in accordance with art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC, I inform:
| Name of the Controller | Address | Contact details |
|---|---|---|
| Perfect Gym Solutions S.A. | ul. Klimczaka 1, 02-797 Warszawa | Phone: +48 22 307 34 04 e-mail: contact@perfectgym.com |
| Name and surname of the Data Protection Officer | Address | Contact details |
|---|---|---|
| Radosław Aniszczyk | ul. Klimczaka 1, 02-797 Warszawa | e-mail: dpo@perfectgym.com |
Under the above-mentioned address, you can contact the Data Protection Officer in matters related to the protection, collection, processing, modification and erasure of personal data.
| Data processing activity | Categories of personal data | Legal basis for processing personal data | Purpose and period of personal data storage | Recipients of personal data | Data transfer outside the EEA |
|---|---|---|---|---|---|
| Conclusion and performance of the contract | Data of current and potential clients and contractors, including sole proprietorships and civil partnerships, as well as natural persons representing contractors (employees, management). | Personal data are processed on the basis of: art. 6.1. b) GDPR, art. 6.1. c) GDPR, art. 6.1. f) GDPR. | Personal data will be processed in order to take steps necessary to conclude and perform the contract. The data will be processed for the duration of the contract, and after its completion, for the duration of the legitimate interest of the Controller. | Entities providing the Controller with programming services in the field of application and system development and maintenance, hardware and software service, as well as the Microsoft365 service provider and entities providing legal, consulting, auditing, insurance, debt collection and archiving services. | The Controller does not plan to transfer data outside the EEA, but such transfer may be carried out by global cloud service providers, for example Microsoft as a provider of Microsoft 365, Azure Active Directory or MFA services. |
| Communication via contact forms | Contact details of current and potential clients and contractors, including sole proprietorships and civil partnerships, as well as natural persons representing contractors (employees, management). | Personal data are processed on the basis of: art. 6.1. a) GDPR, art. 6.1. f) GDPR. | Personal data is processed for the purpose of communication and implementation of the matter to which the correspondence related and future contacts. The data will be processed for the duration of the communication or until the consent is withdrawn. The withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal of the consent granted. The data will be processed for the duration of the legitimate interest pursued by the Controller, e.g. personal data may be processed in the event of claims between the parties until the proceedings are legally terminated, as well as in the field of perfecting, modifying, personalizing or improving services and / or communication for the benefit of current and potential customers; for fraud identification and prevention; to analyze how potential and existing customers interact with Perfect Gym websites; to provide digital communications via email that may be of interest to you; to measure the effectiveness of any promotional or advertising campaigns. | Entities providing the Controller with programming services in the field of application and system development and maintenance, hardware and software service, as well as the Microsoft365 service provider and entities providing legal, consulting, auditing, insurance, debt collection and archiving services. | |
| Recruitment process for job | Personal data of job candidates in the recruitment process. | Personal data are processed on the basis of: Labour Code; art. 6.1. a) GDPR; art. 9. 2. a) GDPR - in the scope of consent to the processing of the image and data of a specific category. | Personal data are processed until the end of the recruitment process, and in the case of participants who have consented to the processing of data in future recruitments - up to 6 months from the date of consent. The withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal of the consent granted. | The data may be disclosed to entities with which the Controller has concluded an agreement for the provision of services providing technical and organizational solutions ensuring efficient management (in particular, ICT service providers), providers of legal, auditing and advisory services and supporting the Controller in the recruitment process and service providers enabling the Controller to publish recruitment ads. | |
| Maintenance and development of the Perfect Gym system. | Personal data of the users of the Perfect Gym system. | Personal data are processed on the basis of: art. 6. 1. f) GDPR. | Personal data is processed in order to implement the subject of the contract linking the entity that allows you to use the Perfect Gym system (for example gym, fitness club, swimming pool) and the Perfect Gym system provider, as well as conducting statistical research and preparing analyzes using the data of Perfect Gym system users. Personal data will be processed for the period of using the Perfect Gym system (the possibility of extending this period in the event of claims between the parties) and for the period of archiving documents, in accordance with applicable regulations. | Entities enabling you to use the Perfect Gym system (for example gym, fitness club, swimming pool), responsible for the correct operation of the system (maintenance and service of software and IT infrastructure) and providing services to the Controller, e.g. in the use of Microsoft365 and Google Analytics services. | |
| Recording phone calls | Recordings of conversations of Perfect Gym system users and persons contacting Perfect Gym Solutions S.A. | Personal data are processed on the basis of: art. 6. 1. a) GDPR; art. 6. 1. f) GDPR. | Personal data is processed in order to improve the quality provided by Perfect Gym Solutions S.A. services; conducting business relations. Recordings of calls are kept until consent is withdrawn or for the time needed to achieve the intended purposes, subject to legal and technical archiving, the obligation to store certain data or anonymize them. In the event that the recordings constitute or may constitute evidence in legal proceedings, until the proceedings are legally terminated. | Entities responsible for the correct operation of the system (maintenance and service of software and IT infrastructure) and providing services to the Controller, for example legal, consulting and auditing, insurance, debt collection and archiving services. Recorded conversations may also be made available to entities authorized to obtain these personal data on the basis of generally applicable provisions of law. |
The Controller informs that:
1. Personal data/data - means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing; third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
3. Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
4. Processing - means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
5. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC. 6. Data erasure permanent destruction of personal data or such modification that will not allow the identification of the data subject.
7. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
1. The person whose data is processed has the right to file a complaint related to the processing of his personal data by the Controller or the entity/organization whose personal data was transferred to:
| Name of the supervisory authority | Address | Contact details |
|---|---|---|
| The President of the Personal Data Protection Office | ul. Stawki 2 00-193 Warszawa | Phone: 606 950 000, fax. 22 531 03 01 https://uodo.gov.pl/pl/p/kontakt |
2. Information on the right to request information on the processed data:
3. Information on the right to request the rectification of its data: The data subject shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. The data subject has the right to submit a request at any time to the Controller.
4. Information on the right to request the restriction of data processing: The data subject shall have the right to obtain from the Controller restriction of processing where one of the following applies:
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
5. Information on the right to object to data processing: The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her, including profiling based on those provisions. The Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
6. The right to object to data processing will not affect the lawfulness of the processing, which was made on the basis of consent before its withdrawal.
7. Information on the "right to be forgotten": The data subject shall have the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
Schedule a meeting with a free demo presentation to explore Perfect Gym software!