Privacy Policy - FrontUniverse.com

This document constitutes the implementation of the information policy of FrontUniverse.com towards users of websites in the domain http://frontuniverse.com/ ("Service") in all aspects of personal data processing and protection.

1. Information regarding the Administrator and collection of personal data

1.1. The Administrator within the meaning of Art. 4 point 7 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the Regulation) in relation to your personal data is FrontUniverse.com (hereinafter the Administrator).

1.2. In addition, the Administrator may process your personal data such as phone number for contact purposes, including, among others, to provide information about your inquiry. Processing takes place on the basis of Art. 6 sec. 1 letter f) of the GDPR, i.e., the legitimate interest of the administrator understood as enabling contact with the interested person as well as improving the quality of services provided. Providing this data is necessary if you want the Administrator to be able to contact you by phone regarding your inquiry.

1.3. The Administrator may process your e-mail address - for marketing purposes of its own products and services. The processing of personal data for marketing purposes by the Administrator takes place only with your consent, on the basis of Art. 6 sec. 1 letter a) of the Regulation. Providing personal data for marketing purposes is voluntary and lies within the discretion of the data subject, and their processing by the Administrator depends on obtaining their consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. More on the conditions for granting and withdrawing consent in point 3 of this policy.

1.4. The Administrator processes the personal data provided by you in the contact form for the purpose of providing an electronic service - the contact form. For this purpose, the Administrator collects your personal data such as: name, e-mail address. Providing the data is necessary to respond to inquiries submitted through the contact form electronically. Processing takes place on the basis of Art. 6 sec. 1 letter f) of the GDPR, i.e., the legitimate interest of the administrator understood as enabling responses to inquiries.

1.5. The Service uses Google reCAPTCHA. Data processing takes place on the basis of the legitimate interest pursued by the Administrator, i.e., Art. 6 sec. 1 letter f) of the Regulation. Google reCAPTCHA is used to ensure the security of the Service and protection against automated access attempts and spam. This tool may collect certain data regarding user behavior on the website in order to verify that they are human and not a bot. The Administrator does not use this tool to make any decisions concerning you based solely on automated processing, including profiling, which would produce legal effects for you or similarly significantly affect you. More information on data protection can be found in Google's privacy policy at: https://policies.google.com/privacy.

1.6. Data regarding your activity in the Service are recorded and stored via cookies. The use of cookies is based on your consent. You can disable cookies at any time by changing the settings in your browser. Details on how to use cookies can be found in the Cookies Policy.

1.7. The Administrator processes your personal data only for the period necessary to maintain compliance with requirements arising from applicable regulations. Personal data processed for the purpose of handling inquiries through the contact form are processed until the inquiry handling is completed. Your personal data processed for analytical purposes are processed by the Administrator until the expiration of validity or deletion by you of cookies used for analytical purposes. After these periods, your personal data will be deleted.

2. Rights of the data subject

2.1. You have the right at any time to access your data and receive a copy, correct it, rectify it, delete it or restrict processing, the right to object to processing, the right to data portability, the right to request access to data, as well as the right to lodge a complaint with a supervisory authority - the President of the Office for Personal Data Protection, ul. Stawki 2; 00-193 Warsaw; https://www.uodo.gov.pl/pl/p/kontakt; tel. (22) 531 03 00 - if you believe that the processing of your personal data violates the provisions of the GDPR or other provisions regarding the processing of personal data.

3. Consent to the processing of personal data

3.1. Consent is given after reading this policy, by checking the appropriate selection box. In such a case, you consent to the collection and processing by the Administrator of the personal data provided by you for the purpose clearly indicated when expressing consent.

3.2. You can withdraw your consent at any time, in the same way the consent was given. In addition, you can withdraw consent by sending to the Administrator a statement of withdrawal of consent in the manner indicated in point 7 of this policy.

3.3. Withdrawal of consent does not affect the lawfulness of processing which was done on the basis of consent before its withdrawal.

4. Information about recipients / categories of recipients of personal data

4.1. The Administrator uses external service providers who, on behalf of the Administrator, process personal data, e.g., hosting service providers, e-mail service providers, accounting service providers, marketing service providers. The transfer of data may, however, only serve the implementation of these services. The Administrator uses only the services of such entities that provide sufficient guarantees for the protection of the rights of persons to whom the data relate. The Administrator shares personal data with entities providing courier services for the purpose of contract execution, and may also share with entities providing legal services for the purpose of pursuing its claims.

4.2. Access to the data may also be held by Google Ireland Limited based in Ireland in connection with the use of Google reCAPTCHA service.

5. Transfer of data to third countries or international organizations

5.1. The Administrator does not transfer personal data outside the European Economic Area (EEA), subject to the use of Google reCAPTCHA service, whereby guarantees ensuring an adequate level of protection result from commitments to apply standard contractual clauses adopted by the European Commission.

6. Security of personal data

6.1. The Administrator processes personal data in accordance with generally applicable provisions of law in the field of personal data, in particular in accordance with the provisions of the Regulation. The Administrator ensures proper protection of the processed personal data, including applying appropriate technical and organizational measures to ensure security and appropriate confidentiality and integrity of personal data, including protection against unauthorized access to them, against unauthorized or unlawful processing, and accidental loss, unauthorized change, destruction, or damage.

7. Contact details

7.1. The Administrator has not appointed a Data Protection Officer. Any requests, demands, notifications, inquiries relating to the processing of personal data may be directed by email to the address: contact@frontuniverse.com.