the exercise of this right, you should provide a full description of the situation and indicate what action you consider violating your rights or freedoms. The complaint should be submitted directly to the supervisory authority.
- What is the right to object?
We would like to inform you separately that you also have the right to object to the processing of your personal data. You submit the right to object when you do not want us to process your personal data for a specific purpose (e.g. for marketing purposes).
You have the right to object also when the processing of your personal data is based on a legitimate interest or for statistical purposes, and the opposition is justified by the particular situation in which you have found yourself.
In this case, we will continue to process your data for other processes (for other purposes), but not for the purpose for which you objected.
You can report the right to object to the e-mail address firstname.lastname@example.org or by mail to the address of MU Interactive sp. z o.o., ul. Lirowa 13, 02-387 Warszawa with the note "Personal data".
- Is it your responsibility to provide your data?
You provide personal data to us voluntarily. There is no provision that would impose a legal obligation on you to transfer it.
However, if you want to use our services, you must provide data that will enable us to conclude and perform the contract with you, as well as its proper tax settlement and documenting for the accountability of our activities.
Personal data provided for contact or marketing purposes is necessary for us to be able to contact you or conduct marketing activities that you agree with or at least do not oppose. If you do not provide it, our communication with you will be either difficult (e.g. if you enter only the phone number, but not the e-mail address), or even impossible (if you do not provide any contact details).
- Do we share your data outside of the EU?
No, the Administrator does not intend to transfer your data to a third country or to international organizations.