- The controller of Personal Data is Inssue Technologies Sp. z o. o. with the registered seat in Kraków 31-553, Cystersów19, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Kraków – Śródmieście in Kraków, 12th Commercial Department of the National Court Register under KRS No. 0000657467, NIP: 993-066-20-07 , with share capital of PLN 50 000.00 (hereinafter: the “Controller“).
- The legal grounds for the processing of Personal Data are:
- the necessity to perform a contract to which User is a party or to which User is a representative, or to take action at User’s request, prior to the conclusion of the contract (Article 6(1)(b) of the GDPR) – e.g. placing an order and its performance;
- the necessity to fulfil the legal obligation incumbent on the Controller (Article 6(1)(c) of the GDPR) – e.g. payment of tax on the completed agreement;
- User’s expressed consent (Article 6(1)(a) of the GDPR).
- The purpose of the processing of Personal Data is:
- taking actions aimed at concluding a contract (e.g. handling User’s order and User – Controller communication);
- performance of the agreement (e.g. providing services);
- conducting marketing activities (e.g. sending newsletters, trade offers, information about promotional actions, competitions and other events) – only if User agrees to them.
- Personal Data will be stored for the time necessary to perform the activities referred to in section 4 above and 7 years after their completion (the limitation period for claims), unless the applicable provisions of law impose on the Controller the obligation or right to store Personal Data for a longer period of time. Personal Data stored for the purposes of sending commercial information and direct marketing will be stored and processed until User withdraws consent to their processing, request to remove or limit their processing, object to their processing and/or request their transfer, or due to the liquidation of the company activity.
- The Controller collects Personal Data provided voluntarily by the User. Collected Personal Data includes: name, surname, email address and contact telephone number. Users are not obliged to provide these data. Providing these data is not a statutory or contractual requirement. Failure to provide these data may result in inability to take actions aimed at concluding a contract, inability to perform this contract (i.e. placing and executing an order) and take actions related to it, as well as fulfilling legal obligations incumbent on the Controller.
- The recipients of Personal Data are: entities cooperating with the Controller in the scope of the Controller’s activity; entities providing services to the Controller’s (e.g. accountants, IT, legal, capital group members), state authorities.
Data change or cancellation
- Users have the right to:
- withdraw consent at any time (but this does not affect the lawfulness of the processing of Personal Data before withdrawing consent and the lawfulness of the processing of Personal Data on legal grounds other than consent);
- object to the processing of their Personal Data;
- demand access to his/her Personal Data, rectification and erasure of his/her Personal Data and demand limitation of the processing of his/her Personal Data and their transfer;
- file a complaint to the supervisory authority (the President of the Office for Personal Data Protection).
- In order to exercise User’s rights please contact the Controller by sending an email to email@example.com. Upon User’s request the Controller will process User’s request within 30 days of receiving User’s message and inform the User about Controller’s activities in a separate e-mail sent to the e-mail address indicated in the form.
Security and storage of Personal Data
- For the security of entrusted Personal Data, internal procedures and recommendations have been developed to prevent unauthorized access to Personal Data. the Controller monitors performance and constantly validates their compliance with the provisions of the Personal Data Protection Law and executive acts. A secure communication encryption protocol (SSL) is also used.
- the Controller follows strict security procedures to ensure that User’s Personal Data is not damaged, destroyed, or disclosed to a third party without User’s permission and to prevent unauthorized access to it. Devices storing Personal Data are kept in a secure facility with restricted physical access and we use secure firewalls and other measures to restrict electronic access.
- All of the Personal Data we collect or record is restricted to the Controller’s offices. Only employees who need the information to perform a specific job are granted access to the User’s Personal Data.
- Our cookies do not identify nor contain any Personal Data. Cookies cannot read information from User’s computer or interact with other cookies on User’s hard drive.
- The information collected relates to the IP address, type of browser used, language, type of operating system, Internet service provider, time and date, location and information sent to the website via the contact form.
- The collected Personal Data is used to monitor the use of our Site to improve its functioning, ensuring more effective and problem-free navigation. We monitor information about the user through Google Analytics, which records user’s behavior on the Site. Users can opt out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for User’s current web browser: https://tools.google.com/dlpage/gaoptout?hl=en
- On our Site we use the following cookies:
- “Performance” cookies, enabling the collection of information about the use of the Site;
- “Functional” cookies, allowing “remembering” the settings selected by the user and personalizing the user’s interface, e.g. in terms of the language or region the user comes from, the size of the font, the appearance of the website, etc.;
- On our Site, the links to other websites may appear. Such websites operate independently of the Controller and are not in any way supervised by the Controller of Personal Data. These sites may have their own privacy policies and regulations that we recommend to read.