Rules of processing personal data
Dear ux-pm.com User,
To ensure that our data processing processes are fully transparent, we present to you the rules of personal data protection binding in Symetria UX, constituted based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, (General Data Protection Regulation), hereinafter “GDPR.”
We inform you that the operator of the ux-pm.com website is Symetria UX limited liability company with its registered office in Poznań (60-749) at Wyspiańskiego 10/3 Street, entered in the Register of Entrepreneurs of the National Court Register under KRS number: 0000521812, NIP: 779-242-40-20, REGON 302809682.
PERSONAL DATA PROCESSING BY THE CONTROLLER
- In relation to conducting their business, the Controller collects and processes personal data in accordance with the relevant provisions, in particular with the GDPR, and the rules of processing data determined in them.
- The Controller:
– ensures the transparency of processing data;
– always informs Users about processing data when they collect them, particularly about the purpose and legal basis for processing personal data, unless they are not obligated to do so based on separate provisions,
– ensures that the data are collected only in the scope necessary for a given purpose and processed only for the necessary duration,
– while processing data, the Controller ensures their safety and confidentiality and the data subjects’ access to information about the processing. Should, despite the applied protection measures, a data breach (e.g., data “leak” or their loss) occur, and such a breach could cause a high risk of breaching data subjects’ rights or freedoms, the Controller will inform data subjects about a such incident in accordance with the provisions.
Chapter 1 – Definitions
- Controller – Symetria UX limited liability company with its registered office in Poznań (60-749) at Wyspiańskiego 10/3 Street, entered in the Register of Entrepreneurs of the National Court Register under KRS number: 0000521812, NIP: 779-242-40-20, REGON 302809682.
- Personal data– any information relating to a natural person who is identified or identifiable through one or more factors determining their physical, physiological, genetic, psychological, economic, cultural, or social identity, including their image, voice recording, contact details, location data, the information contained in correspondence, information collected through recording equipment or other similar technology.
- Services – any services offered by the Controller or relating to the Application.
Chapter 2 – The Controller
- Symetria UX limited liability company with its registered office in Poznań (60-749) at Wyspiańskiego 10/3 Street.
- You can contact our Data Protection Officer at: [email protected] or via e-mail at the address of the controller’s registered office.
Chapter 3 – Purposes and legal bases of data processing
- The User’s personal data will be processed for the following purposes:
a. to ensure participation in a courses or webinar to which the user has signed up – the legal basis is the necessity of data processing in order to perform and provide the Webinar service (article 6, section 1, point b GDPR) ,
b. carrying out direct marketing of the Administrator’s products or services or those of its business partners – based on the User’s consent (article 6, section 1, point a GDPR),
c. transfer of personal data contained in the registration form to the partner with whom Symetria UX cooperates in the promotion of UX-PM – based on the User’s consent (article 6, section 1, point a GDPR),
d. sharing information about the features of the Services provided by the Controller, including commercial information via e-mail at a provided e-mail address in the form of a newsletter based on the User’s consent (article 6, section 1, point a GDPR)
e. carrying out the Controller’s legal responsibilities in the scope of taxes and accounting (for tax purposes) (based on article 6, section 1, point c GDPR)
f. analytical and statistical purposes based on the Controller’s legitimate interest, which is to verify the User’s activity and their preferences for optimization of services and products, and the existing website’s features (article 6, section 1, point f GDPR),
g. pursuing possible claims or defending against claims which the User or Controller may both have (based on the Controller’s legitimate interest, article 6, section 1, point f GDPR).
- In each of the cases in point 1, providing your data is voluntary, however, necessary to enter the agreement and use other features of the Application and website.
Chapter 4 – The scope of data being processed
- The Controller processes personal data necessary to provide and develop the offered features available on the ux-pm.com website and its functionalities.
- The scope of the collected data is adequate to the purpose for which they are collected.
- The Controller processes:
- Data related to providing the services – failure to provide some data may result in the impossibility of using all the service’s functions.
- All information is voluntarily shared by the User from their own initiative while using the website for example in contact form.
Chapter 5 – Duration of processing personal data
- The User’s personal data will be processed by the Controller:
- The personal data of webinar participants will be stored until the completion of the services related to the organization and conduct of the webinar (until the last webinar in the series), and after that, for a period necessary to keep compliance with the provisions of law, pursuing or defending against possible claims, however, not longer than 6 years.
- The Users’ personal data are processed to share commercial information in the electronic form at the provided e-mail address in the form of a newsletter based on the User’s agreement and to conduct opinion polls regarding the User’s preferences – they will be processed until the User withdraws their consent.
- After the expiry of the dates determined in point 1 above, the User’s personal data and their Representative disclosed while using website will be removed or anonymized by the Controller.
Chapter 6 – Data recipients
- Data processed by Symetria UX may be disclosed to external subjects, in particular:
- hosting services providers
- mail providers, including electronic mail;
- providers of legal and accounting services;
- IT services providers (who provide services helping the Controller run and maintain the Application);
- the Controller’s subcontractors.
- In justified cases, based on an appropriate legal basis, data may be shared with bodies or third parties who request access to such information.
- The Controller, in general, does not share data outside the European Economic Area. However, if it is necessary, data are shared with an ensured level of protection, mostly through:
– cooperation with subjects processing data in countries that received an appropriate decision from the European Commission regarding the confirmation of insurance of an appropriate level of personal data protection;
– applying standard contractual clauses issued by the European Commission;
– applying binding corporate rules approved by an appropriate supervisory body.
The Controller always informs Users about an intention to share personal data outside the EEA at the stage of collecting them.
Chapter 7 – Data subjects’ rights
- Each Data subject whose data are processed by the Controller has the right to:
– access their personal data,
– rectify data,
– remove data,
– restrict the processing of data,
– data portability
– object to the processing which occurs based on the Controller’s legitimate interest,
– withdraw their consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
- The User also has the right to file a complaint to the President of the Personal Data Protection Office if they think that the processing infringes on the GDPR provisions.
Chapter 8 – Information about automated decision-making, including profiling
- In relation to the User, there will not be any automated personal data processing, including profiling resulting in making decisions producing legal effects for the User or influencing them significantly in a similar way.