The personal data controller (Administrator) is the “Start with Yourself” Foundation with its registered office in Warsaw, al. Krakowska 2, 02-284 Warsaw, entered in the register of associations, other social and professional organizations, foundations and SPZOZ of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division, KRS: 0001168888, NIP: 5253332575, REGON: 541511724.
Correspondence address: “Start with Yourself” Foundation, ul. Gałczyńskiego 2a, 05-090 Raszyn.
1) by post: to the address indicated above,
2) by e-mail: kontakt[at]fundacjazacznijodsiebie.pl.
The Data Controller has not appointed a data protection officer. For data protection matters, please contact us at the e-mail address indicated in point 2.
1) identification and contact details (e.g., first name, last name, email address, phone number),
2) correspondence data (message content, attachments, postal address),
3) transaction data related to donations/online payments (scope required by the payment operator, including email address),
4) technical data related to the use of the Foundation's websites (e.g., IP address, cookie identifiers, browser/device type).
We obtain data directly from the persons concerned (forms, correspondence, payments). Technical data may be collected automatically when using the Foundation's websites.
1) communication and handling of inquiries/correspondence — Article 6(1)(a) and/or (f) of the GDPR,
2) maintaining a contact database — Article 6(1)(f) of the GDPR,
3) processing of donations/online payments — Article 6(1)(b) and/or (f) of the GDPR,
4) legal obligations (e.g., accounting, tax) — Article 6(1)(c) of the GDPR,
5) own marketing (e.g., newsletter, if consent has been given) — Article 6(1)(a) of the GDPR and relevant sectoral regulations,
6) establishing, pursuing, or defending claims — Article 6(1)(f) of the GDPR.
Data may be entrusted to entities supporting the Controller, including in the areas of: IT and hosting services, legal, marketing, accounting, postal/courier services, as well as to the payment operator - only to the extent necessary to achieve the indicated purposes.
As a rule, data is not transferred outside the European Economic Area. Any transfers (e.g. when using tools from suppliers outside the EEA) are carried out on the basis of the mechanisms provided for in the GDPR (in particular standard contractual clauses) and, if necessary, with the use of additional protection measures.
1) correspondence - for the duration of the case, and then for up to 3 years for evidentiary purposes or longer if required by law,
2) data in the contact database - until objection/deletion of data,
3) data related to donations/payments - for the period required by accounting/tax regulations (as a rule, 5 years from the end of the calendar year),
4) technical data (e.g., cookies) - in accordance with the accepted configuration and/or until consent is withdrawn, if applicable.
You have the right to: access your data, rectify it, delete it, restrict its processing, transfer it (in cases specified in the GDPR), and object to its processing based on Article 6(1)(f) of the GDPR. In the case of processing based on consent, you have the right to withdraw your consent at any time (without affecting the lawfulness of processing prior to withdrawal). Requests can be made in accordance with point 2.
The data subject has the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).