Privacy policy

Rules of processing personal data

Dear User,

To ensure that our data processing processes are fully transparent, we present to you the rules of personal data protection binding in UX-PM Limited, constituted based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, (General Data Protection Regulation), hereinafter “GDPR.”

We inform you that the operator of the website is UX-PM Limited company with its registered office in 14-15 Lower Grosvenor Place, C/O Aks Advisors 5th Floor, London, SW1W 0EX, United Kingdom.


1. In relation to conducting their business, the Controller collects and processes personal data in accordance with the relevant provisions, in particular with the GDPR, and the rules of processing data determined in them.

2. The Controller:

–         ensures the transparency of processing data;

–         always informs Users about processing data when they collect them, particularly about the purpose and legal basis for processing personal data, unless they are not obligated to do so based on separate provisions,

–         ensures that the data are collected only in the scope necessary for a given purpose and processed only for the necessary duration,

–         while processing data, the Controller ensures their safety and confidentiality and the data subjects’ access to information about the processing. Should, despite the applied protection measures, a data breach (e.g., data “leak” or their loss) occur, and such a breach could cause a high risk of breaching data subjects’ rights or freedoms, the Controller will inform data subjects about a such incident in accordance with the provisions.

Chapter 1 – Definitions

  1. Controller – UX-PM Limited company with its registered office in 14-15 Lower Grosvenor Place, C/O Aks Advisors 5th Floor, London, SW1W 0EX, United Kingdom.
  2. Personal data – any information relating to a natural person who is identified or identifiable through one or more factors determining their physical, physiological, genetic, psychological, economic, cultural, or social identity, including their image, voice recording, contact details, location data, the information contained in correspondence, information collected through recording equipment or other similar technology.
  3. Services – any services offered by the Controller.
  4. User – any natural person visiting the Website or using one or more services or features described in the Privacy Policy and the rules of personal data processing

Chapter 2 – The Controller

  1. UX-PM Limited company with its registered office in 14-15 Lower Grosvenor Place, C/O Aks Advisors 5th Floor, London, SW1W 0EX, United Kingdom.
  2. You can contact the Controller at: [email protected] via e-mail at the address of the controller’s registered office.

Chapter 3 – Purposes and legal bases of data processing

1. The User’s personal data will be processed for the following purposes:

a. to ensure participation in a courses or webinar to which the user has signed up – the legal basis is the necessity of data processing in order to perform and provide the Webinar service (article 6, section 1, point b GDPR),

b. carrying out direct marketing of the Administrator’s products or services or those of its business partners – based on the User’s consent (article 6, section 1, point a GDPR),

c. respond to a message sent via the contact form, reply to Users on questions connected with the service and its functions, review complaints and requests – based on the Controller’s legally justified interest (article 6 section 1 point f GDPR) which is to improve the functionality of services provided in electronic form and to build positive relations with the Users based on diligence and loyalty;

d. carrying out the Controller’s legal responsibilities in the scope of taxes and accounting (for tax purposes) (based on article 6, section 1, point c GDPR)

e. analytical and statistical purposes based on the Controller’s legitimate interest, which is to verify the User’s activity and their preferences for optimization of services and products, and the existing website’s features (article 6, section 1, point f GDPR),

f. pursuing possible claims or defending against claims which the User or Controller may both have (based on the Controller’s legitimate interest, article 6, section 1, point f GDPR).

2. In each of the cases in point 1, providing your data is voluntary, however, necessary to enter the agreement and use other features of the Application and website.

Chapter 4 – The scope of data being processed

  1. The Controller processes personal data necessary to provide and develop the offered features available on the website and its functionalities.
  2. The scope of the collected data is adequate to the purpose for which they are collected.
  3. The Controller processes:
  • Data related to providing the services – failure to provide some data may result in the impossibility of using all the service’s functions.
  • All information is voluntarily shared by the User from their own initiative while using the website for example in contact form

Chapter 5 – Duration of processing personal data

  1. The duration of data processing by the Controller depends on the type of service provided and the purpose of the processing:
    • As a general rule, the data shall be processed for the duration of the service provided or the execution of the order, until the expressed consent is withdrawn or an effective objection is made to the data processing in cases where the legal basis for the data processing is the legitimate interest of the Administrator. Data obtained during communication with the User will be processed until an objection to the processing is raised:
    • The personal data of webinar participants will be stored until the completion of the services related to the organization and conduct of the webinar (until the last webinar in the series), and after that, for a period necessary to keep compliance with the provisions of law, pursuing or defending against possible claims, however, not longer than 6 years.
  2. After the expiry of the dates determined in point 1 above, the User’s personal data and their Representative disclosed while using website will be removed or anonymized by the Controller.

Chapter 6 – Data recipients

1. Data processed by UX-PM Limited may be disclosed to external subjects, in particular:

a. hosting services providers;

b. mail providers, including electronic mail;

c. providers of legal and accounting services;

d. IT services providers (who provide services helping the Controller run and maintain the Application);

e. the Controller’s subcontractors.

2. In justified cases, based on an appropriate legal basis, data may be shared with bodies or third parties who request access to such information.

3. The Controller, in general, does not share data outside the European Economic Area. However, if it is necessary, data are shared with an ensured level of protection, mostly through:

–  cooperation with subjects processing data in countries that received an appropriate decision from the European Commission regarding the confirmation of insurance of an appropriate level of personal data protection;

–  applying standard contractual clauses issued by the European Commission;

–  applying binding corporate rules approved by an appropriate supervisory body.

The Controller always informs Users about an intention to share personal data outside the EEA at the stage of collecting them.

Chapter 7 – Data subjects’ rights

  1.  Each Data subject whose data are processed by the Controller has the right to:–         access their personal data,

    –         rectify data,

    –         remove data,

    –         restrict the processing of data,

    –         data portability

    –         object to the processing which occurs based on the Controller’s legitimate interest,

    –         withdraw their consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  2. The User also has the right to file a complaint to the President of the Personal Data Protection Office if they think that the processing infringes on the GDPR provisions.
  3. Despite being located outside the EEA, the Administrator declares that all User rights will be implemented in accordance with the GDPR within the European Union. However, should it become necessary to transfer this data for purposes not yet defined, e.g. in the event of the assertion or defence of claims, the Administrator will inform the User.

Chapter 8 – Information about automated decision-making, including profiling

  1. In relation to the User, there will not be any automated personal data processing, including profiling resulting in making decisions producing legal effects for the User or influencing them significantly in a similar way.

Chapter 9 – Cookie files

  1. The UX-PM Limited uses cookie files, i.e. IT data stored on the User’s end device, containing, among others, information necessary for the application to work properly. In the cookie files, there may be a unique number which identifies the user’s device, however, their identity is not determined by this number.
  2. The Controller uses the following types of cookie files
    1. Indispensable – making it possible for the UX-PM Limited functionalities to work, e.g. logging in, setting preferences and ensuring security – files processed on the basis of the legitimate interest of the controller (article 6 section 1 point f of the GDPR);
    2. Analytical – making it possible to gather information about the frequency of using the website and serving to create aggregated and anonymous statistics enabling to perfect the application’s functionalities and efficiency – files processed based on the user’s voluntary consent (article 6 section 1 point a of the GDPR);
    3. Functional – making it possible to remember logging data, geographic region and thus to personalize the website for the user. – files processed based on the user’s voluntary consent (article 6 section 1 point a of the GDPR);
    4. Advertising – a.k.a marketing – allow us to tailor the ads and content displayed to our users’ preferences and to conduct personalized marketing campaigns – files processed based on the user’s voluntary consent (article 6 section 1 point a of the GDPR);
  3. The Controller uses cookie files for the following purposes:
    1. to create aggregated statistics, enabling to perfect the structure, functionality and efficiency of the website,
    2. to keep the user’s session after logging in,
    3. to ensure the security and possible identification overcharging the server, undesired automated programs for browsing content.
  4. The cookie files mechanism is safe for the user’s device. In particular, it is not possible to remotely access viruses or other unwanted, including malicious, software.

This Policy is binding from 1.01.2024