I Introduction

When conducting business activities, JWP Group collects and processes personal data of users in accordance with applicable provisions of law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR).

Below please find the information that may be relevant in connection with the use of the services provided by JWP Rzecznicy Patentowi Dorota Rzążewska sp.k. (hereinafter: JWP) or another entity from JWP Group (listed here) which is a party to a provision of services agreement, or an entity contacted for another purpose.

Personal data means any information about the natural person identified or identifiable through one or more specific factors determining their physical, physiological, genetic, mental, economic, cultural or social identity, including their image, voice recording, contact details, location data, information included in correspondence, information collected via recording equipment or other similar technology.

The function of a personal data controller making decisions about the purposes and manner of data processing is jointly performed by the entities constituting JWP Group (hereinafter referred to as JWP Group):

• • JWP Rzecznicy Patentowi Dorota Rzążewska sp.k. (JWP Patent & Trademark Attorneys), address: ul. Mińska 75, 03-828 Warsaw, registered in the District Court for the capital city of Warsaw in Warsaw, 12th Commercial Division of the National Court Register. National Court Register Number (KRS): 0000717985 | Tax Identification Number (NIP): PL 526 011 18 68 | Statistical Identification Number (REGON): 010532597
  • JWP Kancelaria Prawna Dorota Rzążewska (JWP Attorneys-at-Law), address: ul. Mińska 75, 03-828 Warsaw. Tax Identification Number (NIP): PL 521 127 64 11 | Statistical Identification Number (REGON): 012877745
  • Fundacja JWP Masz pomysł? Masz patent. Masz zysk! (JWP Foundation), address: ul. Mińska 75, 03-828 Warsaw, registered in the District Court for the capital city of Warsaw in Warsaw, 12th Commercial Division of the National Court Register. National Court Register Number (KRS): 0000379117 | Tax Identification Number (NIP): PL 701 028 28 77 | Statistical Identification Number (REGON): 142823770

In order to ensure an adequate level of personal data protection, JWP Group has appointed Data Protection Officer, to be contacted by email at: dane@jwp.pl or by mail at: uul. Mińska 75, 03-828 Warsaw.

II Personal Data Collection, Processing and Use

The manner and scope of personal data collection depends in particular on whether you visit our website for information purposes or use the services offered via the website or the services described therein, but provided otherwise.

The provision of personal data is voluntary, but necessary to accomplish the purposes for which we have collected personal data.

We process personal data for the following purposes and with reference to the following legal basis (Article 6(1)(a)-(c),(f) of GDPR):

• entering into and performing individual contracts, including ensuring a good quality of services (legal basis: Article 6(1)(b) of GDPR) – “performance of a contract,”
• fulfilling legal obligations, e.g. issuing and storing invoices or responding to complaints (legal basis: Article 6(1)(c) of GDPR) – “a legal obligation,”
• pursuing any possible claims (legal basis: Article 6(1)(f) of GDPR) – “a legitimate interest,”
• promoting our own services during the term of the contract (legal basis: Article 6(1)(f) of GDPR) – “a legitimate interest,”
• carrying out marketing activities, sending newsletters, organizing workshops and trainings provided that you agree to the use of the data for this purpose (legal basis: Article 6(1)(a) of GDPR) – “consent.”

We process the personal data provided to us for the period necessary to accomplish the above purposes. Depending on the legal basis, this will be respectively:

• the duration of the cooperation itself, but no longer than 10 years from the end of the year when the proceedings as part of which the personal data was collected are concluded – for the personal data processed by attorneys-at-law or advocates in the course of their professional activities,
• the time during which legal obligations are fulfilled and the time during which the provisions of law, e.g. tax regulations, require Data Controllers to store the data,
• the period of time after which any claims arising from the contract expire,
• the period of time until the consent is withdrawn.

Taking into account the trust that users place in JWP Group when using our legal advisory services, we reserve the right to retain, in individual cases, personal data allowing to identify a conflict of interest should a case regarding a specific user be conducted by us for the opposing party.

III Cookie Policy

JWP Group uses the following Websites:

• https://www.jwp.pl/ – website of Patent & Trademark Attorneys,
• https://www.jwp-poland.pl/ – website of Patent & Trademark Attorneys in English
• https://www.jwp-legal.pl/ – website of Attorneys-at-Law
• https://www.jwp-fundacja.pl/ – Foundation’s website

When you uses the Website, your data is automatically collected. The data include: IP address, domain name, browser type or operating system type. The data may be collected by web cookies, Google Analytics, and may be stored in server logs.

Web cookies are small text files sent to your computer or another terminal device when you are browsing the Website. Web cookies remember user preferences, which helps enhance the quality of provided services, improve search results or the accuracy of displayed information, personalize a website, and create website statistics.

JWP Group is a controller of web cookies.

You may opt out of web cookies (or set preferences for their use by your web browser) by selecting appropriate settings in your web browser.

You agree to the storage of or access to the web cookies by the Service Provider by reading a web cookies use notification message during your first visit to the Website, closing the notification message and keeping the default settings of your web browser unchanged. You may change the way web cookies are used at any time by changing the settings of the browser installed on your device.

JWP Group uses the types of web cookies listed below:

1. Essential files – files of key importance that enable users to navigate the Website and use its functions, e.g. gain access to secure areas on the Website.
2. Performance files – these files collect information about how users use the Website and which parts of the Website they visit most often.
3. Functional files – these files register user choices (such as a user name, language, or the region where users reside).

JWP Group uses the Google Analytics system, which serves for web analytics and gives insight into the Website traffic useful in marketing activities.

Third-party social media (e.g. Facebook, Twitter, LinkedIn) may record information about you, for example, when you click on an “Add” or “Like” button connected with a particular social networking site during your stay on the Website. The Service Provider has no control over third-party entities or their activities. Information about social media sites is available thereon.

JWP Group uses the data provided by you or collected automatically to:

1. ensure proper functioning, configuration, security and reliability of the Website,
2. monitor a session status,
3. adapt displayed information to user preferences,
4. conduct analyses, statistics, surveys and audits of Website views.

Should you have any additional questions related to the use of web cookies, please send them to the following email address: info@jwp.pl. The rules set out in the Cookie Policy are governed by Polish law.

IV Transfer of Personal Data to Third Parties

Subject to data security guarantees, we may transfer personal data to other entities, including:

1. persons authorized by JWP Group to process data,
2. entities entrusted with data processing, e.g. technical service providers and advisory services providers,
3. other controllers, e.g. couriers.

Personal data may also be transferred to countries outside the European Economic Area (i.e. countries other than the European Union or Iceland, Norway and Liechtenstein), provided that conditions set out in Chapter V of the GDPR are met. The entrusting of personal data of JWP Group clients to foreign attorneys established outside the European Economic Area takes place after this has been agreed with the user.

The entities with whom user data is shared may use it in the manner and to the extent necessary to accomplish the purpose set by JWP Group. In addition, JWP Group cooperates with advisors who are obliged to comply with security rules and regulations as regards personal data processing. JWP enters into agreements for entrusting individual entities with personal data specifying terms and conditions for the use of such personal data by these entities.

V Google Analytics

JWP Group uses Google Analytics, which uses web cookies stored in your computer. As a result, we obtain personal data identifying the entity using JWP Group’s Website, such as an IP address. The information resulting from web cookies is provided to Google Inc. and stored on the server of this company. Google Inc. collects and processes data in accordance with its own privacy policy.

VI Personal Data in Social Media

JWP Group provides content via social media such as: Twitter, Facebook, LinkedIn and Youtube. When you use specific social media, your personal data is collected and processed by these entities under the terms and conditions set out by their owners, outside the control of JWP Group.

VII Data Security

In order to ensure data confidentiality, JWP Group has implemented procedures as well as organizational and technical solutions allowing access to data by authorized persons who process it in connection with the tasks with which they have been entrusted. Necessary actions are taken to ensure that subcontractors and other cooperating entities also guarantee the use of appropriate security measures whenever they process data on behalf of JWP Group.

The information sent via the Website, including via the contact form, newsletter or as part of JWP Online service, is encrypted by means of SSL protocol and remains invisible to third parties.

Risk analyses are carried out on an ongoing basis and the adequacy of data safeguards applied to identified risks is monitored.

In addition, JWP Group complies with the duty of professional secrecy binding patent attorneys, attorneys-at-law and advocates.

VIII User Rights

Any person whose personal data is held by JWP Group has the right to request access to their personal data, to have the data transferred, rectified and erased or to have the processing of their personal data restricted. Any restriction in this respect may only arise from regulations.

Notwithstanding the rights mentioned above, any data subject may object to the processing of the data where the data is used on the basis of a legitimate interest. Having accepted such a relevant request, JWP Group is obliged to cease the processing of data for a specific purpose.

The withdrawal of consent to the processing of personal data does not affect the lawfulness of data processing made on the basis of the consent before its withdrawal.

Should you wish to exercise these rights, please send an email to dane@jwp.pl.

Any data subject also has the right to file a complaint with the President of the Personal Data Protection Office if they consider that the processing of personal data by JWP Group violates the provisions of law.

IX Regulations on the Provision of Services

As required by law, detailed terms and conditions for the provision of remote services are set out in The Regulations on the Provision of Services.

X Copyrights

The Website content is protected by copyright. Its content may not be used in any fields of use otherwise than upon JWP’s written consent stipulating that only non-commercial use for personal purposes is allowed.

The logo of any entity belonging to JWP Group placed on the Website is a registered trademark subject to protection.

The content in the form of works disseminated in the blog, social media and the newsletter is also protected by the copyright held by JWP Group.

XI Final Provisions

The content in the materials posted on the Website, in social media and in the newsletter is designed for informational purposes only and cannot be treated as advice, consultation or recommendation.

JWP Group reserves the right to make changes to this information at any time and to any extent, without prior notice.

Commercial information on provided services is informative in character and constitutes an invitation to negotiate; it is not a commercial offer within the meaning of Article 66(1) of the Civil Code.

The rules set out in the Cookie Policy are governed by Polish law.

The Privacy and Cookie Policy may be updated, in particular when amendments are made to relevant regulations or guidelines issued by competent authorities.

1. The Controller of your personal data is the JWP Group, which consists of the entities being Members of the JWP Group:

• Fundacja JWP Masz Pomysł Masz Patent Masz Zysk with its registered office in Warsaw, entered under number 379117 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, with Tax Identification Number (NIP) 7010282877,
• JWP Kancelaria Prawna Dorota Rzążewska with its registered office in Warsaw at ul. Mińska 75, 03-828, Tax Identification Number (NIP) 5211276411, Business Identification Number (REGON) 012877745,
• JWP Rzecznicy Patentowi Dorota Rzążewska spółka komandytowa (a Polish limited partnership) with its registered office in Warsaw at ul. Mińska 75, 03-828, entered under number 00000717985 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, Tax Identification Number (NIP) 526-011-18-68, Business Identification Number (REGON) 010532597.

2. In matters related to the protection of your personal data, you may contact the Data Protection Officer appointed by the Controller at the following email address: iod@odosc.pl, or in writing to the Controller’s registered office address.
3. General Information:

• Our fan page is run in compliance with the requirements specified in Facebook terms and policies.
• The information contained in your profile and the activities resulting from its use are directly controlled by Facebook.
• We control your data exclusively for the purpose of answering to your questions, commenting on your posts, and communicating with users as part of our activity and the content we make available.
• We process personal data collected through communication with users only for the purpose of providing responses, if necessary.
• We do not archive your activity related to the use of our fan page outside Facebook.
• We have no control over what data the provider of plug-ins or social media sites collects and how it processes such data. For information about the purpose and scope of data collection, including the cookies used, their further processing and application by third-party providers, and your rights and privacy protections settings offered by those providers, you can refer to a data protection policy of the relevant provider at: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA https://www.facebook.com/privacy/explanation

4. The Controller processes personal data of the persons who:

• have subscribed to the fan page by clicking the “Like” or “Follow” button,
• have posted their comment under any of the fan page posts,
• have sent a message.

5. Personal data is processed for the purposes of running a fan page on Facebook, on the terms and conditions specified by Facebook, and providing information via the fan page about the Controller’s activities, promoting the JWP Group and various events, building and maintaining a community connected with the Controller, and for the purpose of communicating through available Facebook functionalities (comments, chats, messages) (pursuant to Article 6(1)(c) and (e) of GDPR). Your personal data may also be processed on the basis of a separate consent to the extent and for the purpose specified in the consent and until the consent is withdrawn (pursuant to Article 6(1)(a) of GDPR) or for the purpose of pursuing claims (pursuant to Article 6(1)(c) and (f) of GDPR – a legitimate interest of the controller or a third party).
6. The Controller of personal data will process the following data:

• basic identification data (usually including your name and surname) to the extent published by you in your Facebook profile,
• data you have published in your Facebook profile,
  • your profile picture (and using it, in some cases, we can get to know your image),
  • other pictures (which may also represent an image) resulting from the fan page-user relationship. Posting pictures under our posts is voluntary on your part.
  • the content of your comments and the content of conversations made via the Messenger application;
    • anonymous statistics on fan page visitors, accessible via the Facebook Insights feature as provided by Facebook in accordance with non-amendable Facebook terms of use, collected through tracking files (i.e. cookies), each of which contains a unique user code, which can be linked to the connection data of Facebook’s registered users, and which is collected and processed when the fan page is opened.

7. Data Recipients:

As part of the fan page, due to Facebook specificity, information about fan page followers, likes, and the content of comments, posts and other information provided by users are public.

8. We may share your data with the entities of the following categories:

• entities whose services we use when processing your data and with which we have signed personal data processing agreements;
• entities to which we are obliged to transfer your data under applicable law;
• the owner of Facebook social networking site under non-amendable principles regarding data specified by Facebook and available at https://www.facebook.com/about/privacy.

9. At the same time, we would like to inform you that we do not transfer your data outside the European Economic Area, subject to the transborder nature of data flow as part of Facebook service. Facebook may transfer your data outside the European Economic Area. However, please note that Facebook is EU-US Privacy Shield certified. Under a relevant agreement between the USA and the European Commission, the European Commission regards companies with Privacy Shield certification as providing an adequate level of data protection.
10. Your data will be processed for the period necessary to accomplish the following purposes:

• the information about users that we hold in private messages will be retained until your questions are answered, not longer than for 1 month;
• in the case of information that we hold as part of the comments you have provided, it will be available on our website until it is deleted by the author;
• Your personal data collected by Facebook, i.e., your post history, your Messenger activity history, your Instagram activity history is subject to retention

on the terms set out in the Facebook terms and policies;

• data processed on the basis of the Controller’s legitimate interest will be processed until an objection is effectively made or the interest ceases to exist,
• statistics on fan page visitors available through the Facebook Insights feature shall be processed for a 2-year period of availability of this data on Facebook;
• data processed on the basis of the consent will be processed until the consent is withdrawn.

11. Rights of Data Subjects:

You have the right to

• access and receive copies of your data;
• rectify (correct) your data;
• data erasure;
• restrict the processing of data;
• object to the processing of data;
• data portability;
• withdraw your consent at any time;
  • file a complaint with the President of the Personal Data Protection Office, with its registered office in Warsaw, ul. Stawki 2.

Providing your data is voluntary, but the failure to provide your data will make it impossible for you to view the fan page or make comments.

Pursuant to Article 13(1) and (2) and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “GDPR”), below we provide information on how we will process your personal data made available during the use of our social networking site profile (hereinafter referred to as the “fan page”):

1. The Controller of your personal data is the JWP Group, which consists of the entities being members of the JWP Group:

• Fundacja JWP Masz Pomysł Masz Patent Masz Zysk with its registered office in Warsaw, entered under number 379117 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, with Tax Identification Number (NIP) 7010282877,
• JWP Kancelaria Prawna Dorota Rzążewska with its registered office in Warsaw, at ul. Mińska 75, 03-828, Tax Identification Number (NIP) 5211276411, Business Identification Number (REGON) 012877745,
• JWP Rzecznicy Patentowi Dorota Rzążewska spółka komandytowa (a Polish limited partnership) with its registered office in Warsaw at ul. ul. Mińska 75, 03-828, entered under number 00000717985 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, Tax Identification Number (NIP) 526-011-18-68, Business Identification Number (REGON) 010532597.

2. In matters related to the protection of your personal data, you can contact the Data Protection Officer appointed by the Controller at the following email address: iod@odosc.pl, or in writing to the Controller’s registered office address.
3. Personal data will be processed for the following purposes:
   • to run a fan page on the YouTube social media platform, on the terms and conditions specified by YouTube LLC, and to inform, via the fan page, about the Controller’s activities, promote various events, build and maintain the community associated with us,
   • to communicate via available YouTube functionalities, i.e., comments, chats, messages.
   • Your personal data may also be processed on the basis of a separate consent to the extent and for the purpose specified in the consent and until the consent is withdrawn pursuant to Article 6(1)(a) of GDPR and pursuant to statutory requirements in accordance with Article 6(1)(c) of GDPR for pursuing potential claims
4. Categories of personal data to be processed:
   • The personal data Controller will process the data of the persons who have subscribed to the fan page by clicking the “Like” or “Follow” button,
   • who have posted their comments on the fan page,
     • to the extent published by you on your YouTube profile, the data that you have published on your YouTube profile, available anonymous statistics on fan page visitors, made available by YouTube in accordance with non-amendable YouTube terms of use, collected through tracking files (i.e., cookies), each of which contains a unique user code that can be linked to the connection data of YouTube’s registered users, and which is collected and processed at the time the fan page is opened.

In addition, please note that YouTube retains your data as user profiles and uses it for advertising, market research and/or its non-standard website design. Such assessment is carried out (even for users who are not logged in) in particular to provide relevant advertising and inform other social network users about their activities on our website.

5. Data recipients:
   • public authorities and entities carrying out public tasks or acting on behalf of public authorities, to the extent and for the purposes arising from the provisions of generally applicable law;
   • other entities that, on the basis of relevant personal data processing agreements signed with the Controller, process personal data on behalf of the Controller.
   • YouTube social media platform owner under the non-amendable YouTube data policy available at https://www.youtube.com/intl/pl/about/.
6. Transfer of data to third countries or international organisations:

The data Controller will not transfer data outside the territory of Poland/EU/European Economic Area, subject to a transborder nature of data flow as part of YouTube service, pursuant to contractual clauses used by YouTube and approved by the European Commission and the decisions of the European Commission acknowledging an appropriate level of data protection as regards specific countries in accordance with the principles specified by YouTube at

https://www.youtube.com/intl/en/about/ or www.privacyshield.gov/EU-USFramework

7. Data retention period:
   • data processed on the basis of your consent will be processed until the consent is withdrawn,
   • data processed on the basis of statutory requirements will be processed for the time during which the provisions of law require the data to be retained, e.g., data processed for the purpose of pursuing or defending against claims will be processed for the time equal to the period of limitation of these claims,
   • statistics on fan page visitors available by means of the “YouTube Insights” feature will be processed as long as this data is available on YouTube in accordance with the principles of the functioning of YouTube service.

8. Your rights:

In connection with the processing of personal data, you gave the right to:

• access and receive copies of your data,
• rectify (correct) your data,
• data erasure,
• restrict the processing of data,
• object to the processing of data,
• data portability,
• withdraw your consent to the processing of your personal data – you have the right to withdraw your consent to the processing of such personal data processed on the basis of your consent at any time. The withdrawal of the consent will not affect the lawfulness of the processing made on the basis of the consent before its withdrawal.
• You have the right to file a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, should you consider that the processing of your personal data violates the provisions of the GDPR.

9. Data source information:

We obtain your data from YouTube and from your public profile and fan page posts on the YouTube platform.

10. Other information:

Personal data will not be subject to automated decision-making, including profiling. The data obtained from you by the Controller will be processed on the basis of its voluntary submission when your personal data is processed on the basis of your consent. Processing may also be required by law, e.g., when documentary archiving is necessary.

Pursuant to Article 13(1) and (2) and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “GDPR”), below we provide information on how we will process your personal data made available during the use of social networking media profile (hereinafter referred to as the “fan page”):

1. The Controller of your personal data is the JWP Group, which consists of the entities being Members of the JWP Group:

• Fundacja JWP Masz Pomysł Masz Patent Masz Zysk with its registered office in Warsaw, entered under number 379117 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, with Tax Identification Number (NIP) 7010282877,
• JWP Kancelaria Prawna Dorota Rzążewska with its registered office in Warsaw, at ul. Mińska 75, 03-828, Tax Identification Number (NIP) 5211276411, Business Identification Number (REGON) 012877745,
• JWP Rzecznicy Patentowi Dorota Rzążewska spółka komandytowa (a Polish limited partnership) with its registered office in Warsaw, at ul. Mińska 75, 03-828, entered under number 00000717985 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, Tax Identification Number (NIP) 526-011-18-68, Business Identification Number (REGON) 010532597.

2. In matters related to the protection of your personal data, you can contact the Data Protection Officer appointed by the Controller at the following email address: iod@odosc.pl, or in writing to the Controller’s registered office address.
3. Categories of persons whose data is processed:

The Controller processes the data of persons who:

• provide their data on the LinkedIn platform in connection with the use of the Controller’s profile. This data may be available to the controller of this platform – i.e. LinkedIn,
• any personal data contained in the comments posted in the Controller’s profile may also be available to other users of LinkedIn platform.

4. Personal data will be processed for the following purposes:
   • to run the Controller’s profile on the LinkedIn social media platform, on the terms and conditions specified by LinkedIn, and to inform, via the profile, about the Controller’s activities, promote various events, build and maintain the community associated with us,
   • to communicate through available LinkedIn functionalities, such as comments, chat and messages, or by posting comments under any posts posted in the Controller’s profile,
   • for analytical purposes related to the analyses of profile functioning, popularity or use,
   • to establish, pursue or defend against any possible claims,
   • Your personal data may also be processed on the basis of a separate consent to the extent and for the purpose specified in the consent and until the consent is withdrawn in accordance with Article 6(1)(a) of GDPR),
   • Your personal data may also be processed on the basis of statutory requirements (pursuant to Article 6 (1)(c) of GDPR) for the Controller to comply with legal obligations arising from the provisions of law.

In addition, please note that the LinkedIn platform controller, as a tool provider, is jointly responsible for the processing of data of persons using the Controller’s company profile, and may process their data for its own purposes based on other legal basis. In particular, LinkedIn may, pursuant to its own provisions and regulations, collect and process information contained in the cookies of profile visitors. On the basis of the data so collected, LinkedIn may have anonymous summaries and statistics (e.g., on the number or profile of visitors) created, which can be made available to the Controller as the entity running the profile.

5. Data retention period:
   • data processed on the basis of your consent will be processed until the consent is withdrawn,
   • data processed on the basis of statutory requirements will be processed for the period during which the provisions of the law require the data to be retained,
   • data processed on the basis of the Controller’s legitimate interest will be processed until an objection is effectively submitted or the interest ceases to exist, e.g., data processed for the purpose of pursuing or defending against claims will be processed for the period equal to the period of limitation of these claims,
   • in connection with the LinkedIn platform specificity, information about profile followers, as well as the content of comments, posts and other information provided by users is public,
   • your data, which will be processed as part of the comments you post in the profile, will be available on the website until they are deleted by the author or the Controller of the profile.
6. Your rights:

In connection with the processing of personal data, you gave the right to:

• access and receive copies of your data,
• rectify (correct) your data,
• data erasure,
• restrict the processing of data,
• object to the processing of data,
• data portability,
• withdraw your consent to the processing of personal data – you have the right to withdraw your consent to the processing of the personal data processed on the basis of your consent at any time. The withdrawal of your consent will not affect the lawfulness of the processing made on the basis of the consent before its withdrawal.
• You have the right to file a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, if you consider that the processing of your personal data violates the provisions of the GDPR.

7. Data source information:

We obtain your data from the LinkedIn provider, from your public profile and from posts in the Controller’s profile.

8. Other information:
   • Personal data will be processed in an automated manner, also in the form of profiling. Automated decision-making will take place as specified in LinkedIn regulations and such processing will result in a contact, display of information on the part of the profile Controller.
   • The data obtained from you by the Controller will be processed on the basis of voluntary submission when personal data is processed on the basis of consent. Processing may also be required by law, e.g., when documentation archiving including data is necessary in accordance with applicable legal provisions.

Pursuant to Article 13(1) and (2) and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “GDPR”), below we provide information on how we will process your personal data during the use of our social networking media profile (hereinafter referred to as the “fan page”):

1. Data Controller:

The Controller of data of persons using the JWP profile is the JWP Group, which consists of the entities being Members of the JWP Group:

• Fundacja JWP Masz Pomysł Masz Patent Masz Zysk with its registered office in Warsaw, entered under number 379117 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, with Tax Identification Number (NIP) 7010282877,
• JWP Kancelaria Prawna Dorota Rzążewska with its registered office in Warsaw, at ul. Mińska 75, 03-828, Tax Identification Number (NIP) 5211276411, Business Identification Number (REGON) 012877745,
• JWP Rzecznicy Patentowi Dorota Rzążewska spółka komandytowa (a Polish limited partnership) with its registered office in Warsaw, at ul. Mińska 75, 03-828, entered under number 00000717985 in the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw, 12th Commercial Division of the National Court Register, Tax Identification Number (NIP) 526-011-18-68, Business Identification Number (REGON) 010532597,

and the Twitter platform controller, as an entity jointly responsible for the processing of data of persons using the JWP profile. For further information on Twitter’s data processing, please visit https://cdn.cms-twdigitalassets.com/content/dam/legal-twitter/site-assets/privacy-page-gdpr/pdfs/PP_Q22018_April_EN.pdf

2. Contact details:

The Controller may be contacted by mail at the following address: ul. Mińska 75, 03-828, by email: info@jwp.pl or by phone: 22 436 05 07.

3. Data Protection Officer:

We’ve appointed a data protection officer. This is a person you may contact in all matters regarding the processing of personal data and the exercise of your rights related to the processing of data. You may contact the officer as follows: by mail to the Controller’s address or by email at: iod@odosc.pl

4. The purposes of processing and legal basis for processing:

Your data will be processed to:

• control and manage the profile of the JWP GROUP, including to respond to your posts and comments, and to supervise the content published by users – the legal basis for the processing is the legitimate interest of the JWP GROUP consisting in the ability to run and manage the the JWP GROUP profile;
• respond to inquiries addressed to JWP – the legal basis for the processing is the legitimate interest of the JWP GROUP, consisting in the ability to provide responses to the persons contacting the JWP GROUP,
• pursue other legitimate interests of the JWP GROUP, and in particular, as recognized by the JWP GROUP, the ability to pursue and defend claims, prevent fraud and economic crimes, or ensure a secure ICT environment.

In addition, please note that the Twitter controller, as a tool provider, is jointly responsible for the processing of data of profile users and may process their data for its own purposes on other legal basis.

In particular, Twitter may, on the basis of its own provisions and regulations, collect and process the information contained in the cookies of profile visitors.

On the basis of the data so collected, Twitter may have anonymous summaries and statistics (e.g., on the number or profile of fan page visitors) created, which can be made available to the JWP GROUP as the entity running the fan page.

1. Data recipients

Your personal data provided on Twitter in connection with the use of the JWP GROUP profile may be available to the controller of this platform – i.e., Twitter.

At the same time, any personal data contained in the comments posted on the JWP GROUP’s fan page may also be accessible to other Twitter users.

1. Data retention period

Your personal data will be processed by the JWP GROUP for the period necessary to accomplish the above purposes of processing, in particular for the period in which you are an active fan page user or until you object to the processing of data.

The data contained in posts or comments can be processed until they are deleted. Should you be unable to delete a specific comment, you can ask us to do so.

You can always opt out of following the profile of the JWP GROUP, you can also object to the processing of your data for these purposes.

Regardless of the retention of data by the JWP GROUP, the Twitter controller may use its own retention periods.

1. Rights of Data Subject

You have the right to access your data and the right to request its rectification, its erasure or restriction of its processing.

To the extent that your personal data is processed on the basis of the JWP GROUP’s legitimate interest, you have the right to object to the processing of your personal data.

You also have the right to file a complaint with a supervisory authority dealing with the protection of personal data.

In order to exercise the above rights, please contact the data controller. Contact details are indicated above.

The JWP GROUP may implement your rights within the scope of its technical capabilities (e.g. by deleting a comment or a post containing personal data at your request).

Regardless of your contact with the JWP GROUP regarding the processing of your data via Twitter, you may also contact the Twitter controller.

1. Information about the requirement to provide data

Providing data as part of using the profile is voluntary. Failure to provide such data may prevent your from using certain functionalities (such as those used to post comments or contact the JWP GROUP).