Privacy Policy

Last updated: 02.09.2025

1. General information

This policy applies to the website available at: dancetobe.org.

The website operator and the data controller is: Monika Węgrzyn, President of the Dance to Be Foundation, ul. Zielona 87B, 32-082 Bolechowice, KRS: 0000756593, NIP (Tax ID): 5130257496, REGON: 381802247.

Contact for data matters: fundacja@dancetobe.org

The Operator is the Controller of your personal data with respect to data you voluntarily provide on the Website.

The Website processes personal data for the following purposes:

  • sending newsletters (if you sign up),
  • handling enquiries via the contact form,
  • accepting and processing donations (including accounting settlements),
  • receiving and assessing beneficiaries’ applications (including documents containing special categories of data),
  • organising and providing support to beneficiaries,
  • preparing, packing and shipping equipment (medical, ballet, etc.) to beneficiaries or donors, if applicable,
  • presenting information about the Foundation’s activities.

The Website collects information about users and their behaviour through:

  • data voluntarily entered into forms,
  • storing cookies and similar technologies (e.g., local storage), including analytics tools and Meta Pixel.

2. Selected data protection measures used by the Operator

  • Login areas and forms are protected with SSL/TLS encryption.
  • The Operator periodically changes administrative passwords.
  • Regular backups are performed.
  • Website software is kept up to date to minimise vulnerabilities.

3. Hosting

The Website is hosted on the servers of Seohost Sp. z o.o., Poland. Data may be recorded in server logs (requested URL, IP address, time, errors, browser identification, etc.). Hosting is covered by a data processing agreement.

4. Your rights and additional information on processing

The Controller may share personal data with other recipients where necessary to perform a contract, carry out statutory activities, or comply with legal obligations. This includes, in particular:

  • the hosting provider,
  • banks (handling transfers),
  • payment operators – PayU S.A. as a separate controller of payment data,
  • postal operators and couriers,
  • authorised employees and collaborators,
  • public authorities legally entitled to access data,
  • analytics and social media providers (Google, Meta – online identifiers).

Data are processed for the period necessary to achieve the purposes and, additionally:

  • accounting/financial records – generally 5 years from the end of the financial year,
  • contact form enquiries – up to 12 months after the conversation ends,
  • newsletter – until consent is withdrawn,
  • beneficiaries’ data – for the duration of support and as required by law.

You have the right to:

  • access your data,
  • rectification,
  • erasure,
  • restriction of processing,
  • data portability,
  • object (where processing is based on Article 6(1)(f) GDPR),
  • withdraw consent (without affecting the lawfulness of prior processing).

We handle requests without undue delay, no later than within 30 days.

Complaints may be lodged with the Polish Data Protection Authority (UODO), ul. Stawki 2, 00-193 Warsaw.

Providing data is voluntary but may be necessary to use certain features (donations, contact form, beneficiary application).

The Website is not directed to children under 16.

No decisions producing legal effects are made solely by automated means. Limited profiling may occur within analytics/cookie tools.

5. Information in forms

Form data may include name, surname, email address, address and message details. Depending on the context, data are processed to respond to an enquiry, process a donation, assess a beneficiary application, or send a newsletter.

6. Administrator logs

Activity data may be recorded in logs for Website administration purposes.

7. Key marketing and analytics technologies

The Website uses Google Analytics and Meta Pixel. Online data may be processed based on device and browser identifiers.

8. Cookies

The Website uses technical, marketing and analytics cookies. Detailed information is available in the cookie banner.

9. Managing cookies

You can change your consent at any time via the “Privacy / Cookie Settings” link in the footer. You may also adjust your browser settings. Processing of marketing cookies is based on your consent (Article 6(1)(a) GDPR).

10. Donations and payments

  1. Donor data are processed to handle donations, accounting, confirmations and – with consent – communication.
  2. Data may include name, email, address, bank account number, donation amount and date.
  3. Legal bases: Article 6(1)(b), Article 6(1)(c) and Article 6(1)(a) GDPR.
  4. Payment data are shared with banks and payment operators.
  5. The Foundation does not process or store payment card numbers.
  6. Payment data are processed by: PayU S.A., ul. Grunwaldzka 182, 60-166 Poznań, Poland.
  7. As part of the Foundation’s legitimate interests (Article 6(1)(f) GDPR), the Foundation may also send the donor a thank-you message for the donation, information about activities carried out using the donated funds, as well as information about similar initiatives and opportunities to support the Foundation, with the right to object at any time.

11. Beneficiaries’ data (applications)

These may include identification and contact data, as well as special category data (health, family/financial situation) as necessary to assess the application. Processing is based on Article 6(1)(b) and (c) GDPR, and for special categories – Article 9(2)(a) GDPR (explicit consent).

12. Shipping and logistics

Address data may be provided to courier/postal services to deliver support (Article 6(1)(b) and (f) GDPR).

13. Data transfers outside the EEA

Data may be transferred to the USA (Google, Meta) on the basis of the EU–US Data Privacy Framework or Standard Contractual Clauses.

Transfers are carried out with appropriate safeguards.