Home

Privacy Policy

I. General information

1. This Privacy Policy (hereinafter: "Policy") sets out the rules for the processing of personal data of the users of the website (hereinafter: "Users") operating at: www.copacity.club (hereinafter: "Website") and other categories of persons indicated in the Policy by TRIPLE ESPRESSO SPÓŁKA AKCYJNA, with its registered office at ul. Szara 10, 00-420 Warsaw, registered under the KRS number 0000905853, NIP: 7011040662. The Policy also contains a description of the basic principles related to the use of cookies within the Website.

II. Information on the processing of personal data

Who processes personal data and for what purposes?

1. The administrator of the personal data is TRIPLE ESPRESSO SPÓŁKA AKCYJNA, with its registered office at 10 Szara St., 00-420 Warsaw, registered under KRS number 0000905853, NIP: 7011040662 (hereinafter: the "Company"), which is the service provider of the Website, to the following extent:

The Data Subject

Purposes and Legal Bases of Data Processing

Service User

The performance of the contract for the provision of electronic services through the Website on the basis of Article 6(1)(b) of the GDPR; analytical and statistical purposes to improve the applied functionalities and services provided through the Website, to ensure the smooth functioning of the Website and to clarify the circumstances of unauthorised use of the Website, which arise from the legitimate interests pursued by the Company, on the basis of Article 6(1)(f) of the GDPR.

Newsletter subscriber

Purposes resulting from legally justified interests pursued by the Company, in particular in connection with providing information about the Company’s activities, significant events, changes in legal provisions, etc., pursuant to Art. 6 section 1 letter (f) of the GDPR.

An individual visiting our account / funpage, within the Youtube channel, or the social network Facebook / Twitter / TikTok / Instagram / Linkedin

Purposes deriving from the legitimate interests pursued by the Company, in particular in connection with the management of the Company’s channel / account, including the provision of communication with the User, answering questions / comments, on the basis of Article 6(1)(f) of the GDPR.

A sole trader who has entered into a contract with the Company or has had pre-contractual action taken at his request

Necessity for the performance of the contract concluded by that person with the Company or to take action at that person’s request prior to the conclusion of the contract on the basis of Article 6(1)(b) of the GDPR; necessity to fulfil the Company’s legal obligations, in particular under tax law and accounting regulations on the basis of Article 6(1)(c) of the GDPR; purposes deriving from the legitimate interests pursued by the Company, in particular to ensure contact prior to the conclusion of the contract and during the term of the contract, as well as to establish, assert or defend against possible claims on the basis of Article 6(1)(f) of the GDPR.

Authorised representative, contact person or other person on the part of the entity that has entered into the contract with the Company or other person involved in the execution of the contract with the Company

Purposes deriving from the legitimate interests pursued by the Company, in particular, ensuring contact with an entity that is party to a contract concluded with the Company, verifying that the person who contacts the Company is authorised to take action on behalf of that entity, the proper execution of a contract concluded with the Company and the establishment, investigation or defence against possible claims on the basis of Article 6(1)(f) of the GDPR; necessity to fulfil the Company’s legal obligations, in particular under tax law and accounting regulations on the basis of Article 6(1)(c) of the GDPR.

Applicant for employment with the Company / cooperation with the Company

Necessity for the implementation of the recruitment process pursuant to Article 22(1) of the Act of 26 June 1974. Labour Code — in the case of employment under an employment contract; the necessity to carry out the recruitment process and to take action at the request of the data subject prior to the conclusion of the contract on the basis of Article 6(1)(b) of the GDPR — in the case of employment under a civil law contract; necessity for future recruitment processes on the basis of Article 6(1)(a) of the GDPR — in case you voluntarily consent to the processing of your personal data for the purposes necessary for future recruitment processes.

Applicant for an internship with the Company

The necessity to carry out the recruitment process and to take action at the request of the data subject before entering into a contract on the basis of Article 6(1)(b) of the GDPR; necessity for future recruitment processes on the basis of Article 6(1)(a) of the GDPR — in case you voluntarily consent to the processing of your personal data for the purposes necessary for future recruitment processes.

How can I contact you about data protection issues?

2. In matters relating to the processing of personal data, the Company may be contacted electronically at: rodo@tripleespresso.club

To whom will personal data be transmitted?

3. Recipients of personal data may be — only when necessary and to the necessary extent — entities cooperating with the Company in the scope of services provided to the Company and in support of the Company’s current business processes, in particular entities providing IT services, accounting, postal or courier services.

How long will we process personal data?

4. If the processing is based on freely given consent, the personal data will be stored until you withdraw your consent to process your personal data for specific, explicit and legitimate purposes. Consent to the processing of personal data may be withdrawn at any time.

5. If the processing of the data is necessary for the performance of a contract or to take action at the request of the data subject prior to entering into a contract, the personal data will be processed for the duration of the contract and, thereafter, for the period of limitation of possible claims under generally applicable law.

6. If the processing is necessary for the fulfilment of a legal obligation incumbent on the Company, the personal data will be processed for a period of time resulting from generally applicable laws.

7. If the processing is necessary for purposes deriving from legitimate interests pursued by the Company or by a third party, the personal data will be processed for no longer than is necessary for the purposes for which the data are processed or until an objection is raised to the processing of the personal data for such purposes.

Is it compulsory to provide personal data?

8. Where personal data is processed on the basis of the data subject’s consent, the provision of personal data is voluntary. Failure to provide the data will result in the impossibility of fulfilling the purpose in question if consent is a condition for fulfilling that purpose.

9. If the personal data are processed for purposes necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject prior to entering into a contract, the provision of personal data is voluntary, but necessary to enter into a contract with the Company.

What rights do you have in relation to the processing of your personal data?

12. The data subject has the right to:

  • Access to his/her personal data, including the right to obtain confirmation as to whether or not his/her personal data are being processed;

  • Rectification of personal data, which includes the right to request the Company to immediately rectify personal data concerning him/her that is inaccurate;

  • Deletion of personal data;

  • Restrictions on the processing of personal data;

  • Data portability, which includes the right to receive the data and send it to another controller;

  • Object to the processing of personal data to the extent that the data is processed for purposes arising from the legitimate interests pursued by the Company;

  • Lodge a complaint with the supervisory authority for the protection of personal data — the President of the Office for the Protection of Personal Data.

How do we secure the personal data we process?

13. In order to prevent unauthorised or unlawful access, accidental loss, damage or destruction of personal data, the Company uses appropriate technological solutions and security measures in compliance with the requirements established by the GDPR.

14. Access to personal data is granted to the Company and to persons authorised by the Company who have undertaken to maintain the confidentiality of such personal data.

What do we do in the event of a breach?

16. In the event of a personal data protection breach that may cause a risk of infringement of the rights and freedoms of an individual, the Company shall, without undue delay, and if possible no later than 72 hours after the discovery of the breach, notify the breach to the competent supervisory authority (President of the Office for Personal Data Protection).

17. The Company shall document all data protection breaches, including the circumstances of the breach, its consequences and the remedial action taken.

III. Procedure for the exercise of data subjects' rights

1. Any individual (hereinafter referred to as the "Applicant") shall have the right to apply to the Company for the exercise of the rights set out in Section II(12) of the Policy.

2. The above requests will be processed by the Company taking into account the provisions of the GDPR.

3. The application must be submitted as indicated in Chapter II, paragraph 2 of the Policy.

7. The Company shall provide the Applicant with a response to the request within one (1) month at the latest from the date of its receipt. In cases of objective complexity, the above time limit may be extended to 2 (two) months.

IV. Cookies and system logs

1. As soon as the User connects to the Website, information on the number (including IP) and type of the User’s terminal equipment from which the User connects to the Website appears in the system logs of the Website.

2. The Website may use cookies (i.e. small text files sent to a User’s device, identifying it in a manner necessary to simplify or cancel a given operation) to collect information related to the use of the Website by the User.

3. You may change your cookie settings at any time. In order to do so, you need to change your browser settings concerning cookies.

V. Final provisions

1. The Company shall endeavour to provide Users with a high level of security in the use of the Website.

2. The Company reserves the right to disclose selected information concerning the User to the competent authorities or to third parties who request such information, on the appropriate legal basis and in accordance with the provisions of the applicable law.

3. Except as indicated in the Policy, personal information will not be disclosed to any third party or authority without the consent of the data subject.

4. The Company reserves the right to change the Policy, of which Users will be informed by means of a notice posted on the website at least 3 days before the change takes effect.

Back to Top