We respect the right to privacy of persons using the oliviacentre.com Website (hereinafter referred to as "Users") and we make every effort to ensure that the personal data of our Users are processed in accordance with applicable law, including the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "Regulation").

Using the functionalities available on the oliviacentre.com Website (hereinafter the "Website") may involve the processing of your personal data by us.

Our Privacy Policy (hereinafter the "Policy") was created to inform Users who is the administrator of their personal data, what personal data, for what purpose, on what basis and for how long we process and to whom we share it, as well as what rights Users are entitled to as data subjects personal.

This policy also applies to the processing of personal data obtained as part of running our company profiles or groups on social networks, such as: Facebook, YouTube, Instagram, Twitter, Google+ and LinkedIn (hereinafter "Social Networks").

This Policy is reviewed on an ongoing basis and will be updated as necessary. In the event of changes, we will publish the updated version of the Policy on the Website.

I. Data controller personal

The administrator of the personal data of the Website Users is Olivia Serwis Limited Liability Company with its registered office in Gdańsk (80-309) at al. Grunwaldzka 472C, entered into the Register of Entrepreneurs of the National Court Register by the District Court Gdańsk-Północ in Gdańsk, 0000475473th Commercial Division of the National Court Register under the number KRS 5842732752, NIP 221946200, REGON 205.000,00, share capital in the amount of PLN XNUMX (hereinafter the "Service Provider" ).

Separate personal data administrators (hereinafter "Separate administrators") are the operators of Social Networks, operators running websites to which the User has obtained access through links posted by the Service Provider on the Website, other personal data administrators indicated on the Website (for example: event organizers indicated in the relevant regulations regarding these events) and other entities indicated in the further part of the Policy as Separate administrators. Separate administrators process Users' personal data in accordance with the principles of privacy and personal data processing adopted by them. The Service Provider has no influence or has a limited influence on the processing of personal data by Separate Administrators.

II. Obtaining information on the processing of personal data

In all matters regarding the processing of personal data (except for the matters specified below), the User should contact the Data Protection Officer appointed by the Service Provider, using the following contact details: Olivia Serwis Sp. z o. o., Krzysztof Hewelt - Data Protection Officer, al. Grunwaldzka 472C, 80-309 Gdańsk, e-mail address: iod@oliviacentre.com.

In matters relating to the processing of personal data by Separate Administrators, the User should contact the Separate Administrators using the contact details provided by them.

III. Scope of processed personal data and information

The Service Provider processes personal data and information related to the use of the Website or the Service Provider's company profile on the Social Website or participation in the Service Provider's group on the Social Network, which the User provides or leaves when using the Website or the Service Provider's profile or participating in the Service Provider's group, including electronic forms. or saved in cookie files, which may be, in particular: first name, surname, e-mail address, telephone number, home address, gender, date of birth, profile photo, IP address, information about the end device, browser or operating system of the User, URL the previously visited website, language, city, activity and time of involvement of the User on the Website, data resulting from visiting the Service Provider's profile or group on the Social Network (for example, resulting from likes, posting comments or entries, User activity on the Service Provider's profile or group in Se social media), other data provided to the Service Provider by the User in correspondence with the Service Provider.

In any case, the scope of personal data and information processed by the Service Provider depends on the scope of the User's use of the functionalities available on the Website and on Social Networks, as well as on the scope of personal data and information provided to the Service Provider by the User in correspondence with the Service Provider.

In order to ensure security in the process of using the functionalities available on the Website and the confidentiality and integrity of data transmission, the Service Provider uses encryption technologies, in particular in the form of the SSL protocol.

IV. Purpose and legal basis for the processing of personal data

The Service Provider may process the User's personal data for the following purposes:

1. conclusion and performance of the contract for the provision of the service available on the Website concluded between the User and the Service Provider on the basis of the regulations applicable to this service (hereinafter the "Agreement") - in the event of concluding such an agreement with the User, pursuant to Article 6 paragraph 1 point b) of the Regulation,
2. fulfillment of legal obligations incumbent on the Service Provider, in particular in the field of keeping and archiving documentation or implementation of a request from an authorized body regarding the User's personal data resulting from the provisions of law, pursuant to Article 6 paragraph 1 point c) of the Regulation and relevant provisions regarding these obligations,
3. establishing, securing and pursuing claims by the Service Provider or defending against claims against the Service Provider, based on the Service Provider's legitimate interest, consisting in the possibility of establishing, securing, investigating and defending against claims, pursuant to Article 6 paragraph 1 point f) of the Regulation,
4. analytical and statistical as well as research on the level of satisfaction with the services provided by the Service Provider, on the basis of the Service Provider's legitimate interest in the possibility of conducting customer satisfaction research and creating statistics, reports, analyzes, statistical, analytical and performance measurements regarding the use of the Website, the use of services provided by the Service Provider and Users 'activity, in particular in order to improve the quality, improve or develop the services provided by the Service Provider, adapt the Website pages to the Users' habits, pursuant to Article 6 paragraph 1 point f) of the Regulation,
5. conducting correspondence, pursuant to Article 6 paragraph 1 point b) of the Regulation (taking steps to conclude the Agreement or conducting correspondence related to the implementation of the Agreement), Article 6 paragraph 1 point c) of the Regulation and relevant provisions (if the correspondence constitutes the fulfillment of a legal obligation Service Provider), the legitimate interest of the Service Provider, consisting in the possibility of responding to correspondence, pursuant to Article 6 (1) (f) of the Regulation or the User's consent, pursuant to Article 6 (1) (a) of the Regulation (if the correspondence is sent on the basis of the consent granted for its transmission),
6. marketing of the Service Provider's own products or services, on the basis of the Service Provider's legitimate interest, consisting in the possibility of offering the Service Provider's own products or services, pursuant to Article 6 paragraph 1 point f) of the Regulation, whereby the implementation of marketing purposes may include, in particular, sending information by the Service Provider commercial by electronic means,
7. marketing, including those related to the marketing of the Service Provider's own products or services and other persons, not falling within the scope specified in point IV.f) above, when the User has consented to it, pursuant to Article 6 paragraph 1 point a) of the Regulation, however, the implementation of marketing purposes may include, in particular, sending by the Service Provider, on its own behalf or on behalf of other persons, commercial information by electronic means,
8. for the purpose specified in the User's consent to the processing of his personal data provided to the Service Provider, the legal basis for the processing of User's personal data in such a case is Article 6 paragraph 1 point a) of the Regulation,
9. keeping a profile or group of the Service Provider on the Social Service, including informing about services, events and the Service Provider's brand, as well as building a community, establishing relationships and communicating with the Service Provider through the functionalities available on the Social Service, based on the Service Provider's legitimate interest, consisting in the possibility of marketing products or the Service Provider's own services, promotion of the Service Provider's services, events and brand, as well as community building, establishing relationships and communication with Users through the functionalities available on the Social Website, pursuant to Article 6 paragraph 1 point f) of the Regulation.

The User's consent to the processing of his personal data may be expressed, in particular, by checking the appropriate boxes in the electronic form, submitting relevant statements or using the functionality by the User that involves the provision of personal data to the Service Provider by the User (for example, from communication channels and User's activity on the profile). or the Service Provider's group on the Social Network).

V. Providing personal data (recipients of personal data)

The User's personal data may be made available by the Service Provider to entities processing personal data at the request of the Service Provider, including entities that the Service Provider uses or entrusted with the performance of activities in the scope of its business, entities providing tax, accounting, legal, technical or IT services for the Service Provider. .

The User's personal data may be made available by the Service Provider to entities processing personal data on their own behalf (separate administrators), including entities providing courier, postal, banking or insurance services, a payment operator handling payments for the Service Provider's services purchased by the User, authorized entities or bodies to which The Service Provider is entitled or obliged to disclose personal data on the basis of legal provisions in force in the territory of the Republic of Poland, to entities providing rental services in office buildings located in the office complex called Olivia Business Center, located in Gdańsk at ul. Grunwaldzka 472, co-organizers of events organized by the Service Provider.

VI. Transferring data outside the EEA

The Service Provider allows for the possibility of cooperation with partners who are based in countries outside the European Economic Area (EEA). The service provider will transfer personal data outside the EEA only if it is necessary and ensuring a high level of protection of this data, in particular through the use of standard contractual clauses adopted by the European Commission regarding the transfer of personal data to entities based outside the EEA.

VII. Time of personal data processing

The time of personal data processing by the Service Provider depends on the legal basis and the purpose of processing, taking into account the principle of accountability. Bearing in mind the above, the User's personal data may be processed for the period of:

1. in the case of processing personal data for the purpose of concluding and performing the Agreement - for the duration of the Agreement, and after its termination for the time specified in point VII.b) and VII.c) below,
2. in the case of processing personal data in order to fulfill the legal obligations incumbent on the Service Provider - for the time necessary to fulfill the obligation and the time during which the Service Provider may incur legal consequences of failure to perform this obligation,
3. in the case of processing personal data for the purpose specified in point IV.c) of the Policy - for the time necessary to establish, secure and pursue claims by the Service Provider or defend against claims against the Service Provider, taking into account the limitation periods specified in applicable law,
4. if the basis for the processing of personal data is the legitimate interest of the Service Provider - at the latest until an effective objection to the processing of personal data is submitted, subject to other provisions of point VII of the Policy,
5. if the basis for the processing of personal data is consent to their processing - no later than until its withdrawal.

In the case of personal data processed for different purposes or on different legal grounds for processing, for which there are different processing periods, the total processing time will not be longer than the processing period that will expire at the latest.

VIII. Rights related to the processing of personal data

In connection with the processing of the User's personal data by the Service Provider, the User is entitled, under the conditions set out in the Regulation:

1. the right to access personal data,
2. the right to rectify personal data,
3. the right to delete personal data (the right to be forgotten),
4. the right to limit the processing of personal data,
5. the right to transfer personal data to another administrator,
6. the right to object to the processing of personal data, including profiling,
7. the right to withdraw consent in the event that the Service Provider processes the User's personal data based on consent, at any time, without affecting the lawfulness of the processing which was made on the basis of consent before its withdrawal,
8. the right to lodge a complaint to the President of the Personal Data Protection Office, if the User considers that the processing of data violates the provisions of the Regulation.

IX. Automated decision making

Depending on the type of service provided by the Service Provider, the decision to conclude a contract with the User may be made automatically on the basis of data and information recorded by the IT system in the process of concluding the contract.

X. Information on profiling

When processing the User's personal data, there is no profiling within the meaning of Article 22 of the Regulation, which could have legal effects on the User or similarly significantly affect his situation.

XI. Source of data or information (obtained in a way other than from the User)

The User's personal data may come from the operators of social networks, co-organizers of events in which the Service Provider acts as a co-organizer or payment operators handling payments for the Service Provider's services purchased by the User.

The Service Provider informs that the User himself leaves and makes available to the Service Provider on the Social Network his personal data when using functionalities that involve the provision of personal data to the Service Provider by the User (for example by posting likes, entries or comments on the Service Provider's profile or group on the Social Network, joining the Service Provider's group on the Social Service, using communication channels or other activities on the Social Service).

XII. The requirement to provide personal data

Providing personal data is necessary for the conclusion and performance of the Agreement and for responding to the User's correspondence. The consequence of not providing personal data is the inability to conclude and perform the Agreement or respond to the User's correspondence.

XIII. Technologies enabling the collection and storage of information on the User's end device

The Service Provider uses cookies on the Website. Cookies are IT data saved in files, placed while browsing the Website's pages and stored on the User's end device. Cookies do not cause any damage or configuration changes to the end device or its software. Cookies have a unique name and a specific storage time on the end device and store information related to a specific device used by the User. Cookies may contain a unique number that identifies the User's device (IP number), but the User's identity is not determined on its basis.

The website may save a cookie file in the User's browser, if the browser allows it. The Service Provider may only access cookies placed by the Service Provider's website, and not to files placed by other websites.

The service provider may use cookies for the following purposes:

1. necessary (technical) cookies - for the proper operation, display or use of the Website's pages (for example, User authentication, security),
2. functional cookies - in order to adapt the Website to the User's preferences (for example: remembering privacy preferences regarding cookies or actively selecting the language or specific content of the Website) and optimizing the use of the Website (for example: recognizing the User's device and displaying the website properly),
3. statistical and performance cookies - to create statistics, reports, measurements and research on the use of the Website, in particular to improve the quality, improve or develop the Website and services provided on the Website, adapting the Website pages to the Users' habits.

The service provider uses own cookies and cookies from third parties. In order to monitor traffic, create statistics, reports, measurements and research on the use of the Website, the Service Provider uses the Google Analytics cookie, which places codes on Users' end devices that enable the collection of data about Users. The provider of the Google Analytics software, Google Ireland Limited, does not use the collected data to identify the User. Detailed information on the scope of data collection and processing in the Google Analytics service is contained in the documents available on the websites with the following addresses:

https://policies.google.com/?hl=pl and https://support.google.com/analytics/answer/6004245?hl=pl.

The Service Provider may use session (temporary) and permanent cookies. Session cookies are stored on the User's end device only until they leave the Website or turn off the browser. Permanent cookies are stored in the User's end device for the time set in the parameters of these files or until they are deleted by the User.

The Service Provider does not identify the User's identity on the basis of cookies.

The legal basis for the use of functional, statistical and performance cookies is the User's consent. The legal basis for the use of the necessary cookies is the need to provide the User with uninterrupted and proper operation, display and use of the Website.

The user may at any time delete cookies from the end device (clear the browsing history in the browser) or change the browser settings in such a way that cookies are blocked. Information on the use of cookies and possible configurations are available in the settings of the browser used by the User. The user may block the use of data by the Google Analytics software at any time by downloading and installing the Google Analytics blocking browser add-on available on the website https://tools.google.com/dlpage/gaoptout?hl=pl.

Removing, blocking or changing cookie settings may affect the convenience of using the Website or result in the need to re-select the User's preferences.

The User's consent to the use of cookies is also saved by means of a cookie, therefore, if the User deletes cookies from his browser, he will have to select the cookie privacy preferences again.

XIV. Policy version

This Policy is effective from May 04, 2022.