1. The administrator of personal data is Spot Guide Ltd., address: 3 Hesketh Road, Ribbleton, Preston, PR2 6NS, United Kingdom (hereinafter "Administrator").
2. The administrator runs the visitbornholm.com website and related groups on social networks (hereinafter referred to as "Website").
3. The Website User (hereinafter " the User") consents to the processing of his personal data by the Administrator on the terms set out in this privacy policy.
4. All statements, inquiries and information regarding personal data may be submitted to the Administrator via electronic mail to the email address contact@visitbornholm.com via the contact form at https://visitbornholm.com/contact, in writing at the address of the Administrator's office.
5. The User's personal data are processed on the basis of art. 6 and other provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general regulation on data protection) (hereinafter "RODO").
6. User's personal data are processed in order to:
- keep User's account on the Website;
- provide answers to questions and other messages sent by the User via the contact form or e-mail and for further contact with the User;
- providing the Administrator with information about offers, promotions, discounts and news (direct marketing);
- copying advertisements posted on the visitbornholm.com web portal to groups on social networks, copying advertisements posted on groups on social networks to the internet portal, copying announcements between the group on social networks.
7. The User's data is also processed in order to perform the contracts to which the User is a party or to take other actions at the request of the User prior to the conclusion of the contract.
8. User's data is also processed when it is necessary for purposes arising from legally justified interests performed by the Administrator or by a third party (except for situations in which the interests or fundamental rights and freedoms of the data subject have overriding nature in relation to these interests) requiring the protection of personal data), including in particular for the purposes of:
- making tax settlements in accordance with the provisions of Polish tax law;
- bookkeeping in accordance with the provisions of the Accounting Act and other relevant provisions of Polish law;
- to enforce debts in accordance with the provisions of the Civil Code and other relevant provisions of Polish law.
9. The Administrator processes the following categories of User's data: name and surname, e-mail address, telephone number, correspondence address, IP address.
10. The recipients of the User's personal data may be:
- Employees, contractors, subcontractors and other persons employed or cooperating with the Administrator;
- Accounting offices cooperating with the Administrator;
- Law firms cooperating with the Administrator;
- Entities providing IT services to the Administrator, including, in particular, website hosting services and e-mail services;
- Entities providing marketing services to the Administrator;
- Entities involved in settlements, including invoice system providers, online payment systems and banks.
11. The User's personal data may be transferred to third countries, but only on the principles described in art. 46 RODO, i.e. provided the recipient provides adequate security. In any event, the User is entitled to receive a copy of the data concerning him.
12. The User's personal data will be kept for the period necessary to achieve the purposes of data processing, i.e. by:
- the period of keeping the User's account on the Website;
- the period of publication of the User's announcements on the Website;
- period of maintaining communication with the User, in particular, the period necessary to provide the User with all requested information;
- the period of marketing activity by the Administrator; the period of conducting competitions the participant is a User;
- the period necessary for the proper performance of contracts concluded with the User;
- the time necessary to make tax settlements concerning the User and the period of storage of documentation related to tax settlements required by law;
- legally required storage period for accounting documentation;
- the time necessary to execute the Administrator's receivables. The User's personal data will be permanently deleted when all the above-mentioned periods have come to an end.
13. The User has the right to:
- obtain from the Administrator confirmation whether personal data concerning him are being processed;
- receiving a copy of the processed data;
- obtained from the Administrator all information covered by this Privacy Policy.
14. The User has the right to request the Administrator to immediately correct personal data concerning him which is incorrect. Taking into account the purposes of the processing, the User has the right to request supplementing incomplete personal data, including by providing an additional statement.
15. The User has the right to request the Administrator to delete personal data concerning him immediately, and the Administrator is obliged to delete personal data without undue delay (subject to the exceptions provided for by law) if one of the following circumstances occurs:
- personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- The user has withdrawn the consent on which the processing is based and there is no other legal ground for processing;
- The User raises an objection referred to in point 18 or 19;
- personal data have been processed unlawfully;
- personal data must be removed in order to comply with a legal obligation under Union law or the law of the Member State to which the Administrator falls;
- personal data were collected in connection with offering information society services directly to the child, based on the consent of the child or his / her parent (guardian).
16. The User has the right to request the Administrator to limit processing in the following cases:
- when the User questions the correctness of personal data - for a period allowing the Administrator to check the correctness of such data;
- when the processing is unlawful and the User opposes the removal of personal data, requesting instead to limit their use;
- when the Administrator no longer needs personal data for processing, but it is needed by the User to establish, assert or defend claims;
- when the User has lodged an objection referred to in item 18 - until it is determined whether the legitimate grounds on the part of the Administrator are overriding the grounds for the objection of the data subject.
17. The User has the right to receive, in a structured, commonly used machine-readable format, personal data that he provided to the Administrator, and has the right to send such personal data to another data administrator without any hindrance from the Administrator to whom this personal data was provided. By exercising the right to transfer data, the User has the right to request that personal data be sent by the Administrator directly to another administrator of personal data if it is technically possible.
18. The User has the right to object at any time - for reasons related to his special situation - to the processing of his personal data based on legitimate interests pursued by the Administrator or by a third party. The administrator is no longer allowed to process such personal data, unless he demonstrates the existence of valid legally valid grounds for the processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, investigating or defending claims.
19. The User has the right to object at any time to the processing of personal data concerning him for the purpose of direct marketing, and the Administrator is obliged to include such opposition.
20. The User may withdraw consent to data processing at any time. However, it should be remembered that:
- the withdrawal of consent does not affect the lawfulness of the processing that was carried out prior to the withdrawal of consent;
- despite the withdrawal of consent, the Administrator is still entitled to process data in the scope indicated in points 7-8. withdrawal of consent prevents the Administrator from operating the User's account on the Website and is tantamount to demanding its closing.
21. Providing personal data is a condition of entering into an account for maintaining an account on the Website.
22. Providing personal data is a condition for concluding sales contracts through the Website.
23. The user has the right to lodge a complaint with the supervisory authority, in particular in the Member State of his habitual residence, his place of work or the place of the alleged violation if he thinks that the processing of personal data concerning him violates the provisions of the GDPR.
