Processing of personal data
Given that PixBlocks is processing the Users’ personal data within the Application, respecting the Users’ right to privacy, in order to ensure the protection of personal data and to provide the Users with sufficient information with this regard, this Security Policy, constituting an Attachment to and an integral part of the Regulations (hereinafter the Policy) is hereby made available.
The terms used in the Policy and written in capital letters have meanings specified in the Regulations, unless specified otherwise.
The personal data in the Application are processed pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter “GDPR”),
The Application collects the Users’ personal data provided by the Users at Registration, i.e. their first name, last name, avatar, e-mail address, age, location, and during Registration in the Pix Programming Challenge Contest, i.e. the contestant’s first name, last name, e-mail address (or their legal guardian’s e-mail address), the legal guardian’s first name (if the contestant is younger than 13 years old), the legal guardian’s last name (if the contestant is younger than 13 years old), the contestant’s or legal guardian’s telephone number, school name and town.
For users who are teachers this also includes the school’s name, address, telephone, e-mail address, class name and class composition.
The data collected at Registration are necessary to create a User’s Account in the Application to allow them to use services provided within the Application. The User has access to the data through their Account and can manage them.
The data collected at Registration to the Pix Programming Challenge Contest are necessary to conduct the Pix Programming Challenge Contest.
The data collected when the User is using the Application are stored in the User’s Profile and serve to ensure the correct operation of services within the Application and to create Statistics within which data pertaining to the solved Tasks and the Users’ activity are generated.
The personal data are protected with physical safeguards, organizational procedures and system software.
The applied safeguards guarantee:
compliance with law, reliability and transparency – understood as processing that is compliant with law, reliable and transparent for the User,
purpose limitation – understood as the collection of personal data for specific, clear and legally justified purposes and not processing them further in a manner non-compliant with these purposes,
minimisation of data – understood as processing of personal data adequately, appropriately and limited in scope that is necessary for processing purposes,
correctness – understood as processing of personal data that are correct and updated, if needed,
storage limitation – understood as storing personal data in a manner allowing the identification of an individual to whom they pertain, for a period that is not longer than necessary for purposes for which they are processed,
integrity and confidentiality – understood as being necessary for purposes for which they are processed,
processing in a manner ensuring adequate safety of personal data, including protection against unauthorized or illegal processing and accidental loss, destruction or damage, by means of relevant technical or organizational measures.
Grounds for and purposes of processing of personal data and purposes
The User’s personal data are processed in the User’s Account and Profile on the basis of:
a. Art. 6 Section 1 Item b) of GDPR, namely in order to provide services to the User within the Application, and in particular:
to provide access to the Application’s tools and data bases within the Application’
to authenticate the User when logging in the Application.
b. Art. 6 Section 1 Item c) of GDPR, namely in order to fulfil the obligations of a controller as stipulated in legal regulations;
c. Art. 6 Section 1 Item a) of GDPR, namely on the basis of the User’s consent for processing personal data, e.g. with regard to notification within the Application;
Categories of recipients of the Users’ personal data
The Users’ personal data may be transferred to the following entities:
Organizers who have an active Account and Profile within the Application;
Clients who have an active Account and Profile within the Application, provided the User – Task Solver has started solving a Task introduced by the Client;
entities providing legal, accounting and tax services for the Application and PixBlocks.
PixBlocks does not intend to transfer the Users’ personal data to any third countries or international organizations.
The Users’ Rights
The User has the right to require confirmation that their personal data are processed as well as obtain a copy of personal data being processed.
In case such personal data are incorrect or incomplete, the User has the right to require their rectification.
The User has the right to request the erasure of their personal data, i.e. the User has the right to be forgotten, unless the processing of their personal data is necessary for adjusting, settling or defending legal claims.
In cases specified in Art. 18 of GDPR, the User has the right to require the processing of your personal data to be restricted.
Since the basis for data processing in this case is not Article 6, Item e or f of GDPR, the User is not entitled to object to processing of their personal data.
The User has the right to obtain their personal data, which they have provided to PixBlocks, in a structured, commonly accepted, machine-readable format and transfer them to another controller or require PixBlocks to transfer such data directly to the controller of your choice.
The User has the right to file a complaint to the supervisory authority concerned if they suspect PixBlocks is processing their personal data in violation of the provisions of GDPR.
The User has the right to revoke their authorization to have their personal data processed in any moment, regardless of the legal compliance of the processing that has been done based on their authorization before its revocation.
The execution of the stipulated rights is done by mailing a notification to: firstname.lastname@example.org.
In order to summarize the presented information, they have been collected in the following table: