Privacy Policy STOMIL GYM

Stomil Gym, with its registered office in Grudziądz at 32-36 Ludwika Waryńskiego Street ("Stomil Gym"), processes personal data collected from or relating to you ("you") when you visit www.stomilgym.pl or otherwise interact with it.

This Privacy Policy ("Policy") provides information about the collection and use of your Personal Data, indicates your ability to exercise control over its use, and describes Stomil Gym's practices for data collected on its sites that link to or reference this Policy (for example, websites, desktop or mobile applications, social media, and HTML emails), as well as through online sales and markeTng activities (collectively, the "Services").

1. what is personal data?

Personal data is information that directly or indirectly identifies a user of the Service as a natural person, with "indirect" identification occurring when combined with other information, such as name, username, postal address, email address and telephone number, unique device identifier such as IMEI or MAC address or IP address.

2. How and why does Stomil Gym collect personal data?

(a) Information provided by the user

When you use services, including those provided electronically, by Stomil Gym, the company may collect your personal data. The user will in all cases be asked for explicit consent to the collection and further processing of his/her personal data, or at least informed that such processing is carried out on the basis of another lawful reason. Stomil Gym will use your personal data for the purposes indicated below or to seek your consent. Stomil Gym does not collect or process additional or different types of personal data than is necessary for the relevant purposes. Stomil Gym only uses your personal data in the manner set out in this Policy, unless you have given your express consent to use your data in another way. If Stomil Gym intends to use your personal data for the purpose for which it was originally collected, it will inform you in advance and, if the basis of collection is your consent, it will only use your personal data for another purpose with your consent.

Where, as a basis for data processing, Stomil Gym accepts the user's consent, the user has the right to withdraw consent at any time, which does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal. Each registration form contains information about the type of personal data collected by Stomil Gym - different purposes may require the collection of different data, for example:

  • In order to receive promotional information, the user must provide his/her name, home address, e-mail address and/or telephone number;
  • To register for competitions and other promotional activities, the user must provide his/her name, home address, e-mail address and/or telephone number;
  • In order to contact Stomil Gym via the contact form, the user must provide his/her name, email address and/or telephone number;
  • In order to create a user account and use the online tools or mobile application, the user must provide his or her name, address, telephone number, e-mail address, financial details, user name and password and upload a recent photo of him or herself.

(b) Information that Stomil Gym obtains when you use the services offered by Stomil Gym. Stomil Gym may collect your personal data when you contact Stomil Gym and use its services. The personal data collected includes, but is not limited to:

  • device information (e.g. hardware model, operating system version, device identifiers or telephone number);
  • log information (e.g. IP addresses, system actions, hardware settings, browser type and language, date and time of request);
  • cookies (small text files that your browser installs on your computer or other device via a website);
  • customer behaviour on the site, such as clicks, scrolling, mouse movements, session tracking;
  • in order to offer you services, including the delivery of newsletters to which you have subscribed, Stomil Gym may collect information about your devices, for example, information stored in HTTP headers (defined below) or other Internet transmission protocol signals, browser or device type and version, operating system, User-Agent field values, information about the presence or use of applications on mobile devices, screen resolution and preferred language. In addition, Stomil Gym may collect derived location and behavioural data in relation to your use of your devices, including, in particular, the time you spend on the website and whether a video posted on the administrator's website has been viewed by you. Please also read our Cookie Policy, which provides detailed information on cookies.

3 What do we do with your personal data?

All personal data collected from you is stored on a secure infrastructure which we manage with the help of third party providers as described in section 5 of this Policy.

Depending on your use of the Stomil Gym services, Stomil Gym may collect and use your personal data for the following purposes ("Purposes")

registration as a user and provision of the requested services - ensuring that the content of the Services
are presented to the user in the manner most effective for him and his
o processing and handling complaints and applications;

  • researching and analysing the market and customers' use of Stomil Gym's services;
  • helping to evaluate, improve and enhance Stomil Gym's services;
  • internal records; o markeTng activities, including providing the user with information requested by Stomil Gym;
  • organising competitions and other promotional activities;
  • recruitment (if the user has provided Stomil Gym with their data for this purpose);
  • notifying the user of certain service changes.

Stomil Gym does not collect personal data that are not relevant for the purposes stated above or communicated to you when you ask for your consent to the processing of your personal data. Stomil Gym does not retain personal data for longer than necessary for these purposes or for the period indicated in the contract or the law, as appropriate.

This means that Stomil Gym stores personal data:

  • until the user, as a data subject, objects to such processing, the opportunity to object being included in any copy of the correspondence - where Stomil Gym processes the user's personal data on the basis of its legitimate interest and where the objection is legitimate (e.g. direct marketing activities, if any).
  • until the expiry of a legitimate interest - where Stomil Gym processes your personal data in order to safeguard that interest and where the objection is not legitimate, e.g. ensuring that you fulfil your obligations and preventing fraud;
  • until the expiry of a legal obligation - where Stomil Gym processes your personal data on the basis of such an obligation;
  • for the duration of the service or activity requested by the user, or until the user opts out of that service/activity - where Stomil Gym processes personal data in connection with the services provided to the user and there is no other purpose justifying the retention of the data;
  • until you withdraw your consent to the processing - where Stomil Gym, in processing your personal data, relies solely on your consent and does not have a legitimate interest in storing your personal data (and the opportunity to withdraw consent is offered in each piece of correspondence)

As a general rule, Stomil Gym will delete personal data collected from you when it is no longer necessary to achieve the purposes for which it was originally collected. However, Stomil Gym may be required to retain your personal data for a longer period due to legal requirements.

4. Confidentiality and security of your personal data

Stomil Gym takes data security seriously. In ensuring an appropriate level of security, the company has implemented appropriate physical, electronic and administrative procedures to protect the data it collects from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to data transmitted, stored or otherwise processed. The security policies and procedures adopted by the company are closely aligned with widely accepted international standards and are regularly reviewed and updated as necessary to meet its business needs, technical changes and the requirements of regulatory authorities. Only those employees, service providers or affiliates who demonstrate a business need to know or need the data to perform their duties are granted access to users' personal data.

Stomil Gym optimises the security of your personal data by, among other things:

  • using encryption where appropriate;
  • password protection of data;
  • limiting access to personal data to those who have a demonstrated need to know (i.e. only people who need the data for the above purposes will be given access to your personal data);
  • taking all reasonable precautions to ensure that Stomil Gym employees and associates who have access to your personal data have been trained in the data protection requirements and will only process such data in accordance with this statement and Stomil Gym's obligations under the applicable laws governing privacy protection.

5 To whom do we disclose personal data?

Stomil Gym only discloses your personal data to third parties and for the purposes described below. The Company will take appropriate steps to ensure that your personal data is processed, secured and transferred in accordance with applicable legislation.

The above objectives are closely linked to:

a) Third-party service providers Where necessary, Stomil GYM contracts other companies and individuals to perform certain tasks on its behalf in support of its services under data processing agreements. For example, Stomil GYM may share personal data with agents, contractors or partners in order to provide data processing services or to send you the information you have requested. Stomil GYM will only share with third-party service providers the data required to process your request. Third-party service providers may not use this data for any other purposes, in particular their own or those of third parties. Stomil GYM's external service providers are contractually obliged to respect the confidentiality of your personal data.

(b) Business Transactions in the event of a reorganisation, restructuring, merger, sale or other transfer of assets (collectively, "Business Transactions") Stomil GYM will transfer data, including personal data, on a reasonable scale and when necessary to carry out the Business Transaction, provided that the receiving party agrees to respect the user's personal data in a manner consistent with applicable data protection laws. Stomil GYM will continue to ensure the confidentiality of any personal data and will notify the relevant users before their personal data becomes subject to another personal data statement.

(c) Public authorities Stomil GYM only discloses your personal data to public authorities when required to do so by law. Stomil GYM will, for example, respond to requests from courts, law enforcement agencies, supervisory authorities and other public and governmental authorities, which may also include authorities outside the user's country of residence.

(d) Other legal grounds Stomil GYM may further disclose your personal data to protect its legitimate interests when required or permitted by law, or when you have given your express consent to the transfer of your data.

(e) Transfer of personal data abroad In certain circumstances, it will also be necessary to transfer your personal data to countries outside the European Economic Area (EEA) ("Third Countries"). Transfers to Third Countries may apply to all processing activities described in this Policy. This Policy also applies when Stomil GYM transfers personal data to third countries applying a different level of data protection than your country of residence. The transfer of personal data to countries other than those for which an adequacy decision has been issued by the European Commission (see the list at heps://ec.europa.eu/info/law/law-topic/data-protecTon.pl) shall be based on agreements containing standard contractual clauses adopted by the European Commission or other appropriate safeguards in accordance with applicable legislation.

6 Direct marketing

When using the Stomil Gym Services, you may be asked to indicate whether you wish to receive certain marketing information by telephone, SMS or email. If so, you hereby agree that Stomil Gym may use your personal information to provide you with product information, promotional activities and special offers, and other information about its products and services. You may change your direct marketing preferences at any time by selecting the opt-out option included in any direct marketing message, by contacting Stomil Gym in accordance with the communication channels provided or, if applicable, by changing your account settings.

7 Your rights concerning your personal data As a data subject, you have specific rights concerning the personal data that Stomil Gym collects from you. These rights apply to all processing activities provided for in this Policy. Stomil Gym respects the user's entitlements and responds immediately to any problem reported by the user.

The following list contains information about your rights under the applicable data protection laws:

  • Right to rectification: you may request Stomil Gym to rectify personal data concerning you.
  • Right to restrict processing: you may request Stomil Gym to restrict
    processing of his/her personal data if: he/she questions the accuracy of the personal data - for the period necessary to verify its accuracy, the processing is unlawful and the user requests a restriction of the processing instead of erasure, the personal data is no longer needed by Stomil Gym and the user needs it to establish, exercise or defend a claim, or the user objects to the processing - until it is verified that the legitimate interest of Stomil Gym takes precedence over the user's interest.
  • Right of access: you may request from Stomil Gym information about your personal data held by Stomil Gym, including information about the categories of personal data in Stomil Gym's possession or control, the purposes for which they are used, the source of that data if it did not come directly from you, and the persons to whom it was disclosed, if the disclosure took place. You may request from Stomil Gym, free of charge, one copy of your personal data in Stomil Gym's possession. Stomil Gym reserves the right to charge a reasonable fee for further copies.
  • Right to data portability: At your request, Stomil Gym will transfer your personal data to another controller as far as technically possible, provided that the processing of such data is carried out with your consent or is necessary for the performance of the contract.
  • Right to erasure: you may request Stomil Gym to erase your personal data if your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • Right to object: you may object at any time to the processing of your personal data on the grounds of your particular situation, provided that the processing is not carried out with your consent but on the basis of a legitimate interest of Stomil Gym or a third party. In this case, Stomil Gym will stop processing your personal data unless it can demonstrate a valid and legitimate ground and an overriding interest in the processing or the establishment, exercise or defence of the claim. If you object to the processing, you should indicate whether you wish Stomil Gym to delete your personal data or to restrict the processing.
  • Right to lodge a complaint: In the event of an alleged breach of the applicable privacy legislation, the user may lodge a complaint with the data protection supervisory authority, the President of the Data Protection Authority.

Stomil Gym will endeavour to fulfil the user's request within 30 days. However, this period may be extended for special reasons relating to the specific entitlement or the complex nature of the request.

In some cases, Stomil Gym may not be able to clearly identify you from your personal data due to the identifiers you have provided in your request. In such cases, where Stomil Gym cannot identify you as a data subject, Stomil Gym will not be able to comply with your request to exercise your rights unless you provide additional identifying information. In order to comply with your requests resulting from the rights indicated above, you should contact the Administrator by directing a message to the following e-mail address: kontakt@stomilgym.pl.

8. minors

Persons under the age of 16 should not provide Stomil Gym with their personal data without the consent and supervision of a parent or legal guardian. In the absence of such consent, Stomil Gym does not intend to retain the personal data of minors, process it or transfer it to third parties. If Stomil Gym becomes aware of the inadvertent collection of personal data of minors, it will delete such data without undue delay.

9 Sensitive data

Stomil Gym does not process special categories of personal data concerning you ("sensitive data"). Sensitive data means personal data indicating racial or ethnic origin, political, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data or information about your sexual life or sexual orientation.

10 Amendments to the Policy

Stomil Gym reserves the right to modify its privacy practices and make changes to this Policy at any time and in its sole discretion. For this reason, we encourage users to check this Policy regularly. This Policy is current as of the last revision date indicated at the top of this page. Stomil Gym will treat your personal information in a manner consistent with the Policy under which it was collected, unless we have obtained your consent to treat it differently.

Policy on the service's use of cookies.

(1) Cookies (so-called "cookies") are IT data, in particular text files, which are stored in the Service User's terminal equipment and are intended for use on the Website. Cookies usually contain the name of the website they come from, the time they are stored on the terminal equipment and a unique number.

The owner of the service is the entity placing cookies on the Service User's terminal equipment and gaining access to them.

(3) The cookie mechanism is not used to obtain any information about the users of the site or to track their navigation. The cookies used on the website do not store any personal data or other information collected from users and are used for statistical purposes.

By default, the web browsing software (browser) permits cookies on the User's device on which it is running. In most cases, you can configure the software yourself in this respect, including, among other things, to automatically block cookies. You can configure the handling of cookies in the settings of your software (web browser). Please note that the setting of restrictions on the handling of cookies may affect the operation of certain functionalities of the website.

5. cookies are used to adapt the content of the Website to User preferences and to optimise the use of websites; in particular, these files allow for recognition of the Website User's device and appropriate display of the website, adjusted to his/her individual needs; creation of statistics which help understand how Website Users use websites, which enables improvement of their structure and content; maintaining a session of the Website User (after logging in), thanks to which the User does not have to re-enter his/her login and password on each sub-page of the Website

(6) There are two main types of cookies used on the Website: "session" (session cookies) and "permanent" (persistent cookies). "Session" cookies are temporary files that are stored in the User's terminal equipment until the User logs out, leaves the website or switches off the software (web browser). "Persistent" cookies are stored on the User's terminal equipment for the time specified in the parameters of the cookies or until they are deleted by the User.

(7) The following types of cookies are used within the Service: "necessary" cookies, enabling the use of the services available within the Service, e.g. authentication cookies used for services requiring authentication within the Service; cookies used to ensure security, e.g. cookies used to detect abuse of authentication within the Service, "performance" cookies, enabling gathering information about the way the Service websites are used, "functional" cookies, enabling "remembering" the User's selected settings and personalising the User's interface, e.g. with regard to chosen language or region of origin of the User, font size, appearance of the website, etc.

DOWNLOAD PRIVACY POLICY
en_GBEnglish
pl_PLPolish ukUkrainian en_GBEnglish