Hi there! 

We like it when water and personal data processing rules have something in common – transparency!

If you are here, it means data privacy is also important to you. In the interests of transparency in personal data processing, below we present the key principles applied on our website and in our business. 

By way of introduction

This Privacy Policy describes the general principles for the processing of personal data at Amasis Sp. z o.o. (hereinafter: AMASIS). We drew up this Privacy Policy in the form of a list of questions and answers. We hope that this way of presenting the information will make it more readable and transparent.

Remember that AMASIS is not only the www.amasis.pl website, but also separate pages or profiles set up on social media, such as Instagram, TikTok or Facebook. If you go to another website using an embedded link, a different privacy and cookie policy will apply there. We recommend that you read the policies of each website you visit.

Questions and answers

  1. Who decides how your data is processed?
  2. What do we base our processing of personal data on? 
  3. Why do we process your personal data?
  4. With whom do we share your personal data?
  5. Is your personal data transferred outside the European Economic Area?
  6. How long do we keep your data?
  7. What rights do you have in relation to our processing of your personal data?
  8. Cookies – which ones do we use?
  9. Additional information
  1. Who decides how your data is processed?

How your data is processed is determined by the so-called “Controller”, and the Controller of the www.amasis.plwebsite and the Controller of your personal data is Amasis Sp. 
z o.o. Our registered office is located at Aleja 3 Maja 5A lok. 11, 00-401 Warsaw, Poland. If you have any questions or concerns, you can always contact us by email at: hello@amasis.pl

  1. What do we base our processing of personal data on?

We organise our activities and the processing of personal data in such a way as to comply with the requirements or recommendations of, in particular:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 2016, No. 119, p. 1, as amended), hereinafter “GDPR”,
  • Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018, item 1000, as amended), hereinafter “PDP Act”,
  • guidelines and opinions of the European Data Protection Board.
  1. Why do we process your personal data?

We certainly understand that you would like to know what purposes we process your personal data for.

The purpose of the processing of your personal data depends on what activities or actions you undertake or we undertake together. 

In the table below you can see the most important activities or actions and related information. 

Remember that providing us with your personal data is voluntary, but necessary for us to achieve these purposes.

Individuals whose data we processLegal basis for processing*Processing purposes
When you browse the websiteyour consentour legitimate interestWe use cookies to facilitate data transmission over the Internet, to collect and analyse information about traffic on our website and to carry out marketing activities. 
When you contact us using the contact formour legitimate interestYou provide us with your data so that we can respond to an enquiry made to us and, if necessary, to take other action in accordance with your request.
When you participate in a joint dive during organised trips/courses or when you participate in other activities we organisecontract performancelegal obligationWe need your data because we will formally enter into a contract specifically about organising a diving trip or course. Depending on the type of trip or course, we will share your data with various entities, i.e. individuals, companies or organisations, which is discussed in more detail later in this Privacy Policy.If your personal data is included in accounting or tax records, we will process it in order to comply with our legal obligation to keep documents constituting accounting evidence in line with tax and accounting regulations. Such documents may include, in particular, a contract and bills or invoices. 
When you join a closed group on our social mediayour consentour legitimate interestOur aim is to build the AMASIS community. If you agree to join a closed group on our social media, within this group you will share your data with us and with the other group members connected not only to your profile, but also to your reactions such as likes, comments, sending photos, sharing content etc. We are responsible for managing our group and moderating the reactions of the group members if necessary.
When you provide us with a photo or video you have taken so that we can share it on social media or on the websiteyour consentWe know you take beautiful photos and videos of your dives/trips/other activities. If you agree, we will share them on our social media or website so that more people can admire your work.
*Legal bases for processing:your consent – Art. 6(1)(a) GDPRcontract performance – Art. 6(1)(b) GDPRlegal obligation – Art. 6(1)(c) GDPRour legitimate interest – Art. 6(1)(f) GDPR
  1. With whom do we share your personal data?

We share your personal data with different recipients depending on the activities or actions you undertake or we undertake together, such as:

  • contributors and moderators with whom we jointly create the AMASIS community. These people need access to your data in order to perform their tasks properly
  • email and website providers who store correspondence received from you directly or via a contact form on their servers 
  • providers of other services, e.g. legal or IT services we may use, e.g. legal, technical or IT support, cloud solutions, mailing
  • accounting service providers, if your personal data is included in tax and accounting documentation, e.g. if you conclude a contract with us and participate in joint diving, trips or courses
  • our partners, whose services or products we use to organise trips, diving courses or other activities. In this case, we may share your personal data with, for example, local diving schools, instructors or guides (possible transfer of personal data outside the EEA)
  • independent entities whose services we use in connection with the organisation of trips or courses, e.g. airlines, insurers, travel agencies, hotels or other accommodation providers (possible transfer of personal data outside the EEA).
  1. Is your personal data transferred outside the European Economic Area?

As a general rule, we do not transfer your personal data outside the European Economic Area (in short: EEA, which includes the states of the European Union plus Iceland, Norway and Liechtenstein). For example, our email and website servers are located in the EEA. Some situations such as organising trips to places with the most beautiful coral reefs in the world obviously involve the transfer of your personal data to various entities located outside the EEA and it is necessary for the proper performance of the contract concluded between us. Your data may be shared with our partners and independent entities indicated above in section: “4. With whom do we share your personal data?”. 

  1. How long do we keep your data?

We keep your personal data for the period of time necessary to achieve the purposes described about above in section: “3. Why do we process your personal data?”. Each purpose means a different retention period. For example, we store email correspondence for up to 5 years and personal data processed in closed groups on our social media until the group ceases to operate. If we enter into a contract for a diving trip or course, we will keep your personal data for the duration of that contract, unless it is included in accounting and tax documents that we are obliged to keep under the law. In such a case, we keep your data for the period of time resulting from tax and accounting regulations. In any case, we may further process your personal data in the event of pursuing or defending against possible claims.

  1. What rights do you have in relation to the processing of your personal data?

In connection with the processing of your personal data and depending on the legal basis for the processing, which can be found in section: “3. Why do we process your personal data?” you have the following rights:

the right to object to the processing of personal dataNONONOYES

You can exercise the right to withdraw consent at any time. However, withdrawal of consent does not affect the lawfulness of processing carried out on the basis of the consent before its withdrawal.

You have the right to lodge a complaint with the supervisory authority, i.e. the President of the Office for Personal Data Protection. More information at: https://uodo.gov.pl/pl/526/2464.

  1. Cookies – which ones do we use?

This website uses cookies. There are different types of cookies:

  • essential (they enable you to use our website)
  • preferential (they remember your preferences or improve the operation of the website)
  • statistical/analytical (they provide us with information on how users use our website, e.g. which tabs are most frequently visited)
  • marketing (they are used to display personalised advertising and other communications)

Your consent is required for all but essential cookies.

Some cookies last for the duration of your browser use (session cookies), others for a set period of time, others until they have been removed from the device. 

You can choose or change the settings for storing cookies on the device (e.g. smartphone, tablet, laptop) in the browser settings. You can also delete cookies from your device memory.

  1. Additional information

The Privacy Policy is subject to change. Updates to the Privacy Policy will be published on our website.

If you have any questions or concerns about privacy, please email us at: hello@amasis.pl