On 25 May 2018, the EU regulation on the protection of personal data will become applicable – Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data data and repealing Directive 95/46 / EC (referred to as “GDPR”).
- The data controller is [Piers Midwinter] with its registered office in [Best Language, ul. Wladyslawa Reymonta 1/12, Opole 45-065, Poland], entered in the Register of Entrepreneurs under KRS number: , for which the register is kept by the Court [name of court, place, name of the department], Economic Department of the National Court Register, NIP: , Regon: . Data protection is carried out in accordance with the requirements of the generally applicable law, and their storage takes place on secured servers. Contact with the website administrator is possible via the contact form
- The service provider is also the administrator of people subscribed to [Mailchimp] newsletter.
- Every data subject has the right to access data, rectify, delete or limit processing, the right of opposition, the right to file a complaint to Piers Midwinter
- Contact with the person supervising the processing of personal data in the organisation of the Service Provider is possible by electronic means via the contact form
- I have the right to process your data after the termination of the Agreement or withdrawal of consent only to the extent of the need to seek possible claims before the court or if national or EU regulations or international law oblige us to retain data.
- The Service Provider has the right to share personal data of the User and other his data with entities authorised under the applicable law (eg law enforcement authorities).
- The removal of personal data may occur as a result of the withdrawal of consent or filing a legally admissible objection to the processing of personal data.
- Personal data is processed only by persons authorised or processed by us, with whom we work closely
- I operate two websites
- I direct and update both of my websites. I have created all the content (Youtube video’s, Graphics, HTML 5 adverts, text and hyperlinks etc.).
- I am the GDPR Data Protection Officer
- There is no management board etc – I am a sole trader.
- This GDPR Policy was originally created on 18th May 2018
- This policy is reviewed at least once a month. The next review will be before 18th June 2018
- I am committed to safeguarding the privacy of all my website users and anyone contacting me
Best Language ensures the security of personal data through appropriate technical and organizational measures to prevent unlawful data processing and their accidental loss, destruction and damage.
Best Language makes special care that personal information is processed in accordance with the principles of personal data processing specified in art. 5 GDPR, i.e .:
- Principle 1 – legally, reliably and transparently,
- Principle 2 – collected for specific and legitimate purposes and not further processed in a manner inconsistent with these purposes;
- Principle 3 – adequate, relevant and limited to what is necessary for the purposes for which it is processed;
- Principle 4 – correct and updated as necessary;
- Principle 5 – stored in a form that permits the identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
- Principle 6 – processed in a manner that ensures adequate security of personal data;
- Principle 7 – in a manner that ensures the implementation of the rights of data subjects;
- Principle 8 – not transferred without adequate protection to countries outside the European Economic Area or international organizations.
GDPR requires security of storage as well as transmission of personal data. If you have a contact form, then an SSL certificate is required. Without going into the technological details one can say that SSL encrypting data ensures the privacy of transmitted data. Personal data can be viewed only by your browser and the final recipient, thanks to which it is not possible to overhear and decrypt data from such transmission.
- I respect the right to privacy and I care about data security. For this purpose, among others, secure communication encryption protocol (SSL) is used.
I use Anti-spam software – software that protects your computer from spam, which is unwanted or unnecessary e-mail. Advanced software also protects against phishing, ie messages from fraudsters impersonating subcommittees such as Poczta Polska, PGE. There are many anti-spam programs on the market. Such programs will work on hand computers in the entertainment selection.
This website also uses CloudFlare. This protects my web services from DDoS attacks through 23 Data Centers scattered around the world
- The use of the Site involves the transmission of queries to the server on which the Site is stored.
- Each query addressed to the server is saved in the server logs.
- Logs saved and stored on the server, data stored in the server logs are not associated with specific people using the Site and are not used by the Administrator to identify the User.
Sharing videos from the web is legal
For a long time, there has been a discussion whether the so-called embedding on the website of multimedia files made available elsewhere is compliant with the copyright law. This file usually contains a song, so its distribution should be obtained by the creator of the author. The situation seems to be even more complicated when “embedded” file, was previously placed on the network without the author’s consent. In this situation, is the responsibility for the unauthorised dissemination of the work only to the person sharing the work, or also the person who embedded it on their website? This issue was discussed at the end of 2014 by the Court of Justice of the European Union.
- I have created the videos that are on my Youtube channel. I have embedded some of them on this website
Consent of the child to data processing – it is lawful to process personal data of a child over 16 years of age. If the child is under the age of 16, such processing is lawful only in cases where the consent has been expressed or approved by the person having parental authority or custody of the child and only in the scope of expressed consent.
- I thus have no Facebook friends who are under the age of 16
- I will NOT accept friendship requests from children under the age of 16 UNLESS they have parental consent to be Facebook Friends with me.
Comments and GDPR
Especially on blogs, but also on web portals, you can leave comments on articles. It can be done by any user who has the will and does so voluntarily.
But to add a comment you have to enter your details. These are usually the first name (or nickname), email address and commentary. If you use an external Disqus application, the data is collected on the application’s side.
Any user who wants to leave a comment in this way accepts the Disqus regulations. You display these comments only on your site.
I use a built-in comments system in WordPress. The system thus asks you to agree to the processing of this data.
Summary of actions taken
- I opened my company on April 1st, 2014
- I signed the Power of Attorney on 24th May 2017. I thus have a lawyer that represents me. Information on who my Lawyer can be requested by email.
- I have an Accountant that looks after all of my companies paperwork. I have had my current Accountant since May 2015. I also have records from my previous Accountant too. My Companies paperwork is full and complete. It resides with my Accountant. Information on who my current Accountant or Accountants can be requested by email.
- I have created a computerised newsletter called “GDPR Consent form” which asks all recipients of my newsletter service to update their subscription settings. This newsletter was sent out to the clients on my e-mail list on the 20th May 2018. A link to the newsletter was also published on Facebook in order to give clients every opportunity to change the personal data I have on them within my Mail-chimp newsletter service. A copy of this newsletter can be requested by email.
- I have heavily updated my website to comply with GDPR legislation. This includes:
- A new toolbar that automatically appears at the bottom of the screen every time a visitor visits my website. This toolbar contains information about Cookies containing the following message “I am using cookies to give you the best experience on my website. You can find out more about which cookies I am using or switch them off in .” It also contains a button that lets users “Accept” my cookies policy.
- A new checkbox that is integrated into every single contact form on this website. The checkbox relates to the message “By using this form you agree with the storage and handling of your data on this website.”
- Deleting Google Analytics tools
- I am in the process of creating a “Client engagement document” which aims to gain permission to use personal data (name, address, telephone number, email address etc – as well as parental consent to contact any clients under the age of sixteen and to teach them etc.). All letters will be stored by me at my flat
- This document was last updated on 2nd June 2018