If You have any further questions considering processing of your personal data, please do not hesitate to contact us by using contact form, which you can find here: https://gamefound.com/contact.
1. Basic definitions.
2. What personal data do we collect and process, what is the purpose of processing and what is the legal basis?
3. How long do we process your personal data for?
4. Who has access to your personal data?
5. What are the „cookies”? How do we use them and in what purpose?
6. What your rights regarding your personal data are?
7. Contact us.
1. BASIC DEFINITIONS
Personal data – any information relating to you, that allows your identification i.e.: name, surname, e-mail address, phone number, IP address etc.;
Processing – means any operation or set of operations which is performed on your personal data i.e.: collection, recording, storage, adaptation or alteration, messaging, restriction, erasure or destruction;
Customer – an adult individual with full legal capacity, a legal entity or organizational unit without legal personality but with capacity to perform legal acts, who uses the Website on the terms set out in the Terms of Service, which you can find here: https://gamefound.com/terms;
Controller – Gamefound Sp. z o.o. with its registered office in Wrocław (50-127) at the following address ul. św. Mikołaja 58, registered in the Register of Entrepreneurs conducted by the District Court for Wrocław-Fabryczna, VIth Commercial Department of the National Court Register under KRS number 0000778227, holder of Business entity statistical number (REGON): 382893080, Polish taxpayer’s identification number (NIP): 8971865043, holder of share capital in the amount of 5,000,00 PLN; („Gamefound”).
Website – https://gamefound.com;
Services – all services provided by the Controller via Website.
2. WHAT PERSONAL DATA DO WE COLLECT AND PROCESS, WHAT IS THE PURPOSE OF PROCESSING AND WHAT IS THE LEGAL BASIS?
In order for you to create an account on our Website and to use our Services, we need to collect and process certain information. That may include information you provide especially by completing forms on our Website or contacting us by e-mail e.g.:
- Customer’s identification data (name, surname, e-mail address, nick, IP address),
- Metadata about communication (date of contact).
Your personal data mentioned above, are processed for the purpose resulting from the function of a given form, for instance, for the purpose of responding for enquiry or providing Services.
Decisions taken by the Controller are at no stage based on automated processing (including profiling) of personal data.
The legal grounds depend on context of our communication. If your personal data is being processed only to give you a detailed information about our Services or to answer your questions, which you asked by using the contact form or via e-mail, the legal ground for this kind of processing is our legitimate interest (Article 6(1) letter f GDPR).
We can also send commercial / marketing information to electronic addresses (e-mail) but only if you give us prior marketing consent. The legal ground for this kind of processing is our legitimate interest (Article 6(1) letter f GDPR).
If the function of given form is to conclude a contract, the processing is based on Article 6(1) letter b, which gives us the right to process when it „is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract” e.g. adjusting Services to your needs or generating settlements.
Providing all information is voluntary, but some data (appropriately marked at the registration stage) are necessary for the conclusion of the contract and for the provision of Services by us.
When we collect some of your data during a conference or any other event in which our representatives took part, the data from the business card are processed in order to send you information about our Services. In such cases, the legal ground for our action is our legitimate interest (Article 6(1) letter f GDPR).
You can find further information about your rights regarding your personal data in section VI of the Policy.
3. HOW LONG DO WE PROCESS YOUR PERSONAL DATA FOR?
We store personal data not longer than is necessary, to achieve the purposes, for which they are processed.
If you are not our Customer, data collected only in connection with the current contact, are being processed for a period of few weeks to a maximum of 2 years.
Data collected on the basis of your consent are being processed until the withdrawal of your consent or when the purpose, for which it was collected, will cease to exist.
Data collected to send commercial / marketing information to electronic addresses (e-mail), are being processed no longer than for 3 years from the last activity of the Customer towards the Controller.
Data that are necessary for the performance of a contract are being processed for the duration of the contract and usually another 6 years after its termination, which results from tax regulations and the limitation period for certain claims.
If we process your personal data to determine or assert any claims or to defend against above mentioned Customer’s claims (the legal ground for this action is our legitimate interest (Article 6(1) letter f GDPR)), we store the personal data until the laps of the limitation period for that claims, which arise from the generally applicable provisions of law.
If we process your personal data to compliance with a legal obligation to which the Controller is subject, we store the personal data for a period of performing this obligation.
4. WHO HAS ACCESS TO YOUR PERSONAL DATA?
The access to your personal data is only granted to:
- authorized employees and co-workers, who are obliged to keep them secret and not to use them for purposes other than those for which we have collected them,
- entities that support us in service providing, based on appropriate contracts e.g. legal, consulting, telecommunication service providers.
All these entities have access only to necessary information.
Sometimes, the entities providing us with solutions are registered outside the European Economic Area (EEA). In this case, if your personal data will be processed outside the EEA, we provide the appropriate legal mechanisms for their security, including standard data protection clauses adopted under the decision of European Commission, we conclude entrustment data contracts that meet the requirements of the GDPR, and, in the case of transferring data to the USA, we verify the participation of our partners in the Privacy Shield program (more: https://www.privacyshield.gov/). You have the right to access the list of such recipients and a copy of the security we use.
We may also be required to provide specific information relating to you, to public authorities for the purposes of proceedings conducted by them. In this case, the information is provided only if there is a proper legal ground.
5. WHAT ARE THE „COOKIES”? HOW DO WE USE THEM AND IN WHAT PURPOSE?
“Cookies” are small data files that are issued to your device when you visit a Website and that store information about your use of our Services. We use “cookies” to help recognize you as a repeat visitor, to improve the quality of our Services and to collect statistical data.
The legal ground for the use of “cookies” is usually your consent (article 6(1) letter a GDPR “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”), except when they are necessary for the functioning of our Website (“technical cookies”), when it’s based on our legally legitimate interest. Additionally, the Customer can give us a consent to use the marketing and analytic “cookies”.
We remind you that when data processing is based on your consent, you can withdraw your consent at any time.
“Technical cookies” do not collect any information about the Customer that could be used for marketing purposes or to remember which places on the Internet were visited by the Customer. Not accepting these “cookies” may prevent you from using most of our Services or significantly slow down functioning of the Website, so we recommend you to accept the use of technical “cookies”.
“Analytic cookies” obtain information about how Customers use our Website and monitor the efficiency of the Website. This allows us to quickly identify and fix any problems that Customers may encounter and ensure a high quality of browsing the Website. We use “analytic cookies” to analyse Customer visits, their duration and frequency.
“Marketing cookies” are used to obtain information about Customer’s activity on our Website. Their purpose is to display commercials that are relevant and interesting for individual Customer and therefore more valuable to third-party publishers and advertisers.
From the perspective of persistency, we use the following types of “cookies”:
- “session cookies” – which are temporary files, stored on the Customer’s device until he/she logs out, leaves the Website or turns off the software (the Internet browser);
- “persistent cookies” – which are stored on the Customer’s device the entire time specified in “cookie” parameters or until the Customer deletes them.
Depending on the purposes and legal grounds for processing personal data collected by “cookies”, they may be stored for the time indicated in Section III of this Policy.
We assure you that all information is used by us only for the purposes indicated above and in no case are harmful to you or your device, because they do not lead to any configuration changes. Your browser may give you the ability to control “cookies”, including blocking or deleting them (the procedure depends on type of your browser).
6. WHAT YOUR RIGHTS REGARDING YOUR PERSONAL DATA ARE?
For efficient implementation of Customer’s rights, please send all requests to the e-mail address: email@example.com, with the subject: “GDPR’s demand”, indicating which right you want to exercise. Every Customer has the following rights:
1. Right of access - In any time, you can obtain from us confirmation as to whether or not your personal data are being processed, access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- who are the recipients;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
2. Right to rectification - If you feel that the information relating to you is incorrect or incomplete, you have the right to request the rectification of the data.
3. Right to withdraw the consent – you can withdraw your consent at any time, without affecting the legality of the processing, which was performing prior to this withdrawal.
4. Right to erasure (‘right to be forgotten’) - The GDPR gives you the right to obtain from us the erasure of all your personal data. We are obligated to make your request, only if one of the following grounds applies:
- your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdrew consent on which the processing is based and where there is no other legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- you object to the processing for direct marketing purposes;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
5. Right to restriction of processing - You can also obtain the restriction of processing, where one of the following applies:
- you contest the accuracy of the personal data – for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful but you oppose the erasure of your personal data and you request the restriction of their use instead;
- we no longer need your personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims,
- you have objected to processing – only until the dispute is resolved.
6. Right to data portability - You have right to receive your personal data in a structured, commonly used and computer-readable format and have the right to transmit those data to another controller, when:
- the processing is based on your consent or on a contract and
- the processing is carried out by automated means.
7. Right to object - According to GDPR you have right to object:
- to processing of personal data, when it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Controller – on grounds relating to your particular situation;
- to processing of personal data, when it is necessary for the purposes of the legitimate interests pursued by Controller or by a third party, except where such interests are overridden by the interests or your fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child, including profiling – on grounds relating to your particular situation;
- at any time – to processing of personal data for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing;
- to processing of personal data for scientific or historical research purposes or statistical purposes – on grounds relating to your particular situation.
If, in spite of the Customer's objection, we consider that there are important, legally valid grounds for processing personal data, which override the Customer's interests, rights and freedoms, we can continue processing the Costumer’s personal data.
If you disagree with above mentioned Controller’s situation assessment, you have the right to lodge a complaint with a supervisory authority (for more information, see point VII below).
8. Right to lodge a complaint with a supervisory authority - Due to our actions as a Controller, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
If you want to lodge a complaint in Poland, since 25th May 2018 the function of the supervisory authority is held by the President of the Data Protection Office / Prezes Urzędu Ochrony Danych Osobowych (PUODO). A detailed description of the procedure for lodging a complaint to PUODO is available on the website maintained by PUODO which you can access by clicking the following link: https://uodo.gov.pl/
7. CONTACT US
The Controller of your personal data is Gamefound Sp. z o.o. with its registered office in Wrocław at the following address: ul. Św. Mikołaja 58, Wrocław, 50-127, Poland.
E-mail address: firstname.lastname@example.org