Privacy Policy of Dem Interactive sp. z o.o.
Who is the data controller?
The controller of your personal data is Dem Interactive sp. z o.o., based in Warsaw, ul. Śmiała 32, 01-523 Warsaw, registered in the Register of Entrepreneurs of the National Court Register maintained by the District Court for the Capital City of Warsaw, XIV Commercial Division of the National Court Register, under KRS number 0000881808, NIP (Tax Identification Number) 525-285-08-64, REGON 388154350, with a share capital of PLN 7,500 (hereinafter referred to as the „Controller” or „we”).
What are personal data?
In the course of our cooperation, we will process your personal data in the form of:
- Your first and last name, and other details regarding your business activity as disclosed in the Central Register and Information on Economic Activity (if you are conducting such activity) or your first and last name if you are acting as a representative of a business partner; and
- Contact details, particularly your phone number and email address; and
- Details regarding the payment for services rendered by you („Personal Data”).
What is the purpose of processing your data?
Your Personal Data will be processed by us for the following purposes:
- To fulfill our cooperation with the Controller (based on art. 6 ust. 1 pkt b) of the GDPR),
- To fulfill legal obligations imposed on the Controller (art. 6 ust. 1 pkt c) of the GDPR), and
- To pursue the legitimate interests of the Controller, such as conducting the Controller’s statutory activities, particularly processing orders, running advertising campaigns on social media and traditional media, marketing activities including sending communications, or for the Controller’s administrative purposes, including preparing a database of contractors, assignment of claims, or protection against fraud (based on art. 6 ust. 1 pkt f) of the GDPR).
To whom do we disclose your data?
Your Personal Data will be disclosed to external companies only in the following cases:
- Our subcontractors necessary to fulfill the terms of the contract, or
- Service providers necessary for carrying out marketing activities, including media companies and social media providers, such as social media platform operators, or
- Government bodies and law enforcement agencies in order to fulfill our legal obligations to provide information and make declarations, or to pursue claims for recourse, or
- Entities involved in administrative purposes or the assignment of claims,
- Data processors who have been obligated to handle Personal Data carefully and who act solely on our behalf and according to our instructions. These entities include, in particular, IT/TMT service providers.
When transferring Personal Data to third countries, i.e., external bodies outside the European Union (“EU”) and the European Economic Area (“EEA”), e.g., in the case of our IT service providers, we ensure that the concerned external bodies treat Personal Data with the same care as we do. We only transfer Personal Data to third countries where the European Commission has confirmed an adequate level of protection, or where a level of data protection comparable to that in the EU or EEA can be guaranteed based on agreements or other appropriate safeguards (Articles 45 and following of the GDPR).
How long do we process personal data?
Unless there are statutory retention periods (as outlined in the paragraph below), we store your Personal Data only as long as necessary to achieve the processing purpose indicated above, but no longer than six years after the cooperation ends.
We retain data related to orders, invoices, and payment information for services for at least five years in accordance with the applicable legal regulations.
What are your rights?
In connection with the processing of your data by the Controller, you have the following rights:
- The right to correct your data and complete it,
- The right to obtain a copy of your data,
- The right to object to the processing of your data if your data is processed based on the legitimate interest of the Controller,
- The right to data deletion and the right to be forgotten within the timeframe indicated in the section „How long do we process personal data?”,
- The right to file a complaint with the Controller and the relevant supervisory authority (e.g., the President of the Personal Data Protection Office at: Stawki 2, 00-193 Warsaw, or via the electronic submission form on the website: https://www.uodo.gov.pl/pl/p/kontakt).
How can you contact us?
by mail: contact@dem.cool