Good Looking Studio Privacy Policy
Privacy Policy
I. Definitions
1. Controller – GOOD LOOKING STUDIO Szufladowicz Leśniewski Ruszkowski Klepacki Sp. k., with its registered office in Warsaw, at Al. Niepodległości 138/12, 02-554 Warsaw, acting as the controller of personal data concerning Users processed on the Website.
2. Policy – this Privacy Policy.
3. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
4. Website – the website operated by the Administrator on the Internet at the domain http://goodlooking.pl/.
5. User – a natural person visiting the Website, viewing the content published on it, and using other features available on the Website.
II. Introductory Information
1. This Policy provides information on how the Administrator processes the data of Website Users, including their personal data.
2. This Policy reflects the Administrator’s fulfillment of its information obligations toward Users under data protection laws, including the GDPR.
3. The Administrator determines the purposes and means of processing Users’ personal data collected through the Website, thereby acting as the controller of such personal data within the meaning of Article 4(7) of the GDPR.
4. Notwithstanding this Policy, information regarding the Controller’s processing of personal data of job applicants, its clients and service providers, as well as their representatives, employees, and associates, has been published on the Website in the form of separate documents. We encourage you to read these documents carefully.
III. Scope of Data Collected by the Administrator
1. The Website offers features that can be used anonymously, i.e., without the need to provide data that would allow for the identification of the User—this applies in particular to the ability to view content published on the Website. In such cases, the data collected on the Website is not associated with specific Users browsing the Website. This data is collected automatically and includes, in particular, the following information:
- the IP address of the device from which the request originated,
- device type,
- device name (identification performed via the HTTP protocol, if possible),
- time the request was received,
- the first line of the HTTP request,
- HTTP response code,
- the URL of the page previously visited by the User if the transition to the Website occurred via a link,
- information about the User’s device interaction with the Website, including the pages accessed and links clicked.
Collecting the above information allows the Administrator to better understand traffic on the Website and to determine where Users come from and what content is most interesting to them. The Administrator uses this information for internal analysis and to improve the quality and relevance of the Website for visitors. Some of this information may be collected using cookies and similar tracking technologies, as explained in Section V below. This information will constitute personal data only if the Administrator is able to associate it with specific Users.
2. If electronic forms are available on the Website, the User may voluntarily fill them out and submit them to the Administrator. In such a case, the Administrator collects and processes the personal data provided by the User in the form, including their identification and contact details.
3. In addition, the User may contact the Administrator via email by sending a message to the email addresses provided on the Website. In such a case, the Administrator will process the User’s personal data contained in the message, including identification and contact details, as well as information regarding the message and derived from it.
VI. How Personal Data Is Processed
1. Users’ personal data collected on the Website is processed for the following purposes and based on the legal grounds indicated below:
a) to pursue the Controller’s legitimate interests, i.e., pursuant to Article 6(1)(f) of the GDPR, consisting in particular of:
i. the ability to communicate with Users regarding matters specified by them, i.e., by responding to questions directed by Users directly to the Controller via email (to the email addresses available on the Website) or an electronic form (if made available on the Website);
ii. tailoring the content and functionality available on the Website to Users’ expectations and behavior, in order to increase satisfaction with the Website and improve the quality of its features;
iii. creating reports, analyses, and statistics to enable the management of the Website, planning its development directions and the features available on it, as well as improving their quality;
iv. ensuring the security of the Website’s operation, including preventing abuse and its consequences, to ensure the proper functioning of the Website;
b) for marketing purposes to which Users have consented on the Website—the processing of Users’ personal data for this purpose is based on Article 6(1)(a) of the GDPR;
c) to fulfill the legal obligations incumbent upon the Controller in connection with its activities on the Website—the processing of Users’ personal data for this purpose is based on Article 6(1)(c) of the GDPR.
2. The personal data of Website Users is stored by the Controller for the duration of the processing purposes indicated above. After this period expires, the Controller will process Users’ personal data for the period required by law (if such a period is specified by law) or until the statute of limitations expires on any claims by the User or the Controller arising in connection with the Controller’s provision of the Website and the User’s use of the features available on the Website. At the same time, we note that personal data processed based on the User’s consent will not be processed for longer than until the User withdraws their consent, and personal data processed on the basis of the Administrator’s legitimate interest will not be stored for longer than until the User raises a justified objection to the further processing of their personal data by the Administrator.
3. The Administrator may disclose Users’ personal data to the following recipients or categories of recipients:
a) public administration bodies and entities performing public tasks or acting on behalf of public authorities, to the extent and for the purposes provided by law;
b) entities processing Users’ personal data on behalf of and at the request of the Administrator in connection with services provided by such entities to the Administrator for the purposes of the Website’s operation, in particular providers of IT, hosting, analytical, marketing, and legal services.
4. Users have the following rights:
a) the right to access their personal data;
b) the right to rectify personal data;
c) the right to erasure of personal data;
d) the right to data portability;
e) the right to restrict the processing of personal data;
f) the right to object to the processing of personal data;
g) the right to lodge a complaint with a supervisory authority (i.e., the Office for Personal Data Protection);
h) the right to withdraw consent to the processing of personal data (if the User’s personal data is processed on the basis of consent provided by the User). Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal.
5. Users’ personal data is not transferred to entities based outside the European Economic Area.
6. Providing personal data by the User is voluntary, but may be necessary to use certain features available on the Website.
7. The Controller strives to ensure the complete protection of collected and processed personal data and, therefore, takes appropriate measures to prevent misuse, loss, unauthorized access, unintended disclosure, and unauthorized modification of such data.
V. Contact Information
Email address: hello@goodlooking.pl