Rules for the Processing of Personal Data When Using the Website https://www.prot.gda.pl/
- Pomorska Organizacja Turystyczna (PROT) with its headquarters at Wały Jagiellońskie 2a Street in Gdańsk is the Administrator of your personal data. PROT’s goal is to promote and develop the region’s tourism. We carry out activities both in the country and abroad.
- Contact us about your personal data that is obtained from you
- We process your personal data in order to provide the functionality of the service within the framework of the consents you separately express for:
– in order to carry out the inquiries flowing to us and to provide answers
- We process your data to the following extent
- first and last name
- information about the way you use our service (if you consent to cookies*)
- IP number from which you communicate with our service
- information about the device you use when visiting our site, including its setting (e.g. browser, screen resolution)
- the history of your communication with us
- data from publicly available sources
- information about the sources of obtaining your data
- your complaints
- additional information about yourself that you may have included in e-mail correspondence or that you may have provided during a telephone conversation with our representative
- We use cookies, which are text files commonly used on the Internet, stored on your terminal device. You can control the handling of cookies yourself through your browser settings (the ability to set the acceptance or blocking of cookies). Blocking cookies may affect your inability to register/log in to your account on the site and/or inability to make payments. We use these small files (cookies) for:
– presentation of content – protection against displaying the same content to the user again,
– The site does not store information identifying individual users in cookies, only connection data,
– securing the site from the action of robots (computer programs used to automatically examine the content of the website),
Mechanisms of storing and reading of cookies do not allow downloading of any personal data or any confidential information from your devices, also transferring of viruses, Trojan horses and other worms to your Device is practically impossible.
The services with which we cooperate and may place cookies are Google Analytics, Facebook, Linkedin.
- Legal bases for processing your data are
– If you have given separate consent, we will process your personal data for the purpose of marketing communications by e-mail or telephone;
– We will process your personal data provided by you on our website in order to fulfill the sales contract, and subsequently also to enable you to exercise the rights granted by the terms and conditions of the website;
– we process your data concerning your use of the website, which we obtain through so-called “cookies”, on the basis of your consent given in accordance with Article 173 of the Telecommunications Law;
– if you contact us to ask a question about how we run the service, how to complete certain activities, we collect your questions and related data and provide answers based on the legitimate interest we have in providing our customers and users with full information and ensuring a positive experience with our service;
– we also process all your data that we have as a data controller for marketing purposes invoking the so-called legitimate interest of the data controller. Marketing purposes include, in particular, presenting you with offers and promotions that we believe may be of interest to you, as well as other information promoting our and our partners’
- The period for which we process your personal data depends on the purpose of the processing.
– providing answers – for the time necessary to provide the necessary clarifications and responses;
– acquired data about the way you use our services (via cookies) and data processed in our marketing database – for the entire period when you are our customer and later for a period of 5 years counting from the time when you ceased to be our customer (stopped using the services provided by us).
- We provide your data only when it is necessary to perform the services you order. We do not sell your data, nor do we commercially share your data with third parties. We may entrust your personal data to our business partners:
– companies that provide us with software delivery and maintenance services – so that we can run our service, send marketing communications by email or telephone
For each of these purposes, we provide only the data that is necessary to achieve the purpose. Where possible, we use anonymization or pseudonymization tools, i.e. measures so that for our partners and subcontractors you remain unidentifiable, but where we hold your data all the time.
- We process your personal data in accordance with applicable laws, in particular the Data Protection Act and the General Data Protection Regulation to ensure their principles:
– Adequacy – We only process data that is necessary to achieve the given purpose of the processing; for each process we have carried out an analysis to meet this rule.
– Transparency – With this document, we strive to ensure that you are fully aware of what is happening with your data.
– accuracy – We would like your personal data in our systems to be up-to-date and truthful therefore you can update and correct it
– integrity and confidentiality – We use necessary security measures including physical and technological measures to limit access to your data, as well as appropriate safeguards against loss of your data.
– Accountability – We will provide you with full and accurate information regarding what activities we have performed on your data and which we describe here
- You have the right to
– The right to access the content of your personal data – you can request that we export from our databases the information we have about you and send it to you in one of the commonly used formats (e.g. XLSX, DOCX, etc.).
– Right to rectification – you have the right to ask us to correct, update your data, and we will be obliged to do so. In this case, we have the right to ask you to provide some document or other evidence of the data change.
– Right to limit processing – If, despite the application of the rule, you feel that we process too much of your personal data for a particular process, you have the right to request that we limit this processing. Unless your request opposes requirements imposed on us by applicable law, or it is necessary for the performance of a contract, we will grant your request.
– The right to request deletion – also known as the right to be forgotten, means your right to request that we delete from our database systems and from our records any information containing your personal data. Please note that we will not be able to do so if we are required by law to process your data (e.g. transaction documents for tax purposes, warranty obligation, obligation to ensure accountability of our operations). In any case, however, we will delete your personal data to the fullest extent possible, and where this is not possible, we will ensure that your data is pseudonymized (meaning that the data subject cannot be identified without an appropriate linkage key), so that your data, which we must retain in accordance with applicable law, will be available only to a very limited circle of people in our organization.
– The right to file a complaint directly with the supervisory authority (as of May 25, 2018, this is the President of the Office for Personal Data Protection ) – if we have in any way violated the rules for processing your personal data. In exercising this right, you should give a full description of the situation and indicate what action you consider to have violated your rights or freedoms. The complaint should be submitted directly to the supervisory authority.
11 In all matters related to the processing of personal data, please contact us at: rodo@prot.gda.pl