Identity of the Controller
The Controller of your personal data is Timechain sp. z o.o. The registered seat of the company is in Kraków, al. Powstania Warszawskiego 15 (31-539 Kraków), Poland.
Contact with the Controller
You can contact the Controller in the following ways:
- address: al. Powstania Warszawskiego 15, 31-539 Kraków, Poland
- email: [email protected]
Purposes of data processing and legal basis for data processing
Your personal data will be processed for the following purposes:
- the provision of electronic services related to the accumulation and payout of Sats and the handling of service-related matters (Article 6(1)(b) GDPR);
- compliance with legal obligations, such as handling complaints (Article 6(1)(c) GDPR in conjunction with Article 7a of the Consumer Rights Act). We may keep information about complaints to protect ourselves against claims, which is our legitimate interest (Article 6(1)(f) GDPR);
- the marketing of our services by sending marketing information to your email address if you sign up to our newsletter. It is our legitimate interest and enables us to inform you about our services and activities (Article 6(1)(f) GDPR). However, you can always oppose to this using the functionality available in each marketing email, which will result in the cessation of such marketing activities;
- Analyzing user activity and preferences for statistical purposes and to improve the functionalities used on our website, which is a legitimate interest of the Controller (Article 6(1)(f) GDPR).
With regards to the personal data of users visiting our social media profiles on portals such as Twitter or Instagram, your personal data will be processed to maintain these profiles (to allow for specific interactions, among others) to achieve the key objective, which is the marketing of our services, which is a legitimate interest of the Controller (Article 6(1)(f) GDPR).
The data provision is voluntary; however, it will not be possible to fulfill the objectives mentioned above in the absence ofyourpersonaldata. Pleasenotethatyourprivacyisourpriority,andweonlyprocessdatanecessarytoprovideour service. To use our portal, it is enough to provide us with your email address – to which we will send email messages required to fulfill the agreement properly. This email address does not need to contain your name. You may remain anonymous and enter an email address with any content. However, it must be valid, and you must have access to it because you will be required to confirm this email address in a verification message.
Categories of recipients
Your personal data may be processed by entities performing activities on our behalf, such as:
- Hosting service provider – OVH sp. z o.o. (contact: [email protected])
- Transactional email message delivery provider - Mailgun Technologies Inc., ([email protected])
- Marketing email message delivery provider - UAB MailerLite([email protected])
- A provider of analytical and statistical services - Google Ireland Ltd. (https://www.google.com/contact/?hl=pl) Entities providing legal services, tax services, development services, and a development platform, a customer communications platform, and payment operators and hosting service providers for entities performing activities on our behalf.
The recipients of your personal data may also be the controllers of the social networking sites on which you have an account and interact with our profile (Facebook Ireland Ltd. and Twitter International Company Ltd.). Therefore, we recommend that you read the information policy of each of the controllers of the social networking sites on which you have an account, who are also the controllers of the personal data of users of these social networking sites.
Data retention period
Your personal data will be processed for as long as you have an account on our portal. Your account may be deleted at your request. Please note that we are also entitled to deactivate your account in cases set out in the Terms & Conditions. After your account is deactivated, we will process the data related to the Sats you have accumulated for our statistical purposes, but anonymously.
In the case of personal data stored within the profile on social networking sites, your personal data will be stored until you stop following our profile, delete comments, and remove likes and other reactions related to our posts and comments.
The data processing period may be extended where processing is necessary to pursue or defend ourselves against any claims, which is our legitimate interest (Article 6(1)(f) GDPR), or where the processing obligation results from generally applicable regulations, such as tax regulations (Article 6(1)(c) GDPR)
Rights related to data processing
Concerning the processing of your personal data, you have the right to:
- access the content of your data (Article 15 GDPR)
- rectify your data (Article 16 GDPR)
- delete your data (Article 17 GDPR)
- limit your data processing (Article 18 GDPR)
- transfer your data (Article 20 GDPR)
- object to the processing of data (Article 21 GDPR)
- not to be subject to decisions made under the conditions of automated data processing, including profiling (Article 22 of GDPR); however, your data will not be used for profiling.
If your consent is the legal basis for processing your data, you may withdraw it at any time, which, however, does not affect the processing made before you withdraw your consent.
Transfer of data outside the European Economic Area
Because of the nature of our business, we use the services of entities located outside the European Economic Area, i.e., in the United States. The legal basis for the transfer is the Standard Contractual Clauses, i.e. Decision No. 2010/87/EU of 5 February 2010, in the case where the data recipient is an entity processing personal data on our behalf. The content of these clauses is publicly available on the Internet in the electronic database of European Union law instruments, EUR-lex. Privacy laws in the United States may not provide the protection provided by GDPR, so we do not provide these entities with relevant information about you. Because of the potential access of the United States services to your data, we use safeguards to ensure the security of such transfer. Among other things, we use measures such as encryption to protect the confidentiality of your data, and, wherever possible, we anonymize this data. If you would like to know more about such transfers, please get in touch with us – we will explain the details.
The right to lodge a complaint
If you consider that the processing of your data is unlawful, you have the right to file a complaint with the supervisory authority, the President of the Office for the Protection of Personal Data. However, we recommend that you first contact us directly before you do so. We respect you and your information, so we will try to find a solution to satisfy you.