As of May 25 2018, in the Member Countries of the European Union, the requirements regarding processing personal data changed. Implementing GDPR results from, firstly, the necessity of adjusting the regulations to the technological development, secondly, the need of introducing uniform rules for the personal data protection in all the member countries of the European Union.
GDPR that is – General Data Protection Regulation (EU) number 2016/679 dated April 27 2016 is a regulation in EU law on personal data protection and the free flow of such data (in other words General Data Protection Regulation- GDPR- RODO).
Administrator of personal data?
The Administrator of personal data is the company LESSLESS Lukasz Sobolewski, registered in 28 Blackheath Grove, SE3 0DH London, the owner of the website available at http://lessless.co.uk (further: Page).
Inspector of Data Protection?
The Administrator did not appoint an Inspector of Data Protection.
The source and method of data collection?
Personal data are gathered based on the information provided by the User while giving information and sending contact messages, as well as via automatic gathering cookie files while visiting the website http://lessless.co.uk.
For what purpose and on what ground are personal data processed?
Personal data of Users and persons visiting the page are processed to the extent necessary to perform the contract (art. 6, par.1 b of GDPR) for the purpose of:
1. Servicing requests and contacts in matters related to cooperation, based on the legitimate purpose of the administrator art. 6, par.1 f)
2. Getting to know the preferences of users, detecting bots and errors for analytic and statistic purposes and for the direct marketing
3. In reference to cookie files – for the purpose of adjusting adverts on the page, including profiling and for analytic purposes.
Consent can be withdrawn any time regardless of its processing before its withdrawal.
Is providing data voluntary?
Providing personal data is voluntary, yet not submitting them in the fields marked as necessary will prevent/exclude contact with the User. Submitting personal data to respond to contact and collecting them within cookie files is voluntary.
What are cookie files and for what purpose are they collected?
Cookie files are computer data, in particular text files, which are stored in the device with which the User browses the content of the website. These data contain information automatically collected during the user’s visit on the page, including IP address, data about the browser used, URL of the page previously visited by the user (referrer link), information about transmission and reports on possible errors. Cookie files are used to adjust the content of the website to the User’s preferences, to maintain the session during the user’s visit on the page, to create statistics and analyze the user’s behavior, as well as auxiliary material to administer the server.
For tracking activity and creating statistics Google tools are used, such as Google Analytics. Google does not use collected data for user identification, nor does it combine information for identification. Detailed information about the scope and principles of data collection connected with this service can be found at:
The user can change settings regarding access to and storing cookies with settings of settings of the browser or settings of the device used for browsing the website.
How long are we going to process personal data?
Personal data of users who submitted them are processed for the time of providing services, and in justified cases also after its completion, among others, in cases provided for by law or for the purpose of billings, statistics, or claims. Personal data of Users in cookie files and for marketing purposes will be processed until submitting a reasoned objection or withdrawal of consent for such processing.
Personal data of Users are provided to entities providing services for the Administrator, including IT services, mailing, courier, hosting and marketing cooperation. Entrusting data is only to the extent and for purposes specified by the Administrator, on the basis of a contract. Data can also be provided to entities authorized to obtain them based the applicable law.
Transfer of data outside of the EEA area?
Data can be, in some cases transferred to recipients outside of the European Economic Area, i.e. to Google LLC on the basis of legal securities which are standard contractual clauses of personal data protection, confirmed by the European Commission.
Rights of people whose data they concern- Users whose personal data are processed by the Administrator have the right to:
1. Withdraw consent for data processing- at any time, without reason;
2. Access the personal data – the right to obtain the specified information about processing of the personal data, and also to access copies of the data,
3. Demand the correction of the personal data – the right to demand the correction or completion of outdated data,
4. Demand the removal of personal data – the co-called right to be forgotten in the situation when processing is not justified under the law,
5. Demand to limit processing of the personal data – the right to limit processing only to storing or other operations on the data until the legitimate reasons have ceased,
6. File an objection against processing – because of a special situation of the person whom the data concern or if they are processed for marketing purposes,
7. Transfer the personal data – the right to obtain the recorded data in a structured format to the extent that the data are processed under the contract or expressed consent.
The user also has the right to file a complaint regarding processing of the personal data to the supervisory authority- i.e. the President of the Personal Protection Office.
How to contact us to take advantage of the rights mentioned above or obtain additional information regarding the personal data protection?
In all matters regarding processing of the personal data, please contact us by e-mail at GDPR@lessless.co.uk.