I. General information

This document specifies the privacy principles applicable in the mobile app. Talia Ja-Ty App App. The Controller is the company Biblioteka Gestalt Urszula Krasny, Bursztynowa 3/63, 31-213 Kraków, VAT number : PL9451970076, contact@ithouapp.com .

II. Personal information

1. Personal information collected by the Controller shall be processed in accordance with

the provisions of the Regulation of the European Parliament and of the Council (EU)

2016/679 of 27 April 2016 on the protection of individuals with regard to the

processing of personal data and on the free movement of such data and repealing

Directive 95/46 / EC ( GDPR), current Polish Data Protection Act, the Act on

Rendering Electronic Services of 18 July 2002 .

2. The Controller collects information provided voluntarily by the Users of the mobile

application. However, providing marked personal data is a condition for using the

mobile application. The Administrator collects only the User's name, needed to use the

application. It is remembered for the future.

3. Moreover, the Controller may record the information about connection parameters,

like IP addresses, for technical purposes, for server administration and for collection

of general, statistical demographic information (e.g. about the region from which the

connection comes), and also for security purposes.

4. The Controller shall make an extra effort in order to protect privacy and information

about the Users. The Controller shall exercise due diligence when selecting and

applying appropriate technical measures, including those of programming and

organizational nature, in order to protect the processed data, and in particular he shall

protect the data from unauthorized access, disclosure, loss and destruction,

unauthorized modification, and also from their processing with the breach of the

applicable provisions of law.

5. Personal data will be processed in accordance with the principles of art. 5 GDPR.

Personal data will be:

a) processed lawfully, fairly and in a transparent manner in relation to the data

subject (‘lawfulness, fairness and transparency’);

b) collected for specified, explicit and legitimate purposes and not further

processed in a manner that is incompatible with those purposes; further

processing for archiving purposes in the public interest, scientific or historical

research purposes or statistical purposes shall, in accordance with Article 89(1)

GDPR, not be considered to be incompatible with the initial purposes

(‘purpose limitation’);

c) adequate, relevant and limited to what is necessary in relation to the purposes

for which they are processed (‘data minimisation’);

d) accurate and, where necessary, kept up to date (‘accuracy’);

e) kept in a form which permits identification of data subjects for no longer than

is necessary for the purposes for which the personal data are processed;

personal data may be stored for longer periods insofar as the personal data will

be processed solely for archiving purposes in the public interest, scientific or

historical research purposes or statistical purposes in accordance with Article

89(1) GDPR subject to implementation of the appropriate technical and

organisational measures required by this Regulation in order to safeguard the

rights and freedoms of the data subject (‘storage limitation’);

f) processed in a manner that ensures appropriate security of the personal data,

including protection against unauthorised or unlawful processing and against

accidental loss, destruction or damage, using appropriate technical or

organisational measures (‘integrity and confidentiality’).

III. Legal basis

1. The basis for the processing of the User's Personal Data is primarily the necessity to

perform the contract to which he is a party or the need to take action at his request

prior to its conclusion (Article 6 par 1 ( b) of GDPR).

2. In other purposes, the User's Personal Data may be processed on the basis of:

a) applicable law when processing is necessary to fulfill the legal obligation of

the Controller (Article 6 (1) (c) of the GDPR);

b) indispensable for purposes other than those mentioned above resulting from

legitimate interests pursued by the Controller or by a third party, in particular

to determine, assert or defend claims, market and statistical analyses (Article 6

(1) (f) GDPR).

IV. Your rights on personal data concerning you

1. As Users provide their personal information voluntarily, they shall have the right to

access their personal data and the right to rectify, delete, limit the processing, the right

to data transfer, the right to object, the right to withdraw consent at any time .

2. If it is found that the processing of personal data violates the provisions of the GDPR,

the data subject has the right to lodge a complaint with the President of the Office for

Personal Data Protection.

3. Detailed conditions of the above rights shall be indicated in Articles 1522 of the

GDPR Regulation.