§ 1. General clauses
- The administrator of personal data is eFitness SA odpowiedzialnością with its registered office in Poznań (60-166) at ul. Grunwaldzka 186, entered to the Register of Entrepreneurs of the National Court Register, based on an entry made by the Poznań-Nowe Miasto and Wilda District Court in Poznań, 8th Commercial Department of the National Court Register, under KRS number: 0000334295, with a NIP number: 7822482230, REGON number: 301209678 (hereinafter also referred to as : “Administrator“).
- On the protection of personal data, the User may contact the Administrator via the Data Protection Inspector – Mr. Filip Jeske, designated by us, by phone +48 61 666 12 88, in writing to the address of the company: ul. Goździkowa 6, 60-175 Poznań, or by sending an e-mail to [email protected].
- The Administrator processes Users’ personal data in compliance with the requirements of Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016. On the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (“GDPR”), the Act of 10 May 2018 on the protection of personal data (No. 2018.1000, as amended), as well as the Act of 18 July 2002 on the provision of electronic services (consolidated text: Journal of Laws of 2017, item 1219, as amended).
§ 2. The scope of collected personal data
- During registration in order to use the services provided by eFitness, the Administrator may require the User to provide personal data in order to provide services provided by the Administrator.
- The User acknowledges that the sharing of personal data by him is voluntary, however, the lack of consent for their processing by eFitness may result in the inability of eFitness to provide services to the User, including services provided electronically.
- For the implementation of the contract and the use of individual Services, it is necessary for the User to provide the following personal data:
- participation in the training: name, surname, e-mail address, telephone number, club name, position;
- newsletter: e-mail address;
- contact form: e-mail address.
- Furthermore, only in the case of consent by the User, eFitness may process other personal data provided by the User, indicated in the content of the contact form on the website www.efitness.com, www.efitness.pl, www.efitness.de such as: name, phone number, e-mail adress.
§ 3. Purposes and basics of personal data processing
- User personal data will be processed only for the following purposes and legal grounds:
- related to the conclusion and performance of the contract / contracts and the provision of Services, and in particular training services, including contacting the User in connection with their implementation (in accordance with Article 6 (1) (b) of the GDPR);
- consideration of complaints, complaints and requests and providing answers to them (in accordance with Article 6 (1) (c) of the GDPR);
- possible determination, investigation, enforcement of claims or defense against claims that are legitimate in the interest of the Administrator – conducting court and enforcement proceedings (in accordance from art. 6 par. 1 lit. f) GDPR);
- preventing abuse and fraud – ensuring security in the Services provided (in accordance with Article 6 (1) (f) of the GDPR);
- direct marketing of our services (in accordance with Article 6 (1) (f) of the GDPR) – for a legitimate purpose, i.e. promoting the activity conducted by the Administrator, and in the case of granting appropriate consent by the User – also for the purpose of sending commercial information by means of electronic communication, telecommunications terminal equipment and automated calling systems for marketing the Administrator’s products and services (in accordance with Telecommunications Law and the Act on the provision of electronic services) and on the basis of the consent given by the User in the case of granting the User’s consent in the scope of data referred to in § 2 para. 4 above (in accordance with Article 6 (1) (a) of the GDPR);
- newsletter if the User grants appropriate consent (in accordance with Article 6 paragraph 1 point a) of the GDPR);
- handling requests sent using the contact form, other applications – answering requests and inquiries to the Administrator, including storage of sensitive applications and responses to maintain accountability (in accordance with Article 6 (1) (f) of the GDPR);
- statistical and analytical tests, i.e. better selection of services to the User’s needs, optimization of service processes, ensuring the IT security of the Application, detection of unauthorized use from the services, financial analysis of the Administrator, being the implementation of its legally justified in this interest – possession of the abovementioned information allowing to improve the business (in accordance with Article 6 (1) (f) of the GDPR);
- data storage for archiving purposes and ensuring accountability – implementation of the legitimate interest of the Administrator to secure information in the event of legal need to prove facts (in accordance with Article 6 paragraph 1 point f) of the GDPR).
- In addition, if the User agrees, the Administrator processes his data in order to save data in cookies, by means of which only anonymous statistical data about Users is collected.
§ 4. Providing personal data
The personal data entrusted to the Administrator is made available to entities that provide us with consulting services, legal assistance, tax, accounting, IT and cloud services. These data can also be transferred to state authorities or other authorized entities
on the basis of legal regulations.
§ 5. Cookies
- eFitness is authorized to collect data through such technologies like cookies. Cookies (“cookies“) are small text files that store data locally on a computer, mobile phone or other User’s Device.
- The User may stop delivering this information at any time by deleting the cookies stored on his / her end devices. To do this, change the settings of the currently used web browser.
- eFitness processes and makes available to Google, Linkedin and Facebook data characterizing the manner of using services provided electronically (operational data) for marketing purposes:
- signs identifying the User,
- designations identifying the end of the telecommunications network or IT system used by the User,
- information on the start, end and scope of each use from the Services,
- information about the use of the Services by the User.
§ 6. Data retention
- User’s personal data will be kept for the period of:
- provision of Services, and after its completion, in connection with the legal duty of the Administrator resulting from generally applicable legal provisions (e.g., tax);
- necessary for pursuing claims by the Administrator in connection with the conducted activity or defending against claims directed against the Administrator, on the basis of generally applicable laws, including limitation periods for claims specified in generally applicable laws (including the Civil Code, Tax Ordinance);
- handling complaints (including warranty) – for 1 year after the warranty expiration or settlement of the complaint;
- in the case of processing for marketing purposes – in the case of data processing on the basis of a legitimate purpose – for the duration of the contract or until the opposition to such processing, depending on, from which of these events occurs earlier; while in the case of data processing on the basis of consent – until its withdrawal;
- in the case of consent to the processing of data for a given purpose (i.e. newsletter) – pending withdrawal of consent;
- for the purpose of accountability, i.e. to prove compliance with provisions regarding the processing of personal data, they will be kept for the period in which the Administrator is obliged to preserve data or documents containing them to document the fulfillment of legal requirements and enable control of their fulfillment by public authorities.
- The administrator guarantees the provision of appropriate technical and organizational measures to ensure the security of personal data being processed, in particular preventing unauthorized third parties from accessing them or processing them in violation of generally applicable laws, preventing personal data loss, damage or destruction.
§ 7. The rights and obligations of the User
- A user who has provided his personal data to the Administrator has the right to:
- access to their data and receipt of copies thereof;
- correcting (correcting) your data;
- deletion of data (the so-called right to be forgotten),
- restrictions on the processing of personal data;
- transfer your data to another administrator;
- object to data processing, including profiling, and for direct marketing purposes;
- withdrawal of consent in the event that the Administrator will process User’s data based on consent, at any time and in any way, without any influence for compliance with the law of processing which was made on the basis of consent before its withdrawal;
- file a complaint to the President of the Office for Personal Data Protection, if the User considers that the processing of personal data violates the provisions of the GDPR.
- As part of the exercise of the powers referred to in paragraph 1 above, the User may request the Administrator to perform certain activities. The application should be sent via e-mail: [email protected]. To check if the person requesting a specific operation on personal data has the right to do so, the Administrator may request additional data allowing to verify the identity of the person managing the application.
- In case of permanent removal by the User of personal data, necessary for the services provided by the Administrator, the User will no longer be able to use these services.
- Providing the data is necessary for the provision of services. In the remaining scope, providing data is voluntary.
§ 8. Processing of personal data in an automated manner
- Personal data will be processed in an automated manner (including in the form of profiling) for people who have agreed to share the eFitness newsletter with them.
- Automated processing consists in profiling subscribers automatically and sending personalized messages on this basis or contacting you by phone.