Privacy Policy
Data Controller – DPO
The data controller for the processing of the personal data referred to herein is DATA LAKE SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (hereinafter: “Data Lake”) with its registered seat in Poland at Kuzawa 2B (17-240 Kuzawa), entered into the Register of Entrepreneurs under the number KRS: 0000825343, NIP: 7162828483.
Data Lake has appointed a Data Protection Officer who can be contacted at the following address: IOD@data-lake.co or by sending a letter to the address for correspondence indicated above.
Preamble
This privacy policy, implemented by Data Lake, is intended to provide the Users with a summary and overview of the processing of personal data carried out when you visit our website.
Data Lake assigns particular importance to the respect for the privacy of the Users and of the confidentiality of their personal data, and is thus committed to processing the data in compliance with the applicable laws and regulations, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter referred to as the “GDPR”).
Definitions:
Personal data: any information relating to an identified or identifiable natural person, that is, a person who can be identified, directly or indirectly, by reference to an identification number or to one or more elements specific to that person.
Processing of personal data: any operation or any set of operations relating to personal data, whatever the process used, and in particular the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, as well as locking, erasure, or destruction.
Cookie: A cookie is a piece of information that is placed on a User’s device when visiting a Website. It contains several pieces of data: the name of the server that installed it, an identifier in the form of a unique number and possibly an expiry date. This information is sometimes stored on the device in a text file, which the server can access in order to read and save bits of information. This Policy also applies to technologies similar to cookie.
User: the natural person who uses the Website.
Website: the websites run by the Data Lake, available at https://data-lake.co and https://donateyourdata.io
Data Collection Policy
Data Lake collects data from users in order to provide the best web experience on our websites (https://data-lake.co and https://donateyourdata.io) and in order to improve our service and understanding of our visitors and customers.
The provision of data is voluntary. Failure to provide data may result in the inability to use the website or its particular functionalities.
The mandatory or optional nature of the data collected is indicated at the time of collection in our cookies notice or website form. Optional cookies (hereinafter referred to as “unnecessary cookies”) are disabled by default unless you give us your express permission to collect said data.
In addition, certain necessary data is collected automatically as a result of the user’s actions on the site (see the paragraph on cookies).
Data Lake does not transfer data to international organisations.
Data Lake does not use data for profiling or automated decision-making.
Purposes
The personal data collected by Data Lake during the provision of the services is necessary for the performance of our website and services, or to allow Data Lake to pursue its legitimate interests while respecting the rights of the users. Certain data may also be processed based on the users’ consent.
Data Lake processes data for the following purposes:
pursuing its legitimate interest (legal basis Article 6.1.f GDPR) in:
operation and improvement of our website and services
management of customer acquisition and marketing activities;
providing security, detection of malicious behaviour (fraud, phishing, spam, etc.);
contacting users if/when they specifically request for us to do so;
for the purposes for which the user gives consent (legal basis Article 6.1.a GDPR);
in fulfilment of legal obligations (legal basis Article 6.1.c GDPR).
Data Lake processes personal data of users who visit profiles operated by Data Lake on social media and platforms. The data is processed to inform users about Data Lake’s activities, to promote various services and products, which constitutes a legitimate interest (legal basis Article 6(1)(f) RODO).
Data Lake has no influence on the ways and purposes of data processing by the entities managing the respective social media. Before using social media, the user should read the privacy policy of the respective platform.
Links to the privacy policies for each platform are indicated below:
VeraSafe Ireland Ltd.
https://policy.medium.com/medium-privacy-policy-f03bf92035c9
LinkedIn Ireland Unlimited
https://pl.linkedin.com/legal/privacy-policy?trk=d_org_guest_company_overview_footer-privacy-policy
Twitter, Inc.
https://twitter.com/en/privacy#chapter7
Telegram UK Holdings Ltd
https://telegram.org/privacy
What personal data we collect and why we collect it
Contact Form
If you use the contact form on the site, we collect the data shown in the contact form (name, email address, phone number and message), as well as your IP address and browser user agent string to help spam detection. We will not use this information for any other purpose than contacting you at your request – it will not be stored or used for marketing purposes.
Newsletter Signup Form
If you sign up for our newsletter using the form on our site, we collect the data shown in the form (name, email address), as well as your IP address and browser user agent string to help spam detection. We will not use this information for any other purpose than sending you the communication (i.e. newsletter) that you have specifically signed up for.
Cookies
Necessary Cookies
Necessary cookies are essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously. We also use essential cookies to store your choice in terms of consent or rejection of non-essential cookies (e.g. Marketing or Analytics Cookies). Our site uses the following necessary cookies:
Additional Cookies
In addition to necessary cookies, we also use additional cookies (termed “unnecessary cookies”) for website analytics, performance and marketing purposes. These cookies are optional and disabled by default until you explicitly accept them. The cookies below are 1st Party cookies (set/created on our website), however the data they contain may be transferred to a 3rd party such as in the case of website analytics. Any transferral of data will be done in a GDPR-compliant way, and your data will not leave the European Union, nor be sold to any other party, nor shared with any other party that those described in this policy.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Links to the privacy and cookie policies of the 3rd-party embedded content services we use will appear in this section when put into effect on our site.
Analytics
When you use our website AND accept the use of non-essential cookies, our Analytics tool (Matomo) will by default track the following information:
User IP address
Optional User ID
Random unique visitor ID
Date and time of the request in UTC format
Title of the page being viewed (Page Title)
URL of the page being viewed (Page URL)
URL of the page that was viewed prior to the current page (Referrer URL)
Screen resolution being used
Time in local user’s timezone
Time of the first visit for this user
Time of the previous visit for this user
Number of visits for this user
Files that were clicked and downloaded (Download)
Links to an outside domain that were clicked (Outlink)
Pages generation time (the time it takes for webpages to be generated by the webserver and then downloaded by the user: Page speed)
Location of the user: country, region, city, approximate latitude and longitude (Geolocation)
Main Language of the browser being used (Accept-Language header)
User Agent of the browser being used (User-Agent header)
From the User-Agent and screen resolution, Matomo uses a Universal Device Detection library to detect the browser, operating system, device used (desktop, tablet, mobile, tv, cars, console, etc.), brand and model.
How long we retain your data
Data Lake retains data for no longer than is necessary for the purpose for which it was collected.
If the user uses our contact form, their data and the content of the message will be stored for the time necessary to process the request, no longer than four (4) years, unless the content of the message is of a nature that legally requires us to store it longer (e.g. for the purpose of pursuing or defending against claims).
The duration of cookie data retention has been outlined in the above sections explaining which cookies are in use on out site.
You may request for us to remove your data at any time and we will comply in a timely manner (unless we are precluded from doing so for legal reasons) – please see the “Rights of Users” section of this policy for more details.
To whom we share data
Data Lake shares data with individuals and companies that provide services to Data Lake (e.g. IT support, hosting, analytics services, marketing services, legal advice).
The data may be forwarded to competent institutions (e.g. police authorities, courts) in the event of proceedings, based on the provisions of the law.
Rights of Users
In accordance with applicable rules, the users have the right to access and rectify their personal data, which enables them to rectify, complete, update, or delete data that is inaccurate, incomplete, ambiguous, or outdated, or whose collection, use, communication, or storage is prohibited.
The users also have the right to request the limitation of the processing, and to oppose on legitimate grounds the processing of their personal data.
Where applicable, the user may request the portability of their personal data.
Where the legal basis for processing is consent, withdraw your consent at any time, which will not affect the lawfulness of the processing carried out on the basis of your consent before its withdrawal.
The users may exercise their rights by sending an email to IOD@data-lake.co or a letter to:
Data Lake, Kuzawa 2B (17-240 Kuzawa), Poland
These requests shall be processed within a maximum period of 30 days.
The users may also at any time modify the data pertaining to them by contacting us at IOD@data-lake.co.
The users may access detailed information on the use of their personal data, in particular concerning the purposes of the processing, the legal bases enabling Data Lake to process the data, its storage period and its recipients, as well as the related compliance guarantees put in place for such transfers. To do so, the User can send their request by email to IOD@data-lake.co.
The user has the right to lodge a complaint to the supervisory authority – the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw/Poland).
Security
Data Lake has taken all necessary precautions to preserve the security of personal data and, in particular, to prevent it from being accessed by unauthorised third parties, distorted, or damaged.
These measures include but are not limited to the following:
Multi-level firewall.
Proven solutions for anti-virus protection and detection of intrusion attempts.
Encrypted data transmission using SSL/https technology.
Strong passwords that are stored in a secure manner (Salting & Hashing)
2FA (two-factor authentication)
In addition, access to processing data on behalf of Data Lake by the receiving third-party services requires authentication of the persons accessing the data, by means of an individual access code and password, that is sufficiently robust and regularly renewed. It is our policy to also use 2FA whenever available from our partners.
Any questions about the security of the Data Lake website can be answered by emailing IOD@data-lake.co
Modification of the Privacy Policy
Data Lake reserves the right to change this Privacy Policy to comply with changes in the applicable laws and regulations.
The Users shall be notified of any changes made to this policy via our website or by email at least thirty days prior, when possible, to their entry into force.
Contact
Any questions about Data Lake’s Privacy Policy can be directed by email to IOD@data-lake.co or by mail to:
Data Lake, Kuzawa 2B (17-240 Kuzawa), Poland