The following information constitutes a concise, understandable, and transparent summary of the information contained in the Privacy Policy regarding the Data Administrator, the purpose and method of personal data processing, and your rights in connection with this processing, in the form required to meet the GDPR information obligation. Details regarding the processing method and entities participating in this process are available in the indicated policy.

Who is the data administrator?

The Personal Data Administrator (hereinafter Administrator) is “Myrage 2015 Sp. z. o. o. Sp. k.”, operating at: Mińska 25, with tax identification number (NIP): 1132858387, KRS number: 0000578616, providing services electronically through the Service.

How can you contact the data administrator?

You can contact the Administrator in one of the following ways:

Postal address – Myrage 2015 Sp. z. o. o. Sp. k., Mińska 25
Email address – rezerwacja@gessler-koszyki.pl
Phone – 577 378 949
Contact form – available at: /contact

Has the Administrator appointed a Data Protection Officer?

Based on Art. 37 GDPR, the Administrator has not appointed a Data Protection Officer.

For matters related to data processing, including personal data, please contact the Administrator directly.

Where do we obtain personal data from and what are their sources?

Data is obtained from the following sources:

from the individuals whom the data concerns
in case of registration using social media portals, with the conscious consent of these individuals, from these social media portals

What is the scope of personal data we process?

The service processes ordinary personal data, voluntarily provided by the individuals concerned
(E.g., name and surname, login, email address, phone, IP address, etc.)

Detailed scope of processed data is available in the Privacy Policy.

What are our purposes for processing data?

Personal data voluntarily provided by Users is processed for one of the following purposes:

Implementation of electronic services:

User account registration and maintenance services in the Service and related functionalities
Newsletter services (including sending advertising content with consent)
Commenting/liking posts in the Service without registration requirement
Administrator communication with Users regarding Service matters and data protection
Ensuring the Administrator’s legitimate interest

What are the legal bases for data processing?

The Service collects and processes User data based on:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Art. 6(1)(a)
the data subject has given consent to the processing of their personal data for one or more specific purposes
Art. 6(1)(b)
processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract
Art. 6(1)(f)
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party

Act of May 10, 2018, on personal data protection
Act of July 16, 2004, Telecommunications Law
Act of February 4, 1994, on copyright and related rights

What is the legitimate interest pursued by the Administrator?

For potential establishment, investigation, or defense against claims – the legal basis for processing is our legitimate interest (Art. 6(1)(f) GDPR) consisting in protecting our rights, including among others;
For assessing potential customer risk
For evaluating planned marketing campaigns
For direct marketing purposes

For how long do we process personal data?

As a rule, the indicated personal data is stored only for the period of service provision within the service operated by the Administrator. They are deleted or anonymized within 30 days from the termination of services (e.g., deletion of registered user account, unsubscribing from Newsletter, etc.)

In exceptional situations, to secure the legitimate interest pursued by the Administrator, this period may be extended. In such a situation, the Administrator will store the indicated data, from the time of request for their deletion by the User, for no longer than 3 years in case of violation or suspected violation of the service regulations by the person concerned.

Who is the recipient of the data, including personal data?

As a rule, the Administrator is the only recipient of the data.

However, data processing may be entrusted to other entities providing services to the Administrator to maintain the Service’s operations.

Such entities may include:

Hosting companies providing hosting or related services to the Administrator
Companies through which the Newsletter service is provided
Service and IT support companies performing maintenance or responsible for IT infrastructure maintenance

Will your personal data be transferred outside the European Union?

Personal data will not be transferred outside the European Union unless published as a result of individual User action (e.g., posting a comment or entry), which will make the data available to anyone visiting the service.

Will personal data be the basis for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What rights do you have regarding personal data processing?

Right to access personal data
Users have the right to obtain access to their personal data, exercised upon request submitted to the Administrator

Right to rectify personal data
Users have the right to request from the Administrator immediate rectification of personal data that is incorrect and/or completion of incomplete personal data, exercised upon request submitted to the Administrator

Right to delete personal data
Users have the right to request from the Administrator immediate deletion of personal data, exercised upon request submitted to the Administrator.

For user accounts, data deletion consists of anonymizing data that enables User identification.

For the Newsletter service, Users can independently delete their personal data using the link included in each email message sent.

Right to restrict personal data processing
Users have the right to restrict personal data processing in cases indicated in Art. 18 GDPR, including questioning the accuracy of personal data, exercised upon request submitted to the Administrator

Right to data portability
Users have the right to obtain from the Administrator personal data concerning the User in a structured, commonly used, and machine-readable format, exercised upon request submitted to the Administrator

Right to object to data processing
Users have the right to object to the processing of their personal data in cases specified in Art. 21 GDPR, exercised upon request submitted to the Administrator

Right to file a complaint
Users have the right to file a complaint with the supervisory authority responsible for personal data protection.