Privacy Policy

I. The data controller is the Just Move Dance Foundation with its registered office in Wrocław, ul. Kruszwicka 26/28, NIP 897-19-35-648 (hereinafter referred to as the “Company”).

II. Providing any personal data is voluntary, but it is necessary to achieve the purpose or take actions related to providing them.

III. The Administrator processes the following Customer data:

1. surname and names,
2. e-mail address,
3. telephone number,
4. gender
5. age,
6. activity in relation to individual projects, courses, classes
7. activity in relation to the use of individual services.
8. necessary health data related to the provision of the service.
9. personal data or information that we are obliged to collect under applicable legal acts, recommendations or guidelines

In the event that children are participants in the service, both their and their parents’ data are processed. The Administrator also processes the email address, telephone number and name of the newsletter recipient. For employees, the set of processed data results from the HR regulations.

IV. Based on art. 6 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR, the basis for the processing of personal data by the Administrator is the consent of the Users, the legal obligation and the implementation of the contract.

V. Purposes of data processing:

1. sale of Services and products that are the subject of the offer (Article 6, paragraph 1, letter b of the GDPR),
2. proper performance of agreements concluded with the company (Article 6, paragraph 1, letter b of the GDPR),
3. delivering informational and advertising mailings to which the user has consented (Article 6, paragraph 1, letter a of the GDPR),
4. organizing trips, workshops, conferences, meetings, sports and educational events (Article 6, paragraph 1, letter b of the GDPR),
5. organizing sports activities (Article 6, paragraph 1, letter b of the GDPR),
6. activity related to sports and a healthy lifestyle,
7. ensuring the health safety of customers and employees,
8. constant informational, educational and advertising communication with recipients,

VI. All members of the Company’s team have access to personal data. Access to individual categories of people is separated by limiting technical access rights to a shared drive or folder. Similarly, documents are also physically secured in locked cabinets. The list of external entities that have access to personal data can be found at here.
The privacy policy of each of these entities can be found on their websites provided in the link above.
The above entities guarantee compliance with the Regulation or compliance with standards analogous to the Regulation in the scope of personal data protection, and the Administrator’s use of their technologies in the processing of personal data is lawful. Entrustment agreements have been concluded with the entities, usually in the form of updates to their regulations.
The Administrator will not sell or transfer the personal data of Clients to other entities other than those provided in the link.
The User acknowledges that his personal data may be transferred to authorized state authorities in connection with proceedings conducted by them, at their request and after fulfilling the conditions confirming the necessity of obtaining this data from us.

VII. The User has the following rights:

1. The right to withdraw consent – ​​withdrawal of consent may, however, prevent further use of services that, according to the law, the Administrator may only provide with consent. Furthermore, withdrawal of consent does not mean that the processing of personal data up to the time of withdrawal was unlawful.
2. The right to object to the use of data – if the Administrator processes data based on a legitimate interest, the Reader may object to their use. If the objection proves to be justified and the Administrator has no other legal basis for processing the data – the Reader will delete the data that is the subject of the objection.
3. The right to delete data (“the right to be forgotten”) – the Administrator will delete data upon request in the event of withdrawal of consent, filing a justified objection to the use for marketing or statistical purposes, processing in violation of the law or when they are no longer necessary for the purposes for which they were collected or processed. The Administrator reserves that it may retain certain personal data to the extent necessary for backup copies or for the purposes of determining, pursuing or defending claims and relations with state authorities.
4. The right to limit data processing – in the event of questioning the accuracy of the data and the legality or necessity of their processing and to file an objection.
5. The right to access data – the Administrator undertakes to confirm the processing of personal data, if it takes place. In such a case, the User has the possibility to obtain a copy of the data and access it and to obtain the information contained in this Policy and other requested information.
6. The right to rectify data – at the request of the User or Client, the Administrator undertakes to rectify the data (for incorrect data) and supplement it (for incomplete data).
7. The right to transfer data – at the request of the User or Client, the Administrator will send, in the form of a file in pdf or other established format, personal data to the requesting party or directly to another Administrator indicated by him.
8. In addition, the User has the right to file a complaint to the President of the Personal Data Protection Office.

The Administrator ensures the implementation of the rights by writing an email to ahorasisalsa@gmail.com, specifying clearly in the title which right the User wishes to exercise. After receiving the message, the Administrator will implement the request within 30 days.

VIII. Data storage

1. The data storage period will not be shorter than the period specified in applicable legal regulations (special acts), i.e., among others: the Accounting Act, the Tax Code, the Act on Pensions and Annuities from the Social Insurance Fund, or the Act on the Social Insurance System.
2. The data of newsletter recipients will be stored until a request for their deletion is submitted,
3. Customer Data will be stored until the limitation period for claims arising from them expires.

The company undertakes to destroy temporarily created documents containing personal data (e.g. a list of participants in a specific event or activity) and to take care of the flow of data and its minimization in accordance with the procedures recorded in the Register of Processing Activities.

The Administrator applies technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data subject to protection, and in particular protects data against their disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.

The Personal Data Administrator hereby informs that it has not appointed a Data Protection Officer (DPO) and performs the duties related to the processing of personal data independently.