Privacy Policy

The controller of the Owners’ service is Bright Mind sp. z o.o., located at Nowy Świat 33/13, Warsaw, 00-029 Warsaw, VAT ID: 5252918237, REGON: 522752575, KRS: 0000985907, email: hello@ownersplace.pl

This privacy policy has been constructed in the form of questions and answers. The choice of this format was motivated by the desire for transparency and clarity of the information presented to you. Below you will find a table of contents of this policy corresponding to questions that we answer in turn.

If you have any doubts related to the privacy policy, you can contact us at any time by sending a message to hello@ownersplace.pl


1: Who is the controller of your personal data?

The controller of your personal data is Bright Mind sp. z o.o., located at Nowy Świat 33/13, Warsaw, 00-029 Warsaw, VAT ID: 5252918237, REGON: 522752575, KRS: 0000985907, email: hello@ownersplace.pl


2: Who can you contact regarding the processing of your personal data?

As part of implementing personal data protection in our organisation, we have decided not to appoint a Data Protection Officer as it is not mandatory in our situation. For matters related to data protection and privacy, you can contact us via email at hello@ownersplace.pl


3: What information do we have about you?

Depending on the purpose, we may process the following information about you:

  • name and surname,

  • country of residence,

  • email address,

  • phone number,

  • data contained in correspondence directed to us,

  • bank account number,

  • IP address,

  • materials you viewed on the service,

  • details of purchases made on the service,

  • details of abandoned baskets,

  • activity in relation to messages sent as part of the newsletter,

  • information about the operating system and web browser you use,

  • viewed pages,

  • time spent on the site,

  • transitions between individual pages,

  • clicks on individual links, 

  • source from which you enter our site,

  • age range you are in,

  • your gender,

  • your approximate location limited to the town,

  • your interests determined based on online activity.

We have precisely described the scope of processed data concerning each processing purpose. Information in this regard is contained in the further part of this policy.


4: Where do we get your personal data?

In most cases, you provide it to us yourself. This happens when you:

  • register a customer account,

  • purchase a service,

  • send complaints or withdraw from a contract,

  • sign up for a newsletter,

  • contact us. 

Moreover, some information about you may be collected automatically by the tools we use:

  • the mechanism of the service and newsletter system collects your IP address,

  • the service mechanism collects information about the materials you viewed, order details, including those unfinished,

  • the newsletter system mechanism collects information about your activity regarding the content sent to you in the form of a newsletter, such as opening messages, clicking on links, etc., 

  • Google Analytics collects a range of information about how you use our service.


5: Are your data safe?

We care about the safety of your personal data. We have analysed the risks associated with various processing procedures of your data and have implemented appropriate security measures and data protection policies. We continuously monitor the state of our technical infrastructure, train our staff, scrutinise applied procedures, and make necessary improvements. If you have any questions regarding your personal data, we are available at hello@ownersplace.pl


6: For what purposes do we process your personal data?

There are more than one purposes. Below is a list of them and then a more detailed discussion. We have also assigned appropriate legal bases for processing to each purpose.

  • registration and maintenance of a user account – Article 6(1)(b) GDPR,

  • order processing – Article 6(1)(b) GDPR,

  • handling complaints or withdrawal from a contract – Article 6(1)(f) GDPR,

  • sending a newsletter – Article 6(1)(a) GDPR,

  • sending notifications – Article 6(1)(b) GDPR.

  • correspondence handling – Article 6(1)(f) GDPR,

  • fulfilment of tax and accounting obligations – Article 6(1)(c) GDPR,

  • creating an archive for potential necessity of defence, establishing or pursuing claims, as well as for identifying a returning customer – Article 6(1)(f) GDPR,

  • own marketing – Article 6(1)(f) GDPR,

  • analysis, statistics, and optimisation – Article 6(1)(f) GDPR.

Customer Account – details

When purchasing a service, you must provide the data necessary to conclude a contract and also to set up an account: name, country of residence, phone number, email address, and password. Providing data is voluntary but necessary to set up an account. 

During account data editing, you may provide more extensive data, such as a home address, which can be utilised for correspondence with you. 

Furthermore, our system used to service customer accounts records your IP address that you used when registering the customer account.

Additionally, we use the integration of the Google Analytics tool with the customer account mechanism. Thus, the data collected by the Google Analytics tracking code on your usage of our service is attributed to your customer account. This includes information such as:

  • information about the operating system and web browser you use,

  • viewed subpages,

  • time spent on the site,

  • transitions between individual subpages,

  • clicks on individual links, 

  • source from which you enter our site,

  • age range you are in,

  • your gender,

  • your approximate location limited to the town.

  • Your interests determined based on online activity.

We analyse such information on you to optimise our web pages for user experience, effectiveness, and conversion, which constitutes our legitimate interest as referred to in Article 6(1)(f) GDPR.

The data provided by you in connection with the purchase of a service and account creation is processed to provide you with the service electronically at ensuring you the possibility of using the customer account. This service is provided based on a contract concluded under the terms described in the regulations, which means that in this scope, the legal basis for processing your personal data is Article 6(1)(b) GDPR.

Data will be stored for the duration of the customer account’s functioning. At any time, you can decide to delete your account, however, this will not remove from our database the information about your purchases made using the account. Order information is stored in our archive until the time limit for claims from the contract expires / for the entire duration of the service's functioning due to ensuring the possibility of identifying a returning customer, reconstructing their purchase history, granted discounts, etc., which is our legitimate interest as referred to in Article 6(1)(f) GDPR. 

Complaints and Withdrawals from the Contract – details

If you submit a complaint or withdraw from a contract, you provide personal data contained in the complaint or statement of withdrawal, including name and surname, address of residence, phone number, email address, bank account number. Providing data is voluntary but necessary to submit a complaint or withdraw from the contract.

The data provided to us in connection with submitting a complaint or withdrawal from a contract is used to execute the complaint procedure or the withdrawal procedure, and then for archival purposes, which constitutes our legitimate interest (Article 6(1)(f) GDPR). 

Data will be processed for the time necessary to implement the complaint procedure or the withdrawal procedure. Complaint documents will be stored until the time limit for warranty claims expires. Statements of contract withdrawal will be stored together with accounting documentation for the period required by law. 

Newsletter – details

By signing up for the newsletter, you provide us with your name and email address. Providing data is voluntary but necessary to sign up for the newsletter. 

Additionally, our system used to handle the newsletter records your IP address that you used when signing up for the newsletter, determines your approximate location, email client you use to manage your email, and tracks your actions taken regarding the messages sent to you. In this regard, we also have information about which messages you opened, within which messages you clicked on links, etc. 

The data you provided to us in connection with signing up for the newsletter is used to send you the newsletter, and the legal basis for their processing is your consent (Article 6(1)(a) GDPR) expressed during sign-up. As for processing information not originating from you but collected automatically by our mailing system, we rely on our legitimate interest (Article 6(1)(f) GDPR) in analysing subscriber behaviour to optimise mailing activities. 

You can unsubscribe from the newsletter at any time by clicking the dedicated link located in each newsletter message or simply by contacting us. Despite unsubscribing from the newsletter, your data will still be stored in our database to identify a returning subscriber and to potentially defend claims related to sending you the newsletter, particularly to demonstrate your consent to receive it and the moment of its withdrawal, which constitutes our legitimate interest as referred to in Article 6(1)(f) GDPR. 

You can modify your data provided for receiving the newsletter at any time by clicking the appropriate link visible in each newsletter message or simply by contacting us. 

Correspondence Handling – details

By contacting us, you naturally provide us with your personal data contained in the correspondence, particularly your email address and name and surname. Providing data is voluntary but necessary to establish contact.

Your data is processed in this case to contact you, and the legal basis for processing is Article 6(1)(f) GDPR, i.e., our legitimate interest. The legal basis for processing after the contact is also our justified purpose in archiving correspondence to ensure the possibility of proving certain facts in the future (Article 6(1)(f) GDPR). 

The content of correspondence may be archived and we are unable to determine precisely when it will be deleted. You have the right to demand the presentation of the correspondence history we conducted (if it was archived), as well as demand its deletion, unless its archiving is justified due to our superior interests, e.g., defending against potential claims from your side. 

Tax and Accounting Duties – details

If we issue an invoice to you, it becomes part of the accounting documentation, which will be stored for the period required by law. Your personal data is processed in such a situation to fulfil our tax and accounting obligations (Article 6(1)(c) GDPR in conjunction with regulations concerning tax and accounting duties).

Archive – details

In the description of the individual purposes of personal data processing above, we have indicated personal data storage times. These deadlines are often linked to our archiving of certain data to ensure the possibility of proving certain facts in the future, reconstructing the course of cooperation with the client, exchanged correspondence, defence, establishment, or pursuit of claims. We rely on our legitimate interest in this respect, as referred to in Article 6(1)(f) GDPR.

Own Marketing – details

Within our service, we use a mechanism to recover abandoned shopping carts. In situations where you start the process of purchasing a package but do not complete it, our system notes this fact to take actions aimed at encouraging you to finalise the transaction. These actions may include, in particular, sending you an email encouraging you to finalise the order or displaying targeted advertising while browsing the Internet.  

Our service may also collect information about your activity and, based on this, display you targeted advertising while browsing the Internet. However, if you are not a registered customer, the information used for this purpose does not have the nature of personal data. It is only with the correlation of these details with your personal data collected in the user account, that they become personal data. 

The described actions above are based on our legitimate interest, as referred to in Article 6(1)(f) GDPR, based on the marketing of our products.

Analysis, Statistics, Optimisation – details

We collect statistical information regarding user behaviour when browsing our websites, such as clicking on links, transitions between subpages, time spent on individual pages, etc. We analyse this information to optimise our websites concerning user experience, effectiveness, and conversion. In most cases, the information processed in this way does not have the nature of personal data. An exception is when you are a registered customer. Then, we may link this information with other data collected in the user account. 

The described actions above are undertaken, relying on our legitimate interest, as referred to in Article 6(1)(f) GDPR, based on the optimisation of our websites. 

7: How long will we store your personal data?

The retention periods have been indicated separately concerning each processing purpose. You will find this information within the details attributed to each individual processing purpose.  

8: Who are the recipients of your personal data?

We dare to state that modern business cannot do without services provided by third parties. We also use such services. Some of these services involve processing your personal data. Third-party service providers participating in processing your personal data are:

  • the hosting provider storing data on the server,

  • the provider of the cloud service where backup copies containing your personal data are stored,

  • the supplier of the mailing system, where your data is stored if you are a newsletter subscriber,

  • the CRM system provider, where we store your data to streamline the customer service process and for archival purposes,

  • the invoicing system provider, where your data is stored to issue an invoice,

  • the accounting office processing your data visible on invoices,

  • the law firm that accesses data if it is necessary to provide us with legal assistance,

  • the entity providing technical support services, accessing data if technical work involves areas containing personal data,

  • other subcontractors who access data if the scope of their actions requires such access.

Your personal data may also be transferred to tax offices as necessary to fulfil tax-settlement-accounting obligations. This includes all declarations, reports, statements, and other accounting documents containing your personal data.

Furthermore, if necessary, your personal data may be disclosed to entities, authorities, or institutions authorised to access the data based on legal regulations, such as police, security services, courts, prosecutors.

Moreover, we use tools that collect a range of information about you related to using our service. In particular, it is about the following information:

  • information about the operating system and web browser you use,

  • viewed subpages,

  • time spent on the site,

  • transitions between individual subpages,

  • clicks on individual links, 

  • source from which you enter our site,

  • age range you are in,

  • your gender,

  • your approximate location limited to the town.

  • Your interests determined based on online activity.

These pieces of information in themselves, in our opinion, do not have the character of personal data. Since these pieces of information are collected by the external tools we use, they are also processed by the tool providers under their regulations and privacy policies. Generally, this data is used to provide and improve services, manage them, develop new services, measure advertisement effectiveness, protect against fraud and abuse, as well as personalise content and ads displayed on individual sites, websites, and applications. We attempted to describe the details of this in the further part of this policy within the explanations devoted to individual tools.  

9: Do we transfer your data to third countries or international organisations?

Yes, some operations involving processing your personal data may involve their transfer to third countries. 

We transfer your personal data to third countries in connection with using tools that store personal data on servers located in third countries, particularly in the USA. Providers of these tools guarantee an appropriate level of personal data protection through compliance mechanisms provided for by the GDPR, in particular through the use of standard contractual clauses.

Personal data storage on servers located in third countries occurs among others within the utilisation of tools such as: Google, Dropbox, or Facebook. These companies declare they ensure an appropriate level of protection of the personal data they process by adopting and applying the EU standard contractual clauses in place of the so-called Privacy Shield, invalidated by the Court of Justice of the European Union (CJEU) Schrems II ruling from July 16, 2020 (FB information, Google information). The type of safeguards used is analysed in terms of risks and may change if new legal instruments are adopted by the relevant EU bodies to ensure an appropriate level of security for personal data transferred outside the EEA.

Each of the tools we use, within which personal data may be stored on servers in third countries, provides an adequate level of protection for personal data through compliance mechanisms provided for by the GDPR, particularly through the use of standard contractual clauses. 

We also remind you here that we use external tools that may collect anonymous information about you. We have mentioned this several times within this policy, including in response to the previous question. Providers of these tools often use servers located worldwide, particularly in the United States of America (USA), to store the collected information. 

10: Do we use profiling? Do we make automated decisions based on your personal data? 

We do not make decisions based solely on automated processing, including profiling, which would result in legal effects concerning you or similarly significantly affect you. 

Yes, we use tools that can take specific actions depending on information collected within tracking mechanisms, but we believe these actions do not significantly impact you, as they do not differentiate your situation as a client, do not affect the terms of the contract you can conclude with us, etc. 

When using certain tools, we may, for example, direct personalised ads at you based on previous actions you have taken within our site or suggest products that may interest you. This is known as behavioural advertising. We encourage you to enhance your understanding of behavioural advertising, especially regarding privacy issues. Detailed information, along with the ability to manage behavioural advertising settings, is available here: http://www.youronlinechoices.com. 

We emphasise that within the tools we use, we do not have access to information allowing for your identification. The information we are talking about here includes, in particular: 

  • information about the operating system and web browser you use,

  • viewed pages,

  • time spent on the site,

  • transitions between individual subpages,

  • source from which you enter our site,

  • age range you are in,

  • your gender,

  • your approximate location limited to the town,

  • your interests determined based on online activity.

The information indicated above is not combined with your personal data that is in our databases. This information is anonymous and does not allow us to identify you. This information is stored on the servers of the providers of individual tools, and these servers are most often located worldwide.

The exception to the anonymous nature of the information mentioned above is when you have a customer account in our service. Then, this information may be linked with your data collected in the customer account. However, we still do not make decisions concerning you based solely on automated processing, including profiling, which would have legal effects concerning you or similarly significantly impact you. We believe that actions regarding directing ads to you based on your activity in our service and undertaking optimisation activities do not significantly impact you. Therefore, in this regard, we rely on our legitimate interest as referred to in Article 6(1)(f) GDPR.

11: What rights do you have in connection with the processing of your personal data?

The GDPR grants you the following potential rights related to the processing of your personal data:

  • the right to access your data and receive a copy of it,

  • the right to rectify (correct) your data,

  • the right to erase data (if you believe there is no basis for us to process your data, you can request that we delete it),

  • the right to restrict data processing (you can demand that we limit the processing of data only to its storage or performance of agreed activities with you, if in your opinion we have incorrect data or process it unlawfully), 

  • the right to object to data processing (you have the right to object to data processing based on legitimate interest; you should indicate a specific situation that, in your view, justifies us to stop processing that is subject to objection; we will stop processing your data for these purposes, unless we demonstrate that the data processing grounds override your rights or that your data is necessary for us to establish, pursue, or defend claims),

  • the right to data portability (you have the right to receive from us in a structured, commonly used, machine-readable format personal data that you have provided to us based on a contract or your consent; you may instruct us to send this data directly to another entity),

  • the right to withdraw consent to personal data processing, if previously you expressed such consent,

  • the right to file a complaint with the supervisory authority (if you determine that we are processing data unlawfully, you may file a complaint regarding it with the President of the Personal Data Protection Office or another appropriate supervisory authority).

The principles related to exercising the above-mentioned rights are described in detail in Articles 16 – 21 of the GDPR. We encourage you to familiarise yourself with these provisions. From our side, we deem it necessary to explain to you that the rights mentioned above are not absolute and will not apply to all processing activities of your personal data.  

We emphasise that one of the rights mentioned above always applies – if you believe that when processing your personal data, we violated data protection regulations, you have the option of filing a complaint with the supervisory authority (the President of the Personal Data Protection Office). 

You can always contact us with a request to provide information about what data we have about you and for what purposes we process it. Just send a message to hello@ownersplace.pl. However, we have made every effort to ensure that the information that interests you is thoroughly presented in this privacy policy. The above-mentioned email address can also be used in case of any questions related to the processing of your personal data.

12: Do we use cookies and what are they?

Our service, just like almost all other websites, uses cookies. 

Cookies are small text information stored on your end device (e.g., computer, tablet, smartphone), which can be read by our information-communication system (own cookies) or third parties' information-communication systems (third-party cookies). Specified information can be saved and stored in cookies, which information-communication systems can then access for determined purposes.

Some cookies we use are deleted after the browser session, i.e., after the browser is closed (session cookies). Other cookies are retained on your end device and allow us to recognise your browser on the next visit to the site (persistent cookies). 

If you want to learn more about cookies, you can read, for example, this material: https://pl.wikipedia.org/wiki/HTTP_cookie. 

13: On what basis do we use cookies?

We use cookies based on your consent, except in situations where cookies are necessary for the correct provision of a service by electronic means. 

Regarding your consent to cookies, we accept the variant where you express such consent through your web browser settings or additional software supporting cookie management. We assume that you agree to all cookies used by us, which are not blocked by your browser or additional software you use. 

Remember that disabling or restricting cookie handling may prevent you from using some of the functions available on our service and cause difficulties in using our service and many other websites that use cookies. For example, if you block cookies for social network plug-ins, buttons, widgets, and social features implemented on our service may not be available to you.

# 14: Can you disable cookies?

Yes, you can manage cookie settings within your web browser. You can block all or selected cookies. You can also block cookies for specific sites. At any time, you can also delete previously saved cookies and other site and plug-in data. 

Web browsers also offer the option of using incognito mode. You can use it if you do not want the information about visited sites and downloaded files to be saved in the browsing and downloading history. Cookies created in incognito mode are deleted upon closing all windows of this mode.

Browser plug-ins are also available that enable control over cookies, such as Ghostery (https://www.ghostery.com). The option of control over cookies can also be provided by additional software, particularly as part of antivirus packages, etc. 

Furthermore, tools are available on the Internet for controlling certain types of cookies, particularly for collectively managing behavioural advertising settings (e.g., www.youronlinechoices.com/, www.networkadvertising.org/choices).

Remember that disabling or limiting cookie handling may prevent you from using some of the functions available on our service and cause difficulties in using our service and many other websites that use cookies. For example, if you block cookies for social network plug-ins, buttons, widgets, and social features implemented on our service may not be available to you. 

15: For what purposes do we use our own cookies?

Our own cookies are used to ensure the proper functioning of individual service mechanisms, such as maintaining a session after logging into the account, remembering the recently viewed materials and packages selected by you before purchase.

In our own cookies, the information about the cookie settings defined by you from the cookie management mechanism level is also stored. 

Our own cookies are also used to support the abandoned shopping cart recovery mechanism.

16: What third-party cookies are used?

Within our service, there are the following third-party cookies:

  • Google Analytics,

  • Google Tag Manager,

  • Google AdWords,

  • Google AdSense,

  • Google Ads

  • Facebook Custom Audiences,

  • Facebook, Twitter, Instagram, TikTok (social tools cookies),

  • GetResponse

  • Hotjar,

  • Spotify,

  • YouTube.

  • WPForms

  • Smartsupp

  • Dropbox

  • Stripe

  • Przelewy24

  • Skool

  • Easycart

Details regarding individual third-party cookies can be found on their respective privacy policy tabs.

17: Do we track your behaviour within our service?

Yes, we use tools like Google Analytics, Google AdWords, Hotjar, and Facebook Custom Audiences, which involve collecting information about your activity on our service. These tools have been described in detail within the question concerning third-party cookies, so we will not repeat that information here. 

18: Do we direct targeted ads at you? 

Yes, we use Facebook Ads and Google Ads, in which we can direct ads to certain target groups defined based on various criteria such as age, gender, interests, profession, job, actions previously taken within our service. These tools have been described in detail within the question concerning third-party cookies, so we will not repeat that information here. 

19: How can you manage your privacy?

The answer to this question can be found in many places within this privacy policy with the descriptions of individual tools, behavioural advertising, cookie consent, etc. Nevertheless, for your convenience, we have compiled these pieces of information in one place. Below is a list of options for managing your privacy.

  • cookie settings within your web browser,

  • browser plug-ins supporting cookie management, e.g., Ghostery, 

  • additional software managing cookies,

  • incognito mode in the web browser,

  • settings for behavioural advertising, such as youronlinechoices.com, 

  • cookie management mechanism from our site level,

  • Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout,

  • Google Ads Settings: https://adssettings.google.com/,

  • Facebook Ads Settings: https://www.facebook.com/ads/settings, 

  • HotJar Opt-out: https://www.hotjar.com/legal/compliance/opt-out

20: What are server logs?

Using the service involves sending queries to the server on which the service is hosted. Each query directed to the server is recorded in the server logs. 

The logs contain, among other things, your IP address, server date and time, information about the web browser, and the operating system you use. Logs are recorded and stored on the server. 

Data stored in server logs are not associated with specific individuals using the site and are not used by us for your identification.

Server logs are solely an auxiliary material used for site administration, and their content is not disclosed to anyone except persons authorised to administer the server. 

21: Is there anything else should you know?

As you can see, the subject of personal data processing, cookies usage, and generally managing privacy is quite complex. We have made every effort to ensure that this document provides you with the most extensive knowledge on important issues for you. If anything is unclear to you, you want to learn more or simply discuss your privacy, contact us at hello@ownersplace.pl 



Contact

Instagram

Facebook

Privacy policy

Contact

Instagram

Facebook

Privacy policy

Contact

Instagram

Facebook

Privacy policy