Data processing
Information Clause – MENSA POLAND
The controller of your personal data
The controller of your personal data is DM Dots Sp. z o.o., with its registered office in Gałówek (55-330), Gałówek 37, NIP 9131633963, KRS 0000995121 (“Controller”).
The Controller processes your data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, of 27 April 2016 (“GDPR”).
Contact
You can contact the Controller in writing at the address indicated above or by email at: kontakt@behaviorai.pl
Your data
Depending on the relationship between you and the Controller, the Controller processes your data:
- based on your consent (Article 6(1)(a) GDPR), within the scope and for the purposes covered by that consent,
- in connection with performing the provisions of a contract, agreement, or terms and conditions (Article 6(1)(b) GDPR),
- in connection with the Controller’s legal obligations, including tax obligations and specific regulations governing its activities (Article 6(1)(c) GDPR),
- for the purposes of the Controller’s legitimate interests, including promoting the Controller’s activities, building a community (including running social media accounts), defending rights and pursuing claims, and collecting feedback on its activities (Article 6(1)(f) GDPR).
The scope of data depends on the purpose pursued and includes your identification data, contact data, any data you choose to provide to the Controller, and data required by law.
Your personal data is not used by the Controller for automated decision-making or profiling.
Scope of processing / disclosures
Your personal data may be shared with providers of IT systems and IT services, and with companies that provide services necessary for the Controller to perform the contract, handle your request, or meet legal obligations.
Where we share your data with third parties, the data shared will be limited to what the third party requires to carry out the necessary processing. In such cases, your personal data is protected by Data Processing Agreements requiring external service providers to process your data for specified purposes and in line with the Controller’s documented instructions, and to apply appropriate security measures to protect your data in accordance with the Controller’s security policy. All transfers outside the EEA to countries that are not considered to provide an adequate level of data protection are safeguarded by agreements based on Standard Contractual Clauses.
Data retention period
Your personal data will be processed for as long as necessary to achieve the purpose for which it was collected and for the period related to protecting the Controller’s rights and pursuing claims.
Where processing is based on consent, it may be withdrawn at any time; this does not affect the lawfulness of processing carried out before the withdrawal.
Your rights
You have the right to access your data and to request its rectification, deletion, or restriction of processing. Where data is processed on the basis of the Controller’s legitimate interests, you have the right to object to the processing of your data.
If you want to exercise any of these rights, please use the contact details provided above.
You have the right to lodge a complaint with the supervisory authority responsible for personal data protection in the EU Member State of your habitual residence, place of work, place of residence, or the place of the alleged infringement. In Poland, this authority is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).
