Adopted in accordance with art. 24 of Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter the “GDPR”), hereinafter referred to as the “Policy”.
This Policy sets out the rules for the collection, processing and use of personal data in connection with the use of the website at the Internet address www.no44.pl (hereinafter the "Portal”) or services [lease of apartments or rooms in investment projects developed by the Controller] available via the Portal.
1 PERSONAL DATA CONTROLLER
1.1 A company under the name CWE 01 sp. z o.o. with registered office in Warsaw, ul. Domaniewska 50 A, 02 – 672 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Warsaw in Warsaw, Xii Economic Division of the National Court Register, under KRS no. 0000632829, NIP 5252667893, REGON: 364858910 is the Controller of your personal data (hereinafter the “PDC” or “Controller”).
1.2 In matters relating to the processing of your personal data, including the exercise of your rights, please contact the Data Protection Officer by writing to the following address: firstname.lastname@example.org
[The Controller of personal data represents that it processes personal data only within the limits of the generally applicable law, in particular in accordance with the GDPR.
1.3 The Controller collects data provided voluntarily and directly by you or from third parties, such as: (i) social networks, (ii) real property portals, (iii) publicly available sources, such as CEIDG (Central Business Register and Information Service), National Court Register (for the purpose of verifying your data) to which you have voluntarily transferred your data and for their processing by the Controller for the purposes set out in this Policy.
1.4 The Controller may transfer your personal data to other entities authorized by law, entities being part of the same capital group as the Controller, entities providing and administering IT systems, managers of properties owned by the Controller and entities providing services related to operating those properties (e.g. utility providers, security, additional services provided to you in connection with the Agreement, persons or entities providing the Controller with legal, accounting, marketing or advisory services, state authorities, if such an obligation arises under the relevant provisions.
1.5 The Administrator does not transfer your data outside the European Economic Area (EEA).
2 PURPOSES AND GROUNDS
2.1 Your data will be processed for the following purposes:
2.1.1 concluding a lease agreement with you and its performance (hereinafter: the Agreement), including facilitating communication in connection with the Agreement – pursuant to art. 6(1)(b) of the GDPR – for a period no longer than until the expiry of claims in connection with the Agreement,
2.1.2 pursuing the Controller's legitimate interests, i.e. promotion and advertising of products and services of the Controller and entities from the Controller's capital group or third party services, which will be directly related to the subject of the Agreement, verification of the user's identity for the purposes of monitoring abuse or verification of the rights to receive certain content or services, establishing or pursuing any claims of the Controller, ensuring your security in connection with recording the image using industrial cameras around the building, collecting data in the register of entries and exits from the building, responses to your questions not related to the Agreement – pursuant to art. 6(1)(f) of the GDPR – however with respect to promotion and advertising of the Controller's products and services for a period no longer than until the objections are raised, and with respect to claims – for appropriate periods of limitation of such claims, and to the other extent specified above, for a period not longer than until those objectives are achieved and in accordance with applicable regulations;
2.1.3 carrying out the obligations imposed on the Controller by the relevant regulations, e.g. tax law, the Accounting Act – pursuant to art. 6(1)(c) of the GDPR – no longer than for the period of limitation of claims for public law liabilities;
2.1.4 promotion and advertising of products and services of entities cooperating with the Controller, if they do not fall within the scope specified in clause 2.1.2 above (in relation to persons who have given their relevant consent) and only to the extent specified by such consent) – pursuant to art. 6(1)(a) of the GDPR – no longer than until withdrawal of the consent.
2.2 With respect to archiving purposes regarding the legal interest of the Controller, the Controller has the right to process data by automated means, which is the legitimate purpose of the Controller related to the performance of the Agreement and the pursuit of claims;
2.3 Provision of your data is voluntary, however necessary to fully use the Controller's services and conclude an agreement with it.
3 PERSONAL DATA
The Controller processes the following categories of your personal data: first name(s) and surname, date and place of birth, image, marital status, phone number, name and address of the university, address, correspondence address, proxy details, guarantor details, e-mail address, ID/passport series and number, PESEL number and changes of such data.
4 RIGHTS OF DATA SUBJECTS
4.1 Furthermore, please be advised that you have the right to:
4.1.1 access your personal data, request rectification of your personal data that are incorrect and to complete incomplete personal data,
4.1.2 obtain the erasure of your personal data – e.g. if the consent is withdrawn and there is no other legal ground for the processing; achieving the purposes for which they were collected or otherwise processed, unlawful data processing, when personal data have to be erased for compliance with a legal obligation provided for in European Union or Polish law.
4.1.3 the right to withdraw consent to the processing of personal data at any time at your convenience, however without affecting the lawfulness of processing based on consent before its withdrawal,
4.1.4 obtain the restriction of processing of your personal data,
4.1.5 object to the processing of your data, on grounds relating to your particular situation, where we process your data on the basis of our legitimate interest or for direct marketing purposes,
4.1.6 transfer your personal data,
4.1.7 in the event that it is deemed the data are processed contrary to the GDPR, you have the right to lodge a complaint with the personal data protection supervisory authority, i.e. the President of the Personal Data Protection Office.
4.2 You may exercise the above rights by sending a letter to the address indicated in clause 1.2 or via the contact form available at www.no44.pl.
4.3 The Controller will not, however, be able to erase your personal data to the extent that their processing is necessary (i) for exercising the right of freedom of expression and information, (ii) for compliance with a legal obligation which requires processing by European Union or Polish law, (iii) for the establishment, exercise or defence of legal claims.
5 PERIOD FOR WHICH PERSONAL DATA ARE STORED
5.1 The Controller stores your personal data for a period not longer than necessary to achieve the purposes for which personal data have been collected or until you object, submit a request to restrict the processing or to erase the data or, if necessary, to comply with the applicable law with regard to the period of limitation of claims.
6.1 The Controller advises that the Portal uses “cookies”. The information collected using “cookies” is used to develop general statistics on the use of the Portal, which help to understand how Users use the Portal, which allows improving its structure and content.
6.2 The Portal performs the functions of obtaining information about users and their behaviour in the following manner:
6.2.1 through information voluntarily entered in forms,
6.2.2 by saving cookie files in terminal devices (so-called "cookies"),
6.2.3 by collecting web server logs by the hosting operator.
6.3 Cookies are IT data, in particular text files, which are stored in a terminal device of a Portal user. Cookies usually contain the name of the website from which they originate, their storage time on the terminal device and a unique number.
6.4 The Portal operator is the entity that places cookies on the terminal device of a Portal user and who has access to them.
6.5 The Portal uses two basic types of cookies: “session” and “persistent” cookies.
"Session cookies" are temporary files that are stored in a user's terminal device until logging out, leaving the Website or closing software (web browser).
"Persistent cookies" are stored in a user's terminal device for the time specified in the cookie file parameters or until they are removed by the user.
6.6 Software for browsing websites (web browser) usually allows storing cookies in the user's terminal device by default. Portal Users can change their settings in this respect. A web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is provided in the help or documentation of a web browser.
6.7 Disabling the option in the web browser that allows you to save “cookies” does not prevent the use of the Portal, but it may affect the operation of the Portal and some functionalities available on the Portal.
6.8 Information about some user behaviour is subject to logging-in into the server layer. Such data are used only to administer the Portal and to ensure the most efficient operation of hosting services.
6.9 Browsed resources are identified by URL addresses. In addition, the following may be saved:
6.9.1 time of arrival of the inquiry,
6.9.2 time of sending a response,
6.9.3 name of the client station – identification carried out by the HTTP protocol,
6.9.4 information about errors that occurred during the execution of the HTTP transaction,
6.9.5 URL address of the site previously visited by the user (referrer link) – if the Portal was accessed via a link,
6.9.6 information about the user's browser,
6.9.7 information about the IP address.
6.10 The above data is not associated with specific persons browsing websites.
6.11 The above data is used exclusively for the purpose of administering the server.
6.12 In order to manage cookie settings, select the web browser/ system from the list below and follow the instructions:
• Internet Explorer
• Safari (iOS)
• Windows Phone
7 FINAL PROVISIONS
This privacy statement was adopted on 1.06.2019 and may be subject to further changes.