BRUT

Studio

Team

Contact

Store

English

Privacy Policy


Data Administrator

The Data Administrator of your personal data, i.e. the entity deciding on the purposes and means of processing, is BRUT TATTOO TATTOO STUDIO Judyta Kmieć, ul. Kręta 6, 50-234 Wrocław. In relation to matters regarding the processing of personal data, you can also contact us via email at: brut.tattoo.studio@gmail.com

Purpose of data processing

The Administrator processes your personal data:

  1. In order to respond to an email contact. By contacting the Administrator via electronic mail, including by sending a query through the contact form placed on the site, you naturally provide your email address as the sender's address of the message. Furthermore, you may also include other personal data in the content of the message. Your data is processed in this case for the purpose of contacting you, and the basis for processing is Article 6(1)(f) of the GDPR, which means the legitimate interest of the Administrator in providing a response to your message. The legal basis for processing after the contact is concluded is the legitimate interest of the Administrator in archiving correspondence for internal purposes (Article 6(1)(f) of the GDPR). The content of the correspondence may be subject to archiving. You have the right to demand a presentation of the correspondence history (if it has been archived), as well as demand its removal, unless the archiving is justified due to the superior interests of the Administrator, for example, defense against potential claims. The scope of collected data: email address, other data provided by the User in the message content.

  2. In order to take action at the request of the Data Subject prior to entering into a contract. By ordering a consultation with a specialist via our site, you provide us with your phone number and email address, which we will use to contact you. We will do this on the basis of Article 6(1)(b) of the GDPR, which applies, among other things, to situations where processing is necessary for the performance of a contract to which the Data Subject is a party, or to take action at the request of the Data Subject prior to entering into a contract (if you are contacting us for the first time to obtain a consultation with a specialist). The legal basis for processing after the contact is concluded is the legitimate interest of the Administrator in archiving correspondence for internal purposes (Article 6(1)(f) of the GDPR). The content of the correspondence may be subject to archiving. You have the right to demand a presentation of the correspondence history (if it has been archived), as well as demand its removal, unless its archiving is justified. The scope of collected data: phone number, email address, other data provided by the User in the message content.

  3. Providing data is always voluntary, but sometimes necessary for the proper realization of the purpose for which you provide it.

Retention period of personal data

Your personal data will be retained for the period necessary to respond to your question sent through the contact form or directly to the Administrator's email address. After this time, they may be archived and stored until the expiry of any claims.

Your rights

  1. You have the right to find out at any time whether your personal data has been stored and to consult with the Data Administrator to find out about its content and origin in order to verify its accuracy or to request its completion, cancellation, updating, or improvement, or to transform it into anonymous form or to block any data stored unlawfully, as well as to object to its use for any legitimate reasons.

  2. If you believe that the processing of your personal data by the Administrator violates your rights or is otherwise inconsistent with Polish law or European Union law, you have the right to file a complaint with the President of the Personal Data Protection Office (UODO).

  3. To exercise the above-mentioned rights, please contact the Administrator by email at brut.tattoo.studio@gmail.com or by mail at: BRUT TATTOO TATTOO STUDIO Judyta Kmieć, ul. Kręta 6, 50-234 Wrocław.

Data Recipients

  1. In connection with the conducted activities, the Administrator will disclose your personal data to the following entities:

    1. state authorities or other entities authorized under the provisions of law,

    2. entities supporting us in conducting business on our behalf, in particular providers of external IT systems supporting our business, whereby such entities will process data based on a contract with the Administrator and solely according to our instructions.

  2. Transfer of data to third countries:

    1. Personal data will generally not be transferred outside the European Economic Area (EEA). However, taking into account the provision of services by our subcontractors in executing support for IT services and IT infrastructure, the Administrator may commission the performance of certain IT activities or tasks to recognized subcontractors operating outside the EEA, which may result in the transfer of your data outside the EEA. According to the decision of the European Commission, the recipient countries outside the EEA provide an adequate level of protection of personal data in accordance with EEA standards.

    2. In the case of recipients in the territory of countries not covered by the decision of the European Commission, in order to ensure an adequate level of such protection, the Administrator concludes agreements with the recipients of personal data, which are based on standard contractual clauses issued by the European Commission in accordance with Article 46(2)(c) of the GDPR.

    3. A copy of the standard contractual clauses can be obtained from the Administrator — their contact details are provided above. The method used by the Administrator to secure your data is in accordance with the principles set out in Chapter 5 of the GDPR. You may request further information about the safety measures applied in this regard, obtain a copy of these protections, and find out where they are made available.

Data Administrator

The administrator of your personal data, i.e., the entity deciding on the purposes and means of processing, is STUDIO TATUAŻU BRUT TATTOO Judyta Kmieć, ul. Kręta 6, 50-234 Wrocław. In matters related to the processing of personal data, you can also contact us by email at: brut.tattoo.studio@gmail.com

Purpose of data processing

The administrator processes your personal data:

  1. To respond to email correspondence. By contacting the administrator via electronic mail, including sending inquiries through the contact form available on the site, you naturally provide your email address as the sender's address. Furthermore, you may include other personal data in the content of the message. In this case, your data is processed to contact you, and the basis for processing is Article 6(1)(f) GDPR, which is the legitimate interest of the administrator to respond to your message. The legal basis for processing after the contact ends is the legitimate interest of the administrator in archiving correspondence for internal purposes (Article 6(1)(f) GDPR). The content of correspondence may be subject to archiving. You have the right to request a history of correspondence (if it has been archived) as well as to demand its deletion unless its archiving is justified by the administrator's overriding interests, such as defense against potential claims. The extent of the data collected: email address, other data provided by the user in the content of the message.

  2. To take action at the request of the data subject before entering into a contract. When ordering a consultation with a specialist through our website, you provide us with your phone number and email address, which we will use to contact you. We will do this based on Article 6(1)(b) GDPR, which applies to situations where processing is necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject before entering into a contract (if you are contacting us for the first time to obtain a consultation with a specialist). The legal basis for processing after the contact ends is the legitimate interest of the administrator in archiving correspondence for internal purposes (Article 6(1)(f) GDPR). The content of the correspondence may be subject to archiving. You have the right to request a history of correspondence (if it has been archived) as well as to demand its deletion unless its archiving is justified. The extent of the data collected: phone number, email address, other data provided by the user in the content of the message.

  3. Providing data is always voluntary, but sometimes necessary for the proper realization of the purpose for which you provide it.

Retention period of personal data

Your personal data will be stored for the period necessary to respond to your inquiry submitted through the contact form or directly to the Administrator's email address. After this time, it may be archived and stored until the expiration of any potential claims.

Your rights

  1. You have the right at any time to find out whether your personal data has been stored and to consult the Data Administrator to find out about its content and origin in order to check its accuracy or request its supplementation, cancellation, update, or correction, or to convert it into an anonymous form or to block any data stored unlawfully, as well as to object to its use for any legitimate reasons.

  2. If you believe that the processing of your personal data by the administrator violates your rights or is otherwise unlawful under Polish law or EU law, you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO).

  3. To exercise the aforementioned rights, contact the administrator by email at brut.tattoo.studio@gmail.com or in writing at: STUDIO TATUAŻU BRUT TATTOO Judyta Kmieć, ul. Kręta 6, 50-234 Wrocław.

Data recipients

  1. In connection with the conducted business, the Administrator will disclose your personal data to the following entities:

    1. government authorities or other entities authorized under the law,

    2. entities supporting us in conducting our activities at our request, in particular external suppliers of IT systems supporting our business, whereby such entities will process data based on a contract with the Administrator and solely in accordance with our instructions.

  2. Transfer of data to third countries

    1. Personal data will generally not be transferred outside the European Economic Area (hereinafter: “EEA”). However, considering the provision of services by our subcontractors in relation to IT support services and IT infrastructure, the Administrator may assign certain tasks or activities to recognized subcontractors operating outside the EEA, which may result in the transfer of your data outside the EEA. According to the decision of the European Commission, the recipient countries outside the EEA provide an adequate level of protection of personal data in accordance with EEA standards.

    2. In the case of recipients in countries not covered by the decision of the European Commission, in order to ensure an adequate level of protection, the administrator enters into contracts with recipients of personal data based on standard contractual clauses issued by the European Commission in accordance with Article 46(2)(c) GDPR.

    3. A copy of the standard contractual clauses can be obtained from the administrator – his contact details are provided above. The method used by the administrator to secure your data complies with the principles provided for in Chapter V of the GDPR. You can request further information about the security measures applied in this regard, obtain a copy of these security measures, and find out where they are accessible.

Security

  1. The website has implemented solutions that ensure a high level of protection for your data, including an SSL certificate — a tool that certifies the credibility of the domain and its owner. It confirms the security of encrypting data transmitted between the User and the server. It guarantees the confidentiality of data and all communication. This guarantee is provided by an independent entity, namely the issuer.

  2. The Administrator guarantees the confidentiality of all personal data provided to them. We ensure that all security and personal data protection measures required by data protection regulations are taken. Personal data is collected with due diligence and appropriately protected against access by unauthorized persons.

Profiling

  1. As part of our activities, we do not engage in profiling as mentioned in Article 4 point 4 of the GDPR, meaning we do not process your personal data in an automated manner by using your personal data to evaluate certain personal characteristics (e.g., to assess your preferences, interests, location, etc.).

Cookies

  1. The Service Provider stores HTTPS requests directed to the server.

  2. In order to improve functionality, the Service Provider states that it uses cookies. Proprietary cookies will be used for:

    1. Configuring the service, i.e., adapting the content of the pages to previous actions taken by the user;

    2. Executing processes necessary for the full functionality of the websites;

    3. Conducting analyses and monitoring traffic;

    4. Ensuring security and continuous operation.

  3. External cookies will be used to collect statistical data via analytical tools for analytical purposes.

  4. Based on the collected information, the Service Provider may create statistics. Statistics are created in a manner that does not allow for the identification of individual Service Users.

  5. Every Service User who does not consent to the use of cookies is required to modify their web browser settings. Configuring the system to allow cookies means consent to the storage by the Service Provider of the information referred to in paragraph 2, in accordance with Article 173 paragraph 2 of the Act of 16 July 2004 —Telecommunications Law (Journal of Laws of 2017, item 1907, as amended).

Server Logs

  1. Information about certain activities undertaken by Users is subject to logging at the server layer.

  2. These data are used solely for the purpose of administering the Service. Accessed resources are identified by URLs. Additionally, the following may be logged:

    1. the time of the request arrival;

    2. the time the response is sent;

    3. the User’s station name July — identification performed through the HTTP protocol;

    4. information about errors that occurred during the execution of HTTP transactions;

    5. the URL of the previously visited page by the User (referer link) — in the case where the transition to the Service occurred through a link;

    6. information about the User's browser;

    7. information about the User's IP address.

  3. The aforementioned data is not associated with specific individuals browsing the pages.

  4. The aforementioned data is used only for the purpose of administering the Service.

Disclaimer

The Privacy and Security Policy does not cover information regarding services, goods, or websites of third parties, offers provided in the Service under agreements with other entities. Third parties determine their own, individual rules for the functioning of their services, goods, or websites in their regulations, at their own discretion and responsibility.

Final Provisions

The Administrator reserves the right to change this Privacy Policy, particularly due to changes in legal regulations, changes in technology, or the way the website functions.

Last update: 05.01.2025.

HOME

Instagram / Facebook
brut.tattoo.studio@gmail.com

Brut Tattoo
Kręta 6, Wrocław

HOME

Instagram / Facebook
brut.tattoo.studio@gmail.com

Brut Tattoo
Kręta 6, Wrocław

HOME

Instagram / Facebook
brut.tattoo.studio@gmail.com

Brut Tattoo
Kręta 6, Wrocław