Much has been said about GDPR, so not to bore you, we will point out the most important facts to have a common understanding:
|User||A person whose data are processed and who can be identified by those data; shortly speaking – you, as a user of this website|
An entity which sets the rules on how data are processed, and is responsible for their processing in accordance with the law.
As a principle, when you use the website, the Controller of your personal data is FundingBox Accelerator sp. z o.o. contact address : email@example.com.
|GDPR||Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).|
|Personal data||Any information relating to an identified or identifiable natural person (User). So it will be for example your name, surname, e-mail address, and your IP address. It is of course a non-exhaustive list.|
|Cookies||(also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data stored on the User’s computer/devices by the web browser while browsing a website.|
|Website||all online services provided on https://i-nergy-supportive-partners.fundingbox.com/.|
As the Data controller, we respect your rights to:
- object to the processing of your data – it means that in some cases you can demand to stop processing your Personal data; a detailed procedure on how to do it is available below;
- access your data and obtain a copy of your data – it means that you can ask us what information about you Data controller has and request a copy of your Personal data;
- correct your Personal data – (rectification) it means that if we process your inaccurate or incomplete personal data, we have to correct them upon your request;
- erase your data – it means that you can request to delete your Personal data when it’s no longer needed or if processing it is unlawful;
- restrict processing of your Personal data, it means that in some cases you can ask us to limit processing your data only to store it and not processing it for other purposes;
- make a complaint with your local Data Protection Authority. Full list is available here: https://edpb.europa.eu/about-edpb/board/members_en.
You must be aware that in some cases we may still process your Personal data, even if you have requested to delete them, for example to determine, pursue or defend claims (for the time necessary to fulfil these purposes).
Legal basis, purpose and retention
|The purpose||Legal basis for processing||Period|
|1) For using the website and ensuring its proper operation||Legitimate interest of Funding Box (based on Article 6, paragraph 1 (f) of GDPR) which is fulfilling the obligations and our other interests related to this purposes||2 years from visiting website|
|2) To possibly establish and enforce claims or defend against them|
|3) To send a newsletter|
|4) To conclude and perform the Contract||Processing personal data is a necessity to perform a contract to Users – according to the Terms of service (based on Article 6.1 (b) GDPR).||6 years from termination of the contract (from the end of using the Services)|
The Data controller will transfer personal data only to trusted recipients such as IT service providers. In particular: [e.g. Google, Claudflare,project consortium partners].
Security of the data
We apply technological and organisational means to secure your Personal data. Among others, the SSL (Secure Socket Layer) certificates shall be applied. Your data is also collected and stored on a secured server. Moreover, the Personal data is secured by procedures of the hosting providers.
Transfer of Personal data outside European Economic Area
Data transfer should be understood as the way in which a Data controller processes personal data using IT solutions that have their physical location in the USA. Thus, using the solutions of suppliers with IT infrastructure (e.g. Google, Amazon) in the USA, from the formal side, means “data transfer to the USA”. So the term “data transfer to the USA” should not be understood as our goal is to send any personal data to the USA, but just the information that we use tools provided by such companies.
In order to legally process personal data using IT solutions based in the USA, it is required to enter into appropriate legal safeguards guaranteeing the same rights of data subjects as those applicable in the EEA. One of such safeguards in accordance with Article 45 of the GDPR, is the transfer of personal data to the USA based on an adequacy decision by the European Commission. According to the decision of the European Commission No. 2021/914 EU of June 4, 2021, https://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32021D0914&qid=1623665716691 each personal data controller, i.e. FundingBox may process personal data using these solutions if an SCC (Standard Contractual Clauses) contract is concluded.
Cookies are widely used by online service providers to facilitate and help to make the interaction between users and websites faster and easier, as well as to provide reporting information.
Cookies set by the website owner (in this case, FundingBox) are called “first party cookies”. Cookies set by parties other than the website owner are called “third party cookies”.
Third party cookies enable third party features or functionality to be provided on or through the website (e.g. like analytics). The parties that set these third party cookies can recognise your computer or device both when it visits the website in question and also when it visits certain other websites.
We use first party and third party cookies for several reasons. Some cookies are required for technical reasons in order for a website to operate, and we refer to these as “essential” or “strictly necessary” cookies.
Other cookies also enable us to track and target the interests of our Users to enhance the experience on our website.
Third parties serve cookies through our website for analytics and other purposes. This is described in more detail below.
Google Fonts API
How you can control and delete cookies
Most browsers offer the option of accepting or rejecting all cookies. You can easily change the cookies settings in the browser’s settings section. Please take into account that blocking all cookies may cause difficulties in operation or completely prevent the use of some of our website functionalities.
Managing and deleting cookies varies depending on the browser used. Detailed information on this subject can be obtained by using the Help function in the browser or by visiting the website www.allaboutcookies.org which step by step explains how to control and delete cookies in most browsers.
You can see information about individual browsers at:
Personal data vs. cookies mechanism
Information obtained through the cookies mechanism and operational data may constitute personal data within the meaning of GDPR in certain exceptional situations (for example IP address). Such personal data are processed only to the extent that is necessary for the correct display of the page.
Basis for processing of data collected through “Essential” cookies and operational data is the so-called legitimate interest of the Data controller (Article. 6.1. (f) of GDPR). To this end, the following may occur:
- occasional analysis of log files to determine: which browsers are used by site visitors, which bookmarks, pages or subpages are most or least frequently visited or viewed, whether the page structure has no errors;
- prevention of unauthorised access to the website and distribution of malicious codes, interruption of denial of service attacks, as well as prevention of damage to computer systems and electronic communication systems.
You have the right to object to such processing.
However, if you agree for the use of “optional” cookies (e.g. provided by Google Analytics), the basis for data processing is your consent (Article 6.1. (a) of GDPR). You can withdraw your consent and delete cookies at any time (by clicking on the appropriate opt-out links provided in the cookie table above.). Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Obtained data will be deleted or anonymised no later than the expiry of the limitation period for potential claims related to the use of the website or sooner if you object effectively or withdraw consent.