Appendix no. 3 to the Multino Terms of Service
2. The Controller of your personal data processed in connection with your use of the Website is the Operator, i.e. New IT System sp. z o.o., a company registered in the European Union, with its seat in Warsaw, ul. Smulikowskiego 6/8, Poland, and entered into the Register of Entrepreneurs kept by the District Court in Warsaw, 12th Commercial Division of the National Court Register, under no. KRS 0000801228.
3. We take steps to assure that the data we collect:
— is processed in accordance with the applicable laws;
— is gathered for legitimate purposes and not further processed in a manner incompatible with those purposes;
— is factually correct and adequate in relation to the purposes for which it is processed;
— is stored in a form that permits the identification of the data subject for no longer than it is necessary to achieve the purpose of processing;
— is processed in a manner that ensures its security using appropriate technical and organizational measures.
5. The Controller has the right to process your personal data if at least one of the following applies:
— The data subject has given consent to the processing of his/her personal data for specific purposes.
— Processing is necessary for the performance of a contract to which the data subject is a party or in order to take actions at the request of the data subject prior to entering a contract.
— The controller is required to process personal data in order to comply with a legal obligation.
— Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
— Processing is required by the public interest or the exercise of public authority vested in the Controller.
— Processing is necessary for the purposes of the legitimate interests pursued by the Controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
7. Your personal data may be disclosed to third parties acting on our behalf only to the extent necessary to achieve a specific purpose of data processing.
8. Your personal data may be transferred to the following recipients and categories of recipients:
— entities conducting postal or courier activities;
— banks and entities enabling remote payment operations;
— providers of accounting, legal and advisory services;
— entities providing us with technical, IT and organizational solutions enabling to conduct our business, including software, e-mail and hosting providers.
9. Your personal data may also be disclosed if required to do so by applicable laws or in response to valid requests by public authorities (e.g. a court or a government agency).
10. You have the following rights with respect to your personal data:
— the right to be informed;
— the right of access;
— the right to rectification;
— the right to erasure (“to be forgotten”);
— the right to restrict processing;
— the right to data portability;
— the right to object to processing;
— the right not to be subject to a decision based solely on automated processing, including profiling;
— the right to withdraw consent at any time (where relevant);
— the right to lodge a complaint with a supervisory authority.
11. In order to exercise the above-mentioned rights, please contact the Controller via the contact form on the Website.