Skip to content

Privacy Policy

This Privacy and Cookies Policy (“Policy“) contains information regarding the processing of personal data of individuals using the services provided by Anna Flik (“Administrator“) within the website located at: https://runawayann.com (“Website“).

Using the Website signifies acceptance of the following Policy terms.

The Administrator implements appropriate organizational and technical safeguards to ensure the best possible protection of your personal data and guarantees that it processes them in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), the Act of 10 May 2018 on the protection of personal data, and other provisions on personal data protection.

Contacting the Administrator

The Administrator has not appointed a Data Protection Officer (DPO) and independently performs duties related to the processing of personal data. In all matters related to the processing of personal data, you can contact the Administrator electronically by sending an email to: ann@runawayann.com

Information About Processed Personal Data

Using the services provided by the Administrator within the Website requires the processing of your personal data. Below you will find detailed information about the purposes and legal bases for processing.

Email contact. To contact the Administrator via email, including sending inquiries through the contact form, it is necessary to provide an email address. Additionally, you may include other personal data in the message content. Providing data is voluntary but necessary to establish contact.

Personal data in this case are processed to enable the establishment and maintenance of contact, based on your consent resulting from initiating contact (Art. 6(1)(a) GDPR). The legal basis for processing after the contact is concluded is a legitimate interest in archiving correspondence for internal purposes (Art. 6(1)(c) GDPR).

Newsletter. To subscribe to the newsletter, it is necessary to provide an email address and name via the newsletter signup form. Providing data is voluntary but necessary to subscribe to the newsletter.

Data provided during newsletter subscription are used to send the newsletter, and the legal basis for their processing is your consent expressed during newsletter signup (Art. 6(1)(a) GDPR).

Data will be processed for the duration of the newsletter operation. You can also unsubscribe from receiving the newsletter at any time. Unsubscribing from the newsletter does not lead to data deletion from the database – data will still be stored in the mailing system for defense against any claims related to newsletter sending, particularly for proving your consent to receive the newsletter, which is a legitimate interest of the Administrator (Art. 6(1)(f) GDPR).

Comments. To post a comment on the Website, it is necessary to provide an email address and username. Additionally, you may provide other personal data in the comment content. Providing data is voluntary. Providing an email address is mandatory and serves solely to prevent spam and/or display the user’s avatar. It is not disclosed to third parties.

Data provided during comment submission are used to publish the comment on the blog, and the legal basis for their processing is your consent resulting from posting the comment (Art. 6(1)(a) GDPR).

Data will be processed for the duration of blog comment functionality unless you request comment deletion, which will result in your data being removed from the database.

The Administrator is not responsible for the content of comments posted by users and individuals on the Website. The Administrator reserves the right not to publish spam, offensive, vulgar, or illegal comments or comments containing any links to other websites.

Social media activity. The Administrator processes your personal data provided via the fan page https://www.facebook.com/RunawayAnn/. Personal data provided on the fan page will be processed for fan page administration and management, communication with you, and directing marketing content to you based on the Administrator’s legitimate interest (Art. 6(1)(f) GDPR).

These data will be processed only if you “like” the fan page/select the Follow option or if you leave your data on the fan page in any other way, e.g., by posting a comment. Data will be processed until the fan page ceases to exist or until you object.

The rules regarding the fan page are determined by the Administrator, while the rules for using the social media platform hosting the fan page are set by the entity managing those platforms (Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA).

Additionally, the personal data provided by you may be processed for the following purposes:

  • establishment, investigation, or defense against claims;
  • creating records and evidence related to GDPR;
  • archival and evidentiary purposes, for securing information that may serve to prove facts;
  • satisfaction surveys regarding offered services;
  • contact for presenting offers and direct marketing.

User data will be stored by the Administrator for the duration of individual purposes and:

  • for the limitation period of claims according to the provisions of the Civil Procedure Code;
  • until effective objection is raised – regarding personal data processed based on the legitimate interest of the administrator or for marketing purposes;
  • until consent is withdrawn or the purpose of processing is achieved – regarding personal data processed based on consent;
  • until they become outdated or irrelevant – regarding personal data mainly processed for analytical, statistical, cookie usage, and website administration purposes.

Profiling

To create your profile for marketing purposes and direct marketing to you (e.g., ads on the Facebook social media platform) tailored to your preferences, the Administrator may process your personal data in an automated manner, including profiling – however, this will not result in any legal consequences for you or significantly affect your situation in a similar manner.

The scope of profiled personal data corresponds to the scope indicated above regarding the analysis of your activity on the Website.

The legal basis for processing personal data for the above purpose is Art. 6(1)(f) GDPR, according to which the Administrator may process personal data to achieve its legitimate interests, in this case, conducting marketing activities tailored to audience preferences.

The Administrator will process personal data for profiling purposes until effective objection is raised or the purpose of processing is achieved.

Recipients of Personal Data

Your personal data may be processed by subcontractors of the Administrator, such as software providers, payment providers, accounting offices, hosting providers, marketing service providers, and statistical service providers. All entities to which the Administrator entrusts the processing of personal data guarantee the application of appropriate data protection and security measures required by law.

Your personal data may be disclosed to authorized state authorities in connection with proceedings conducted by them, upon their request and upon meeting the conditions confirming the necessity of obtaining this data.

The Website may contain links redirecting to other websites. These links will open in a new browser window or in the same window. The Administrator is not responsible for the content transmitted by these websites. Users are obliged to familiarize themselves with the privacy policy or terms and conditions of these websites.

Transfer of Personal Data to Third Countries

Due to the use of services such as Google and Facebook, your personal data may be transferred to the United States of America (USA) for storage on US servers (in whole or in part). Google and Facebook apply compliance mechanisms provided for by the GDPR (e.g., certificates) or standard contractual clauses.

Detailed information is available in the privacy policy of each of these service providers, available on their websites. For example:

https://policies.google.com/privacy?hl=en

https://www.facebook.com/privacy/explanation

Rights

The GDPR grants you the following potential rights related to the processing of your personal data:

  • the right to access personal data,
  • the right to rectify personal data,
  • the right to erase personal data,
  • the right to restrict processing of personal data,
  • the right to object to the processing of personal data,
  • the right to data portability,
  • the right to withdraw consent to the processing of personal data if such consent has been given.

You also have the right to lodge a complaint with the President of the Office for Personal Data Protection if you believe that the processing of personal data violates GDPR provisions.

Cookies and Web Beacons

The Administrator informs that the Website uses “cookies” installed on your end device.

The Administrator uses cookies to ensure the proper functioning of the Website, as well as for statistical and marketing purposes. Data collected through cookies do not allow the Administrator to identify you.

The Administrator may place both persistent and temporary cookies on your device. Temporary cookies are usually deleted when you close the browser, while closing the browser does not delete persistent cookies.

Cookies can be divided into own and third-party cookies. Own cookies are primarily necessary cookies of the Website, which enable its proper and secure functioning (they are used, among others, to adjust the layout of the Website to the device’s screen), therefore their disabling is not possible (the operation of these cookies is a condition for using the Website).

Because the Administrator displays content from social media services such as Facebook on the Website and uses marketing tools available within the Facebook service, cookies from Facebook are used on the Website.

The Administrator also uses analytical tools such as Google Analytics, which collect anonymous information about your website visits, such as viewed subpages, time spent on the site, or transitions between individual subpages. For this purpose, Google cookies related to the Google Analytics service are used.

During your first visit to the Website, information about the use of cookies is displayed. Accepting and closing this information means that you consent to the use of cookies in accordance with the provisions of this Policy. You can always withdraw your consent by deleting cookies and changing cookie settings in your browser. However, please note that disabling cookies may cause difficulties in using the Website.

Children’s Information

In line with Administrator commitment to online safety, Administrator prioritizes the protection of children while they’re online. Administrator urges parents and guardians to actively monitor and guide their children’s online activities.

The Website does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you suspect that your child has provided such information on the Website, Administrator encourages you to contact her promptly, and she will make every effort to promptly remove such information from her records.

Online Privacy Policy Only

Please note that this Privacy Policy exclusively applies to Administrator online activities and pertains to visitors to the Website in relation to the information they share and/or collect on the Website. This policy does not extend to information collected offline or through channels other than this Website.

Consent

By utilizing the Website, you are thereby consenting to this Policy and agreeing to its Terms and Conditions.

The Policy is effective from April 10, 2024.