§ 1. General provisions

1. The Administrator ensures that he makes every effort to ensure that the processing of Personal Data is carried out with the greatest respect for the privacy of the persons whose data are processed and with the utmost care for the security of the Personal Data processed and in particular ensures that he has taken appropriate measures provided by law aimed at ensuring the security of Personal Data.
2. The Controller declares that it applies technical and organizational measures ensuring the protection of the processed Personal Data appropriate to the risks and categories of data covered by protection, and in particular protects the data against their disclosure to unauthorized persons, taking by an unauthorized person, processing in violation of the law and alteration, loss, damage or destruction.
3. This document has been prepared on the basis of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “GDPR”), the Act of 10 May 2018 on the protection of personal data (Journal of Laws of 2018). item 1000), the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002 No. 144, item 1204) and other generally applicable laws.
4. In case of doubts and questions regarding the protection of personal data, we encourage you to contact the Data Protection Officer appointed by DM DOTS Katarzyna Szczesna, at the following e-mail address: hej@designmentorship.pl.

§ 2. Definitions

Whenever the Privacy Policy refers to:

1) Administrator - this means DM DOTS SPÓŁKA Z OLOZONÓWNA ODPOŚCIALNOŚĆ with its registered office in Gałówek 33 (55-330) KRS number: 0000995121REGON: 523302584, NIP: 9131633963, share capital PLN 5,000, represented by Katarzyna Szczesna - President of the Management Board. The Administrator should also be understood as the Personal Data Administrator within the meaning of the provisions of the GDPR;

2) Design Mentorship — this means all services offered by the Administrator, aimed at education in the field of organizing events, in particular the website operating at designmentorship, conference, training, consultations for organizers or various types of materials

didactic;

3) Personal Data - this means basic data about the User, including name, surname, e-mail, telephone; and other data necessary for the organization of the Organizer Academy, thanks to which it is possible to determine the identity in a direct or indirect way;

4) Software — this means web browsers that the User may use in order to use the Portal;

5) Cookies files (so-called cookies) — this means IT data constituting, in particular text files, which are stored in the User's Device and are intended for the use of the Portal's websites;

6) Processing of Personal Data — this means an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or otherwise making available, matching or combining, limiting removal, removal or destruction;

7) Terms and Conditions - this means a document that defines the types, scope and conditions of the Design Mentorship organization, as well as the rights and obligations of the Administrator and Users;

8) Portal — this means a website operating at: https://www.designmentorship.pl;

9) Device — means an electronic Device through which the User accesses the Portal, and in particular: PCs, laptops, tablets, smartphones;

10) User - this means a person for whom, in accordance with the Regulations and legal regulations, services are provided electronically and who participates in events organized as part of the Organizer's Program;

11) Consent — this means a voluntary, specific, informed and unambiguous expression of the will by which the data subject, in the form of a statement or express action, consents to the Processing of his or her Personal Data.

§ 3. Processing of Personal Data

1. Users' Personal Data will be processed in order to provide services within the Organizer's Program, for marketing purposes and in case of need to make any financial settlements. The legal basis for data processing will be:
   1) Article 6 (1) lit. a of the GDPR, i.e. the User's consent — including in the case of data processing for marketing purposes after the end of the legal relationship between the User and the Administrator, and
   also to the other extent specified each time in the content of the consent expressed by the User;
   2) Article 6 (1) (b) of the GDPR, i.e. the necessity for the performance of the contract, i.e. organisation of training for organisers, consultations for organisers, conferences for organisers or provision of an e-book;
   3) Article 6 (1) (c) of the GDPR, i.e. the necessity to fulfill the legal obligation incumbent on the Controller;
   4) Article 6 (1) (f) of the GDPR, i.e. the legitimate interests of the Controller, in particular such as providing information about the pre-release order of the book, direct marketing of services and products offered by the Administrator, sending a newsletter, contacting at the User's request, securing evidence in order to protect against claims or establishing and pursuing claims for business activities, sending personal data to internal administrative purposes, evaluation of the quality of services, market research, for the purposes of statistical data, in particular to assess interest in the content published by us and to improve the services provided. Personal data may be processed for direct marketing purposes until you object to such processing.
2. Providing Personal Data is voluntary, but necessary in order to use the services offered by the Administrator or to participate in events organized by the Administrator. In the absence of providing personal data, the User may not receive the benefit resulting from the service provided electronically or receive them to a limited extent.
3. The user may also give separate consent to receive commercial information. The User may express this consent on the website in places expressly specified by the Administrator. The User may withdraw the consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
4. The Administrator processes or may process the following Personal Data of the User, which the User may voluntarily provide:
   1) surname and first name,
   2) email addresses,
   3) phone number,
   4) IP address.
5. The Administrator stores Personal Data in the User database in order to facilitate the organization of the conference for the organizers.
6. Personal Data will be stored for the period necessary to achieve the aforementioned purposes, i.e. in the case of processing personal data on the basis of:
   1) Article 6 (1) (a) of the GDPR, i.e. the User's consent — until the User withdraws consent, and then for a period appropriate to secure any claims in accordance with the limitation periods specified in the Civil Code;
   2) Article 6 (1) (b) of the GDPR, i.e. the necessity for the performance of the contract — until the performance of the contract and for a period sufficient to secure any claims in accordance with the limitation periods specified in the Civil Code;
   3) Article 6 (1) (c) of the GDPR, i.e. the necessity to fulfill the legal obligation incumbent on the Controller — until this obligation is fulfilled and for a period sufficient to secure possible claims in accordance with the limitation periods specified in the Civil Code;
   4) Article 6 (1) (f) of the GDPR, i.e. the legitimate interest of the Controller — until such interest exists.
7. Recipients of Personal Data are persons authorized by the Administrator to process data within the framework of the performance of their official duties, entities to whom the Administrator orders to perform actions with which the need for data processing is associated (processing entities). Personal Data may be made available to entities conducting accounting on behalf of the Administrator, to entities conducting business process servicing activities, i.e. e.g. IT support.
8. Due to the use of IT solutions (including GSuite and Hubspot) provided by entities from the USA, the Controller may transfer Personal Data to the United States of America based on the EU-US Privacy Shield or Standard Contractual Clauses.
9. Users' Personal Data will be processed for the purposes of advertising, market research and Users' behavior and preferences with the purpose of the results of these studies for the purpose of improving the quality of services provided by the Administrator.
10. The Administrator declares that he uses tools designed to analyze the traffic on the Portal, as well as profiling, such as Google Analytics and other similar ones.
11. The Data referred to in paragraph 9 above is used by the Administrator only anonymously for purposes related to market research and Internet traffic on the Portal, for statistical purposes, in particular for assessing interest in goods and content posted on the Portal and improving its content and services provided within it.
12. The Administrator has the right to share the User's data and information as part of the ongoing proceedings with an authorized body, e.g. the prosecutor's office or court.
13. After the termination of the User's relationship with the Administrator, the Administrator will not Process the User's Personal Data, except for those data that are:
    1) necessary for the purposes of advertising (legitimate interest of the Administrator), market research and behavior and preferences of Users with the purpose of using the results of these surveys for the purpose of improving the quality of services provided by the Administrator;
    2) necessary to clarify the circumstances of the unauthorized use of the Portal;
    3) authorised for processing on the basis of separate laws or contracts;
    4) protection against possible claims.
14. The Administrator adheres to the following rules for processing Personal Data:
    1) implement appropriate technical and organisational measures to ensure that the processing takes place in accordance with the provisions on the protection of Personal Data and to be able to demonstrate this;
    2) store the collected Personal Data only on such media that are protected from access by third parties;
    3) supervises the security of Personal Data throughout the entire period of their possession in a manner ensuring, in particular, protection against unauthorized access, damage, destruction or loss;
    4) transfers data to authorized entities only on the basis of applicable legal provisions;
    5) maintains the confidentiality of Personal Data;
    6) ensures that the data subjects exercise their rights under the provisions of the law.
15. The User's Personal Data may be processed in an automated manner, but decisions based solely on automated data processing, including profiling, which have legal effects on the User or similarly significantly affect the User will not be taken.
16. The User whose Personal Data is processed has the right to request from the Administrator access to the data, as well as their rectification, deletion, restriction of processing or objection to processing, in accordance with the content of § 5 of this Policy.
17. In case of Registration using a profile created on the Facebook social network, the Administrator may process the Personal Data of Users located in their profiles on the Facebook portal in accordance with the privacy settings established by the individual Users, and in particular the following Personal Data: email addresses, phone numbers, location data, image, name and surname, FB Messenger ID, profile picture, time zone or gender.

§ 4. Newsletter

1. The Newsletter is an electronic service for the Administrator to provide information about the services offered by him. In order to use the Newsletter service provided by the Administrator, the User is obliged to agree to receive it.
2. The use of the Newsletter service requires the User to read the Privacy Policy.
3. The date of sending and the content of the Newsletter is decided by the Administrator.
4. The User may at any time unsubscribe from receiving the Newsletter by clicking on the deactivation link contained in each e-mail containing the Newsletter sent to the User or by submitting such a request to the Administrator.

§ 5. Cookies

1. The Administrator uses Cookies through the Portal.
2. Two main types of Cookies are used within the Portal:
   1) session files — these are temporary files that are stored on the User's Device until logging out, leaving the Portal or disabling the Software;
   2) permanent — these are files stored in the User's Device by the Cookies specified in the parameters or until they are deleted by the User.
3. All or some of the following types of Cookies may be used within the Portal:
   1) “necessary”, which allow you to use the services available within the Portal,
   2) “performance”, which allow the collection of information about the use of the Portal's websites;
   3) “functional”, which make it possible to preserve the settings selected by the User and personalize the User interface, e.g. by language, font size, appearance of the website;
   4) “advertising”, which allow us to provide the User with advertising content more tailored to their interests.
4. Cookies mentioned in paragraphs 2 and 3 of this paragraph are used to:
   1) adapt the content of the Portal to the User's preferences and optimize its use; in particular, this enables the recognition and display of the Portal on the User's Device, adapted to his individual preferences;
   2) creation of statistics that support the observation of the use of the Portal by Users, which affects the improvement of its structure and content;
   3) maintaining a session of the Portal User (after logging in with an account on the social network Facebook), thanks to which the User does not have to re-enter the login and password on each subpage of the Portal, and the Products once added to the cart are remembered.
5. The solutions used on the Portal's website are safe for the Devices of Users using this website.

§ 6. Rights of Users

1. You have the right to access your Personal Data and the right to correct it at any time.
2. The User has the opportunity to choose to what extent and for what time he wants to use the Portal and share information about himself. If, for any reason, the User does not wish to leave his Personal Data in the User database, he has the right to request its deletion.
3. In the case of Processing of Personal Data based on the consent granted, the person to whom the Personal Data relate has the right to withdraw consent at any time by means of a statement submitted in writing or in the form of an e-mail sent to the address: info@evenea.com. The withdrawal of consent does not affect the lawfulness of the Processing of Personal Data, which was carried out on the basis of consent before its withdrawal.
4. You have the right to correct, supplement, update, rectify, limit processing, transfer and request deletion of your Personal Data.
5. The User has the right to object to the processing of Personal Data based on the purposes resulting from the legitimate interests pursued by the Administrator or by a third party. The Controller may no longer process this Personal Data, unless he proves the existence of valid legitimate grounds for processing, overriding the interests, rights and freedoms of the User, or grounds for establishing, exercising or defending claims.
6. In order to correct, supplement, update, rectify, delete and object to the processing of their Personal Data, the User should send a request to the Administrator's e-mail address.
7. The User has the right to lodge a complaint with the President of the Office for Personal Data Protection in a situation where the Administrator will not process his Personal Data in accordance with the law.
8. The User has the possibility to limit or disable the access of Cookies to his Device. If you use this option, the use of the Portal will be possible, but it may be excluded from certain functionalities that require Cookies.
9. The User of the Portal can change the settings regarding Cookies at any time. These settings can be changed in particular in such a way as to block the automatic handling of Cookies in the settings of the web browser or to inform about their placement each time in the Portal User's Device. Detailed information on the possibilities and methods of handling Cookies are available in the settings of the Software.
10. The User can delete Cookies at any time using the functions available in the web browser he uses.

§ 7. Final provisions

1. The Portal may contain links to other websites. Such websites operate independently of the Administrator and are not supervised in any way by him. These sites may have their own privacy policies and terms and conditions, which we recommend that you familiarize yourself with.
2. If you have any questions or concerns regarding this Privacy Policy, please send an e-mail to: hej@designmentorship.pl
3. The Administrator reserves the right to change this Privacy Policy.
4. Users will be informed of any changes to this Privacy Policy seven days in advance on the main page of the Portal.
5. This Privacy Policy comes into force on July 10, 2023.
   
   ‍