Service Terms and Conditions

GDPR Information Obligation

The following information provides a concise, understandable, and transparent summary of the information contained in the Privacy Policy regarding the Data Controller, the purpose and method of processing personal data, and your rights in connection with this processing, in the form required to fulfill the GDPR information obligation. Details on the processing methods and the entities involved in this process are available in the indicated policy.

Who is the data controller?

The Data Controller (hereinafter referred to as the Controller) is the company "Rekenaar Krzysztof Atłasiewicz," conducting business at the address: ul. Na Polach 36e, 31-344 Kraków, Poland, with the tax identification number (NIP): 6771229117, providing electronic services via the Website

How can you contact the data controller?

You can contact the Controller in one of the following ways:

  • Postal address - Rekenaar Krzysztof Atłasiewicz, ul. Na Polach 36e, 31-344 Kraków, Poland

  • Email address - office@iamnumberone.site

  • Phone call - (+48) 884 412 112

  • Contact form - available at: /contact

Has the Controller appointed a Data Protection Officer?

Based on Article 37 of the GDPR, the Controller has not appointed a Data Protection Officer.

For matters regarding data processing, including personal data, please contact the Controller directly.

Where do we obtain personal data from and what are their sources?

Data is obtained from the following sources:

  • from the persons to whom the data pertains

What is the scope of the personal data we process?

The Website processes ordinary personal data, voluntarily provided by the persons to whom the data pertains
(e.g., name and surname, username, email address, phone number, IP address, etc.)

The detailed scope of the processed data is available in the Privacy Policy.

What are the purposes of processing the data?

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services
  • Communication between the Controller and Users regarding the Website and data protection
  • Ensuring the legitimate interests of the Controller

What are the legal bases for processing data?

The Website collects and processes Users' data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
    • Article 6(1)(a)
      the data subject has given consent to the processing of their personal data for one or more specific purposes
    • Article 6(1)(b)
      processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
    • Article 6(1)(f)
      processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party
  • Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
  • Act of 16 July 2004 Telecommunications Law (Journal of Laws 2004, No. 171, item 1800)
  • Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994, No. 24, item 83)

What legitimate interests does the Controller pursue?

  • For the purpose of potential determination, investigation, or defense against claims – the legal basis for processing is our legitimate interest (Article 6(1)(f) of the GDPR) in protecting our rights, including but not limited to;
  • For the purpose of assessing the risk of potential clients
  • For the purpose of evaluating planned marketing campaigns
  • For the purpose of direct marketing

For how long do we process personal data?

As a rule, the indicated personal data is stored only for the duration of the service provided by the Controller through the Website. They are deleted or anonymized within 30 days from the end of the service provision (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.)

In exceptional situations, in order to secure the legitimate interests pursued by the Controller, this period may be extended. In such a situation, the Controller will store the indicated data, from the time of the request for their deletion by the User, for no longer than 3 years in the event of a breach or suspected breach of the service regulations by the person to whom the data pertains.

Who is the recipient of the data, including personal data?

As a rule, the sole recipient of the data is the Controller.

Data processing may, however, be entrusted to other entities providing services to the Controller in order to maintain the Website's operations.

Such entities include, among others:

  • Hosting companies providing hosting or related services to the Controller

Will your personal data be transferred outside the European Union?

Personal data is transferred outside the European Union.
The transfer of data outside the EU is due to the use of services provided by entities located outside the EU or as a result of publication due to individual User actions (e.g., entering a comment or post), which will make the data available to any person visiting the Website.
In the case of transfer or entrustment of personal data processing outside the EU, the data is processed based on an agreement concluded between the Controller and the Service Provider.

Will personal data be the basis for automated decision-making?

Personal data will not be used for automated decision-making (profiling).

What are your rights related to the processing of personal data?

  • Right of access to personal data
    Users have the right to access their personal data, exercised upon request submitted to the Controller

  • Right to rectify personal data
    Users have the right to request the Controller to immediately rectify personal data that is incorrect and/or complete incomplete personal data, exercised upon request submitted to the Controller

  • Right to delete personal data
    Users have the right to request the Controller to immediately delete personal data, exercised upon request submitted to the Controller.

    In the case of user accounts, the deletion of data involves anonymizing data that enables the identification of the User.

    In the case of the Newsletter service, the User can independently delete their personal data using the link provided in each sent email message.

  • Right to restrict the processing of personal data
    Users have the right to restrict the processing of personal data in the cases specified in Article 18 of the GDPR, e.g., questioning the accuracy of personal data, exercised upon request submitted to the Controller

  • Right to data portability
    Users have the right to obtain from the Controller, personal data concerning the User in a structured, commonly used, machine-readable format, exercised upon request submitted to the Controller

  • Right to object to the processing of personal data
    Users have the right to object to the processing of their personal data in the cases specified in Article 21 of the GDPR, exercised upon request submitted to the Controller

  • Right to file a complaint
    Users have the right to file a complaint with the supervisory authority dealing with data protection.