GENERAL PROVISIONS

1. The controller of personal data collected through the website https://rumour.pl/ is Rumour Sp. z o.o. with its registered office in Warsaw (02-972) at Aleja Rzeczypospolitej 17/30, registered in the register of entrepreneurs kept by the District Court for the Capital City of Warsaw, XIII Commercial Department of the National Court Register, under the number KRS: 0000947734, with NIP: 951-253-38-79, REGON: 521065559, share capital of PLN 10,000. Email address: kontakt@rumour.pl hereinafter referred to as the “Controller”, also being the Service Provider.

2. In case of any doubts or requests related to the exercise of your rights, please contact kontakt@rumour.pl.

3. Your personal data is processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation / GDPR).

4. We take particular care to protect the interests of the persons whose data we process, in particular by ensuring that the data collected is processed lawfully, collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes, accurate and adequate in relation to the purposes for which they are processed, and kept in a form which permits identification of the data subjects for no longer than is necessary for the purposes of processing.

PURPOSE AND SCOPE OF DATA COLLECTION AND LEGAL BASIS FOR THESE ACTIONS

1. Your personal data is processed for two purposes: responding to your inquiries sent through the contact form – the legal basis for these actions is the principle that processing is allowed if it is necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract, sending offers and other marketing and promotional content – the legal basis for these actions is your consent expressed under the contact form.

2. We process the following scope of your data: email address, telephone number, any other data provided by you in the content of the inquiry sent via the contact form.

3. You are not subject to profiling, which means that your data is not processed automatically to determine (estimate) your needs or personality traits. We do not collect any additional information about you from other sources.

4. We do not sell personal data or share it with other entities. In particular, your data is not transferred outside the European Economic Area or to international organizations.

DATA RECIPIENTS

1. The Controller may only disclose personal data to trusted recipients who provide services to Rumour Sp. z o.o.

STORAGE AND REMOVAL OF DATA

1. We strive to limit the storage period of personal data that is no longer being used to the maximum extent possible. However, please note that this may not always be feasible due to operational and technological reasons. This refers to the time required to make a decision about whether further contact is appropriate, as well as the time needed to delete data from backup copies.

2. Your data processed for the purpose of handling a quote request will be processed by us for the duration of the correspondence and then, depending on the outcome, either added to our client database and further processed for the purpose of contract fulfillment, or deleted if it is not possible to establish cooperation.

3. In the event of clear closure of communication with you, the data will be immediately deleted from our system databases, as well as from backup copies before thirty days have passed.

4. In the case of no response and unclear situation, the data will be stored for a period of 6 months from the date of the last message sent.

5. Data processed based on consent, meaning data used for sending marketing information, will be processed until the consent is withdrawn. Please note that an additional period of 30 days will be required for us to delete data from backup copies.

RIGHT TO WITHDRAW CONSENT, RIGHT TO CONTROL, ACCESS, AND CORRECT YOUR DATA, RIGHT TO DATA PORTABILITY, RIGHT TO OBJECT TO FURTHER PROCESSING, AND RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

1. We inform you that we process your data for marketing purposes based on your voluntary consent. Please note that this consent may be withdrawn at any time. To do so, we suggest sending us a message from the same email address or phone number from which you received the marketing content. The only consequence of withdrawing consent will be that you will no longer receive information about our offer or other marketing content from us. We also inform you that withdrawing consent does not affect the legality of the data processing that took place before this withdrawal.

2. You have the right to access and correct your personal data.

3. If you find yourself in a particular situation in which further processing of your data by us threatens your privacy, you can inform us of this fact and request that we stop or limit processing.

4. You also have the right to ask us to send your data to another entity in a format that the recipient will be able to process freely. Please note that this right only applies to data that we have received from you. Given that exclusive data about you is processed in text format, data transfer will involve generating text documents in docx format that contain the history of your inquiries. These documents will not contain our responses, including our advice or any other type of expert knowledge, as it is not subject to your rights (and cannot be transferred).

5. Please note that you also have the right to lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office.

COOKIES FILES

1. The Service Provider’s website uses “cookies” files. Failure to change the browser settings by the Service Recipient is tantamount to consenting to their use.

2. Installation of “cookies” files is necessary for the proper provision of services on the website. The “cookies” files contain information necessary for the proper functioning of the website, especially those requiring authorization.

3. The following types are used on the website: Session and Third Party.

4. Session “cookies” are temporary files that are stored on the Service Recipient’s end device until logging out (leaving the website).

Third-party “cookies” – used to monitor traffic on their own website.

5. The user has the right to decide on the access to “cookies” files on their computer by selecting them beforehand in their browser window. Detailed information on the possibilities and ways of handling “cookies” files is available in the software settings (internet browser).