1. The Data Administrator, as defined under Article 4(4) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter GDPR), is Blublu Ltd. with its registered office in Laski Wielkie, at Laski Wielkie 1, 19-314 Kalinowo, Tax ID: 8481880265, REGON: 389600589, registered in the National Court Register under KRS number: 0000914871, District Court in Olsztyn, VIII Economic Department of the National Court Register, share capital 5,000 PLN.
2. Data Administrator's email address: blublu.main@gmail.com.
3. In accordance with Article 32(1) of the GDPR, the Administrator adheres to the principles of data protection and applies appropriate technical and organizational measures to prevent accidental or unlawful destruction, loss, modification, unauthorized disclosure, or unauthorized access to personal data processed in connection with its business activities.
4. The scope of data processed by the Data Administrator is always adequate to the purpose for which the data was collected.
5. When using the App, no user's personal data is collected, stored, or processed that would allow the identification of their identity.
6. The mobile application does not require permissions for additional data or access to functions on the mobile device that would allow the identification of the user's identity.
7. The provision of personal data by the user is always voluntary and may occur as part of any correspondence conducted with the user, particularly during the complaint process (e.g., name and surname, email address).
8. The Data Administrator does not collect and process personal data from children. "Children" refers to persons under the age of 13, or older (e.g., 16) if the personal data protection regulations applicable in their place of residence so provide. The Data Administrator does not knowingly collect personal data from children. If it is found that a child has provided personal data, it will be immediately removed from the Data Administrator's resources. The legal guardian is obligated to contact the administrator upon discovering that a child has provided personal data so that the administrator can take necessary actions.
The Administrator processes personal data solely for the purposes related to handling the complaint process, based on a legal obligation imposed on the Data Administrator in accordance with applicable legal provisions (Article 6(1)(c) of the GDPR) or for the purpose of contacting users, particularly in response to inquiries directed to the Data Administrator, which is their legitimate interest (Article 6(1)(f) of the GDPR).
1. The recipients of the personal data processed by the Data Administrator may include subcontractors – entities that the Data Administrator uses for data processing, such as hosting service providers, technical caretakers of the Application.
2. Personal data will not be transferred to an entity located outside the European Economic Area.
3. The user acknowledges that their personal data may be processed by the Google service provider, especially during purchases within the Application. Google receives data directly from the user without the mediation of the Data Administrator. Google's data processing rules are available at Google Privacy Policy.
The Data Administrator stores personal data processed for the purposes mentioned in §2 for a period of 30 days from the last contact with the user. In the case of processing personal data in disputed situations with the user, the personal data may be stored for no longer than the limitation period specified by the provisions of the Civil Code for the given type of claim.
1. Every individual whose data is processed has the right to:
2. To exercise the aforementioned rights, the individual should contact the administrator using the provided contact details and inform them of which right and to what extent they wish to exercise.
3. The individual has the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection in Warsaw.
The personal data of Application users will not be processed automatically or through profiling.
1. The Application uses Google AdSense, a system for displaying ads from Google Inc. and other advertisers.
2. Data such as user activity, identifiers, and device geolocation are used to provide personalized advertising services (e.g., displaying a banner ad with content the user is potentially interested in). Information about the user may be used by Google AdSense and its trusted advertising content partners.
3. Google AdSense provides advertisers with information about the effectiveness of their ads but does not disclose any personal data of the user. Google AdSense ensures the security of these data throughout the ad display process.
4. Google AdSense independently determines the nature and provider of the ads displayed to the user. Ad providers in the Application may include:
5. Detailed terms of service and privacy policy for Google AdSense are available at Google AdSense Terms & Privacy.
The Data Administrator in the Application uses external analytical service providers to provide services, conduct analyses and research, including tools that enable campaign effectiveness and revenue analytics. These providers usually also collect data through their own SDK sets. Below is a list of providers implementing analytical SDKs through the Application: