Special offer: MK20 EUR/yr | com – 10 EUR/yr | eu – 10 EUR/yr
gdpr
laur

GDPR that is


The Regulation on the Protection of Personal Data, the main purpose of which is to harmonize the provisions on the protection of personal data in the European Union.
kalendarz

Since when do the new rules apply?


From May 25, 2018
czlowiek

What are my obligations under the GDPR?


The new regulations do not require any action on your part, they only provide better protection of the transferred data.

The Regulation on the Protection of Personal Data introduces changes thanks to which netart.com will provide services at the same high level as before, with greater transparency.


Thanks to the new regulations, customers' personal data will be better protected, and each person will have a number of rights to control the personal data provided.

The identity and contact details of the administratorread more

The Controller of your personal data is netart.com spółka z ograniczoną odpowiedzialnością with its registered office in Krakow (KRS: 0001000590).

Contact with netart.com is possible using:

  • traditional mail to the address ul. Pana Tadeusza 2, 30-727 Cracow
  • e-mail to contact@netart.com

Data Protection Officerread more

Please be advised that we have appointed a Data Protection Officer. The function of Data Protection Officer at netart.com is performed by Daniel Trędkiewicz.

Contact with the Data Protection Officer at netart.com regarding data protection matters is possible via email to dpo@netart.com.

Purposes, legal basis and duration of personal data processingread more

The purposes, legal basis and duration of the processing of your personal data depend on the nature of the relationship between you and the company. Read the information for:

Clients

As part of your relationship with netart.com, your personal data may be processed for the following purposes:

Statistical analysis, satisfaction surveys and improvement of the quality of services provided. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is the possibility of improving the quality of the services provided (Article 6(1)(f) of the GDPR), and to the extent beyond the personal data necessary for the provision of electronic services, the legal basis for the processing of your personal data may be your consent (Article 6(1)(a) of the GDPR in conjunction with Article 18(4) of the Act of 18 July 2002 on the provision of services by electronic means). Your personal data will be processed for the duration of your use of netart.com services and your account in the Client Panel or until you object to the processing of your personal data for the purposes of statistical analyses and satisfaction surveys of netart.com services.

Marketing the services and activities of netart.com. The legal basis for the processing of your personal data will be the realisation of netart.com's legitimate interest in promoting the services and activities of netart.com (Article 6(1)(f) of the GDPR), in connection with consent to send marketing information by means of electronic communication. Your personal data will be processed for the duration of your use of netart.com services and your active consent to send marketing information by electronic means or until you object to the processing of your personal data for marketing purposes.

Payment processing and making settlements. The legal basis for the processing of your personal data will be the performance of a contract to which you are a party (Article 6(1)(b) of the GDPR). Your personal data will be processed until full settlement of the service or until the expiry of the statute of limitations for a claim for payment of remuneration due to us (as a rule, the statute of limitations for our claims for payment of remuneration expires at the end of the calendar year after two years from the date when the remuneration becomes due).

Payment processing and making settlements. In the case of payment processing by means of a Subscription Payment, the basis for the processing of your personal data will be your voluntary consent (Article 6(1)(a) of the GDPR) expressed by providing your personal data as specified in the Subscription Payment activation form and the activation of the Subscription Payment. Your personal data will be processed until you cancel your Subscription Payment or fully settle the service, or until the expiry of the statute of limitations for a claim for payment of remuneration due to us (as a rule, the statute of limitations for our claims for payment of remuneration expires at the end of the calendar year after two years from the date the remuneration becomes due).

Conducting correspondence. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to conduct correspondence within the framework of its business activities (Article 6(1)(f) of the GDPR). Your personal data will be processed for the duration of the correspondence and thereafter until the expiry of the statute of limitations for any claims related to the correspondence (as a rule, the statute of limitations expires at the end of the calendar year after the expiry of three or six years from the due date of the claim) or the statute of limitations for the possibility of imposing an administrative fine.

Operation of the Partnership Program and contests. The legal basis for the processing of your personal data will be the performance of a contract to which you are a party (Article 6(1)(b) of the GDPR in connection with the regulations of the Partnership Program and the regulations of the contest). Your personal data will be processed for the duration of your participation in the Partnership Program and the Partnership Program contest, respectively, and thereafter it will be stored in accordance with the retention period for accounting and tax obligations. If we ask for your consent to publicly disclose information about the winner of a prize in a contest, the legal basis for processing your personal data will be your voluntary consent (Article 6(1)(a) of the GDPR), and your personal data will be published in the websites operated by the company and will be kept there for an indefinite period of time (about two years), depending on the company's business needs, or until you withdraw the consent you have given.

Implementation of accounting and tax obligations. The legal basis for the processing of your personal data will be the performance of a legal obligation (Article 6(1)(c) of the GDPR in conjunction with Article 106e(1) and Article 112 of the Goods and Services Tax Act of 11 March 2004, in conjunction with Article 86 of the Tax Ordinance Act of 29 August 1997). Your personal data will be processed until the expiry of the statute of limitations on tax liability, i.e. for 5 years from the end of the calendar year in which the tax due date has passed.

Registration and maintenance of an account in the Client Panel. The legal basis for the processing of your personal data will be the performance of a contract to which you are a party or taking action at your request prior to entering into a contract (Article 6(1)(b) of the GDPR in conjunction with Article 18(1) and (2) of the Act of 18 July 2002 on the provision of electronic services in conjunction with the General Terms and Conditions of Contracts). Your personal data will be processed until you delete your account in the Client Panel. However, please note that netart.com is entitled to delete your Client Panel account on its own if you have not had an active service for at least three months prior to the deletion of your Client Panel account.

Complaint processing. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is the processing of complaints and defence against claims (Article 6(1)(f) of the GDPR). Your personal data will be processed for the time necessary to process your complaint, and thereafter documents relating to the complaint procedure will be stored until the expiry of the limitation period for claims (as a rule, the statute of limitations expires at the end of a calendar year after the expiry of three or six years from the due date of the claim).

The provision by electronic means of the services included in the netart.com offer. The legal basis for the processing of your personal data will be the performance of a contract to which you are a party (Article 6(1)(b) of the GDPR in conjunction with Article 18(1) and (2) of the Act of 18 July 2002 on the provision of electronic services in conjunction with the General Terms and Conditions of Contracts and the regulations of the service you make use of). Your personal data will be processed for the duration of the provision of services.

Provision of data at the request of entitled authorities. The legal basis for the processing of your personal data will be the performance of obligations provided by law (Article 6(1)(c) of the GDPR in conjunction with Article 18(6) of the Act of 18 July 2002 on the provision of electronic services in conjunction with the provision of national law governing the procedure of entitled authorities, such as Article 15 of the Act of 6 June 1997 Code of Criminal Procedure or Article 248 of the Act of 17 November 1964 Code of Civil Procedure). Your personal data will be processed until the expiry of the statute of limitations for claims - as a rule, this will occur on the last day of the calendar year after the expiry of three or six years from the due date of the claim (note that this period may be interrupted by law, which may result in an extension of the processing period) - or the statute of limitations for the possibility of imposing an administrative fine.

Establishment, exercise or defense of claims The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is to protect the interest of netart.com against claims and to assert claims (Article 6(1)(f) of the GDPR).Your personal data will be processed until the expiry of the statute of limitations for claims - as a rule, this will occur on the last day of the calendar year after the expiry of three or six years from the due date of the claim (note that this period may be interrupted by law, which may result in an extension of the processing period) - or the statute of limitations for the possibility of imposing an administrative fine.

Ensuring the security of services, the network, including preventing unauthorised access to electronic communications networks and preventing damage to computer systems. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to ensure adequate security of the services provided and the business conducted (Article 6(1)(f) of the GDPR). Your personal data will be processed for a period of time that ensures the security of the services, network and information.

Registrants

As part of your relationship with netart.com, your personal data may be processed for the following purposes:

Conducting correspondence. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to conduct correspondence within the framework of its business activities (Article 6(1)(f) of the GDPR). Your personal data will be processed for the duration of the correspondence and thereafter until the expiry of the statute of limitations for any claims related to the correspondence (as a rule, the statute of limitations expires at the end of the calendar year after the expiry of three or six years from the due date of the claim) or the statute of limitations for the possibility of imposing an administrative fine.

Complaint processing. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is the processing of complaints and defence against claims (Article 6(1)(f) of the GDPR). Your personal data will be processed for the time necessary to process your complaint, and thereafter documents relating to the complaint procedure will be stored until the expiry of the limitation period for claims (as a rule, the statute of limitations expires at the end of a calendar year after the expiry of three or six years from the due date of the claim).

The provision by electronic means of the services included in the netart.com offer. (domain registration services and related services). The legal basis for the processing of your personal data will be the performance of a contract to which you are a party (Article 6(1)(b) of the GDPR in conjunction with Article 18(1) and (2) of the Act of 18 July 2002 on the provision of electronic services in conjunction with the General Terms and Conditions of Contracts and the regulations of the domain registration service and related services). Your personal data will be processed for the duration of the provision of services.

Consideration of complaints. The legal basis for the processing of your personal data will be the implementation of the legitimate interest of netart.com, which is the consideration of complaints and defense against claims (Article 6(1)(f) of the GDPR). Your personal data will be processed for the time necessary to handle the complaint, and then until the expiry of the limitation period for claims (as a rule, the limitation period takes place at the end of the calendar year after three or six years from the due date of the claim).

Provision of data at the request of entitled authorities. The legal basis for the processing of your personal data will be the performance of obligations provided by law (Article 6(1)(c) of the GDPR in conjunction with Article 18(6) of the Act of 18 July 2002 on the provision of electronic services in conjunction with the provision of national law governing the procedure of entitled authorities, such as Article 15 of the Act of 6 June 1997 Code of Criminal Procedure or Article 248 of the Act of 17 November 1964 Code of Civil Procedure). Your personal data will be processed until the expiry of the statute of limitations for claims - as a rule, this will occur on the last day of the calendar year after the expiry of three or six years from the due date of the claim (note that this period may be interrupted by law, which may result in an extension of the processing period) - or the statute of limitations for the possibility of imposing an administrative fine.

Establishment, exercise or defense of claims. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is to protect the interest of netart.com against claims and to assert claims (Article 6(1)(f) of the GDPR). Your personal data will be processed until the expiry of the statute of limitations for claims - as a rule, this will occur on the last day of the calendar year after the expiry of three or six years from the due date of the claim (note that this period may be interrupted by law, which may result in an extension of the processing period) - or the statute of limitations for the possibility of imposing an administrative fine.

Ensuring the security of services, the network, including preventing unauthorised access to electronic communications networks and preventing damage to computer systems. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to ensure adequate security of the services provided and the business conducted (Article 6(1)(f) of the GDPR). Your personal data will be processed for a period of time that ensures the security of the services, network and information.

Users of the netart.com website

As part of the use of the netart.com website, your personal data may be processed for the following purposes

Analysis of user activity and preferences. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is to be able to improve the functionalities used on the netart.com website (Article 6(1)(f) of the GDPR) and, with regard to information stored on your telecommunications terminal device, your consent (Article 6(1)(a) of the GDPR). Your personal data will be processed for the duration of your use of the netart.com website or until you lodge an objection, and thereafter - in the case of information retained also after the end of your use of the website - for a period of time allowing the realisation of the purpose related to the analysis of user activity and preferences, and, with regard to information stored in your telecommunications terminal device, no longer than until you withdraw your consent.

Marketing the services and activities of netart.com. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is the promotion of the services and activities of netart.com (Article 6(1)(f) of the GDPR), and, with regard to information stored in your telecommunications terminal device, your consent (Article 6(1)(a) of the GDPR). Your personal data will be processed until you object to the processing of your personal data for marketing purposes and, with regard to information stored on your telecommunications terminal device, until you withdraw your consent.

Conducting correspondence. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to conduct correspondence within the framework of its business activities (Article 6(1)(f) of the GDPR). Your personal data will be processed for the duration of the correspondence and thereafter until the expiry of the statute of limitations for any claims related to the correspondence (as a rule, the statute of limitations expires at the end of the calendar year after the expiry of three or six years from the due date of the claim) or the statute of limitations for the possibility of imposing an administrative fine.

Ensuring the security of services, the network, including preventing unauthorised access to electronic communications networks and preventing damage to computer systems. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com, which is to ensure adequate security of the services provided and the business conducted (Article 6(1)(f) of the GDPR). Your personal data will be processed for a period of time that ensures the security of the services, network and information.
Also read our Privacy Policy, which describes the terms under which we use cookies on our website.

Contact persons

In connection with the specification of your personal data in the Contact Person field or in the Registrant Representative field, we will process your personal data for the following purpose:

Conducting correspondence. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is to conduct correspondence within the framework of its business activities (Article 6(1)(f) of the GDPR). Contact with a Client with the legal status of a company is carried out through a contact person, and with a Registrant with the legal status of a company through a representative of the Registrant. A contact person is a representative of the Client authorised to contact us on behalf of the Client and to receive correspondence addressed to the Client. A Registrant Representative is a representative of the Registrant authorised to contact us on behalf of the Registrant with the legal status of a company and to receive correspondence addressed to such a Registrant. Your personal data will be processed for the duration of correspondence and thereafter until the expiry of the statute of limitations for any claims relating to the correspondence (as a rule, the statute of limitations expires at the end of a calendar year after the expiry of three or six years from the due date of the claim) or the statute of limitations for the possibility of imposing an administrative fine.

Establishment, exercise or defense of claims. The legal basis for the processing of your personal data will be the realisation of the legitimate interest of netart.com which is to protect the interest of netart.com against claims and to assert claims (Article 6(1)(f) of the GDPR).Your personal data will be processed until the expiry of the statute of limitations for claims - as a rule, this will occur on the last day of the calendar year after the expiry of three or six years from the due date of the claim (note that this period may be interrupted by law, which may result in an extension of the processing period) - or the statute of limitations for the possibility of imposing an administrative fine.

Recipients of personal dataread more

The type of recipients of your personal data depends on the nature of the relationship between you and netart.com. Read the information specific to:

Clients and Contact Persons

In connection with having an account in the Client Panel, using the services of netart.com and having a business relationship with netart.com, recipients of your personal data may be entities such as:

  • nazwa.pl sp. z o.o. (ul. Pana Tadeusza 2, 30-727 Cracow) providing services related to the company's day-to-day operations, including customer service, analytical services, marketing services, project support, administrative and legal support, correspondence support, and document storage and destruction services;
  • Expert Sender sp. z o.o. (ul. Cypriana Kamila Norwida 1, 80-280 Gdańsk) providing a tool for communication with Clients;
  • LINK Mobility sp. z o.o. (ul. Toszecka 101, 44-100 Gliwice) providing an SMS communication tool;
  • Rhenus Data Office Polska sp. z o.o. (al. Katowicka 66, 05-830 Nadarzyn) providing document destruction services;
  • Rhenus Data Office Polska sp. z o.o. (al. Katowicka 66, 05-830 Nadarzyn) providing services in the field of archiving and destruction of documentation;
  • TradeDoubler sp. z o.o. (ul. Puławska 2, bud. C, 02-566 Warszawa) providing affiliate services through its network of publishers;
  • DeepL SE (Maarweg 165, 50825 Cologne, Germany) providing machine translation services.
  • Thulium sp. z o.o. (Est. Zlotej Jesieni 7, 31-827 Cracow) providing a web chat tool.

In connection with the payment for netart.com services and your choice regarding the form of payment, recipients of your personal data may be entities such as:

  • PayPro S.A. (Przelewy24, ul. Kanclerska 15A, 60-326 Poznań) providing support for all payments made online by the Customer (quick transfers, BLIK, card payment agent);
  • Adyen N.V. (Simon Carmiggeltstraat 5-60, 1011 DJ Amsterdam, the Netherlands) providing support for all payments made online by the Client;
  • ING Bank Śląski S.A. (Sokolska 34, 40-086 Katowice) offering electronic banking services.

In addition, your personal data may be transferred to the following categories of entities: entities providing legal services and data protection consulting, entities providing accounting services, entities providing tax services, entities providing correspondence services, entities providing marketing services, entities providing analytical services, entities providing other services necessary for netart.com to provide services electronically, authorised entities and authorities.

Registrants

If we provide you with a web domain registration and maintenance service, the type of recipients of your personal data will depend on the type of domain you register.

The .eu domains are registered by netart.com on the basis of an agreement with NetArt Registrar sp. z o.o. (ul. Pana Tadeusza 2, 30-727 Cracow), which is a domain registrar accredited with EURid and which makes the personal data of Registrants available to the European Registry for Internet Domains (EURid) (Telecomlaan 9, 1831 Diegem, Belgium), the operator of the .eu domain registry. NetArt Registrar is the recipient of the Registrant's data with regard to the domain name, identification data, address data, contact data, as well as nationality (due to the availability of .eu domains for persons having citizenship or residence in one of the member states of the European Union, Norway, Iceland or Liechtenstein). You can find detailed rules for the processing of personal data by NetArt Registrar on the NetArt Registrar website.

The .com, .net, .org, .info, and .biz global domains are registered by netart.com under an agreement with NetArt Registrar sp. z o.o. (ul. Pana Tadeusza 2, 30-727), which is an ICANN-accredited domain registrar. NetArt Registrar is the recipient of the Registrant's data in terms of domain name, identification data, address data, contact data. You can find detailed rules for the processing of personal data by NetArt Registrar on the NetArt Registrar website. NetArt Registrar shares Registrants' personal data with the following entities, depending on the type of domain:

  • Internet Corporation for Assigned Names and Numbers (ICANN) Los Angeles 12025 Waterfront Drive, Suite 300, CA 90094-2536, USA;
  • DENIC Services GmbH & Co. KG , Heinrich-Hertz-Str. 6, Darmstadt, Hesse, 64295, Germany;
  • Verisign Inc. Los Reston, 12061 Bluemont Way, VA 20190, USA (Registry Operator for .com and .net domains);
  • Identity Digital Inc. 10500 NE 8th Street, Suite 750, Bellevue, WA 98004, USA (Registry Operator for .info domains);
  • Public Interest Registry Reston, 11911 Freedom Drive, 10th Floor, Suite 1000, VA 20190, USA (Registry operator for .org domains).
  • Registry Services, LLC 2155 E GoDaddy Way, Tempe, AZ 85284, USA (for .biz domains).

Country-specific domains and global nTLD domains are registered by netart.com under an agreement with Netim Limited Liability Company (Avenue Arthur Notebart, 59160 Lille, France), which is the registrar of country-specific domains and global nTLD domains. For detailed rules on how Netim processes personal data, please visit Netim's website. In the case of global nTLD domains, Netim shares Registrants' personal data with ICANN, Data Depositories and Registry Operators. In the case of country-specific domains, Netim shares Registrants' personal data with Registry Operators.

A list of Registry Operators for each domain extension can be found on the IANA (Internet Assigned Numbers Authority) top-level domain registry website, available here.

A list of Data Depositories for individual domain extensions can be found on the ICANN website, available here.

For the majority of domain extensions, Netim acts as an accredited Registrar, but in some cases, due to the specifics of a particular registry, it is not a party to the contract with the Registry Operator and cooperates with another accredited Registrar (who may use an additional Intermediary, also a recipient of the Registrant's data) to whom it makes the Registrant's data available - in which case it is this accredited Registrar (or its Intermediary) that transfers the Registrant's data to the relevant Registry Operator. This applies to domains with the following extensions:

Extension Registrar - Netim Partner Registrar's intermediary
.ca Tucows
Tucows Inc.

(96 Mowat Avenue, Toronto, ON M6K 3M1, Canada)
Hover
(96 Mowat Avenue Toronto,
Ontario M6K 3M1 Kanada)
.ca Subreg
Gransy S.R.O

(Borivojova 878/35, 130 00 Prague, Czech Republic)
Gransy
Gransy S.R.O

(Borivojova 878/35, 130 00 Prague, Czech Republic)
.hu Versanus
Versanus Informatikai és Szolgáltató Kft.

(1138 Budapest, Mura u. 4. 9. em. 7, Hungary)
Not applicable
.hr LogoMedia
LOGOMEDIA d.o.o.

(Rendićeva 9, HR-21000 Split, Croatia)
Not applicable
.tw WebNic
Web Commerce Communications (Singapore) Pte. Ltd.

(410 North Bridge Road, 188726, Singapore)
WebCC
Web Commerce Communications Limited (WEBCC) L4-E-2, Level 4, Enterprise 4 Technology Park Malaysia, Bukit Jalil Kuala Lumpur
.id GMO
GMO Internet Group, Inc.

(Cerulean Tower 4-14F, 26-1 Sakuragaokacho, Shibuya ku, Tokyo, 150-8512, Japan)
Not applicable
.ua DRS
Service Online LLC

(49000, Dnipro, p/o box 177, Ukraine)
Not applicable
.rs Webglobe
Webglobe, d.o.o.

(Trg 14. Oktobra 2/2/118000 Niš, Serbia)
Not applicable
.ba LogoMedia
LOGOMEDIA d.o.o.

(Rendićeva 9, HR-21000 Split, Croatia)
Not applicable
.al Namebrave
(Sepapaja tn 6 Tallinn 15551, Estonia)
Not applicable

If you would like to know detailed information about the accredited Registrar for the above extensions, we recommend that you contact Netim directly, which will be able to provide you with detailed information in this regard. If you will have any difficulties in obtaining this information - contact us, and we will try to help you get an answer to your inquiry.

If you use the service related to the replacement of Registrant data in the WHOIS database for global domains with alternative data, the recipient of your personal data in the scope of e-mail address and domain name will be Whois Data Protection sp. z o.o. (ul. Pana Tadeusza 2, 30-727 Cracow), which provides this service.

In addition, in connection with using the services of netart.com and having a business relationship with netart.com, recipients of your personal data may be entities such as:

  • nazwa.pl sp. z o.o. (ul. Pana Tadeusza 2, 30-727 Cracow) providing services related to the company's day-to-day operations, including customer service, analytical services, marketing services, project support, administrative and legal support, correspondence support, and document storage and destruction services;
  • Expert Sender sp. z o.o. (ul. Cypriana Kamila Norwida 1, 80-280 Gdańsk) providing a tool for communication with Clients;
  • LINK Mobility sp. z o.o. (ul. Toszecka 101, 44-100 Gliwice) providing an SMS communication tool;
  • LINK Mobility sp. z o.o. (ul. Toszecka 101, 44-100 Gliwice) providing a tool for SMS communication;
  • Rhenus Data Office Polska sp. z o.o. (al. Katowicka 66, 05-830 Nadarzyn) providing services in the field of archiving and destruction of documentation;
  • Asseco Data Systems S.A. (ul. Żwirki i Wigury 15, 81-387 Gdynia) providing services related to the provision of SSL certificates;
  • DeepL SE (Maarweg 165, 50825 Cologne, Germany) providing machine translation services.
  • Thulium sp. z o.o. (Est. Zlotej Jesieni 7, 31-827 Cracow) providing a web chat tool.

In addition, your personal data may be transferred to the following categories of entities: entities providing legal services and data protection consulting, entities providing correspondence services, entities providing marketing services, entities providing analytical services, entities providing other services necessary for netart.com to provide services electronically, authorised entities and authorities.

Users of the netart.com website

In connection with the use of the netart.com, website, the recipient of your personal data may be:

  • nazwa.pl sp. z o.o. (ul. Pana Tadeusza 2, 30-727 Cracow) providing services related to the company's day-to-day operations, including customer service, analytical services, marketing services, project support, administrative and legal support, correspondence support, and document storage and destruction services;
  • Thulium sp. z o.o. (Est. Zlotej Jesieni 7, 31-827 Cracow) providing a web chat tool.

In addition, your personal data may be transferred to the following categories of entities: entities providing marketing services, entities providing analytical services, entities providing other services necessary for netart.com to provide electronic services, authorised entities and authorities.
Also read our Privacy Policy, which describes the terms under which we use cookies on our website.

Recipients of personal data outside the European Economic Arearead more

The type of recipients of your personal data outside the European Economic Area depends on the nature of the relationship you have with netart.com. Read the information specific to:

Clients and Contact Persons

As a rule, personal data of Clients and Contact Persons is not transferred outside the European Economic Area.

The exception to this is the cooperation with payment operator Adyen N.V., which is headquartered in Amsterdam, the Netherlands, but works with its group entities, which are based in the United Kingdom, Brazil, Mexico, the United States, Australia and Singapore, respectively. The countries listed are so-called third countries within the meaning of the GDPR, i.e. countries outside the European Economic Area. The European Commission has not issued a decision finding an adequate level of protection for personal data in these countries. Consequently, this justifies taking additional safeguards related to such a transfer. The transfer of personal data to these countries by Adyen N.V. is carried out in accordance with the rules set out in Chapter V of the GDPR. This means that the legal basis for the transfer of your personal data outside the European Economic Area is the application of a solution that provides adequate guarantees for your rights and freedoms in the form of an obligation of the entity to which your personal data will be disclosed to apply the provisions of the standard data protection clauses issued under the European Commission Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council. The content of these clauses is publicly available on the Internet in the EUR-lex electronic database of European Union legislation. Under these clauses, additional safeguards related to the transfer of data outside the European Economic Area have been introduced. Adyen N.V. also cooperates with affiliates in Japan and Canada, both of which have been recognised by the European Commission as guaranteeing an adequate level of personal data protection. For details, visit the Adyen website.

In addition, in connection with the use of netart.com and the use of cookies, some information may be shared with entities in third countries, specifically the United States. In this case, the legal basis for the transfer is also the obligation of the entity to which your personal data will be disclosed to apply the provisions of the standard data protection clauses issued under the European Commission Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council. The content of these clauses is publicly available on the Internet in the EUR-lex electronic database of European Union legislation. Under these clauses, additional safeguards related to the transfer of data outside the European Economic Area have been introduced. In particular, we have taken steps to minimise the extent of data transferred, anonymise it and encrypt it.

For more information about the security measures used by netart.com, visit netart.com. You can also ask the Data Protection Officer for details.

Registrants

In the case of European domains, Registrants' data is generally not transferred outside the European Economic Area. However, due to the nature of the domain registration service, which allows the public presentation of content on the Internet, it is likely that the Registrant's data (which also applies to global and country domain Registrants) in terms of the content collected on the website (e.g. the domain name containing the Registrant's name, photographs on the website, entries on the website containing personal data, etc.) will be publicly accessible from anywhere in the world. The extent of the data made available on the Registrant's website is completely independent of the company and is administered solely by the Registrant. The role of netart.com is only to make available the Registrant's data collected in the Client Panel in order to register the domain to NetArt Registrar, which then makes the Registrant's data available to EURid. It is also important to note that EURid maintains a public WHOIS registry in which domain data, including the personal data of Registrants, can be published - we recommend reading EURid's detailed rules for maintaining this registry.

In the case of country domains, the transfer of personal data outside the European Economic Area occurs when the Registry Operator is based outside the European Economic Area. Usually, this situation occurs when the registered domain is assigned to a country outside the European Economic Area. For example, when registering a .ca domain, the Registrant must be aware that their personal data will go to the Registry Operator in Canada, as this is necessary to register the domain. The registration of a country domain is also linked to the maintenance of a public WHOIS registry in which domain data, including Registrants' data, may be published - we recommend reading the detailed rules of the relevant Registry Operator for these registries, as the rules in this regard may vary, depending on the extension in question.

In the case of global domains, there is a transfer of personal data outside the European Economic Area, due to the fact that Registry Operators, ICANN and Data Depositories are based outside the European Economic Area (generally in the United States). Therefore, the transfer of data outside the European Economic Area is necessary to register the domain. From the factual side, in the case of global domains, netart.com shares directly the Registrants' personal data only with the accredited Registrar (i.e. NetArt Registrar or Netim), which in turn, as an ICANN-accredited Registrar, shares the Registrants' personal data with the respective Registry Operator, Data Depository and ICANN. However, formally, the company is a party to the contract only with NetArt Registrar and Netim and only with these companies it directly shares the personal data of the Registrants. The registration of a global domain is also linked to the maintenance of a public WHOIS registry in which domain data, including Registrants' data, may be published - we recommend reading the detailed rules for the maintenance of these registries by ICANN, the relevant Registry Operator and the Registrar.

The legal basis for the transfer of personal data outside the European Economic Area by the Registrar may be in the form of standard data protection clauses issued under European Commission Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council. The content of these clauses is publicly available on the Internet in the EUR-lex electronic database of European Union legislation. As far as the countries for which the European Commission has issued a decision on the adequacy of data protection are concerned, this decision of the European Commission can be the legal basis for the transfer.

For more information about the security measures used by netart.com, visit netart.com. You can also ask the Data Protection Officer for details.

Users of the websiteread more

In connection with the use of netart.com and the use of cookies, some of the information relating to the user of the website may be shared with entities in third countries, specifically the United States.

Entities from the United States are an entity from so-called third countries within the meaning of the GDPR (entities from countries outside the European Economic Area). The European Commission has not issued a decision finding an adequate level of protection for personal data in the United States. Work is currently underway and U.S. law is being brought into line with European standards, but at the moment the level of data protection in the United States cannot be considered equivalent to data protection within the European Union, as the European Commission has not made such a declaration. Consequently, this justifies taking additional transfer-related safeguards.

The legal basis for such a transfer is the obligation of the entity to which your personal data will be disclosed to apply the provisions of the standard data protection clauses issued under the European Commission Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council. The content of these clauses is publicly available on the Internet in the EUR-lex electronic database of European Union legislation. Under these clauses, additional safeguards related to the transfer of data outside the European Economic Area have been introduced. In particular, we have taken steps to minimise the extent of data transferred, anonymise it and encrypt it.

For more information on the safeguards applied by netart.com in connection with the transfer of personal data outside the European Economic Area, please visit netart.com. You can also ask the Data Protection Officer for details.

Rights in connection with the processing of personal data

In connection with the processing of your personal data by netart.com, you have the following rights:

  • The right to access personal data – entitles you to access personal data and obtain information about the rules of their processing
  • The right to obtain a copy of personal data - entitles to request a copy of personal data subject to processing
  • The right to rectification of personal data - entitles you to request the rectification of inaccurate personal data or the completion of personal data
  • The right to erasure of personal data - entitles you to request the erasure of your personal data undergoing processing
  • The right to restrict the processing of personal data - entitles you to request the restriction of the processing of your personal data to storage activities, excluding undertaking other operations on your personal data
  • The right to transfer personal data - entitles you to receive personal data in a structured, commonly used machine-readable format and send them to another entity
  • The right to data portability - entitles you to receive your personal data in a structured, commonly used machine-readable format and send it to another entity
  • The right to object to the processing of personal data - entitles you to request the cessation of the processing of your personal data for specific purposes
  • The right to withdraw consent to the processing of personal data - entitles you to withdraw at any time your consent to the processing of your personal data for specific purposes, which does not affect the lawfulness of processing activities prior to the withdrawal of consent
  • The right to lodge a complaint with a supervisory authority - entitles you to lodge a complaint with the President of the UODO (Personal Data Protection Office) about the processing of your personal data by the controller

To exercise the above rights, please contact netart.com Customer Service. You can raise any objections to the way your request is handled directly with the Data Protection Officer.

Other informationread more

The provision of personal data is a condition for creating an account in the Client Panel and using the services of netart.com. When registering an account in the Client Panel, you are required to provide correct data. The provision of personal data in certain cases is a statutory requirement (e.g. due to regulations governing tax and accounting obligations). Therefore, without the provision of personal data, the provision of services and the implementation of other purposes for which we process your personal data will not be possible.

The implementation of submitted requests - both in the field of personal data protection and related to the services provided - is always preceded by appropriate authorisation of the person submitting the request. Remember that in case of doubts about your identity, netart.com has the right to carry out additional verification of the identity of the person making the request under the terms of the General Terms and Conditions. This is to prevent the execution of instructions submitted by unauthorised persons.

Your personal data, to the extent necessary for the provision of electronic services, may be subject to profiling in order to send personalised marketing information tailored to the type of services you use. Profiling with personal data other than the data necessary for the provision of electronic services will only take place with your express consent.

We would further like to inform you that netart.com uses cookies on its website. For more information on the use of cookies, please see our Privacy Policy available on netart.com.

The information provided here relates to situations in which netart.com decides on the purposes and means of processing personal data and therefore is the controller of such personal data. While providing services, netart.com also acts as a processor when it processes personal data at the instruction of the Client. Clients who process personal data as part of the services provided by netart.com are required to enter into an agreement for entrusting the processing of personal data. The agreement for entrusting the processing of personal data is concluded using the functionality available in the Client Panel.

Information on the rules governing the processing of personal data at netart.com is reviewed on an ongoing basis and updated as necessary. You can find the latest information in this regard at netart.com/GDPR. If you have any additional questions, the Customer Service Department and the Data Protection Officer are at your disposal.

Information in the version of 31.07.2024.

BACK TO THE TOP OF THE LIST
Market leader