1. Identity of the data controller

The Data Controller for your personal data is TFC GLOBAL Sp. z o.o. with its registered office in Kraków at ul. Sikorki 21/b, 31-589 Kraków, entered into the register of entrepreneurs of the National Court Register kept by the District Court for Kraków-Śródmieście, 11th Commercial Division of the National Court Register under file number: 0000909651, Tax Identification No./NIP: 6793148886, National Business Registry No./REGON: 367248460.

 

2. Contact details of the data controller

You can contact the Data Controller as follows:

1. in writing at:

Total Fitness Concept Sp. z o.o. sp. k.

ul. Sikorki 21/b

31-589 Kraków

with a note: “Personal data protection”

2. in electronic form via e-mail at: biuro@tfc-global.com

3. by phone at: (+48) 12 684 33 92

 

3. Purpose and legal basis for the processing of personal data

Each time when the Data Controller mentions “GDPR”, it stands for Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the text of which is available on the website of the Office for the Protection of Personal Data at: https://uodo.gov.pl/pl/404/224.

The Data Controller may process your personal data if it is necessary for you to use the website. 

The purpose, scope, and categories of recipients of the personal data processed by the Data Controller shall result from the actions taken by you each time as part of using the website.

 

4. The purpose of data processing when you use the website

Each time you visit our website, general user data is sent to our server automatically by your browser. This data includes: browser type and version, current IP address of the Internet connection used, the computer’s operating system, the URL of the referring website (previously visited website), and the date and time of the server request.

The processing of the data listed above is necessary in order to open and display our website on your device. The data received is processed in aggregate and in anonymised form (this means that identification of the data subject is not possible).

The legal basis for the processing of the data is Art. 6(1) point f) of the GDPR. The purpose of the data processing is to safeguard our legitimate interests consisting in the correct, efficient, and safe operation of our website.

 

5. The purposes of the processing of the data provided by you in the Contact Form are related to:

  • communicating with you in connection with the message sent via the Contact Form – based on the legitimate interest pursued by the Data Controller – Art. 6(1) point f of the GDPR; the legitimate interest of the Data Controller consists in contacting you, and based on your consent expressed by entering your data into the form and sending it to us. i.e. based on Art. 6(1) point a of the GDPR;
  • communicating with you in connection with your consent to the processing of personal data for marketing purposes – based on the legitimate interest pursued by the Data Controller – Art. 6(1) point f of the GDPR; the legitimate interest of the Data Controller consists in conducting direct marketing of its own products and services by contacting you, and based on your consent expressed by entering your data into the form and sending it to us, i.e. based on Art. 6(1) point a of the GDPR;
  • document archiving, statistics, and pursuing potential claims or defending oneself against any claims related to the performance of the sales agreement – the basis for such processing is the necessity of data processing for the purpose of pursuing the legitimate interest of the Data Controller – Art. 6(1) point f of the GDPR; the legitimate interest of the Data Controller consists in document archiving, carrying out statistics, pursuing claims or defending itself against claims.

The purpose, scope, and categories of recipients of the personal data processed by the Data Controller shall result from the actions taken by you each time as part of using the website.

The contact form collects the following data: full name, e-mail address, phone number. Optionally, as part of your query, you may provide other personal data, the provision of which is voluntary and your own decision. The provision of the data mentioned above is necessary in order for us to be able to answer your query.

 

6. The period for which the personal data will be stored

Your personal data shall be processed for as long as it is necessary in order to fulfil the purposes for which it is processed or until you object to the processing if the basis for the processing is the legitimate interest of the Data Controller or until you withdraw your consent if the basis for the processing is your consent. After that, the Data Controller shall have the right to store the data until the lapse of the period of limitation for claims or the expiry of the obligation to store the data pursuant to the applicable regulations.

 

7. Categories of data recipients

Your data may be processed by the Data Controller’s subcontractors – entities whose services the Data Controller uses for the performance of its obligations.

Your personal data shall always be processed with the application of appropriate safeguards and means of protection of personal data.

On account of using the services of providers storing data on American servers (Google LLC), the Data Controller may transfer your personal data to countries outside the European Economic Area. However, these subcontractors are part of the Privacy Shield programme, thus guaranteeing an adequate (adequately high) level of protection of personal data required by the European regulations.

 

8. Automated decision-making, profiling

The Data Controller shall not engage in automated decision-making, including profiling.

 

9. You have the right to:

  • access your personal data and to request rectification or erasure of personal data or restriction of processing;
  • data portability;
  • withdraw your consent to the processing of personal data – to the extent to which the legal basis for the processing of your personal data is your consent (the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal);
  • object to the processing of your personal data – to the extent to which the legal basis for the processing of your personal data is the legitimate interest of the Data Controller;
  • lodge a complaint with a supervisory authority responsible for personal data protection (President of the Office for the Protection of Personal Data) if you believe that the processing of your personal data violates the GDPR.

In order to exercise your rights, please contact the Data Controller.

 

10. Cookies

What are cookies?

Cookies are small text and numeric files placed by the ICT system in your ICT system (on your computer, phone or other device from which you entered the website) while browsing the website, enabling identification in the event of re-entering the website from the device (e.g. computer, phone) on which they had been placed.

Basis for the use of cookies

Cookies are used based on your consent. Your consent is expressed via appropriate settings of the software, in particular the browser, installed on the device you use to browse our website content.

Why does the Data Controller use cookies?

The primary purpose for which the Data Controller uses cookies is website management and improving the quality of the content provided. Cookies are necessary for the website to operate and be displayed correctly. The Data Controller may process the data contained in cookie files in order to carry out anonymous statistics and analyses of the manner in which the website is used, the average duration of user visits to the website, etc. Cookies are not used to identify the users of the website.

What types of cookies are used on the website?

The following types of cookies are used on the website:

  • session cookies, which are automatically deleted after the browser is closed;
  • persistent cookies, which are stored on the device for a specified period; these cookies are stored regardless of closing the browser;
  • first-party cookies, set by the website;
  • third-party cookies, set by other websites and services, i.e. Google Ads, Google Analytics, Google Tag Manager, Facebook, LinkedIn, Cookiebot.

The website uses both first- and third-party cookies.

 

11. What tools does the Data Controller use?

  • Google Analytics, Google Ads, Google reCAPTCHA, and Google Tag Manager

The Data Controller uses Google Analytics, Google Ads, and Google Tag Manager provided by Google Inc. (registered office address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google Ireland Limited (registered under file number: 368047) with its registered office at: Gordon House, Barrow Street, Dublin 4, Ireland). These services support the Data Controller in analysing and improving the website, for the purpose of creating statistics, analysing the functioning of the website, and improving user experience (based on the legitimate interest).

Google Analytics, along with advertising functions, uses cookies to analyse the manner in which the website is used.

Google Tag Manager uses cookies in order to manage tags within our website.

The data received is processed in aggregate and in anonymised form (this means that identification of the data subject is not possible).

Google reCAPTCHA is a free service protecting the website against spam and misuse. It uses advanced risk analysis techniques to distinguish between people and bots.

When using one of the browsers listed in the link, the user can block the transfer of data from their electronic devices to Google Analytics by downloading and installing a free browser plug-in available at: https://tools.google.com/dlpage/gaoptout.

Detailed information about the manner in which the above service collects and processes data can be found here: www.google.com/intl/pl/policies/privacy/partners/.

The Data Controller uses Google Ads services in order to draw attention to its attractive offers via ads (so-called Google Ads) on third-party websites. Based on the data on ad campaigns, we are able to determine how effective individual advertising activities are. It is important for us to present ads which are of interest to the users in order to make our website more interesting and to obtain a fair calculation of advertising costs.

The ads are provided by Google via so-called “ad servers”. For this purpose, we use ad server cookies, which enable us to measure certain parameters used to check the effectiveness of our activities, such as ad views or user clicks. If you visit our website via a Google ad, Google Ads will save a cookie file on your device. In the case of this cookie file, the analytical values stored usually include: the cookie’s unique ID, the number of ad views in the given place (frequency), the last view (important for post-view conversion), and opt-out information (saying that you do not wish to see the ads in the future).

These cookies enable Google to recognise your browser. If the user visits certain websites of the Google Ads client, and the cookie file saved to their device has not expired, Google and the client may recognise that the user clicked on an ad and was redirected to the given website. Each Google Ads client is assigned a different cookie.  Therefore, it is not possible to track cookies on the websites of Google Ads clients.

As part of the advertising activities described above, the Data Controller does not collect or process any personal data. The Data Controller only receives statistical evaluations from Google. Based on these evaluations, we are able to determine which advertising measures used are particularly effective. The Data Controller does not receive any additional data related to the use of advertising materials; in particular, we are not able to identify data subjects based on this information.

 

  • Cookiebot

The website uses the functionality of a tool called Cookiebot provided by Usercentrics A/S (registered office address: Havnegade 39 1058 Copenhagen Denmark), which stores the user’s consent to the use of cookies for the given domain.

The data received is processed in aggregate and in anonymised form (this means that identification of the data subject is not possible). More information about Cookiebot’s Privacy Policy can be found here: https://www.cookiebot.com/en/privacy-policy.

The legal basis for the processing of the data is Art. 6(1) point f) of the GDPR. The legitimate interest is error-free website operation. The data shall be deleted as soon as the purpose for which it was collected is fulfilled. You have the right to change or withdraw your consent at any time.

 

12. Social media

Cookies and plug-ins of various social networks are embedded in our website. The purpose of these services is to enable you to browse and share our content with your friends and networks. These providers include:

  • Facebook provided by Meta Platforms Ireland Limited, Merrion Road Dublin 4 D04 X2K5 Ireland (“Facebook”). An overview of Facebook’s plug-ins and their appearance can be found here: https://developers.facebook.com/docs/plugins
  • LinkedIn provided by LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, California 94085, USA, and in the EU by LinkedIn Ireland Unlimited Company, Gardner House, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). An overview of LinkedIn’s plug-ins and their appearance can be found here: https://developer.linkedin.com/plugins#

The social media tools collect information about the previously visited websites, IP address, browser, and the date and time of the server request. If you use any of the social media functions (e.g. click the “Share” button, leave a comment), this information is also sent by the browser directly to the provider for storage.

 

13. How to change your cookie settings?

Most browsers accept cookies by default. You can withdraw your previous consent to the use of cookies or change its scope, and delete the cookie files from your browser, at any time. You may, at any time, limit or disable cookies in your browser by configuring the settings to block cookies or warn you before a cookie is saved to the device you are using. In such case, however, it might happen that you will not have access to some of the content on the website, and in extreme cases, the website may not be displayed or operate correctly at all.

In order to change the selected cookie settings, click on the black-and-white paper clip symbol in the bottom left corner of the page. After the selection box appears, you can make your changes.

 

14. Server logs

The use of the website entails sending queries to the server on which this website is stored. Each query addressed to the server is saved in server logs. The logs include: your IP address, server request date and time, and information on the browser and operating system you are using. The logs are saved and stored on the server. The data saved in server logs is not associated with any specific persons using the website and it is not used to identify you. Server logs are solely an auxiliary material facilitating website administration, and their content is not disclosed to anybody except for persons authorised to manage the server.