Privacy Policy

www.whimsywarsaw.com

Effective from: 6th of January 2025

INFORMATION CLAUSE CONCERNING PROCESSING OF PERSONAL DATA

 

In connection with the content of Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the content of the Act of 10 May 2018  on the protection of personal data. (Polish Journal of Laws of 2018, item 1000)(proszę tu podlinkuj:https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20180001000) and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as „the GDPR”), I inform whom it may concern how personal data is collected, used and disclosed. This Privacy Policy applies to information collected by using our website and other online products and services (collectively, the „Services”) or when otherwise interaction with us.

Providing your data is voluntary and may be necessary to enter into a contract. Failure to provide such data makes it impossible to use the service.

Who we are?

  • WhimsyWarsaw is a brand of Varsavin Foundation located in Warsaw in Poland, hereafter referred to as „us,” „our,” „we”. The company is registered under TIN (tax idendification number) 522-300-92-94.

Who is the Controller of data?

The Controller of data is Varsavin Foundation  148 Górczewska st., app.1, 01-460, Warsaw, Poland. You can contact us by sending a letter or by an e-mail: info@whimsywarsaw.com

What is the purpose and basis for storing personal data?

  • the conclusion and performance of the contract, including contacting for the proper performance of the service (on the basis of Article 6(1)(b) GDPR)the fulfilment of the Administrator’s legal obligations, including keeping accounts and archiving records (on the basis of Article 6(1)(c) GDPR)
  • the fulfilment of the Administrator’s legitimate interests, including for the purposes of defending against or pursuing possible claims, operating the contact form, keeping statistics, and for analytical purposes (on the basis of Article 6(1)(f) GDPR)
  • the correct use of the www.warszawostki.pl website by means of electronic communication, these activities taking place only on the basis of the consents obtained (on the basis of Article 6(1)(a) GDPR)

What data we keep?

  1. Information you provide to us
  • We collect information when you fill out a form, sign up for a newsletter, leave a comment, register for a tour, make a purchase, communicate with us via third-party social media sites or otherwise communicate with us, participate in any interactive features of the Services, participate in a contest or promotion.
  • The types of information we may collect include your name/nick/surname, avatar (an anonymized string created from your email address /also called a hash/ may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy https://automattic.com/privacy), email address, postal address, phone number, invoicing, credit card information, bank account information, certain medical information, the URL of contest submissions and any other information you choose to provide (e.g. in a contact form).
  1. Information we collect automatically when you use the Services
  • Log Information: We collect log information about your use of the Services, including your IP address,  browser type and version, operation system, time zone settings and location, access times, pages viewed and the page you visited before navigating to our Services.
  • Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.
  • Information Collected by Cookies: Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular and count visits. For more information about cookies, and how to disable them, please see below.

Securing your personal information

When processing your personal data, we use organizational and technical measures in accordance with the relevant provisions of law, including connection encryption with the use of SSL certificate.

How do we use your data?

We may use your for various purposes, including to: newsletter service, processing of comments, handling of correspondence, social media maintenance, fulfilment of tax and accounting obligations, providing and delivering the products and services you request, processing transactions and sending you related information, including confirmations and invoices, the creation of an archive for the possible need to defend, establish or assert claims, as well as for updating purchased documents, monitoring and analyzing trends, usage and activities in connection with our Services, detecting and preventing spam, illegal activities and protecting the rights and property of the Services, personalizing and improving the Services and providing advertisements, content or features that match user profiles or interests

Who do we share your data with?

We use third parties to whom your information may be shared. Some of them do not belong to the European Economic ares. Below is a list of entities:

  • the hosting provider, which stores data on the server
  • e-mail box providers (outside EU- US: Your data is protected by the EU-US Privacy Shield, established by a decision of the European Commission)
  • mailing system provider, in which your data is stored, if you are a newsletter subscriber
  • accounting office
  • payment processors to collect your fees and process payments
  • contracted tour guides to conduct your tours
  • analytics and measurement partners to help us improve, customize, and promote the Services (outside EU- US: Your data is protected by the EU-US Privacy Shield, established by a decision of the European Commission)
  • advertising partners to place our ads on websites you visit and manage our web advertising campaigns

What is our cookies and tracking technologies policy?

  • Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information.
  • We use cookies and similar tracking technologies to track the activity on our Service and to improve and analyze our Service (also cookies from third parties and in particular: Google Analytics, which collects information on user traffic on the website , demographic and interest data, and Google Adwords for remarketing campaigns). They are stored in the memory of your device (computer, phone, etc.), enable you to use all the functions of the Service available to you and do not change the settings of your device.
  • Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
  • We use: Session Cookies (which expire when you close your browser), Preference Cookies and  Security Cookies. Persistent cookies remain in the memory of your device for a set period of time, including when you leave the Platform They are used to store information about your session, make Service functions available and for statistical and marketing reasons.
  • We ask for your voluntary consent to the processing of cookies. You give this consent by using the button containing a declaration of consent to the processing of cookies or by confirming that you have read its terms and conditions.  This consent can be withdrawn at any time
  • We process cookies on the basis of the Polish Telecommunications Act (Article 173 of the Act of 16 July 2004., Polish Journal of Laws 2016, item 1489). In accordance with the applicable legislation, the end-user’s browser settings that allow the storage of cookies are tantamount to consent. The user can grant or refuse consent to the installation and use of cookies via their browser settings.

What rights do you have?

According to the chapter 3 of the GDPR, you have:

  • The right to be informed about what data and how it is obtained, how it is processed and to whom it may be transferred.
  • The right of access to your data at any time by contacting with Controller.
  • The right to rectification your data if incorrect.
  • The right to erasure – the right to be forgotten – you can ask for your personal data to be deleted.
  • The right to restrict processing which means a temporary halt of processing your personal data.
  • The right to data portability
  • The right to object your data at any time. In particular to the processing of your personal data which is based on legitimate interests pursued by us (including profiling), as well as where personal data are processed for the purposes of direct marketing (including profiling).
  • Rights related to automated decision making and profiling. We may use automated decision making in processing your personal information for some services and products. You can request a manual review of the accuracy of an automated decision if you are unhappy with it.

How long we will keep your data for?

We will process your data for as long as we have a legal basis to do so, which means:

  • when we are no longer under a legal obligation to process your data (in particular related to accounting)
  • when we cease to be able to establish, assert or defend claims relating to a contract entered into by the parties
  • when you withdraw consent to the processing of your data (if it was based on such consent)
  • when your objection to the processing of your personal data will be accepted (if the processing of your data was based on a legitimate interest of the controller or the data were processed for direct marketing purposes, including profiling)

* whichever is applicable in the case and which will occur at the latest.

Final provisions

  • in matters not regulated by this Privacy Policy, the provisions of the Civil Code and relevant acts of Polish law as well as European Union law, in particular GDRP
  • the Administrator reserves the right to amend this Privacy Policy
  • this Privacy Policy is effective as of 06.01.2025r.

This Privacy Policy is effective as of 06.01.2025r.