1. General provisions
  1. This policy defines the principles of processing and protecting personal data of participants of the OUTGOING POLAND outgoing tourism workshops (hereinafter called Workshops) and other persons who use Administrator’s services and visit the website: wwwoutgoingpolandevets.pl (hereinafter referred to as Website). The Workshops organizer, Website owner and personal data controller is Ewa Pac running a business under the company OUTGOING POLAND EVENTS Ewa Pac with its registered office in Warsaw (postal code 00-876) at ul. Ogrodowa 48/54, NIP [taxpayer’s ID]: 7162675602, REGON [business ID]: 368943133 (hereinafter called Administrator).

  2. This policy has been adopted with a view to providing Workshops participants with safety of their personal data and as a consequence of requirements adopted by way of the Resolution of the European Parliament and Council (EU) 2016/679 dated 27 April 2016 on protection of natural persons due to processing personal data and on free flow of such data, as well as revocation of the directive 95/46/CE (general resolution on data protection) (Journal of Laws EU L. 2016.119.1 dated 04 May 2016) (hereinafter called GDPR).

  3. The participant is any persons whose data refer to participation in the Workshops in any form and who applies for participation in the Workshops via the Website (hereinafter referred to as Participant). Aside from the Participants, the Website may be used by other persons, including the ones who purchase advertising services from the Administrator on the Website (hereinafter collectively called Users).

  4. To contact the Administrator, it is necessary to send an e-mail to: info@outgoingpolandevents.pl, or dial: 22 227 09 96 or send a letter by post to ul. Ogrodowej 48 lok. 54, 00-876 Warszawa.

  1. Purposes and legal grounds for processing personal data

  1. Participants’ personal data will be processed in order to conclude and perform the Workshops participation agreement to the extent required to perform this agreement and also to accept and keep applications for participation in the Workshops, render electronic services, register as Workshops participants, create user’s account on the Website, provide data to other Workshops Participants, publish data in Workshops’ e-catalog, handle complaints, provide accommodation in the venue of the Workshops, contact Participants – the legal grounds for processing data is the need to process in order to perform the agreement whose party is the Participants or to undertake actions at the request of the Participant before the agreement is concluded (art. 6 para. 1 (b) of GDPR).

  2. Personal data of Users who purchase advertising services from the Administrator on the Website will be processed in order to conclude and perform the advertising services agreement to the extent required to perform this agreement, and to accept advertising orders, edit and correct advertising materials, publish advertising materials on the Website, handle complaints, contact clients – the legal grounds for processing data is the need to process in order to perform the agreement whose party is the Participant or to undertake actions at the request of the User before the agreement is concluded (art. 6 para. 1 (b) of GDPR).

  3. Personal data of Participants and Users who purchase advertising services from the Administrator on the Website will also be processed in order to let the Administrator fulfill its obligations arising from tax regulations (keeping books and tax records, drawing up and sending declarations and tax returns, issuing and storing invoices, etc.) – the legal grounds for processing data is the need to process in order to fulfill legal obligations imposed on the Administrator (art. 6 para. 1 (c) of GDPR with regard to regulations of the act dated 11 March 2004 on VAT and act dated 26 July 1991 on personal income tax).

  4. Personal data of Participants and Users who purchase advertising services from the Administrator on the Website may also be processed for the purposes of establishing and pursuing claims or defending against claims – the legal grounds for processing data is the need to process in order to support legally justified interests of the Administrator (art. 6 para. 1 (f) of GDPR). The legally justified interest of the Administrator is the need to protect its rights.

  5. Users’ personal data, due to their activities on the Website, may also be processed for analytical and statistical purposes – the legal grounds for processing data is the need to process in order to support legally justified interests of the Administrator (art. 6 para. 1 (f) of GDPR). The legally justified interest of the Administrator is to analyze activity of Website visitors, their preferences and interests in order to improve the Website.

  6. Users’ personal data may also be processed for Administrator’s marketing purposes, to send commercial information by electronic means directly to Users, send a newsletter, display marketing contents to Users, both non-adapted and adapted to their preferences and interests (unless the User expressed its content for using cookies). As a result of processing Users’ personal data for marketing purposes, the Administrator in certain cases may use profiling, but the Administrator will not rely on profiling when taking decisions which would trigger legal effects towards Users or otherwise affect them – the legal grounds for processing is the user’s consent (art. 6 para. 1 (a) of GDPR), possibly a need to process in order to support legally justified interests of the Administrator (art. 6 para. 1 (f) of GDPR). The legally justified interest of the Administrator is promotion of own proposal (offer).

  1. Data storage period

  1. Personal data of Users and Users who purchase advertising services from the Administrator on the Website will be stored until the claims arising from the agreement signed with the Administrator have expired or until the data storage obligation has expired, which shall result from commonly applicable rules of law, in particular the obligation to store accounting documents (depending on which of these occurs later).

  2. Personal data processed on the basis of the premises of legally justified interest of the Administrator, in particular processing for marketing purposes, will be stored throughout the term of this interest but not later than until the User has withdrawn the consent for their processing (when the legal grounds for processing is the User’s consent) or raising a legally effective objection to processing.

  3. The data storage period may be extended if there is a need to establish and pursue claims or to defend against claims.

  1. Data recipients

  1. User’s personal data will be provided to processing entities which cooperate with the Administrator on the basis of written data processing agreements (e.g. accounting agencies, IT companies involved in keeping the Website, debt collection agencies, marketing companies, etc.).

  2. Users’ personal data may also be provided to other external entities which support the Administrator in the process of rendering services (e.g. banks, couriers, etc.)

  3. With regard to Users, personal data may be disclosed, under performance of the Workshops participation agreement, to other Workshops participants (under Workshops e-catalog, as part of arranging meetings) and entities which provide accommodation services (if the Administrator books accommodation for Users).

  4. With regard to Users who purchase advertising services from the Administrator on the Website, personal data may be disclosed, under the advertising services agreement, to other Website users (due to publication of advertising materials which contain personal data).

  5. If it is necessary to establish or pursue claims or defend against claims, the Users’ personal data may be handed to law enforcement authorities (e.g. the police), common courts, debt collectors or mediators.

  6. Users’ personal data may also be handed to other entities if the obligation to provide these data arises from commonly applicable rules of law (e.g. tax authorities requiring the data for the purposes of the tax inspection or tax procedure).

  7. Aside from disclosing personal data of Workshops Participants to other participants domiciled or having a registered office in countries located out of the European Economic Area, under performance of the Workshops participation agreement, and establishing and pursuing claims or defending against claims, where the party is the Users domiciled or having a registered office out of the European Economic Area, the Users’ personal data will not be provided to recipients located out of the European Economic Area.

  1. Cookies

  1. The Website uses small text files recorded on the final devices of the User who visits the website (the so-called cookies files). Cookies usually contain the name of the website they come from, storage time on the User’s final device as well as alphanumerical parameters. Depending on preferences, the User may agree or disagree to placing cookies and change browser settings at any time so that it does not support such files or so that it informs about sending them. It is however necessary to remember that failure to accept cookies may hinder use of the Website. Thanks to saving these files on the User’s final devices, it is possible to remember login data and there is no need to enter them every time you visit the website, or you can adapt Website content to User’s interests.

  2. If the information on Users is collected through cookies, only anonymous collective data are collected, excluding personal data.

  3. The Administrator uses cookies for the following purposes:

  • maintain User’s session (after logging in) thanks to which the User does not have to enter the login and password every time it visits the Website;

  • adjust the Website content to User’s preferences and optimize the use of the Website, in particular cookies allow recognizing User’s device and displaying website properly,

  • for analytical and statistical purposes which help us understand how Users use web pages of the Website, which in turn allows improving their structure and contents, in particular cookies used by Google under Google Analytics;

  • for marketing purposes, in particular to define the User’s profile in order to display marketing materials adapted to its preferences and interests.

  1. On the Website two types of cookies are used: session cookies and persistent cookies. Session cookies are temporary files stored in the User’s final device until it has logged out, left the web page or switched the software off (Internet browser). Persistent cookies are stored in the User’s final device for the period specified in the cookies parameters or until they have been deleted by the User.

  2. Website browsing software (i.e. Internet browser) usually allows storing cookies files in the User’s final devices by default. Users may make modifications in this respect. Every Internet browser allows deleting cookies. It is also possible to block cookies automatically. For more details on this subject, please see help or documentation of the specific browser.

  3. Cookies for marketing purposes may also be used by entities which cooperate with the Administrator (e.g. entities which render marketing and advertising services).

  1. Nature of providing personal data

  1. Participants’ personal data are given when filling the registration form available on the Website. It is voluntary to enter personal data but required to conclude and perform the Workshops participation agreement. If the rules of law stipulate so, the Participant may be obligated to enter other data for accounting-related or tax-related purposes. The aforesaid also applies to data of Users who purchase advertising services from the Administrator on the Website.

  2. If the personal data are processed for marketing purposes, it is voluntary to give them and shall not be considered a prerequisite for using Administrator’s services.

  1. Users’ rights due to processing their personal data

  1. Users have a right to access their personal data, correct and delete them (when there are no legal grounds for processing them) as well as to limit processing.

  2. When the ground for processing Users’ personal data is a need to process in order to support legally justified Administrator’s interests and to the extent which processing occurs for the purposes of direct marketing, including profiling, the Users are entitled to object to processing their data.

  3. When the legal ground for processing Users’ personal data is the consent, Users have a right to withdraw it, but consent withdrawal shall not affect the compliance with the processing right exercised on the basis of the consent before it has been withdrawn.

  4. When Users’ personal data are processed in order to conclude and perform the agreement or on the basis of the consent, Users shall be entitled to transfer their personal data, i.e. to receive from the Administrator their personal data in a structured and commonly used format suitable for machine readout which may then be sent to another collector by the Users. Users also have a right to require the Administrator to send their data to another administrator directly, if possible.

  5. Users are entitled to lodge complaint to the supervisory body dealing with personal data protection (in Poland: the Head of the Personal Data Protection Office) if they suspect that data may be processed illegally.

  1. Personal data safety

  1. Access to Users’ personal data is granted to authorized persons and processors who these data have been entrusted to in accordance with rules of law.

  2. The Administrator undertakes all necessary actions to make sure cooperating entities adopt relevant safety measures when processing personal data.

  3. The Website assures safety of the personal data thanks to relevant technical and organizational means aimed at preventing illegal data processing and their accidental loss, damage or destruction.

  4. The Administrator does not send to Users any messages requesting their login data, in particular password to User’s account.

  1. Modifications to privacy policy

  1. This Privacy Policy is revised on a regular basis and updated by the Administrator, if necessary.

  2. Up-to-date version of the Privacy Policy was adopted and has been effective since 25 May 2018.

  3. The current version of the Privacy Policy is available in the Administrator’s head office and on the Website: https://outgoingpolandevents.pl/privacy-policy/

  4. The User may send any questions concerning the Privacy Policy to Administrator’s contact data specified in the point I.4.