GDPR Information Duty

This document is a concise, clear, and transparent summary of the information included in the Privacy Policy regarding the Data Administrator, the purpose and method of processing personal data, and your rights in accordance with the GDPR. Detailed information on data processing and entities involved in the process can be found in the full Privacy Policy.

Who is the Data Administrator?

The Personal Data Administrator (“Administrator”) is the company 333Pdc Piotr Cienkosz, operating at: 166 32-412 Wiśniowa, Poland, tax ID (NIP): 6812108469, providing electronic services through the Service.

How can you contact the Data Administrator?

You may contact the Administrator using one of the following methods:

– Postal address: 333Pdc Piotr Cienkosz, 166 32-412 Wiśniowa, Poland

– Email address: 333pdc@gmail.com

– Contact form: https://313woods.com/contact/

Has the Administrator appointed a Data Protection Officer?

Based on Article 37 GDPR, the Administrator has not appointed a Data Protection Officer.

All matters related to data processing should be directed to the Administrator.

Where do we obtain personal data from?

Personal data are obtained from the following sources:

– Directly from the individuals whose data are being processed

– From social media platforms, if the individual registers using those platforms and gives explicit consent

What is the scope of the personal data we process?

The Service processes ordinary personal data voluntarily provided by the individuals concerned (e.g., first and last name, username, email address, phone number, IP address, etc.).

A detailed scope is provided in the Privacy Policy.

What are the purposes of processing your data?

Personal data voluntarily provided by Users are processed for the following purposes:

Electronic services:

– Registration and maintenance of a User account and related functionalities

– Newsletter service (including sending promotional content with consent)

– Commenting/liking posts in the Service without registration

Other purposes:

– Communication between the Administrator and Users regarding the Service or data protection

– Fulfilling the Administrator’s legitimate interests

What are the legal bases for data processing?

The Service processes Users’ data on the basis of:

– GDPR Article 6(1)(a) – consent for processing personal data for specific purposes

– GDPR Article 6(1)(b) – processing necessary for performing a contract or taking pre-contract actions

– GDPR Article 6(1)(f) – processing necessary for the purposes of the Administrator’s legitimate interests

As well as:

– Polish Data Protection Act (2018)

– Telecommunications Law (2004)

– Copyright Act (1994)

What is the Administrator’s legitimate interest?

– Establishing, pursuing, or defending against legal claims

– Assessing the risk of potential clients

– Evaluating planned marketing campaigns

– Direct marketing

How long do we process personal data?

As a rule, personal data are processed only for the duration of the services provided by the Administrator through the Service. They are deleted or anonymized within 30 days after the service ends (e.g., account deletion, newsletter unsubscribe).

In exceptional cases, to protect the Administrator’s legitimate interests, this period may be extended. If the User requests deletion, the data may be stored for up to 3 years in situations involving violations or suspected violations of the Service’s regulations.

Who receives your personal data?

Generally, the sole data recipient is the Administrator.

However, data processing may be entrusted to third parties providing services necessary for the operation of the Service, such as:

– Hosting providers

– Newsletter service providers

– IT maintenance and support providers

– Online payment intermediaries (when making purchases in the Service)

– Accounting services (in case of purchases)

– Postal/courier services for delivery of physical goods (if applicable)

Will your data be transferred outside the European Union?

Personal data will not be transferred outside the EU unless the User publishes them voluntarily (e.g., by posting a comment), making them accessible to anyone visiting the Service.

Will personal data be used for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What rights do you have regarding your personal data?

– Right of access – you may request access to your personal data

– Right to rectify data – you may request correction or completion of inaccurate data

– Right to erasure – you may request immediate deletion of your personal data

– For user accounts, deletion means anonymization

– For newsletters, Users may unsubscribe using the link in each email

– Right to restrict processing – in cases listed in Article 18 GDPR

– Right to data portability – receive your data in a structured, machine-readable format

– Right to object – object to data processing as per Article 21 GDPR

– Right to lodge a complaint – with a supervisory authority for data protection