General information

1. The controller of personal data is Julia Stefaniuk, operating under the name Eternal Edit, with its registered office at 22 rue Duvivier, 75007 Paris, France, SIRET number: 991 337 932 00016, EU VAT: FR 16991337932, contact details: email address: contact@eternaledit.com

2. Contact the data protection officer by email: contact@eternaledit.com or in writing at: Eternal Edit, 22 rue Duvivier, 75007 Paris, France

Purposes, grounds, and duration of personal data processing

1. The purpose of data processing is to conclude and perform a contract for the provision of electronic services through the use of the Eternal Edit platform (eternaledit.com). The data will therefore be processed until the contract is performed, and in terms of archiving, until the claims expire (Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as GDPR), your data will be stored until the contract is performed.

2. The purpose of data processing is to achieve the objectives resulting from the legitimate interests of the controller, consisting in direct marketing and improving the services on the Eternal Edit Platform, as well as ensuring access to a secure and efficient platform. Your interests or the interests of other persons whose personal data are concerned do not override our interests as the controller (Article 6(1)(f) of the GDPR). Your data will be processed until you object, if you have consented to receive commercial information.

3. The purpose of data processing is to provide access and services via the Eternal Edit platform, so depending on how you log in to the platform, this may include your mobile phone number, email ID, first and last name, Facebook account (including your first and last name and email address from your Facebook profile, as well as the URL to your profile photo), for the purposes of identifying the Platform user and providing access to the platform services to which they are entitled. This also applies to data related to your business activity for the purposes of verifying your status as an entrepreneur, your status as a VAT taxpayer, and the appropriate display of company data. The above login information is used to provide services via the Eternal Edit platform in accordance with the cooperation agreement and the platform's terms and conditions. (Article 6(1)(b) of the GDPR). 

4. The purpose of data processing is to enable the controller to fulfill all legal obligations in connection with the cooperation (Article 6(1)(c) of the GDPR). This purpose is related to the legal obligations to store specific documents for the period specified in the law, e.g.:

• Ustawa z 29.09.1994 r. o rachunkowości (Dz. U. 2023 poz. 120);
• Ustawa z 29.08.1997 r. - Ordynacja podatkowa (Dz. U. 2025 r. poz. 111);
• Ustawa z 1.03.2018 r. - o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu (Dz. U. z 2025 poz. 644);
• Regulation (EU) 2023/988 of the European Parliament and of the Council of 10 may 2023 on general product safety (GPSR) (Official Journal of the European Union L 135).

5. The purpose of data processing is to pursue claims related to the contract for the provision of electronic services. The ability to pursue claims by the controller is a legitimate interest of the controller (Article 6, paragraph 1, letter f) of the GDPR). The data will be processed until the statute of limitations for claims expires. 

6. If consent is granted, your data will be processed within the limits and for the purpose indicated in the consent (Article 6, paragraph 1, letter a) of the GDPR). The data will be processed until consent is withdrawn.

Information on the obligation to provide personal data for the implementation of specific purposes

To conclude a contract, you must provide the data specified in the contract or order form. Without providing this data, the contract will not be concluded or the order will not be fulfilled. If you request the disclosure of optional data, i.e., data that does not affect the conclusion of the contract, failure to provide this data will prevent it from being used in the performance of the contract or order. For example, a lack of contact via a given form of communication, such as text message notifications without a phone number, will result in the inability to provide this data.

During the term of the contract, when providing services, we come into possession of your other data, which is a consequence of the operation of our services that you use.

Information about who your personal data may be transferred to Transfers of personal data outside the European Economic Area (EEA) Information about the technologies used

1. Public authorities, to the extent they do not receive data as part of specific legal proceedings, e.g., in connection with anti-money laundering;

2. Entities that process your personal data on behalf of the Foundation pursuant to a personal data processing agreement concluded with the Foundation (so-called processors). These include: IT specialists, archiving companies, and hosting companies;

3. External data controllers (so-called Parallel Controller to whom the data is made available, e.g. legal advisors and lawyers, entities conducting courier or postal activities, entities purchasing receivables - in the event of your failure to pay our invoices on time),

4. To achieve the purposes of data processing, your personal data may be made available to the following categories of recipients: Affiliated companies and third parties, including companies based outside the EEA, which enable the provision of marketplace services related to business activities conducted within the Eternal Edit platform. These services involve improving products, supporting customers, and developing fraud detection mechanisms. Any sharing of personal data with companies located outside the European Economic Area ("EEA") is based on a data transfer agreement related to the service provided by the third party, which clearly defines the obligations of the parties and ensures appropriate technical and organizational measures are in place to ensure the security of your personal data. This applies to countries recognized by the European Commission as providing an adequate level of personal data protection and agreements approved by the European Commission that provide personal data with the same protection as it is afforded within the European Union. The Controller always informs the User of its intention to transfer personal data outside the EEA at the time of collection. Third-party service providers who help deliver specific platform solutions, as well as for the maintenance and monitoring of services provided on the platform, may share your personal data with the following recipients or categories of recipients:

a) payment service providers (e.g. Polski Standard Płatności Sp. z o.o. (Blik), PayU S.A., Stripe, Inc., PayPal, Inc.) may receive, depending on the payment method and flow, telephone number, email address, physical address, identification number, cardholder name and surname, cardholder address, credit cardholder name and surname, credit card expiration date, credit card type, KYC information in order to process payments for the purchase of goods or services,

b) cloud storage service providers (e.g. Google Ireland Limited (Google Cloud), Amazon Web Services, Inc. (AWS), Microsoft Corporation (Microsoft Azure), who may receive information about profile data, e.g. description, photos; information about account activity, e.g. sent queries and responses, correspondence with other users, for the purpose of storing data in the cloud integrated third-party tool providers (e.g. Google Ireland Limited (Google Maps), who may receive location information in order to send tailored queries from the appropriate area,

c) Customer service tool providers (e.g., LiveChat - Text S.A., Zendesk, Inc.), who may receive user account details, customer service requests, and message content for communication and user support purposes. Customer service tool providers (e.g., SFDC Ireland Limited (Salesforce), who may receive user account details, account activity information, for communication and user support purposes.

d) providers of customer security and protection tools (e.g., Azure Monitor SEON Technologies, DataVisor, Inc.),

e) providers of technical solutions (e.g., Shopify International Ltd.), who may receive information about account data, activities, correspondence, and use of platform functionalities, in order to improve UX/UI, monitor our services, and introduce new functionalities,

f) marketing communications service providers (e.g., Twilio Inc., Vercom S.A.), who may receive your phone number and email address for the purpose of sending marketing communications.

g) marketing and analytics service providers (e.g., Google Analytics 360) to analyze how users use the Eternal Edit platform and improve its services, as well as to support our online marketing and interest-based advertising. For the purposes of monitoring and reporting the effectiveness of campaigns of our business partners and for internal business analysis purposes, we use information in a way that prevents users from being identified.

h) the new owner will be able to use your personal data as described in the privacy policy in the event of a sale, transfer, or merger of part of the business or its assets, or in the event of an acquisition or merger with other businesses. In the event of such ownership changes, we will provide all actions required by law, which may include notifying you to provide you with choices regarding continued use of our Eternal Edit platforms.

i) users of the Eternal Edit platform may offer a service or product and voluntarily disclose their personal data to other users of the platform. This information may include their name, email address, location, contact number, and other data included in their profile or sales page, making it visible to all users browsing the platform, not just logged-in users. Therefore, your data is shared to the extent related to such Service. This also applies to published opinions or correspondence with another user, i.e., your correspondence data, username, email address domain (e.g., @wp.pl, @gmail.com) used to create the account, and phone number.

Categories of individuals whose personal data is processed

The Eternal Edit platform does not process the personal data of individuals under the age of 16. If it is determined that the personal data of a person under the age of 16 has been provided, the data will be deleted immediately.

Information regarding personal data profiling

Your data will not be subject to profiling, i.e., automated analysis of your data and the development of predictions about preferences or future behavior (e.g., in the case of marketing profiling, determining which offer you may be most interested in based on your previous choices).

Rights related to personal data processing

Information on the possibility of withdrawing consent (if data is processed based on consent)

In connection with the processing of your personal data, you have the right to:

1. access to the personal data being processed (Article 15 of the GDPR);

2. rectification of your personal data, including correction (Article 16 of the GDPR);

3. erasure of your personal data, the so-called "right to be forgotten" – if there is no basis for us to process your data, you can request their deletion (Article 17 of the GDPR);

4. restriction of the processing of your personal data – for example, to store them only or to perform actions agreed upon with you if we hold incorrect data; if your data is unjustified, you can request the deletion of your personal data instead, or restriction of their use; if they are necessary to establish, pursue, or defend legal claims; or for the duration of an objection to data processing (Article 18 of the GDPR);

5. data portability by receiving personal data held under a contract or consent in a structured, commonly used, machine-readable format (e.g., ".csv" or ".pdf" format);

6. withdrawal of consent to personal data processing. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Consent can be withdrawn by sending an email to the following address: contact@eternaledit.com . Consent to personal data processing may be withdrawn at any time (Article 7, Section 3, GDPR);

7. object to the processing of your data if the basis for the use of the data is our legitimate interest, including profiling under Article 6 paragraph 1 letter e) or f) of the GDPR (Article 21 paragraph 1 of the GDPR). In such a situation, the Controller is no longer allowed to process the personal data unless he/she demonstrates compelling legitimate grounds for processing that override the interests, rights and freedoms of the data subject, or grounds for establishing, pursuing or defending legal claims;

8. Object to the processing of your data. If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing purposes, including profiling, to the extent that the processing is related to such direct marketing. If the data subject objects to processing for direct marketing purposes, the personal data may no longer be processed for such purposes (Article 21(2) and (3) of the GDPR).

9. lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office, regarding the processing of personal data in a manner violating the provisions of the GDPR.

Contact

If you require additional information regarding personal data protection or wish to exercise your rights, please contact us at the following email address: contact@eternaledit.com