Privacy policy

for the portal

1. General provisions

This Privacy Policy sets forth the rules for the processing and protection of personal data of Portal Users as relates to data provided by Users for the purposes of Registration, performance of contracts with the Administrator, participation in the Conferences and payment by Participants, as well as in conjunction with use of the Portal’s functions.

Remember that you always have option to withdraw agreement to processing of your personal data. We would like to inform you that we use technologies, such as cookies, to collect and process personal data on our websites in order to personalize content and analyze traffic on websites and on the Internet. Also, we would like to ask that if you do not agree to the processing of your data as described, please leave the website. In connection with the law from May 25, 2018. Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016. on the protection of individuals with regard to the processing of personal data and on the free flow of such data and the repeal of Directive 95/46/WE - referred to as GDPR, we inform you on how we will process your personal data collected via this website. Data type: Personal data is, according to the GDPR, information on an identified or identifiable person. If you use our website, and such data is, for example, e-mail address, IP address. This clause applies to personal data collected as part of your use of websites and applications belonging to the Impact Foundation, including cookies that are used by Facebook, Google, HotJar, LinkedIn. Personal Data Administrator: The Administrator of Personal Data collected via this web site will be the CHAINGES GROUP LTD, Company Number: 11043047, Registred office: 85 GREAT PORTLAND STREET FIRST FLOOR, LONDON, ENGLAND W1W 7LT; e-mail:; and Dinero Przemysław Szustak, Kazimierza Jagiellonczyka 4, 02-496 Warsaw, Poland, VAT ID: 5222877723; e-mail: The basis for obtaining your personal data: The processing of personal data requires a legal basis. GDPR in art. 6 par. 1 provides several types of such legal grounds for data processing, and in case of using the Impact Foundation website we have the following legality considerations: 1. Person who has agreed to the processing of his personal data in one or more specific purposes. 2. Processing is necessary for purposes resulting from legitimate interests pursued by Administrator Your data, as a part of our services, will be processed only if we or any other subject that processes data, has one of the legal bases allowed by the GDPR and only for the purpose adapted to the given basis. Your data will be processed until the basis for processing exists - that is, consent is granted until it is withdrawn, any limitations or other actions restricting your consent, in case of necessity of the data to perform contract - for the duration of its execution, and when the basis for data processing is legitimate interest of the administrator - until such a legitimate interest exists. Forwarding your personal data: According to the existing law, we may transfer your data to subject that process it at the request of the Impact Foundation. For example, it may be such subjects as advertising agencies, subcontractors of our services and entities authorized to obtain data on the basis of existing law, eg courts, prosecutors, etc. based on an appropriate legal basis. Cookies: On our websites and in our applications, we use technologies such as cookies, local storage and similar, to collect and process personal data and operational data in order to personalize shared content and ads, and to analyze the traffic on our websites. In this way, this technology is also used by our Trusted Partners, who also want to have ads that best suits your preferences. Cookies are IT data saved in files and stored on your used device (ie your computer, tablet, smartphone, etc.) that the browser sends to the server every time you access a website from this device, while you visit various websites on the Internet. Your rights: According to GDPR, you have following rights to your data and its processing by us and Trusted Partners. If you agreed to the processing of data, you can withdraw it at any time. You also have the right to request access to your personal data, rectification, deletion or limitation of processing, the right to transfer data, express objections to data processing and the right to lodge a complaint to the Supervisory Authority- GIODO. These rights are also valid if the data is processed correctly by the administrator

Insofar as they are used in the Privacy Policy herein, the following terms shall be understood as follows:

Administrator – Consrotium of:



Dinero Przemysław Szustak, Kazimierza Jagiellonczyka 4, 02-496 Warsaw, Poland, VAT ID: 5222877723; e-mail:;

Organizers – – CHAINGES GROUP LTD, Company Number: 11043047, Registred office: 85 GREAT PORTLAND STREET FIRST FLOOR, LONDON, ENGLAND W1W 7LT; e-mail:; and Dinero Przemysław Szustak, Kazimierza Jagiellonczyka 4, 02-496 Warsaw, Poland, VAT ID: 5222877723; e-mail:;

Conferences – events produced by the Organizer, in particular Chainges held on

3rd and 4th of October 2018, which are open to any person who meets the conditions of participation of these Terms of Participation.

Registration – actions taken by the User to register to one of the Conferences, consisting in filling the Registration Forms.

Portal – the official webpage of the Conferences, intended to promote the Conferences and facilitate Registration of participants, the purchase of tickets, and other services provided electronically, accessible at ;

Participant – a natural person who has completed Registration and received confirmation from the Administrator of participation in one of the Conferences;

User of the Portal (User) – a person making use of access to the Portal and its functions, including Participants.

The administrator of personal data provided by Users of the Portal and Participants is CHAINGES GROUP LTD, Company Number: 11043047, Registred office: 85 GREAT PORTLAND STREET FIRST FLOOR, LONDON, ENGLAND W1W 7LT; e-mail:; and Dinero Przemysław Szustak, Kazimierza Jagiellonczyka 4, 02-496 Warsaw, Poland, VAT ID: 5222877723; e-mail:;

The Administrator shall process the personal data of Users in accordance with regulations of Polish law concerning protection of personal data:

The Personal Data Protection Act of 29 August 1997 (OJ L 2002, No. 101 item 926 with amendments);

The Electronic Services Provision Act of 18 July 2002 (OJ L 2013, item 1422);

The Regulation of the Minister of Internal Affairs and Administration of 29 April 2004 on

documenting the processing of personal data and the technical and organizational conditions which should be met by computer devices and systems used in the processing of personal data (OJ L No. 100, item 1024).

The Administrator warrants that he shall make all efforts to ensure that the processing of personal data by him is performed with the greatest respect for the privacy of the people whose data is being processed, and with the highest level of care for the safety and security of the processed personal data; in particular, he warrants that he has taken all legally required measures intended to secure collections of personal data.

The Administrator declares that he applies technical and organizational means ensuring the protection of processed personal data which are adequate in relations to threats and categories of personal data encompassed by said protection, in particular by securing data from access and theft by unauthorised persons, from processing in a manner inconsistent with the provisions of law, and from alteration, loss, damage and destruction.

2. Rules for the processing of personal data applied by the Administrator

The Administrator may process all required personal data of Users necessary for the provision of services and settlements performed within the framework of the Portal:

The provision of personal data by the User is not required to browse the contents of the Portal.

Provision of personal data by a User is voluntary, however, if such data is provided to the Administrator, the User is obliged to provide true data solely relating to the User.

The provision of personal data may be necessary to use all of the Portal’s functions; this applies particularly to Registration.

The Administrator may process the personal data of Users for the purposes of:

providing electronic services within the framework of the Portal;

concluding and performing a contract associated with participation in one of the Conferences;

settlement of payments made by Users;

marketing of own and Partners servicesas well as for other legally permissible purposes.

usage of the Huntly gamification platform including sharing the personal data with partners of Huntly gamification platform;

The Administrator establishes the following rules for the processing of personal data:

the Administrator shall only record personal data on data carriers which are secured against access by third parties;

the Administrator shall report databases of personal data to the Inspector General for Personal Data Protection (GIODO);

the Administrator shall oversee the security of data, for as long as it is in his possession, in a manner particularly ensuring protection from access by unauthorized persons, damage, destruction and loss;

the Administrator shall provide data to authorized entities solely on the basis of applicable legal regulations;

the Administrator shall maintain the confidentiality of personal data.

3. Usage data

The Administrator may also process data characterizing the manner in which the User uses the Portal (usage data), in particular:

information identifying the User, including e-mail address;

information identifying the terminus of the telecommunication or computer network used by the User;

information on the commencement, completion and scope of each use of services provided electronically.

The Administrator shall not associate the information described in par. 1 above with the personal data of the User, and shall not use them to identify the User, unless it becomes necessary to do so for the proper provision of services provided electronically, or for improving the quality of such services.

The data referred to in par. 1 above shall be used by the Administrator exclusively for purposes related to market research and research on traffic on the Portal, for statistical purposes, particularly for assessing interest in the Portal and for improving the content of the Portal and the quality of services provided electronically within the Portal’s framework.

In the event the User uses services provided electronically within the framework of the Portal via mobile devices, the Administrator may obtain data identifying the mobile device, the operator of internet services, and the subscriber. Data obtained in this way shall be processed in a manner ensuring anonymity and will be used exclusively for statistical purposes and for ensuring proper use of the Portal.

4. Rights of a User of the Portal Rights of a User of the Portal

Every User has the right to review his own personal data, to demand the update, correction and deletion of data, and to submit an objection to the manner in which it is processed, pursuant to the provisions of Polish law.

The User may, at any time, contact the Administrator in order to obtain information concerning whether and in what manner the Administrator is using or intends to use the User’s personal data.

The User may not, neither during Registration, in the course of using any of the functions offered by the Portal nor in conjunction with participation in the Conference, supply the personal data of other people without obtaining their prior written consent.

The Administrator shall undertake to ensure that the User’s data is deleted in all circumstances foreseen by law, particularly when demanded by the User.

The Administrator may refuse to delete personal data if the User has not settled all payments due to the Administrator, or if the User has violated the terms of use of the Portal, of services provided electronically, or applicable legal regulations, and the Administrator requires the user’s personal data for the purposes of clarifying those circumstances and establishing the User’s liability.

With the exception of circumstances foreseen by law, in no situation shall the Administrator process personal data that would reveal racial or ethnic background, political preferences, religious or philosophical convictions, religious, party or trade union affiliations, information about health, genetic code, addictions, intimate life, and also data concerning criminal convictions, punishments and fines, as well as other judgements issued in judicial or administrative proceedings. It is forbidden for users to submit such data.

The Administrator may assign the processing of personal data to another entity on the basis of a written contract, and the User expresses his consent to such.

In order to exercise the rights described in the preceding articles, the User may at any time contact the Administrator at:

5. Cookies policy

The Portal uses files called cookies. By not changing his browser settings, the User gives his consent to the Portal’s use of cookies.

Cookies serve in particular to establish and remember the User’s preferences in order to adapt the content of the Portal to those preferences, to supply statistical data on the traffic of Users on the internet, to identify the devices used by Users and their location, to display webpages adapted to the individual needs of Users allowing for the saving of settings selected by Users and for personalization of the interface, and also to improve the configurations of selected Portal functions along with optimization of the services provided electronically by the Portal.

Cookies are not harmful for the User’s device, and will not cause changes in the configuration of those devices nor in software installed on them. The User may change his web browser’s configurations at any time in order to prevent the storage of cookies on his computer’s hard drive. Detailed information can be obtained from the producers of web browsing software, usually within the software in a section titled “Internet options” or similar.

The User may delete cookies at any time by using the functions available in the web browser he is using.Two types of cookies are applied – "session" and "persistent". Session cookies are temporary files that remain on the User’s computer until logging out of the web page or until the software (web browser) is closed. Persistent cookies remain on the User’s device for a fixed period of time set in the parameters of cookies files, or until they are manually deleted by the User.

Changes in the web browser concerning cookies may block or disable some of the Portal’s functions. To the extent that the law allows, the Administrator shall not bear liability for the use and service of cookies on other websites to which the User is directed by links on the Portal.

6. Final provisions

Upon completion of the use of services provided electronically through the Portal, the Administrator shall not process the personal data of the User with the exception of data which is:

necessary for settlement of services provided electronically via the Portal;

necessary for marketing, as well as market research and research on the behaviours and preferences of Users, with the intent of using the results of such research for improving the quality of services provided electronically by the Administrator;

necessary for clarifying circumstances involving unsatisfactory use of the Portal or services provided electronically via the Portal;

permissible for processing on the basis of other regulations or covenants.

The Administrator reserves the right to introduce changes to this Privacy Policy. Users shall be informed of all changes to the Privacy Policy not less than seven days prior to their implementation, on the main page of the Portal.