Privacy Policy

I. Introduction

The protection of our Users’ personal data is of the utmost importance to the Owner of this website. We make every effort to ensure that Users feel safe when entrusting their personal data while using our website.

We process Users’ personal data only to the extent necessary to ensure a functional website and services. Users’ personal data is processed only with their consent, except where prior consent cannot be obtained for factual reasons and where data processing is permitted by law.

A User is a natural person, legal entity, or organisational unit without legal personality to which the law grants legal capacity, using electronic services available on the website.

This privacy policy explains the rules and scope of processing Users’ personal data, their rights, as well as the obligations of the data controller, and provides information about the use of cookies.

The controller applies state-of-the-art technical measures and organisational solutions to ensure a high level of protection of processed personal data and safeguards against unauthorised access.

I. Data Controller

The controller of personal data is Fundacja „Sfera Harmonii” (Sfera Harmonii Foundation), with its registered office at ul. św. Wincentego 16/22, 03–505 Warsaw, Poland, entered in the register of entrepreneurs maintained by the District Court in Warsaw, Commercial Division, under KRS number: 0000109211, NIP (Tax ID): 526–268-52–66 (hereinafter referred to as the “Owner”).

II. Purpose of Personal Data Processing

The controller processes Users’ personal data for the following purposes:

Promotional activities for its own products or services, including newsletter distribution, upon obtaining the User’s consent.
Collecting data on User behaviour to improve website functionality, measure traffic, and personalise content, primarily through cookies and tracking technologies.

The User may also consent to receiving information about news and promotions, in which case the controller will also process personal data to send the User commercial information regarding new products or services, promotions, or sales.

Personal data is also processed to fulfil the controller’s legal obligations and to carry out tasks in the public interest, including tasks related to security or the storage of tax documentation.

Personal data may also be processed for the purposes of direct marketing of products, securing and pursuing claims or protecting against claims of the User or third parties, as well as marketing of third-party services and products or own marketing that is not direct marketing.

III. Types of Data

Each time a User visits www.hashtaglab.pl, data and information are automatically collected from the accessing computer system, including:

the type and version of the browser used;
the User’s operating system;
the User’s internet service provider;
the User’s IP address;
the date and time of the User’s access to the website;
websites from which the User’s system accesses www.hashtaglab.pl;
websites accessed by the User’s system via www.hashtaglab.pl;
log files containing IP addresses or other data that may be attributed to the User.

This data is stored in system log files and is not stored together with other personal data of the User.

IV. Legal Basis for Data Processing

Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation — GDPR), OJ EU L 119, 4.5.2016, pp. 1–88.

The controller processes personal data only after obtaining the User’s prior consent. Consent to the processing of personal data is entirely voluntary.

V. User Rights

The User may at any time:

Request information from the controller about the scope of personal data processing.
Request correction or rectification of their personal data.
Withdraw consent to the processing of their personal data without giving a reason. The request not to process data may relate to a specific processing purpose indicated by the User, e.g. withdrawal of consent to receive commercial information, or may relate to all data processing purposes. Withdrawal of consent for all processing purposes will result in the deletion of the User’s account from the website, along with all personal data previously processed by the controller. Withdrawal of consent shall not affect processing already carried out.
Request, without giving a reason, that the controller delete their data. The request for data deletion shall not affect processing already carried out. Deletion of data means simultaneous deletion of the User’s account, along with all personal data saved and processed by the controller to date.
Object to the processing of personal data, both with regard to all personal data processed by the controller and only to a limited extent, e.g. with regard to data processing for a specifically indicated purpose. The objection shall not affect processing already carried out. Filing an objection will result in the deletion of the User’s account, along with all personal data saved and processed by the controller to date.
Request restriction of personal data processing, either for a specified period or without time limitation but within a specified scope, which the controller shall be obliged to fulfil. This request shall not affect processing already carried out.
Request that the controller transfer their personal data to another entity. The User should submit a request to the controller, indicating to which entity (name, address) the personal data should be transferred and which specific data the User wishes the controller to transfer. Upon confirmation by the User, the controller will transfer the personal data in electronic form to the indicated entity.

The controller shall inform the User of actions taken within one month of receiving any of the requests listed above.

VI. Data Retention Period

As a rule, personal data is stored only for as long as necessary to fulfil the contractual or statutory obligations for which it was collected. The data will be deleted immediately when its storage is no longer necessary for evidentiary purposes under civil law or in connection with a statutory data retention obligation.

Contract-related information is stored for evidentiary purposes for a period of three years from the end of the year in which commercial relations with the User ended. Data will be deleted after the expiry of the statutory limitation period for contractual claims.

In addition, the controller may retain archival information regarding completed transactions, as their storage is related to claims to which the User is entitled, e.g. under warranty.

If no contract has been concluded between the User and the Owner, the User’s personal data is stored until the User’s account on the website is deleted. Account deletion may result from a request by the User, withdrawal of consent to the processing of personal data, or an objection to the processing of such data.

VII. Entrusting Data Processing to Other Entities

The controller may entrust the processing of personal data to entities cooperating with the controller, to the extent necessary for the execution of transactions, e.g. for the preparation of ordered goods and delivery of shipments or the transmission of commercial information from the controller (the latter applies to Users who have consented to receiving commercial information).

Beyond the purposes indicated in this Privacy Policy, Users’ personal data will not be disclosed to third parties or transferred to other entities for the purpose of sending marketing materials from those third parties.

Users’ personal data is not transferred outside the European Union.

This Privacy Policy complies with the provisions of Article 13(1) and (2) of the GDPR.

VIII. Cookies

The website uses cookies or similar technologies (hereinafter collectively referred to as “cookies”) to collect information about the User’s access to the website (e.g. via a computer or smartphone) and their preferences. They are used for advertising, statistical purposes, and to adapt the website to the User’s individual needs.

Cookies are pieces of information containing a unique reference code that the website sends to the User’s device for storage and sometimes tracking purposes regarding the device used. They usually do not allow the User to be personally identified. Their main purpose is to better adapt the website to the User.

Some cookies on the website are only available for the duration of a given internet session and expire when the browser is closed. Other cookies are used to remember the User, who is recognised upon returning to the website. These are stored for a longer period.

The website uses first-party cookies and third-party cookies, including:

Strictly necessary cookies — essential for the website to function;
Preference cookies — remembering User preferences;
Analytics cookies — collecting statistical information;
Targeting / advertising cookies — used for advertising purposes.

All cookies on the website are set by the controller and comply with applicable European Union law.

Most Users and some mobile browsers automatically accept cookies. If the User does not change their settings, cookies will be saved on their device.

Users can change their cookie acceptance preferences or change their browser to receive a notification each time the cookie function is set. To change cookie acceptance settings, adjust your browser settings.

Please note that blocking or deleting cookies may prevent full use of the website.

Cookies will be used for essential session management, including:

Creating a special login session for the User so that the website remembers the User is logged in and their requests are delivered effectively, securely, and consistently;
Recognising Users who have previously visited the website, allowing identification of the number of unique users and ensuring sufficient server capacity for new users;
Recognising whether the visitor is registered on the website;
Recording information from the User’s device, including cookies, IP address, and browser information, for diagnosing problems, administering, and tracking website usage;
Customising layout elements or website content;
Collecting statistical information about how the User uses the website to improve it and determine which areas are most popular with Users.

IX. Contact

For matters related to the protection of personal data, please contact the controller:

Fundacja „Sfera Harmonii”
ul. św. Wincentego 16/22
03–505 Warsaw, Poland
KRS: 0000109211 | NIP: 526–268-52–66
Email: [email protected]

The User has the right to lodge a complaint with the supervisory authority — the President of the Personal Data Protection Office (ul. Stawki 2, 00–193 Warsaw, Poland).