I.BASIC INFORMATION
- The administrator of personal data is Golden Key Olena Kuzmychenko, REGON: 5213587693, NIP: 363178573. In matters of personal data, you can contact us at the e-mail address: info@goldenkey.pl or by traditional mail to the address: ul. Foksal 15, lok. U3 (00-372) Warsaw. Personal data are processed for the purpose of sending the newsletter and direct marketing (art. 6 sec. 1 lit. aif GDPR). Personal data may be transferred to entities providing services to Golden Key, such as IT system providers or entities providing legal services. Personal data are processed until the consent is withdrawn or an objection is filed. In connection with the processing of personal data, you have the right to access the data, request their rectification, deletion, restriction of processing, transfer, object to the processing of personal data based on a legitimate interest and to file a complaint with the supervisory authority. Providing personal data is voluntary, but necessary for sending the newsletter.
- We guarantee the confidentiality of all personal data provided to us. We use appropriate technical and organizational security measures, thanks to which we can ensure that the data is adequately protected against access by unauthorized persons.
II. USER RIGHTS
Each User who has provided Us with their personal data using one of the Forms available on the Website may exercise the rights granted to them by the GDPR:
- the right to access your personal data and obtain a copy thereof (Article 15 of the GDPR),
- the right to request the rectification of your personal data if it is inaccurate or out of date (Article 16 of the GDPR),
- the right to request the deletion of personal data (Article 17 of the GDPR),
- the right to request the restriction of the processing of personal data (Article 18 of the GDPR),
- the right to transfer personal data (Article 20 of the GDPR)
- the right to object to the processing of personal data based on the legitimate interest of the Administrator (Article 21 of the GDPR),
- the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection, in a situation where the User considers that the Administrator is processing his or her personal data unlawfully (Article 77 of the GDPR).
The right to access the content of your data and obtain a copy thereof, as well as the right to lodge a complaint with a supervisory authority are always available to the User. Other rights are not absolute and their fulfillment will depend on meeting the requirements described in art. 16-21 of the GDPR.
In order to exercise your rights, please contact us at the email address biuro@nowodworskiestates.pl
III. PROCESSING OF PERSONAL DATA PROVIDED IN FORMS
Contact forms “Contact us” and “Write a message” form
Personal data sent to the Administrator via Contact forms will be processed in order to answer the question asked. The legal basis for the processing of personal data is the legitimate interest of the Administrator consisting in responding to the User’s messages and conducting communication with him (Article 6 paragraph 1 letter f of the GDPR).
In the event that the User asks the Administrator to present a commercial offer, his personal data will be processed on the basis of Article 6 paragraph 1 letter b of the GDPR, i.e. actions aimed at concluding a contract undertaken at the request of the data subject.
The User’s personal data will be processed for the period necessary to handle the correspondence. However, if as a result of the submitted inquiry any cooperation or business relations are established, the period of storing the correspondence and the personal data contained therein will be extended for the duration of this relationship, the conclusion of the contract and the limitation period for claims arising from the concluded contract.
Providing personal data in the scope of name, surname and e-mail address is voluntary, but necessary in order to respond to the message sent by the User. Providing a telephone number is voluntary and serves to speed up contact with the User by phone, but is not required.
Call back to the website
The Administrator provides the User with the option to provide their telephone number in order to establish quick telephone contact from Our side or to arrange a telephone conversation at a specified time. The legal basis for processing the telephone number provided by the User is the legitimate interest of the Administrator in establishing telephone contact and conducting communication at the User’s request (Article 6 paragraph 1 letter f of the GDPR). Telephone conversations are recorded in order to increase security and improve the quality of customer service (which constitutes Our legitimate interest in accordance with Article 6 paragraph 1 letter f of the GDPR) and stored by the Administrator for a period of 3 months. After this time, the recorded conversations are deleted or anonymized. Providing a telephone number is voluntary, but necessary in order to establish quick telephone contact from Our side or to arrange a telephone conversation using the form at another time. Providing any personal data during the conversation is voluntary.
Add a sale offer, Add a rental offer
A User who would like to place a sale or rental offer on our Website can contact us using dedicated forms “Add a sale offer” or “Add a rental offer”. The personal data provided will be processed for the purpose of analyzing the application and contacting the User. The legal basis for the processing of the User’s personal data will be the necessity to take action to conclude and execute the contract (art. 6 sec. 1 letter b of the GDPR) and the legitimate interest of the Administrator consisting in the analysis of the accepted application (art. 6 sec. 1 letter f of the GDPR). Personal data will be stored for the period of established cooperation, the concluded contract and the limitation period for claims resulting from this contract. Providing personal data marked as required is voluntary, but necessary in order to establish cooperation, providing other personal data at this stage is voluntary.
IV. DATA RECIPIENTS
For the proper functioning of the Site and the forms embedded therein, the Administrator uses the services of external entities (e.g. website hosting provider, software provider). The provision and implementation of some services may be related to the need for these entities to process the personal data of the Site Users.
The Administrator informs the User that it only uses the services of such processors who provide sufficient guarantees for the implementation of appropriate technical and organizational measures so that the processing meets the requirements of the GDPR and protects the rights of data subjects. The recipients of the User’s personal data may be: 1 Hosting service providers; 2 Email service providers;
V. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
The Administrator transfers Users’ personal data to third countries in connection with the use of services of external entities that store the personal data entrusted to them on servers located outside the European Economic Area (EEA).
Personal data is stored in third countries when the Administrator uses the services of the hosting provider Amazon Web Services, Inc. and the postal service provider Google LLC. Both entities have joined the EU-US Privacy Shield program, thus ensuring an adequate level of protection of processed personal data accepted by the European Commission. Below are links to the Privacy Shield program page, where you can find information on the processing of personal data by these entities:1 Google LLC – https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active2 Amazon Web Services, Inc. – https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.