To Whom It May Concern,

Due to the implemented changes in the European personal data protection regulations, namely the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC [hereinafter referred to as the GDPR], which enter into force on 25 May 2018, please read the updated version of our privacy policy containing the information about the changes introduced by the new regulations, the manner of handling your personal data, their protection and the rights of data subjects.

  1. The Data Controller of your personal data is Malva Production sp. z o.o. with its registered office in Warsaw, at: ul. Krakowskie Przedmieście 13 , 00-071 Warszawa (Warsaw, Poland), entered to the register of entrepreneurs kept by the 12th Commercial Department of the National Court Register of the District Court for the Capital City of Warsaw under the KRS number: 0000747074, NIP (tax identification number): 7010850850, REGON (statistical identification number): 381197935, with share capital amounting to PLN 5,000 (“Data Controller”). You can contact the Data Controller at the following e-mail address: pomoc
  2. The Data Controller makes every legal, technical and organizational effort to protect any and all personal data received from you and used by the Data Controller to the greatest possible degree.
  3. All personal data in possession of the Data Controller are stored and processed in accordance with the applicable legal regulations. Your personal data are collected from you directly during registration, use of the website (“Website”) or subscription for the newsletter on the Website.
  4. The Data Controller does not process any other personal data than those received directly from the User. The Data Controller makes every effort to ensure that the data required for correct functioning of the Website are not collected from you in a manner causing inconvenience on your part and that you share only such data that are necessary for using all the available functionalities of the Website.
  5. Your data are used by the Data Controller for the following purposes:
    • sending e-books and podcasts from the Website (in the case of persons who granted their consent and subscribed to an e-book or podcast) — under the provisions of Article 6 sec. 1 letter a) of the GDPR and not longer than until the said consent is revoked;
    • promoting and advertising the products of the Data Controller’s Partners (in the case of persons who granted their consent and exclusively within the scope of this consent) — under the provisions of Article 6 sec. 1 letter a) of the GDPR and not longer than until the said consent is revoked;
    • processing the order of an e-book or podcast and handling any and all complaints, fulfilling tax-related and accounting obligations arising out of the applicable legal regulations (in the case of persons who ordered an e-book/podcast) — under the provisions of Article 6 sec. 1 letter b) of the GDPR and not longer than until the expiry of claims related to the ordered content;
    • ensuring secure and correct functioning of the Website and enabling the data controller to render free services by electronic means in accordance with the Terms & Conditions of the Website, which constitutes our legitimate interest under the provisions of Article 6 sec. 1 letter f) of the GDPR, not longer than until the end of the period during which it is necessary for the above mentioned purpose;
    • handling your questions, if they are not directly related to the ordered services or products, which constitutes our legitimate interest under the provisions of Article 6 sec. 1 letter f) of the GDPR, not longer than required for the above mentioned purpose or than the end of the period of limitation of claims;
    • monitoring the activity of users on the Website in order to adjust and optimize the content displayed to you in response to your needs, which constitutes our legitimate interest under the provisions of Article 6 sec. 1 letter f) of the GDPR, not longer than until an objection is made; for this purpose, we may use profiling in some cases, but we do not identify persons covered by such profiling;
    • pursuing the Data Controller’s legitimate interests (promotion and advertising of the Data Controller’s products, pursuing any claims of the Data Controller, archiving for the purposes of protecting the legal interests of the Data Controller, fulfilling the obligations imposed on the Data Controller under the applicable legal regulations) — which is our legitimate purpose under the provisions of Article 6 sec. 1 letter f) of the GDPR — not longer than until a complaint is made, or a legal obligation under the provisions of Article 6 sec. 1 letter c) of the GDPR — not longer than until the end of the period of limitation of claims for public law liabilities. In the event of pursuing claims or protecting legitimate interests of the Data Controller, we employ automated data processing, including profiling, but it is necessary for the purposes of execution of or refusal to execute the agreement on delivering subscribed content to you or rendering any other services or products. Regardless of the circumstances, should you not agree with our assessment of the situation, please submit a complaint to the following e-mail address: iod, so that it can be handled promptly.
  1. If personal data are processed under your consent, you have the right to revoke your consent at any moment, which, however, does not affect the legality of data processing performed upon consent before its revocation.
  2. Your personal data will be retained for the period necessary for the performance of the processing purposes, including particularly the fulfillment of the Data Controller’s legal obligations related to rendering services for your benefit, handling complaints and the required tax and accounting settlements.
  3. Through the Website, you can grant your consent for being sent commercial information on products or services offered by the Data Controller or its Partners using electronic means by the Data Controller. This consent is voluntary and can be revoked at any moment (e.g. by sending an e-mail message to: iod).
  4. The Data Controller can share your personal data with third parties (recipients) rendering IT, marketing and subscription services for the Data Controller. The Data Controller obliges each and every entity it collaborates with to maintain the level of protection of your personal data adequate to the state of technical knowledge, the costs of implementation and the nature, scope, context and purpose of data processing, as well as the risk of infringement of your rights and freedoms regarding the personal data processing. Your personal data processed by us will be retained not longer than it is required under the applicable regulations. Your personal data will not be transmitted outside the territory of the European Economic Area.
  5. You have the following rights: 
    • the right to access your personal data and to obtain copies of such data;
    • the right to request rectification of personal data, when they are inaccurate, or to request adding missing data, when, for instance, they are incomplete, inaccurate or have changed;
    • the right to request erasure of your personal data (so-called “the right to be forgotten”) — when, for instance, you believe there are no grounds justifying your personal data processing, your data will no longer be required for the purposes for which they were collected by the Data Controller, you revoke your consent for personal data processing, you make an objection justified by extraordinary circumstances or such erasure of data is required for the purpose of performing an obligation under any applicable legal regulations;
    • the right to request restriction of personal data processing — when your data are inaccurate and their rectification requires time, when there are no grounds justifying your personal data processing, but you do not want the Data Controller to erase such data, when the Data Controller will no longer need your data, but you need for protection of your rights or claims, until it is determined whether the legitimate interests of the Data Controller override your objection to personal data processing;
    • the right to transfer personal data — collected in relation to the executed agreement or granted consent, which you can request in the form of a structured universal format readable with widely used mobile or computer hardware;
    • the right to complain to the supervisory authority.

Should you have any further questions regarding the above mentioned rights, please contact us by e-mail at: iod.

  1. Sharing personal data is voluntary, but if you do not share such data, it might make the Data Controller unable to render certain services for you, such as sending an e-book or podcast.
  2. This privacy policy applies to the Website and rendition of services through this Website. Any and all changes to this Privacy Policy arising out of changes of the applicable legal regulations or connected with changes in the services available on the Website or the development of the Website’s functionality will be promptly communicated to Users by displaying a message on the Website or sending an e-mail message to persons with registered accounts on the Website.

    The above mentioned changes will become effective within 14 days from the date of notification in the manner specified above. Any and all changes may come into force and effect after at least 14 days from the moment on which you are notified about the planned changes in the manner specified in the previous sentence.
  3. The Data Controller automatically collects and processes the information contained in cookie files.
  4. Cookie files (“cookies”) are digital data, including particularly text files, saved on the end device of the website User and used for the purposes of using the Website. Cookie files typically contain the name of the website they originated from, duration of their storage on the end device and their unique number.
  5. The Data Controller is the entity putting cookie files on your end device and acquiring access to those cookie files.
  6. Cookie files are used to:
    • adjust the Website contents to your preferences and optimize the use of web pages; in particular, such files enable the identification of your device and proper display of the website adjusted to your individual needs;
    • create statistics that help understand how you use the Website and thus improve the website’s structure and content;
    • keep your session active (after you log in), so that you do not need to enter your user name and password on each and every subpage of the Website.
  1. The Website uses two main types of cookie files: session cookies and persistent cookies. Session cookies are temporary files stored on your end device until the moment you log out, leave the website or shut down the software (web browser). Persistent cookies are stored on your end device for the period specified in the cookie file parameters or until you delete them.
  2. The Website uses the following types of cookie files:
    • mandatory cookies — enabling the use of services available through the Website, e.g. cookies necessary for the purposes of services that require authentication on the Website;
    • cookies ensuring safe use of the Website, e.g. used by the Data Controller to detect breaches of Website authentication requirements;
    • performance cookies — enabling the Data Controller to collect the information on the manner of using the Website;
    • functional cookies — “remembering” the User’s preferred settings and customization of the User interface, e.g. with regard to the language settings or region of the User, font size, appearance of the web pages, etc.;
    • advertising cookies — they enable feeding Users with advertising content adjusted to their interests.
  1. In many cases, the software used for the purposes of viewing websites (web browser) accepts saving cookie files on your end device by default. You can change these cookie settings at any moment. In particular, these settings can be changed to disable automatic cookie files support in your web browser settings or to make sure you are notified about each and every cookie file saved on your device. Detailed information about the options and possibilities regarding cookie files support can be found in the software (web browser) settings.
  2. The Data Controller informs that restricting cookie files support can affect certain functionalities of the Website.
  3. Cookie files saved on the end device of the Website User can also be used by advertisers collaborating with the Data Controller and Partners of the Data Controller.
  4. More information on cookie files can be found at or in the “Help” section of the web browser menu.