Eklektika Sp. z o.o. takes great care to keep your personal data private. This document explains how we collect, process and use data about the Users of the www.eklektika.pl online service (Service).
General information about data processing and User rights
- What personal data are:
Personal data is information about an identified or identifiable natural person. When you use our services, such data include, for example, your email address, IP address or the data in your account with EKLEKTIKA. Personal data can be recorded in cookie files.
- Who is the controller of your data:
The controller of the personal data of visitors using the Service (Users) is Eklektika Spółka z ograniczoną odpowiedzialnością, with its registered office at Opaczewska 15/31, 02-368 Warszawa, entered into the National Court Registered maintained by the District Court for the Capital City of Warsaw, XII Commercial Division of the National Court Register, under KRS number 0000493181 (Controller).
Personal data processing follows the provisions of Regulation of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (henceforth “GDPR”).
The data Controller can be contacted by mail at firstname.lastname@example.org, the contact form available at https://eklektika.pl/kontakt/, by phone at +48 22 6228669 or in writing to the address of the controller’s registered office.
- The legal basis for the processing of your data
Whenever your data is processed, this must have an appropriate legal basis.
The legal basis for the processing of your data for the provision of services is:
- The fact that this is necessary to perform the agreements for service provision (such agreements are the terms and conditions or other similar documents available in services you are using). If you open an account with us so that EKLEKTIKA can provide a service to you, the account agreement authorizes EKLEKTIKA to process the data that are necessary to provide such an account (the data you provide in account profile). In the case of the lack of such an authorization, EKLEKTIKA would not be able to provide such a service.
- In the case of the use of the Newsletter and cookie files, the legal basis of processing is your consent. The submission of personal data is voluntary. Failure to provide consent precludes the use of the Newsletter.
- The fact that processing is necessary for purposes stemming from the controller’s legitimate interests. This legal basis of processing applies to cases where the processing is justified by our legitimate needs, which includes, among others, the possibility of pursuing claims by EKLEKTIKA as well as the necessity to ensure the security of the services we provide (e.g. verification whether an unauthorized person is not logging onto your account), making statistical measurements, improving our services and adjusting them to the user’s needs and convenience.
- The purpose of the processing:
We are processing your personal data, because this is necessary to perform the agreement we have with you, including:
- to provide services electronically;
- to open and manage an account as well as enable account assistance, including technical assistance;
- to deal with submissions we receive from you (e.g. via the contact form);
- to contact you, including for the provision of services.
Moreover, we are processing your data:
- to determine or pursue potential claims or to defend EKLEKTIKA against such claims;
- for purposes stemming from EKLEKTIKA’s legitimate interests.
- EKLEKTIKA provides appropriate technical and organizational measures to safeguard the personal data made available by you, in particular to prevent access to said data by third parties and to prevent their processing in violation of the law, as well as their loss, damage or destruction.
- Your rights:
You have the right to access your data and to demand that they be rectified or erased or that their processing be limited, and the right to withdraw consent at any time by contacting the Controller.
You right to data portability means that you have the right to receive from us your personal data in a structured, commonly used IT format suitable for machine reading. You can transfer these data to another controller, or you can request that we transfer your data to another controller. However, we will only do so if such transfer is technically feasible. The right to personal data portability only applies to the data that we are processing based on an agreement with you or on your consent.
The detailed catalogue of your rights can be found in the GDPR (eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32016R0679)
Moreover, you have the right to file a complaint with the supervisory authority in charge of personal data protection, currently the General Inspectorate for Personal Data Protection and in the future the President of the Personal Data Protection Office.
- The Controller has the right to refuse to delete the User’s data if preserving them is necessary to respond to the User’s claims or if it is required by law.
- The submission of personal data is voluntary but necessary for the performance of the service provision agreement executed between the User and the data EKLEKTIKA.
- Pursuant to applicable laws, we can transfer your data to entities that will process them on our behalf, e.g. subcontractors and entities authorized to obtain data on the basis of applicable laws, e.g. courts or law enforcement, but only when they request this on appropriate legal basis.
- The Service does not automatically collect any data, with exception of data contained in cookie files.
- The cookies are IT data, in particular text files, which are stored on the terminal device of the User of the Service and are designed for use when using the web pages of the Service. Cookies typically contain the name of the website they originate from, information on the time of their storage on the terminal device and a unique number.
- The entity that places the cookies on the Service User’s terminal device and that accesses them is the Controller and other entities that co-create the Controller’s Service.
- Cookie files used in the Service are used to:
- a) adjust the content of the web pages of the Service to the User’s preferences and to optimize the use of web sites; in particular, the files make it possible to recognize the Service User’s device and to display the web page adequately, in a way that is adjusted to the User’s needs;
- b) gather statistical data that make it possible to understand the Users’ patterns of use of the web pages of the Service, in order to improve the structure and content.
- The cookies placed on the User’s terminal device can also be used by partners who cooperate with the Controller.
- More information on cookie files is available in the “Help” section in the menu of the internet browser.
II. Contact forms
- All the data submitted by the User in the contact forms available on the “Contact” web page (“Order a trial lesson”, “Inquire about our offer” or “Check your level”) are used by the Controller solely to contact the User and to answer the User’s request for information on language courses or the User’s course application.
- The User’s data submitted in the contact forms listed above are deleted immediately after responding to the User’s request for information, with the exception of the personal data of a User who decides to enter into a business relationship with the Controller, in which case such data are stored in the “Clients” or “Students” databases.
III. Web page logs
- The information on some of the actions of the Users of the Service is logged in the server layer. Such data are used solely for the purpose of website administration or to provide the best possible hosting service, and they are not associated with individual Users (the User’s actions are identified with URL addresses).
- The following information may be recorded:
- the time of the request,
- the time of the answer,
- the name of the User’s workstation (identified through the HTTP protocol),
- the URL address of the website previously visited by the User in the situation where a link was used,
- data on the User’s browser.