- This Document applies to the website https://wecode.agency/.
- The data controller is WCD Sp. z o.o., with its seat in Warsaw (02-958), at ul. Stanisława Kostki Potockiego 2 lok. 2 (Wecode Agency), registered in the Register of Entrepreneurs maintained by the District Court for the Capital City of Warsaw, XII Commercial Division of the National Court Register under the KRS number 0000943104, Regon 52094520600000 VAT number: PL9512532638.
- In matters related to personal data protection you may contact the Controller at the address given above or at the address: firstname.lastname@example.org
- The data controller reserves the right to change this Document. Any amendments or new terms will be made available via our Website https://wecode.agency/.
- Any materials available on the Website https://wecode.agency/ are informative only.
- We cannot warrant the completeness and accuracy of the information shown on our website. We cannot guarantee that all information and materials are correct and up to date. Information on our website may not remain available.
- Wecode Agency reserves the right to change, move or delete any part of this website at any time without notice or explanation. You have no rights for any compensation if we decide to change information on our website or stop publishing the website as a whole.
- All elements of our site are and remain the intellectual and exclusive property of the Operator. Nobody is allowed to reproduce, exploit or use in any way, even partially, elements of the site whether they are in the form of photo, logo, visual or text.
- Personal information
- Personal information collected by the Wecode Agency shall be processed in accordance with the provisions of the the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR). As Users provide their personal information voluntarily, they shall have the right to access their personal data and the right to rectify, delete, limit the processing, the right to data transfer, the right to object, the right to withdraw consent at any time. Detailed conditions of the above rights shall be indicated in Articles 15 - 22 of the GDPR Regulation.
- The data controller processes the following categories of data: identification data, address data, and contact details.
- The data controller shall make an extra effort in order to protect privacy and information about the Online Users provided to him. The data controller shall exercise due diligence when selecting and applying appropriate technical measures, including those of a programming and organizational nature, in order to protect the processed data, and in particular, he shall protect the data from unauthorized access, disclosure, loss, and destruction, unauthorized modification, and also from their processing with the breach of the applicable provisions of law.
Personal data will be processed in accordance with the principles of art. 5 of the GDPR. Personal data will be:
- processed lawfully, fairly, and in a transparent manner in relation to the data subject (‘lawfulness, fairness, and transparency’);
- collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1) of the GDPR, not be considered to be incompatible with the initial purposes (‘purpose limitation’);
- adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’);
- accurate and, where necessary, kept up to date (‘accuracy’);
- kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR subject to the implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’).
- We wish to inform you that we do not perform automated decision-making, also on the basis of profiling.
- What are the purposes and legal grounds for processing personal data
- Provision of any personal data is voluntary and depends on your decision. However, in some cases provision of specific personal data is necessary to fulfill your expectations with respect to the use of our services.
As part of its activity Wecode Agency collects and processes personal data:
- in order to implement agreements entered into by Wecode Agency with Clients (legal ground: art. 6 (1)(b) of the GDPR);
- for the purpose of estimating the price of a service and service performance (legal ground: art. 6 (1)(f) and art. 6 (1)(b) of the GDPR);
- for the purpose of sending commercial information by electronic means after expressing separate consent (legal ground: art. 6 par. (1)(a) of the GDPR) ;
For other purposes, the Personal Data may be processed on the basis of:
- applicable law when processing is necessary to fulfill the legal obligation of the Controller e.g. when based on tax regulations or accounting one, The Controller settles concluded sales contracts (art. 6 (1)(c) of the GDPR);
- indispensable for purposes other than those mentioned above resulting from legitimate interests pursued by the Controller or by a third party, in particular, to determine, assert or defend claims, market, and statistical analyses (Article 6 (1)(f) of the GDPR).
- If you contact us via electronic contact channels including chat and contact forms , we only process personal data that you voluntarily provide in the content of your message. Providing data is voluntary, but it may be necessary to handle your inquiry. The data is processed on the basis of your consent (Article 6 (1)(a) of the GDPR) or in connection with an action necessary to perform the contract or aimed at concluding a contract (Article 6 (1)(b) of the GDPR).
- Personal Data Processing Terms
- In compliance with the applicable legal provisions, we process your personal data for a term of time that is necessary to meet the designated purpose. After such a term, the personal data of Users will be irrevocably deleted or destroyed.
- Personal data processed covered by the consent statement will be processed until the consent is revoked.
- We process personal data during the term of the agreement, as well as during a period of expiry of claims resulting from the provisions of the Polish Civil Code.
- Any data for accounting purposes and for tax-related purposes are processed for up to 5 years, calculated starting with the end of the calendar year in which such tax obligation arose.
- Recipients of Personal Data
- As part of the Controller's use of the tools supporting his current activity, provided by e.g Google User's Personal Data may be transferred to a country outside the European Economic Area (EEA), in particular to the United States of America (USA) or another country where an entity cooperating with it maintains tools for processing Personal Data in cooperation with the Controller.
Whenever we transfer your personal data out of the EEA, we attach a similar degree of protection to it (as it would receive in the EEA) by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries, territories, or sectors within a country that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- The transfer is subject to a legally binding and enforceable commitment on the recipient to protect the personal data (e.g. through the use of European Commission-approved standard contractual clauses).
- The transfer is made subject to binding corporate rules.
- The transfer is based on a derogation from restrictions on transferring personal data outside of the EEA (such as where you give your consent, the transfer is necessary for the performance of a contract with you, or the transfer is necessary for the establishment, exercise, or defense of legal claims).
- Your rights on Personal Data concerning you
Due to the voluntary nature of providing your personal data, you have the right to:
- access your personal data (Art. 15 of the GDPR);
- rectify your personal data (Art. 16 of the GDPR);
- delete your personal data (‘the right to be forgotten’ – Art. 17 of the GDPR);
- restrict the processing of your personal data (Art. 18 of the GDPR);
- transfer your personal data (Art. 20 of the GDPR);
- object to the processing of your personal data (Art. 21 of the GDPR);
- If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.
- Withdrawal of consent to the processing of data does not affect the lawfulness of data processing made by the Controller on the basis of consent before its withdrawal.
- Due to the voluntary nature of providing your personal data, you have the right to:
- Personal information