The information below is a concise, understandable and clear summary of the information provided in the Privacy Policy regarding the Data Controller, the purpose and manner of processing of personal data and your rights in connection with such processing, in the form required to comply with the information obligation of RODO. Details of how the processing is carried out and the entities involved are available in the indicated policy.

Who is the data controller?
The Administrator of the Personal Data (hereinafter referred to as the Administrator) is the company “Jack Bronson sp. z o.o.”, doing business at: 37-38 Wita Stwosza Street, with assigned tax identification number (NIP): 8952216846, with assigned KRS number: 0000835668, providing services electronically through the Website.

How can you contact the data controller?
The Administrator can be contacted in one of the following ways

• Postal address – Jack Bronson sp. z o.o., 37-38 Wita Stwosza Street
• E-mail address – biuro@bronsonhome.pl
• Telephone call – +48 694 000 610
• Contact form – available at: https://bronsonhome.pl/kontakt

Has the Administrator appointed a Personal Data Inspector?
Pursuant to Article 37 of RODO, the Administrator has not appointed a Data Protection Officer.
In matters concerning data processing, including personal data, please contact the Administrator directly.

Where do we obtain personal data from and what are its sources?
Data is obtained from the following sources:

• from the data subjects
• in the case of registrations using social networks, with the informed consent of these individuals, from these social networks

What is the scope of the personal data we process?
The site processes ordinary personal data provided voluntarily by the persons concerned
(E.g. first and last name, login, email address, telephone, IP address, etc.).
The detailed scope of the processed data is available in the Privacy Policy.

What are the purposes of our data processing?
Personal data voluntarily provided by Users are processed for one of the following purposes:

• Realization of electronic services:
  • Newsletter service (including sending advertising content with consent)
• Communication of the Administrator with Users on matters related to the Service and data protection
• Ensuring the legitimate interest of the Administrator

What are the legal bases for data processing?
The Service collects and processes Users’ data on the basis of:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Article 6(1)(a)
  the data subject has consented to the processing of his/her personal data for one or more specified purposes
  • Article 6(1)(b)
  processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract
  • Article 6(1)(f)
  processing is necessary for the purposes of legitimate interests pursued by the controller or by a third party
• Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
• Act of July 16, 2004. Telecommunications law (Dz.U. 2004 No. 171 item 1800)
• Act of February 4, 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)

What is the legitimate interest pursued by the Administrator?

• For the purpose of possibly establishing, investigating or defending against claims – the legal basis for processing is our legitimate interest (Article 6(1)(f) of the DPA) in protecting our rights, including but not limited to;
• For the purpose of risk assessment of potential customers
• In order to evaluate planned marketing campaigns
• In order to carry out direct marketing

For what period do we process personal data?
As a general rule, the personal data indicated are kept only for the period of providing the service within the service provided by the Administrator. They are deleted or anonymized within a period of up to 30 days from the termination of service provision (e.g. deletion of a registered user account, unsubscribing from the Newsletter list, etc.).
In exceptional situations, in order to secure the legitimate interest pursued by the Administrator, this period may be extended. In such a situation, the Administrator will keep the indicated data, from the time of the User’s request for deletion, no longer than for a period of 3 years in case of violation or suspected violation of the provisions of the regulations of the service by the data subject.

Who is the recipient of data including personal data?
As a rule, the only recipient of data is the Administrator.
However, data processing may be entrusted to other entities performing services for the Administrator in order to maintain the activity of the Website.
Such entities may include, among others:

• Hosting companies, providing hosting or related services to the Administrator
• Companies through which the Newsletter service is provided
• IT service and support companies performing maintenance or responsible for maintaining the IT infrastructure

Will your personal data be transferred outside the European Union?
Your personal data will not be transferred outside the European Union unless it has been published as a result of an individual action by the User (e.g., entering a comment or post), which will make the data available to any visitor to the website.

Will personal data be the basis for automated decision-making?
Personal data will not be used for automated decision-making (profiling). What rights do you have related to the processing of your personal data?

• The right to access personal data.Users have the right to access their personal data, exercised upon request made to the Administrator
• Right to rectification of personal data. Users have the right to request the Administrator to promptly rectify their personal data that is inaccurate and/or to complete incomplete personal data, exercised upon request submitted to the Administrator
• Right to delete personal data. Users have the right to demand from the Administrator the immediate deletion of personal data, realized upon request submitted to the Administrator

In the case of user accounts, deletion of data involves anonymization of the User’s personally identifiable information. In the case of the Newsletter service, the User has the option of deleting his/her personal data himself/herself using the link provided in each e-mail message sent.

• Right to restrict processing of personal data. Users have the right to restrict the processing of personal data in the cases indicated in Article 18 of the RODO, including questioning the correctness of personal data, exercised upon request submitted to the Administrator
• Right to personal data portability. Users have the right to obtain from the Administrator, personal data concerning the User in a structured, commonly used machine-readable format, exercised upon request submitted to the Administrator
• The right to object to the processing of personal data.Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the RODO, exercised upon request submitted to the Administrator
• Right to lodge a complaint. Users have the right to lodge a complaint with the supervisory authority in charge of personal data protection.