Privacy Policy

The document below presents the personal data protection guidelines of JP2 Foundation. The statute of Foundation JP2 can be downloaded here (only Polish version)

The Preamble

The goal of JP2 Foundation is complete transparency in data processing, guaranteeing the security of personal data, in accordance with the laws of personal data protection, pursuant to the GDPR (The General Data Protection Regulation) as well as other provisions for the processing and protection of personal data.

Therefore, your privacy and the security of your personal data are incredibly important to us. It is in our interest that your personal data are processed in a transparent and honest way, and to treat them with the utmost care and the highest level of responsibility.

The following Privacy Policy aims to inform you of how your personal data is processed in accordance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter referred to as: “GDPR”).

§ 1. Administrator’s Data

The Administrator of your data is JP2 Foundation, registered in Poznań, (postal code 61-103); with the address: ul. Tylne Chwaliszewo 25, 61-103 Poznań; tax identification number NIP: 7831842627; and registered in the District Court in Poznań, 8th Commercial Division of the National Court Register, under KRS number: 0000918527 (hereinafter referred to as “Administrator”).

In matters concerning personal data protection, you can contact the Inspector of Data Protection, Mr. Marcin Włódarczak, at the registered address of the Foundation, as well as at the email address: iod@trwajcie.pl.

The Administrator sets the goals and methods of processing personal data, creating a privacy policy in line with the generally applicable provisions of personal data protection laws.

§ 2. The Goals and Legal Basis for Data Processing

1. Your personal data can be processed by the Administrator on the basis of: 1) consent to the processing of personal data for one or more specific purposes (Article 6(1)(a) of the GDPR), in particular:

a) the marketing of the Administrator’s values, which are of an evangelistic nature; b) the processing of personal data for the purpose of organizing social groups, such as: The Movement of Pure Hearts and The Movement of Pure Hearts for Married Couples; c) other purposes specified in the Administrator’s statute; 2) acts necessary for the performance of a contract, or acts necessary for the formation of a contract (art. 6 section 1 letter b GDPR), separately for the purpose of:
a) providing the newsletter service;
b) using order forms for the Love One Another! magazine and other publications of the Administrator;
c) enabling access to content, materials and products related to the topics presented by the Administrator;

3) the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), for the following purposes:

a) the marketing of the Administrators’ values, including for analytical purposes; the distribution of materials; and data profiling of the Portal’s user preferences as part of the preparation of a product offer; b) the processing of personal data received through the contact form provided by the Administrator on the Portal; consequently, it is in the legitimate interest of the Administrator to respond to an expressed purpose, in particular: contact, subscription order, replying to a question in the messages, and others in accordance with the expressed consent; c) protection against possible claims, according to which it is in the legitimate interest of the Administrator to pursue or defend claims.

§ 3. Transfer of Personal Data

Data may be transferred to sub-processors only upon request and on the basis of contracts formed with the Administrator, but only for the purpose and scope necessary for the implementation of the above goals, in particular, for entities providing us with publishing, accounting, HR and payroll, and legal services, as well as IT services or other services ensuring proper operation; however, entities processing data will only process data in accordance with the Administrator’s instructions.
Your data may only be processed by entities operating within the European Economic Area and therefore subject to EU data protection law.
Data will not be transferred to third countries without the consent of the person concerned.

§ 4. Personal Data Storage Period

We will process your personal data only for the time period necessary to fulfill the purpose of their storage or until the time required by law, in particular until the termination period for any claims or the expiry of archiving obligations arising from legal provisions, including the obligation to store accounting and HR and payroll documents.

With regard to the processing of personal data only and exclusively for the purpose of: implementing the consent given through the subscription order form for the Love One Another! magazine; enabling access to content, materials and products related to religious topics discussed on the Portal; conducting marketing of the Administrator’s evangelistic values, your personal data will be processed for the period necessary to provide this service, until you resign as a result of your withdrawal of consent.

If personal data is processed on the basis of your consent, your data will be processed until you withdraw your consent. You may withdraw your consent to the processing of your personal data at any time. Withdrawal of consent to data processing will not affect the lawfulness of the processing carried out before its withdrawal.

§ 5. Your Rights

1. In accordance with the GDPR, you have the following rights:

1) The right to access data.
You have the right to obtain information regarding the personal data processed about you, including a copy of the data.

2) The right to rectify data.
You have the right to request the rectification of personal data which are incorrect or incomplete.

3) The right to delete data.
It is your right to delete personal data processed in the following cases:

a) the personal data are no longer necessary in relation to the purposes for which they are being processed;
b) the consent, which formed the basis for the processing of the personal data, has been rescinded, and there are no other legal bases which would allow for the continued processing of the said personal data;
c) the filing of an objection to the matter of the processing of personal data, as well as the lack of a legal basis for the processing of personal data, and the objection to the processing of data for direct marketing purposes;
d) the personal data are processed unlawfully or contrary to the consent given for the processing of personal data;
e) personal data should be deleted in order to comply with a legal obligation under European Union or national law;
f) personal data are processed in connection with the services offered in social media information sites, as regulated in Art. 8 section 1 GDPR.

4) The right to the transfer of data.
You have the right to transfer data to a chosen Administrator on the basis of your consent, a contract, or by automatic means.

5) The right to limit data processing.
It is your right to limit the processing of personal data in the following cases:
a) the verification of the accuracy of personal data – for the time period necessary for the verification of the accuracy of these data;
b) the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of their use;
c) the personal data are no longer needed for processing, but the need for further processing of personal data exists on your side for the purpose of establishing, pursuing or defending claims;
d) raising an objection under Art. 21 section 1 GDPR regarding processing – until it is determined whether the legitimate grounds on the part of the administrator override the grounds for the objection.

6) The right to object to processing.
If your personal data is processed on the basis of the legitimate interest of the administrator, you have the right to object to the processing of personal data, pursuant to Art. 21 GDPR.

7) The right to withdraw consent.
You have the right to withdraw your consent to the processing of personal data at any time; however, the withdrawal of your consent to processing will not affect the lawfulness of the processing carried out before its withdrawal. If you wish to exercise your rights, please contact the Data Protection Inspector at the following address: iod@twarzjcie.pl or by traditional mail to the address of the Administrator’s registered office. However, if it is your opinion that as a result of the processing of your personal data, we have violated the provisions of the GDPR, you have the right to lodge a complaint with the President of the Personal Data Protection Office, which can be contacted at: Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa, or by e-mail: kancelaria@uodo.gov.pl.

§ 6. Cookies

Cookies are files saved on the device when data is processed on the Portal. The files are sent by the website to the browser. Cookies are saved to recognize the device, learn about preferences, and collect information about previous activities on the Portal. Cookies are divided into mandatory and optional. Lack of consent to the processing of mandatory cookies makes it impossible to use the website properly.

§ 7. Changes to the Privacy Policy

With the aim of fully respecting the personal data protection law, with particular emphasis on the GDPR and the activities of the European Data Protection Board (EDPB), the Administrator is informing you that as a result of amendments to the law and practices, this Privacy Policy may change.

Administrator:
JP2 Foundation