Privacy policy

Przedszkola Pomarańczowa Ciuchcia spółka z ograniczoną odpowiedzialnością spółka komandytowa with its registered office in Warsaw at ul. Dostępna 60, 01-490 Warsaw (hereinafter referred to as: PC), entered into the register of entrepreneurs of the National Court Register under KRS number 0000426244 by the District Court for the capital city of Warsaw in Warsaw, 13th Commercial Division of the National Court Register, NIP 5222455844, attaches particular importance to respecting the privacy of users visiting our website. The data collected in logs are used solely for the purposes of administering the service. We do not seek to identify the Users of the site.

Identification data is not associated with specific people browsing the PC website, except for the data provided by Users in the contact forms. To ensure the highest quality of the website, we occasionally analyze log files to determine which pages are visited most often, which web browsers are used, whether the website structure is error-free, etc.

Copyright

The content of the Website pages is the property of the PC. All personal and property copyrights to any elements of the Website (text, graphics, page layout, etc.) are reserved.

The website and all its elements are protected by law, in particular the Act of February 4, 1994 on Copyright and Related Rights (consolidated text, Journal of Laws.00.80.904, as amended), and the Act of April 16, 1993 on combating unfair competition (consolidated text, Journal of Laws 03.153.1503 as amended).

Personal data protection

Personal data – means information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Users provide their personal data on the website voluntarily.

Personal Data Administrator

The administrator of the processed data is:

Kindergarten Orange Ciuchcia Limited Liability Company Limited Partnership
with headquarters in Warsaw at ul. Available 60, 01-490 Warsaw.

Data processing by the Administrator

In connection with the conducted business activity, the Administrator collects and processes personal data in accordance with the relevant provisions, including in particular the GDPR (Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC), and the data processing rules provided for therein.

The personal data administrator ensures transparency of data processing, in particular, always informs about data processing at the time of collection, including the purpose and legal basis of processing. The administrator makes sure that the data is collected only to the extent necessary for the indicated purpose and processed only for the period in which it is necessary.

When processing data, the Personal Data Administrator ensures their security and confidentiality as well as access to information about the processing to data subjects. If, despite the security measures applied, there is a breach of personal data protection (eg "leakage" or loss of data), the Personal Data Administrator will inform the data subjects of such an event in a manner consistent with the provisions.

How can you obtain additional information on the processing of personal data?

In order to obtain additional information, please contact the Data Protection Officer (DPO) appointed by the PC. Here are his contact details:

e-mail address: iod@pomaranczowa-ciuchcia.pl

Postal address:
Data Protection Officer
Kindergarten Orange Ciuchcia Limited Liability Company Limited Partnership
ul. Available 60
01-490 Warsaw

Data recipients

In connection with conducting activities that require processing, personal data is disclosed to external entities, including in particular suppliers responsible for the operation of IT systems and equipment, entities providing legal services, couriers and marketing agencies.

The personal data administrator reserves the right to disclose selected information about the data subject to the competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with applicable law.

The period of personal data processing

The period of data processing by the Personal Data Administrator depends on the type of service provided and the purpose of processing. The period of data processing may also result from the provisions, when they constitute the basis for processing. In the case of data processing based on the legitimate interest of the Personal Data Administrator - e.g. for security reasons - the data is processed for a period enabling the implementation of this interest or until an effective objection to data processing is filed. If processing is based on consent, the data is processed until it is withdrawn. When the basis for processing is the necessity to conclude and perform a contract, the data is processed until its termination, and then for a period resulting from educational, tax and financial regulations and regulations regarding the management of commercial law companies.

The data processing period may be extended if processing is necessary to establish or pursue claims or defend against claims, and after this period - only if and to the extent required by law. After the processing period, the data is irreversibly deleted.

Rights of data subjects

Przedszkola Orangeowa Ciuchcia spółka z ograniczoną odpowiedzialnością spółka komandytowa provides data subjects with the implementation of their rights under the GDPR.

Data subjects have the following rights:

  • the right to information on the processing of personal data – on this basis, the Personal Data Controller provides the person making the request with information on the processing of data, including in particular the purposes and legal basis for processing, the scope of the data held, the entities to which it is disclosed and the planned date of deletion of the data;
  • the right to obtain a copy of the data – on this basis, the Personal Data Controller provides a copy of the processed data relating to the person making the request;
  • the right to rectification – the Personal Data Administrator is obliged to remove any inconsistencies or errors in the processed personal data and to supplement them if they are incomplete;
  • the right to delete data – on this basis, you can request the deletion of data whose processing is no longer necessary to achieve any of the purposes for which they were collected;
  • the right to restrict processing – in the event of such a request, the Personal Data Controller ceases to perform operations on personal data – with the exception of operations to which the data subject has given consent – and to store them, in accordance with the adopted retention principles or until the reasons for limiting data processing cease to exist (e.g. a decision of the supervisory authority is issued permitting further processing of the data);
  • the right to transfer data – on this basis – to the extent that the data is processed in connection with the concluded contract or the expressed consent – the Personal Data Controller issues the data provided by the data subject in a format that allows them to be read by a computer. It is also possible to request that this data be sent to another entity – provided, however, that there are technical possibilities in this respect on the part of both the Controller and the other entity;
  • the right to object to the processing of data for marketing purposes – the data subject may object to the processing of personal data for marketing purposes at any time without having to justify such objection;
  • the right to object to other purposes of data processing – the data subject may at any time object to the processing of personal data that is carried out on the basis of the legitimate interest of the Personal Data Controller; the objection in this respect should contain a justification;
  • the right to withdraw consent – if data is processed on the basis of expressed consent, the data subject has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before the withdrawal of consent;
  • the right to complain – if it is found that the processing of personal data violates the provisions of the GDPR or other provisions on the protection of personal data, the data subject may file a complaint with the President of the Personal Data Protection Office. In order to exercise the above rights, contact the Personal Data Administrator or the Data Protection Inspector using the contact details provided above.


 Purposes and legal grounds for processing

E-mail and traditional correspondence – in the event of sending personal data to the Controller via e-mail or traditional correspondence unrelated to the services provided to the sender or any other agreement concluded with him, the personal data contained in this correspondence are processed solely for the purpose of communication and resolving the matter to which the correspondence relates.

Legal basis:
Article 6, paragraph 1, letter f of the GDPR – the legitimate interest of the Personal Data Controller consisting in conducting correspondence addressed to him in connection with his business activity.

The administrator processes only personal data relevant to the matter related to the correspondence. All correspondence is stored in a manner ensuring the security of personal data (and other information) contained therein and disclosed only to authorized persons.

Telephone contact – in the event of contacting the Administrator by telephone, in matters unrelated to the concluded agreement or services provided, the Administrator may request the provision of personal data only if it is necessary to handle the matter to which the contact relates.

Legal basis:
Article 6, paragraph 1, letter f of the GDPR – the legitimate interest of the Personal Data Controller consisting in the need to resolve a reported matter related to the business activity conducted by him.

Collection of data in connection with the provision of services or the performance of other contracts

If data is collected for purposes related to the performance of a specific contract, the Personal Data Administrator provides the data subject with detailed information on the processing of his personal data at the time of concluding the contract.

In the event of a request to participate in the Open Day, the Administrator processes personal data in order to take action at the request of the data subject, before concluding the contract, and then in order to perform the contract. Participation in the Open Day requires confirmation by the Director of the facility. In accordance with the arrangements, the facility organizes workshops and/or other attractions for the child of the person registering.

Legal basis:

Article 6(1)(b) of the GDPR – processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject before entering into a contract.

Information about the administrator's services and activities – The Administrator takes active information actions towards interested persons about its services and activities. For this purpose, it informs about organized events, MiniCiuchcia classes, conducted recruitment to facilities, news and development of the children's education program in facilities, etc. (newsletter). Marketing content is sent periodically by e-mail or traditional, based on the data necessary to achieve the Administrator's goal.

Legal basis:

Article 6(1)(a) of the GDPR – consent of the data subject.

Data safety

In order to ensure the integrity, confidentiality and availability of data, the Personal Data Controller has implemented procedures (Personal Data Processing Policy) allowing access to personal data only to authorised persons and only to the extent necessary for the tasks they perform.

The personal data administrator also takes all necessary steps to ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures in each case when they process personal data at the request of the personal data administrator.

Archiving and statistics – after achieving the purpose, the Administrator stores personal data for a predetermined period in order to ensure access to historical data in connection with control and supervisory activities, protection against claims or for the purpose of pursuing claims, as well as for the purpose of ensuring the implementation of the rights of data subjects.

Legal basis:

Article 6, paragraph 1, letter f of the GDPR – legitimate interest of the Personal Data Controller in the form of data archiving and conducting internal statistical activities.

Profiling

Profiling means any form of automated processing of personal data, which consists in the use of personal data to evaluate certain personal factors of a natural person,

in particular to analyze or forecast aspects related to the effects of work of that natural person, his economic situation, health, personal preferences, interests, reliability, behavior, location or movement.

Profiling consists of three elements:

  • the form of processing is automated (at least in part);
  • the processing concerns personal data;
  • the purpose of the processing is to assess personal factors, assign specific characteristics or predict behavior.

What is automated data processing?

We talk about automated data processing when the data is processed only by an algorithm (computer), i.e. without human intervention.

The personal data administrator is obliged to inform about automated processing, including profiling - if such processing produces legal effects or significantly affects the natural person. The data subject has the right to object to automated processing, including profiling. The GDPR also guarantees the right not to be subject to a decision which is based solely on automated processing.

Transferring data outside the European Economic Area

The administrator does not transfer personal data outside the EEA.

On our website, the client will find a description of our products and services, learn about employment opportunities or receive the latest information and offers without having to provide any information about himself.

However, if the Customer provides us with information regarding his personal data, such as: address, e-mail address, telephone and fax numbers, demographic data and other identifying information, they will not be disclosed (for common use, for sale or as part of our contacts) any external organization, unless we are previously authorized to do so by it or we are required to disclose this data under applicable law.

We will transfer a small file to the Client's web browser, which will be stored on his computer and read by our Internet server (we call such files "cookies"). Such a file cannot be read by any web server other than the one that transmitted the cookies. We use cookies for a number of administrative tasks, for example to store the Client's preferences for a specific type of information, or the Client's password, which the Client will not have to enter each time he visits our website. Most of these "cookies" exist only for the duration of the session or "visit". None of them will contain information that will enable other people to contact the Client electronically, by e-mail or advertising mail. The Client can prepare his web browser to inform him when cookies are sent or to prevent the sending of such information files.

Przedszkola Pomarańczowa Ciuchcia spółka z ograniczoną odpowiedzialnością spółka komandytowa with its registered office in Warsaw at ul. Dostępna 60, 01-490 Warsaw, informs that during organised events and publicly open ceremonies the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, OJ EU . L. 2016.119.1 of 4 May 2016 - GDPR) and art. 81 of the Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws of 2018, items 1191, 1293, 1669, 2245, 2339, as amended). Taking, publishing and sharing photos taken by participants of events and open ceremonies is done at their own risk and with the awareness of the consequences resulting from disseminating the image of other people without their consent.

 

 Personal Data Inspector (DPO):

Michal Tuz
email: iod@pomaranczowa-ciuchcia.pl
tel. 513 577 440

Correspondence address: Dodajna 60, 01-490 Warsaw

Take part in the Open Day with your child at a selected Orange Ciuchcia branch.
👉🏻 Click the button below and fill out the form. See you! 🧡