This Privacy Policy sets out the rules for storing and accessing information on Users' devices using

cookies, for the provision of electronic services requested by Users via the PartyFinder Application,

by LEA24 Sp. z o.o. based in Toruń.

§ 1 Definitions

1. Application - a program, available via the Internet, by means of which its owner provides electronic

services to event organizers, owners of entertainment venues and individual users. The program

includes, among others, a database, software tools installed on servers, a version of the program for

mobile devices (Mobile Application) and a browser version of the program, as well as the PartyFinder

website.

2. Mobile Application - the version of the Application offered as a program that can be installed on a

Mobile Device with Android or iOS operating system, enabling the use of the PartyFinder application,

i.e. browsing the offers of event organizers and owners of entertainment venues and inviting other

users to use the Application.

3. Service Provider - means LEA24 Sp. z o. o. with headquarters in Toruń, Chrobrego 95, entered into

the National Court Register under KRS number: 0000594438.

4. Regulations - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April

2016 on the protection of individuals with regard to the processing of personal data and on the free

movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection,

GDPR).

5. Device - the User's device connected to the Internet, by means of which he/she uses the

Application.

6. Mobile Device - an electronic device such as a mobile phone, smartphone or tablet with the

Android or iOS operating system installed, which enables the Mobile User to access the Mobile

Application.

7. User - a natural or legal person who uses the services offered by the Service Provider via the

Application.

8. Mobile User - a natural or legal person who uses the services offered by the Service Provider via

the Mobile Application installed on a Mobile Device.

9. PartySpot - the event organizer or the owner of an entertainment venue as a natural or legal

person who uses the services offered by the Service Provider via the Browser Application.

10. Browser Application - a version of the Application to which PartySpot has access via any web

browser, enabling the use of the PartyFinder application, i.e. posting information about organized

entertainment events, inviting Users to such events and viewing statistics on Users using the services

of a given PartySpot .

§ 2 Personal data

In connection with the User's use of the Application, the Service Provider processes the User's

personal data as a data administrator. The data are divided into:

a. data processed as part of cookies or similar algorithms, such as data about the device used by the

User, about the IP address, about the web browser used, about the information about the User

entered in the forms included in the Application, or about the User’s operating system version,

b. data that the User enters as part of the Application in order to conclude a contract for the

provision of electronic services, including setting up an account as part of the Mobile Application.

These data include in particular the User's identification data (name, surname) and contact details

(e-mail address, telephone number).

§ 3 Grounds for the processing of personal data

1. The personal data referred to above are processed for the purpose of:

a. concluding an Agreement for the provision of electronic services and the provision of electronic

services to the extent and on the terms set out in the Regulations for the provision of electronic

services - the legal basis for data processing in this respect is the provision of art. 6 sec. 1 lit. b) of the

Regulations enabling the processing of data when it is necessary for the performance of the contract

to which the data subject is a party, or to take action at the request of the data subject, before

concluding the contract,

b. ongoing communication of the Service Provider with the User in matters related to the services

provided by the Service Provider by electronic means on the basis of these Regulations and in

connection with the implementation of the Agreement for the provision of electronic services - the

legal basis for data processing in this respect is the provision of art. 6 sec. 1 lit. b) of the Regulations

enabling the processing of data when it is necessary for the performance of the contract to which the

data subject is a party, or to take action at the request of the data subject, before concluding the

contract,

c. considering complaints submitted by Users regarding the services provided by the Service Provider

- the legal basis for data processing in this regard is the provision of art. 6 sec. 1 lit. f) of the

Regulations enabling the processing of data when it is necessary to achieve the goals resulting from

legitimate interests pursued by the administrator or by a third party; the legitimate interest of the

administrator in this case is the need to consider complaints,

d. pursuing claims or defending against claims - the legal basis for data processing in this regard is the

provision of art. 6 sec. 1 lit. f) of the Regulations enabling the processing of data when it is necessary

to achieve the goals resulting from legitimate interests pursued by the administrator or by a third

party; the legitimate interest of the administrator in this case is the need to pursue claims or defend

against claims,

e. fulfillment of obligations imposed on the administrator based on legal provisions, in particular in

the field of tax regulations - the legal basis for data processing in this regard is the provision of art. 6

sec. 1 lit. c) of the Regulations enabling the processing of data when it is necessary to fulfill the legal

obligation incumbent on the administrator.

2.Personal data processed as part of cookies may also be processed in order to monitor the way

Users use the services provided electronically by the Service Provider for the purposes of controlling

the number of visits to the website, traffic analysis on the website and within the Mobile Application,

possible counteracting actions of non-compliant Mobile Users with these Regulations or generally

applicable provisions of law - the legal basis for data processing in this regard is the provision of art. 6

sec. 1 lit. f) of the Regulations enabling the processing of data when it is necessary to achieve the

goals resulting from legitimate interests pursued by the administrator or by a third party; the

legitimate interest of the administrator in this case is to keep statistics on the operation of the

Application, counteracting fraud and violations of the regulations or legal provisions.

3. With the consent of the Mobile User voluntarily expressed, their personal data may also be

processed for the purpose of marketing products and services offered by the Service Provider by

means of electronic communication, including by sending electronic messages to the e-mail address

provided by the User. In this regard, the User's personal data will be processed based on his consent

- the legal basis for data processing in this respect is the provision of art. 6 sec. 1 lit. a) of the

Regulations enabling the processing of data in a situation where the data subject has consented to

the processing of his personal data for one or more specific purposes.

§ 4 The period of storage of personal data

Personal data may be processed by the Service Provider for the duration of the contract for the

provision of electronic services concluded between the Service Provider and the User. To the extent

that the data relates to the service provided to the User, they will also be processed for a period of 3

years after the service has been performed. Data on financial settlements and VAT invoices are

processed for a period of 5 years from the end of the calendar year in which the service was

provided, in accordance with the provisions of tax law. To the extent that data is processed based on

consent, it will be processed until the consent is withdrawn.

The user has the right to withdraw consent to the processing of his personal data and request their

deletion at any time, also before the expiry of 3 years, after the service has been performed. In order

to withdraw consent and request the deletion of personal data before the expiry of the three-year

period for their processing, the User should contact the Service Provider, whose contact details are

available on the Service Provider's website in the Contact tab, by sending an email to

biuro@partyfinder.pl or calling +48 56 888 09 90.

§ 5 Recipients of data

The recipient of the User's personal data are entities entrusted with the processing of personal data,

in accordance with the provisions of the Regulation, i.e. an entity providing hosting services to the

Service Provider, IT support or traffic analysis services on the website or as part of the Application.

§ 6 Rights of the data subject

1. The User has the right to:

a. demand from the Service Provider confirmation that his personal data is being processed and

access to them,

b. request rectification of their personal data,

c. request the deletion of their personal data,

d. request to limit the processing of their personal data,

e. withdraw their consent to the processing of personal data, to the extent that their processing is

based on consent, but this will not affect the processing of personal data before the consent is

withdrawn,

f. objecting to the processing of the User's personal data - to the extent that the processing takes

place based on the legitimate interest of the administrator,

g. request to transfer data concerning them,

h. file a complaint against the unlawful processing of their personal data to the supervisory body.

2. The User's personal data will not be used for profiling, including automated decision making.

§ 7 Types of cookies used

1. Cookies or similar algorithms mean IT data, in particular small text files, saved and stored on

devices through which the User uses the Application.

2. The Cookies used by the Service Provider are safe for Users' devices. In particular, it is not possible

for viruses or other unwanted software or malware to enter mobile devices in this way. These files

allow to identify the software used by the User and adjust the Service Provider's website or Mobile

Application individually to the needs of each Mobile User. The service provider uses two types of

cookies:

a. Session cookies: they are stored on the User's Device and remain there until the end of the

browser session. The saved information is then permanently deleted from the Device's memory. The

session cookies mechanism does not allow the collection of any personal data or any confidential

information from the Device.

b. Persistent Cookies: they are stored on the Device and remain there until they are deleted. Ending a

browser session or turning off the Device does not delete them. The persistent cookies mechanism

does not allow the collection of any personal data or any confidential information from the Device.

3. The User has the option to limit or disable the access of Cookies to his Device. If they use this

option, the use of individual services provided electronically by the Service Provider from the

Application may be limited, and in some cases, it may turn out to be impossible. Changes to the

settings referred to in the previous sentence can be made by the User using the web browser

settings or by using the service configuration. These settings can be changed, in particular in such a

way as to block the automatic handling of cookies or inform about their every posting on a Mobile

Device. Detailed information on the possibilities and methods of handling cookies is available in the

web browser settings.

4. The user may at any time delete cookies using the functions available in the web browser they use.

5. Detailed information on managing cookies on a mobile phone can be found in the User's Manual

for a given phone.