Implementing the principles of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union of 2016, No. 119, page 1, L 119/1 as amended), below please find basic information:
What is personal data and how is it processed?
The personal data is any information concerning a natural person which enables to determine directly or indirectly the identity of such a person. The processing of personal data are operations performed on personal data, especially collection, recording, storage, preparation, alteration, disclosure and removal.
We process such personal data as:
user's name and surname (if such data is provided as part of a contact form or correspondence with any other user),
user's alias or nickname (if such data is provided as part of a contact form or correspondence with any other user),
user's email (if such data is provided as part of a contact form or correspondence with any other user).
Who is the controller of personal data?
Daniel Pawelski is a Controller of personal data.
The Controller will also be hereinafter referred to as DP.
Authorized DP's workers and co-workers have access to personal data.
You may contact the Controller via his email address: contact@aokotorigames.com
Why do we process personal data?
Personal data is processed in order to:
prepare, conclude and execute a contract/agreement for the provision of services electronically or software license agreements,
perform duties the Controller is liable for in accordance with provisions of the law in force,
archive data,
possibly determine, demand or protect against claims,
implement customer satisfaction surveys,
recognise users' complaints, comments, reservations and suggestions,
exchange correspondence,
prepare analyses and statistics aiming at development and improvement of the services provided,
take up marketing and promotional activities - having obtained a previous consent.
Although providing personal data is voluntary, nevertheless it is a sine qua non condition to conclude the contract/agreement, execute the contract/agreement, reply to questions and requests directed and implement legal obligations, whereas the Controller obtained access to such personal data directly from a person concerned, from a person authorized to transfer such personal data or obtained such data from available, legal websites, registers or data sets.
In the event when a particular person does not consent to provide his/her personal data, it is not possible, in particular, to conclude the contract/agreement with the Controller. Also, the Controller does not have the opportunity to reply to questions sent.
This excludes a situation when a particular person does not consent to provide his/her personal data for marketing and promotional purposes. The consent to processing of personal data for marketing and promotional purposes is voluntary and it does not exert influence on the conclusion of any other contracts/agreements.
The Controller or persons authorized by the Controller may contact the person whose personal data is processed via electronic mail in order to:
ensure proper performance of obligations connected with the contract/agreement,
ensure observance of obligations connected with the contract/agreement,
prepare or amend the contract/agreement,
provide replies to messages and applications,
implement obligations arising from generally applicable provisions of the law.
Who may DP transfer personal data to?
Personal data may be transferred to the extent necessary to entities processing data in connection with services ordered by DP (e.g. IT service providers, accountants, lawyers, hosting companies).
It is possible to transfer personal data outside the European Economic Area (EEA) which, in particular may be connected with IT tools used provided that a proper security level of personal data is ensured which will be approved, in particular by:
cooperation with entities processing personal data in countries with reference to which a relevant decision of the European Union has been issued,
application of standard contractual clauses issued by the European Union,
application of binding corporate rules approved by a competent supervisory body.
The entities, which will get personal data from DP, are obliged to observe procedures connected with protection of personal data, which are provided for in the provisions of law in force.
Is personal data secure?
DP as the Controller analyzed risks which are connected with individual processes of personal data processing and next implemented proper security and personal data protection measures.
Which rights do you have in connection with processed personal data?
The persons whose rights are processed have the following rights:
the rights of information about processed personal data,
the right to obtain a copy of data,
the right to rectify,
the right to erase data,
the right to request restriction of processing of personal data,
the right to data portability,
the right to object the processing of any personal data,
the right to withdraw the consent to processing of his or her personal data,
the right to lodge a complaint with a competent supervisory authority, which in case of Poland is the President of the Personal Data Protection Office.
The Controller has not appointed any Data Protection Supervisor. If you are a person whose rights are processed and wish to exercise your rights vested, you should contact DP electronically via email: contact@aokotorigames.com.
When addressing a request do DP, you should do it in such a way that it is possible to determine explicitly what is requested, that is, in particular:
• Which entitlement do you wish to exercise?
• Which processing personal data does your demand concern?
A reply to any application should be completed within a month from receiving the statement. If it is necessary to prolong such a term, the Controller will inform of the reasons for such prolongation.
The Controller reserves the right to refuse to erase data if its maintenance is essential to satisfy the claims or if provisions of the law in force allow a further processing of personal data.
Any claim of any person will be satisfied free of charge and at the same time it is possible we will collect a reasonable fee in the event of:
• submitting a request to issue the second and any subsequent copy of data (the first copy of data is free of charge), • submitting by the same person excessive and, obviously, unjustified requests.
In case of questioning a decision about imposing a fee, such a person may lodge a complaint with a competent supervisory authority, which in the case of Poland is the President of the Personal Data Protection Office.
How long can personal data be processed?
Personal data will be processed for a period essential to execute the objectives when data is processed or until an objection is submitted if the grounds for the processing is Controller's legitimate interest or withdrawal of the consent or if the grounds for the processing is the consent given. Afterwards, the Controller will be able to maintain such data until limitation of any possible claims or until a requirement to store personal data, which arises from provisions of the law, expires.
Approximately, the Controller indicates that personal data, most frequently, will be stored for the period of 7 years from execution the last of contractual obligations, which is connected with a limitation period referred to in Article 118 of the Civil Code and one additional year in case when the Controller shall not receive a copy of the statement of claim or request before expiration of a six-year limitation period.
What are legal grounds for processing your data?
Any processing of data must be based on a relevant legal basis which is consistent with applicable provisions of the law.
A legal basis for processing data for purposes connected with conclusion of contracts/agreements and their performance is indispensability to conclude contracts/agreements or upon the user's request to take up activities before the conclusion of a contract/agreement.
Additionally, a legal basis is indispensability to perform a legal obligation resting with the Controller and indispensability for the purposes arising from legitimate interests implemented by the Controller.
A final legal basis may be a voluntarily given consent for the Controller.