Privacy Policy

In con­nec­tion with the imple­men­ta­tion of the requ­ire­ments of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the pro­tec­tion of natu­ral per­sons with regard to the pro­ces­sing of per­so­nal data and on the free move­ment of such data and repe­aling Directive 95/46/EC (General Data Protection Regulation) here­ina­fter refer­red to as „RODO”, we inform you abo­ut the prin­ci­ples of pro­ces­sing your per­so­nal data and your rights rela­ted to it.

The fol­lo­wing rules apply as of May 25, 2018.

  1. Personal Data Controller.

The admi­ni­stra­tor of your per­so­nal data is FACE IT sp. z o.o. with its regi­ste­red offi­ce in Warsaw, Al. Jana Pawła II 61, room 211, 01–031 Warsaw, Poland, REGON: 146417793, NIP: 527268749, ente­red in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, 12th Commercial Division of the National Court Register, under KRS num­ber 0000442280, sha­re capi­tal (ful­ly paid-up) of PLN 5,000.00 (here­ina­fter refer­red to as „We” or „FACE IT”). Warsaw, 12th Economic Division of the National Court Register under the num­ber KRS 0000442280, sha­re capi­tal (ful­ly paid up) of PLN 5,000.00 (here­ina­fter refer­red to as „We” or „FACE IT”).

  1. Contact Us

FACE IT has desi­gna­ted a sin­gle point of con­tact for all per­so­nal data issu­es. If you wish to con­tact us, ple­ase send us an e‑mail at: or send a let­ter to the fol­lo­wing address: FACE IT sp. z o.o., ul. Bagatela str. 10/31, 00–585 Warsaw, with the note: „Personal data”.

  1. How do we have your per­so­nal information?
  • We most often rece­ive your data indi­rec­tly from public­ly ava­ila­ble sour­ces, such as the websi­tes you main­ta­in or the websi­tes of media outlets (e.g., new­spa­per edi­to­rial offi­ces, tele­vi­sion sta­tions) for which you work;
  • Sometimes we rece­ive your per­so­nal infor­ma­tion, or part of it, direc­tly from you when you send us a mes­sa­ge via ema­il, thro­ugh a con­tact form, or when you spe­ak with a FACE IT Staff Member.
  1. What is the sco­pe of the data being processed?

Your per­so­nal infor­ma­tion that FACE IT may pro­cess is as follows:

  • Your Name;
  • ema­il address;
  • con­tact pho­ne number;
  • resi­den­tial or mailing address;
  • The com­pa­ny whe­re you work (inc­lu­ding the com­pa­ny of your busi­ness, if you have one);
  • name, address of your busi­ness acti­vi­ty, NIP and REGON num­bers, bank name and bank acco­unt number;
  • posi­tion held;
  • occu­pa­tion pursued;
  • addi­tio­nal infor­ma­tion abo­ut your­self that you may inc­lu­de in your ema­il cor­re­spon­den­ce or that you may pro­vi­de during a tele­pho­ne conver­sa­tion with FACE IT Personnel (but we do not record the­se conversations);
  • the con­sents you have given (if, for exam­ple, you have given FACE IT con­sent to pro­cess your data for mar­ke­ting purposes).
  1. For what pur­po­se and on what basis do we pro­cess your per­so­nal data?

We pro­cess your per­so­nal data in rela­tion to the acti­vi­ties per­for­med by FACE IT, i.e. pro­vi­sion of public rela­tions servi­ces (e.g. media rela­tions), con­duc­ting com­mu­ni­ca­tion in social networks and per­for­man­ce of pro­mo­tio­nal acti­vi­ties (e.g. sen­ding press rele­ases, addres­sing invi­ta­tions to jour­na­list meetings, sen­ding pro­duct sam­ples) (here­ina­fter: „servi­ces”) offe­red to our clients, i.e. enti­ties, the acti­vi­ties of which – due to your pro­fes­sion or busi­ness – you may be inte­re­sted in.

Consequently, we pro­cess your per­so­nal data in order to:

  • noti­fy you (e.g. by ema­il, text mes­sa­ge or tele­pho­ne) of an event/event/product con­cer­ning one of our Customers – pro­ces­sing under 6(1)(a) (your con­sent) or (f) (the Administrator’s legi­ti­ma­te inte­rest) of the DPA;
  • to enter into and per­form a con­tract with you if we enter into a part­ner­ship in the cour­se of our and your busi­ness and you also deci­de to beco­me our Contractor. In this case, we pro­cess your per­so­nal data on the basis of 6(1)(b) RODO (to conc­lu­de and per­form the contract);
  • to keep acco­un­ting books and tax set­tle­ments in accor­dan­ce with 6(1)© of the DPA (in order to ful­fil a legal obli­ga­tion of the Administrator);
  • Your per­so­nal data is also pro­ces­sed for the pur­po­ses of debt col­lec­tion, liti­ga­tion, arbi­tra­tion and media­tion, archi­ving and the possi­bi­li­ty of us acco­un­ting for the cor­rect­ness of the pro­ces­sing of your data, which con­sti­tu­tes a legi­ti­ma­te inte­rest of the con­trol­ler under 6(1)(f) RODO.
  1. How long do we pro­cess your per­so­nal information?

The period for which we pro­cess your per­so­nal data depends on the pur­po­se of the pro­ces­sing. Thus, respectively:

  • noti­fy­ing you of an event rela­ting to our clients which, for pro­fes­sio­nal reasons, you may be inte­re­sted in – for this pur­po­se we will pro­cess your data until such time as you object to such pro­ces­sing or with­draw your con­sent to such communication
  • conc­lu­ding and per­for­ming the con­tract conc­lu­ded with you, if you deci­de to beco­me our Contractor – for this pur­po­se we pro­cess your data for the time of its per­for­man­ce;
  • as far as acco­un­ting pur­po­ses are con­cer­ned, we will pro­cess your data for a period of 5 years, coun­ting from the begin­ning of the year fol­lo­wing the finan­cial year to which the acco­un­ting docu­ments in question rela­te (Article 74(2) and (3) of the Accounting Act of 29.09.1994 (Journal of Laws of 2018, item 395, as amen­ded). However, as far as tax pur­po­ses are con­cer­ned, the data will be pro­ces­sed for a period of 5 years, coun­ting from the end of the calen­dar year in which the deadli­ne for pay­ment of a given tax expi­red (Article 70 § 1 of the Tax Ordinance Act of 29.08.1997 (Journal of Laws of 2017, item 201 as amended);
  • debt col­lec­tion – con­duc­ting court, arbi­tra­tion and media­tion pro­ce­edings, archi­ving, ensu­ring the possi­bi­li­ty of acco­un­ting for the cor­rect­ness of data pro­ces­sing and ful­fil­ling other obli­ga­tions ari­sing from the law – for the­se pur­po­ses we pro­cess per­so­nal data until the end of the sta­tu­te of limi­ta­tions (this period will depend on the type of cla­im in accor­dan­ce with the Civil Code or other legal acts gover­ning lia­bi­li­ty other than civil liability).
  1. Who is the reci­pient of your per­so­nal information?

We only sha­re your data when it is neces­sa­ry to do so. We do not sell your data. However, we may pass on your per­so­nal data to our Customers (whe­re­by the pur­po­ses for which they pro­cess your data will not chan­ge) and/or Contractors, i.e. entities/companies that pro­vi­de FACE IT with servi­ces neces­sa­ry for the pro­per func­tio­ning, e.g:

  • com­pa­nies that are invo­lved in orga­ni­zing vario­us types of events;
  • com­pa­nies that pro­vi­de servi­ces for the sup­ply and main­te­nan­ce of data­ba­se and other softwa­re by means of which FACE IT can, for exam­ple, main­ta­in appro­pria­te records and e‑mail communications;
  • enti­ties pro­vi­ding hosting services;
  • con­sul­ting and law firms, as well as acco­un­ting and IT servi­ce pro­vi­ders who sup­port us in our daily operations;
  • enti­ties with whom we work to pro­vi­de servi­ces to our customers.

For enti­ties in each cate­go­ry, FACE IT trans­fers only the data that are neces­sa­ry to achie­ve the objec­ti­ves of the coope­ra­tion defi­ned with it.

  1. Do we pro­cess your per­so­nal data auto­ma­ti­cal­ly (inc­lu­ding thro­ugh pro­fi­ling) in a way that affects your rights?

We do not use pro­fi­ling, nor do we pro­cess your data by auto­ma­ted means.

  1. How do we pro­cess per­so­nal information?

We pro­cess per­so­nal data in accor­dan­ce with appli­ca­ble law, in par­ti­cu­lar in accor­dan­ce with the RODO. We are mind­ful of the fol­lo­wing rules that guide us in pro­ces­sing your per­so­nal data:

  • Adequacy Rule. We pro­cess only tho­se data that are neces­sa­ry to achie­ve the given pur­po­se of the pro­ces­sing; for each pro­cess, we have car­ried out an ana­ly­sis to meet this rule;
  • Transparency Rule. You sho­uld have full know­led­ge of what hap­pens to your data. This docu­ment, in which we try to give you full infor­ma­tion abo­ut the rules of our pro­ces­sing of your per­so­nal data, is a mani­fe­sta­tion of it;
  • Rule of Correctness. We stri­ve to keep your per­so­nal infor­ma­tion in our sys­tems cur­rent and truthful;
  • Integrity and Confidentiality Rule. We take the neces­sa­ry measu­res to safe­gu­ard the con­fi­den­tia­li­ty and inte­gri­ty of your per­so­nal infor­ma­tion. We are con­ti­nu­al­ly impro­ving the­se as the envi­ron­ment chan­ges and tech­no­lo­gy advan­ces. Safeguards inc­lu­de phy­si­cal and tech­no­lo­gi­cal measu­res to limit access to your infor­ma­tion, as well as appro­pria­te measu­res to pre­vent loss of your information;
  • Accountability Rule. We want to be able to acco­unt for eve­ry action we take on your per­so­nal infor­ma­tion, so that if you ask us, we can give you full and fair infor­ma­tion abo­ut what we did with your information.
  1. What rights do you have?

Data pro­tec­tion laws give you a num­ber of rights that you can exer­ci­se at any time. Provided you do not abu­se the­se rights (e.g. unre­aso­na­ble daily requ­ests for infor­ma­tion), the exer­ci­se of the­se rights is free of char­ge to you and sho­uld be easy to exercise.

Your rights include:

  • The right to access the con­tent of your per­so­nal infor­ma­tion. This right means that you can requ­est that we export the infor­ma­tion we have abo­ut you from our data­ba­ses and send it to you in one of the com­mon­ly used for­mats (e.g. XLSX, DOCX, etc.);
  • Right to rec­ti­fi­ca­tion. If you beco­me awa­re that the data we pro­cess is incor­rect, you have the right to ask us to cor­rect it and we will be obli­ged to do so. In this case, we have the right to ask you to pro­vi­de some docu­ment or other evi­den­ce to pro­ve that the data has been changed;
  • Right to restrict pro­ces­sing. If, despi­te our com­plian­ce with the ade­qu­acy prin­ci­ple, you belie­ve that we are pro­ces­sing too much of your per­so­nal data for a par­ti­cu­lar pro­cess, you have the right to requ­est that we restrict this pro­ces­sing. Insofar as your requ­est does not con­tra­dict requ­ire­ments impo­sed on us by appli­ca­ble law we will com­ply with your request;
  • Right to requ­est dele­tion of data. This right, also known as the right to be for­got­ten, means your right to requ­est that we dele­te from our data­ba­se sys­tems and records any infor­ma­tion con­ta­ining your per­so­nal data. Please note that we will not be able to do so if we are obli­ged by law to pro­cess your data (e.g. trans­ac­tion docu­ments for tax pur­po­ses, obli­ga­tion to ensu­re acco­un­ta­bi­li­ty of our actions). In any case, howe­ver, we will dele­te your per­so­nal data to the ful­lest extent possi­ble and, whe­re this is not possi­ble, we will ensu­re that your data is pseu­do­ny­mi­zed (which means that the data sub­ject can­not be iden­ti­fied witho­ut an appro­pria­te lin­king key), so that your data, which we must reta­in in accor­dan­ce with appli­ca­ble law, will only be acces­si­ble to a very limi­ted circ­le of people;
  • Right to trans­fer your data to ano­ther data con­trol­ler. Under the RODO, you can ask us to export the data you have pro­vi­ded to us in the cour­se of all our con­tacts into a sepa­ra­te file for onward trans­fer to ano­ther data controller;
  • Right to with­draw con­sent. If we pro­cess your per­so­nal data on the basis of your con­sent, you may with­draw that con­sent at any time. The with­dra­wal of con­sent will not affect the law­ful­ness of pro­ces­sing that we have done on the basis of con­sent given befo­re its with­dra­wal. However, we would like to inform you that your per­so­nal data in the sco­pe cove­red by the with­drawn con­sent, i.e. in the sco­pe of the pur­po­se to which the con­sent refer­red, will cease to be pro­ces­sed for that pur­po­se. Nevertheless, your per­so­nal data cove­red by your con­sent will con­ti­nue to be pro­ces­sed for the pur­po­se of com­ply­ing with our obli­ga­tions under the law, inc­lu­ding in par­ti­cu­lar our obli­ga­tion to acco­unt for the cor­rect­ness of the pro­ces­sing of your per­so­nal data, possi­bly for pur­po­ses based on our legi­ti­ma­te interests.

You may exer­ci­se the rights refer­red to abo­ve by con­tac­ting us at: or by mail to: FACE IT sp. z o.o. ul. Bagatela 10 lok. 31, 00–585 Warsaw, with the note: „Personal data”.

In mat­ters rela­ted to per­so­nal data you can also wri­te to us, if any action or situ­ation you enco­un­ter raises your con­cerns, whe­ther it is com­pliant with the regu­la­tions or does not acci­den­tal­ly vio­la­te your rights or fre­edoms. In this case we will answer your questions and con­cerns and address the issue promptly.

If you con­si­der that we have in any way vio­la­ted the rules for pro­ces­sing your per­so­nal data then you have the right to lod­ge a com­pla­int direc­tly with the super­vi­so­ry autho­ri­ty (from 25 May 2018 this is the President of the Office for Personal Data Protection). In exer­ci­sing this right you sho­uld give a full descrip­tion of the situ­ation that has ari­sen and indi­ca­te what action you con­si­der to have vio­la­ted your rights or fre­edoms. The com­pla­int sho­uld be sub­mit­ted direc­tly to the super­vi­so­ry authority.

  1. What is the right to object?

We would like to inform you sepa­ra­te­ly that you also have the right to so-called objec­tion to the pro­ces­sing of your per­so­nal data. You have the right to object if you do not want us to pro­cess your per­so­nal data for a spe­ci­fic pur­po­se (e.g. mar­ke­ting purposes).

You also have the right to object if the pro­ces­sing of your per­so­nal data is based on a legi­ti­ma­te inte­rest or for sta­ti­sti­cal pur­po­ses, and the objec­tion is justi­fied by the par­ti­cu­lar situ­ation you are in.

In this case, we will con­ti­nue to pro­cess your data for other pro­ces­ses (for other pur­po­ses), but no lon­ger for the pur­po­se for which you objec­ted. 
You can report your right to object to the e‑mail address: or by let­ter to: FACE IT sp. z o.o. ul. Bagatela 10 lok. 31, 00–585 Warsaw, with the note: „Personal data”.

  1. Is it your respon­si­bi­li­ty to pro­vi­de the data?

You pro­vi­de your per­so­nal data to FACE IT volun­ta­ri­ly. There is no law that impo­ses a legal obli­ga­tion on you to pro­vi­de it.

However, if you wish to enter into a con­tract with us, you must pro­vi­de data that will ena­ble us to enter into and per­form that con­tract, as well as to pro­per­ly tax and docu­ment it for FACE IT acco­un­ta­bi­li­ty purposes.

Personal data pro­vi­ded for e.g. con­tact or mar­ke­ting pur­po­ses are neces­sa­ry for us to con­tact you or to con­duct mar­ke­ting acti­vi­ties to which you agree or at least do not object. If you do not pro­vi­de it, our com­mu­ni­ca­tion with you will be either impe­ded (e.g. if you pro­vi­de only your tele­pho­ne num­ber but not your e‑mail address) or impos­si­ble (if you do not pro­vi­de any con­tact data).

  1. Do we sha­re your data out­si­de the EU?

No, we will trans­fer your data to a third coun­try or to inter­na­tio­nal organizations.