- What data do we process about you, for what purpose and on what basis?
- Do we require you to give us your personal data?
- Whom do we share your data with and is it transferred outside the European Economic Area?
- Your rights
- List of Processed Data
- Our Partners
The administrator of personal data, the entity responsible for your personal data that decides how it is used, is GRY-OnLine S.A., with its registered office at Gabrieli Zapolskiej street 16A, 30-126 Krakow, Poland (hereinafter referred to as «We», «GRY-OnLine» or «the Company»), the operator of the GRY-OnLine Website.
How to contact us
What data do we process about you, for what purpose and on what basis?
Personal data is any information that concerns the user and which permits associating the piece of data with the user as a specific, identifiable person. This is the data that is collected by us during your activity on GRY-OnLine.
Processing that is necessary for us to fulfill the contract concluded with you, in particular:
- Giving you full access to the GRY-ONLINE Website and contest;
- The user contacting our Support Service via e-mails;
- Us contacting the user, including the purposes related to the provisions of services
Processing due to the legal obligation of GRY-OnLine S.A., in particular:
- Processing based on legal regulations, especially taxes, accounting and banking law.
Processing due to legitimate interest of GRY-OnLine S.A., in particular:
- Realizing marketing activities addressed to the user, including direct marketing of the proprietary services of GRY-OnLine S.A.;
- Preparing collations and traffic statistics for analytical purposes, conducting market research and opinion polls. These data are aggregated and, in principle, anonymized;
- Storing data for archiving purposes and documenting our compliance with legal obligations.
None of the Services provided by the GRY-OnLine Website is suited for users below the age of 13.
Do we require you to give us your personal data?
Sharing any personal data is not required in order for the GRY-ONLINE website to operate correctly.
Whom do we share your data with and is it transferred outside the European Economic Area?
There are a few instances where we can give your personal data to third parties. The recipients of your data are:
- Our authorized employees and associates to whom your personal data will be disclosed so that they are able to perform their duties. We strictly control which of our employees have access to your data and for what purpose. Our goal is to minimize the circulation of personal data to only the data and persons necessary for the specific cases;
- Our Partners, i.e. the entities to which we outsource any services related to the processing of personal data (the data processor), including technology service providers who allow the correct operation of our services, such as data centers, cloud services, analytics, ad servers, advertising agencies, as well as banks, tax advisors, law firms, courier and postal companies and companies within our capital group;
- Public authorities, including law enforcement agencies such as the Police and the Public Prosecutor’s Office, with regard to their investigations.
The list of our most important Partners can be found in the part called Our Partners. We make every effort to ensure that our partners comply with the same level of security, protection and confidentiality of your data as we do. In the case of some of these entities, your data may be sent to third countries, outside the European Economic Area, which is dictated by the location of the data processing centers of these companies. In these cases, the transfer will only take place to verified and trusted companies that conform to the EU rules on international transfer of personal data (from the European Union to the United States), first and foremost certified within the Privacy Shield Program, and in the absence thereof – on the basis of appropriate legal safeguards, which are the standard contractual clauses for the protection of personal data, approved by the European Commission.
In connection with the processing of your data by us, you are entitled to a number of rights. Contact us at [email protected] if you want to make use of your rights or if you desire a more extensive explanation of any of the issues related to processing of gathered data. Remember that when contacting us, you need to give us the data that will allow us to identify you in our data archives, as well as in order to confirm that you are the person you are claiming to be.
According to the general data protection regulation, you are entitled to:
- The right to request an access to your own personal data that is stored by the company and the right to rectify or erase your own personal data («the right to be forgotten»);
- The right to object to the processing of personal data for the purposes of direct marketing, which causes us to stop processing your data for the purposes of marketing our own goods and services;
- The right to object on grounds relating to your particular circumstances, if we process your personal data on the basis of a legitimate interest. However, we will continue to process your personal data to the extent necessary if on our part there exists a legitimate reason to do that;
- The right to transfer the data processed in connection with the performance of the contract or on the basis of your consent and the right to limit data processing;
- If the processing of personal data is based on your consent, you have the right to withdraw your consent at any time. However, the withdrawal of consent does not affect the lawfulness of the processing of your personal data by us, which we carried out on the basis of the consent prior to the withdrawal of the consent.
You can also withdraw your permission for processing data by our Partners by following the instructions found in their respective privacy policies. Their links can be found on Our Partners part.
If you believe that the processing of your personal data by us violates the law, you may file a complaint to the supervisory authority that deals with personal data protection. In Poland, it is the President of the Office for Personal Data Protection, Stawki 2 street, 00-193 Warsaw.
List of Processed Data – web services
What data do we process? What is your data used for? How long is it stored by us?
On what basis is the data processed?
- IP address, internet browser, operation system, date of the last login and visit to the Service.
The data is processed for security purposes and to prevent abuse of the GRY-ONLINE Service, as well as for technical purposes (in case of service errors).
Until the removal of the account, no longer than 10 years after the last login or visit to the Service.
- Legitimate legal interest of GRY-OnLine S.A. (Art. 6 (1) lit f GDPR)
- E-mail address, name and surname, country of residence.
For 6 years from the date of the transaction.
- Legal obligation of GRY-OnLine S.A. (Art. 6 (1) lit c GDPR) due to tax and accounting regulations.
Our mobile applications
- ID number of the mobile device, IP and location addresses, user settings, data regarding your use of our services.
For 6 years from the date of the transaction.
- Legitimate legal interest of GRY-OnLine S.A. (Art. 6 (1) point f) of the EU GDPR)
Partner (Company) Name: Google
Processing Purposes: web analytics services, cloud data, e-mail services, delivery of advertising content, RTB advertising
Address: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 USA