GDPR Information Obligation

The following information constitutes a concise, intelligible and transparent summary of the information contained in the Privacy Policy regarding the Data Administrator, the purpose and manner of processing personal data, and your rights in connection with this processing, in the form required to fulfil the GDPR information obligation. Details regarding the manner of processing and the entities involved in this process are available in the indicated policy.

Who is the data administrator?

The Personal Data Administrator (hereinafter Administrator) is the company "NetBlink", operating at: Mietowa 18, 43-382 Bielsko-Biala, VAT number (NIP): 547-193-01-55, providing services electronically through the Service.

How can you contact the data administrator?

You can contact the Administrator in one of the following ways:

  • Postal address – NetBlink, Mietowa 18, 43-382 Bielsko-Biala

  • E-mail address – lukasz.tlalka@netblink.net

  • Phone – +48 33 44 54 159

Has the Administrator appointed a Data Protection Officer?

Pursuant to Art. 37 GDPR, the Administrator has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Administrator directly.

Where do we obtain personal data and what are its sources?

Data is obtained from the following sources:

  • from the persons whose data it concerns

What is the scope of personal data we process?

The Service processes ordinary personal data, voluntarily provided by the persons concerned.
(E.g. first and last name, login, e-mail address, phone, IP address, etc.)

The detailed scope of processed data is available in the Privacy Policy.

What are the purposes of our data processing?

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:
    • User account registration and maintenance services and related functionality
  • Communication between the Administrator and Users regarding Service matters and data protection
  • Ensuring the legitimate interests of the Administrator

What are the legal bases for data processing?

The Service collects and processes User data on the basis of:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)
    • Art. 6(1)(a)
      the data subject has given consent to the processing of his or her personal data for one or more specific purposes
    • Art. 6(1)(b)
      processing is necessary for the performance of a contract to which the data subject is party
    • Art. 6(1)(f)
      processing is necessary for the purposes of the legitimate interests pursued by the controller
  • Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
  • Act of 16 July 2004 – Telecommunications Law (Journal of Laws 2004, No. 171, item 1800)
  • Act of 4 February 1994 on copyright and related rights (Journal of Laws 1994, No. 24, item 83)

What is the legitimate interest pursued by the Administrator?

  • For the purpose of establishing, asserting or defending against claims – the legal basis for processing is our legitimate interest (Art. 6(1)(f) GDPR) consisting in the protection of our rights
  • For the purpose of assessing the risk of potential clients
  • For the purpose of direct marketing

For how long do we process personal data?

As a rule, the indicated personal data is stored only for the period of providing the service through the Service by the Administrator. It is deleted or anonymised within 30 days of the termination of services (e.g. deletion of a registered user account).

In exceptional situations, for the purpose of protecting the legitimate interests of the Administrator, this period may be extended to 3 years.

Who is the recipient of data including personal data?

As a rule, the only recipient of data is the Administrator. However, data processing may be entrusted to other entities providing services to the Administrator for the purpose of maintaining the Service's operation.

  • Hosting companies providing hosting or related services to the Administrator

Will your personal data be transferred outside the European Union?

Personal data will not be transferred outside the European Union, unless published as a result of individual User action.

Will personal data be the basis for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What are your rights in relation to the processing of personal data?

  • Right of access to personal data
    Users have the right to obtain access to their personal data, exercised upon request submitted to the Administrator

  • Right to rectification of personal data
    Users have the right to request the Administrator to immediately rectify personal data that is inaccurate or to complete incomplete personal data

  • Right to erasure of personal data
    Users have the right to request the Administrator to immediately erase personal data, exercised through the user panel available after logging in.

    In the case of user accounts, data erasure consists of anonymisation of data enabling the identification of the User.

  • Right to restriction of processing of personal data
    Users have the right to restriction of processing of personal data in cases specified in Art. 18 GDPR

  • Right to data portability
    Users have the right to receive from the Administrator personal data in a structured, commonly used and machine-readable format

  • Right to object to processing of personal data
    Users have the right to object to the processing of their personal data in cases specified in Art. 21 GDPR

  • Right to lodge a complaint
    Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection.