The practices adopted and described in detail below comply with data protection legislation, in particular with a Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR“).
If you have questions or comments about how your personal data is processed, you can contact the Company’s Data Protection Officer at email address: email@example.com or by writing to the Company’ address as indicated above.
Note: The Policy fulfills the Company’ obligation as data controller, referred to in Articles 13-14 GDPR, toward you as a data subject.
1. TYPE AND THE WAY PERSONAL DATA IS COLLECTED
The Company may receive your personal information:
- directly from you (any personal data collected through the use of the Site, including IP address, your use of the Site and/or provided in order to conclude a contract, with the Company as: your identification data – name, surname, contact data – e-mail address, telephone no., residence address and other data given for this purpose);
- from an entity with whom the Company cooperates, in particular its client / supplier or other counterparty who you might be representing – in such a case the Company may receive such personal data as e.g. identification data (e.g. your first name, surname), contact data (e.g. e-mail address, telephone no.) and/or other data provided to us in connection with such cooperation.
2. DATA PROCESSING PURPOSES, BASES AND PROCESSING PERIODS
Your personal data will be processed:
|PURPOSE||LEGAL BASIS||RETENTION PERIOD|
|To negotiate, conclude and duly perform a contract you have concluded or are to conclude directly with the Company.||The performance of a contract of which you are a party or of pre-contractual measures adopted at your request – Art. 6 (1) (b) GDPR.||For the duration of the contract and beyond as permitted by applicable law and/or the Company’ legitimate interest specified below (e.g. investigating / defending the Company’ interest against any claims).|
|To negotiate, conclude and duly perform a contract which have been concluded or is to be concluded between the Company and the entity that employs you (regardless of the form of legal relation) and/or is represented by you.||The Company’s legitimate interest, – Article 6(1)(f) GDPR.||For the duration of the contract and beyond as permitted by applicable law and/or the Company’ legitimate interest specified below (e.g. investigating / defending the Company’ interest against any claims).|
|To satisfy the Company’ legal obligations resulting from applicable law provisions (e.g. settling the agreements in accordance with tax law, responding to your requests concerning your personal data).||Legal obligation of the Company as a data controller – Article 6(1)(c) GDPR.||For the period provided by law or required by the competent authority.|
|To investigate, file and protect the Company’ against claims.||The Company’s legitimate interest, – Article 6(1)(f) GDPR.||Until the purpose is achieved or – if you have objected to the processing and such objection outweighs Company’ interest – until you object to the processing of your data for such purpose.|
|To promote the Company’ products and services and to enable the Company to update you on the use of its services or products (especially through a newsletter).||The Company’s legitimate interest, – Article 6(1)(f) GDPR.||Until the purpose is achieved or – if you have objected to the processing and such objection outweighs Company’ interest – until you object to the processing of your data for such purpose.|
|To detect bots and abuses and in order to provide you with the most user friendly and safe experience.||The Company’s legitimate interest, – Article 6(1)(f) GDPR.||Until the purpose is achieved or – if you have objected to the processing and such objection outweighs our interest – until you object to the processing of your data for such purpose.|
|To measure statistics on the use of our Site.||The Company’s legitimate interest, – Article 6(1)(f) GDPR.||Until the purpose is achieved or – if you have objected to the processing and such objection outweighs our interest – until you submit such objection.|
Commercial communications. The Company may also use your e-mail to send you commercial communication, but only if you consented to such form of contact (this might be the case of the Company’s newsletter). For your convenience, marketing emails tell you how to “opt out” from such emails. You can also withdraw your consent to commercial communications at any time by contacting the Company directly via e-mail indicated above, although it does not affect the correctness of the actions taken before such withdrawal.
Please note that even if you opt out of receiving commercial communications, the Company may still send you non-marketing emails about your accounts and our business dealings with you.
3. COOKIES, WEB BEACONS AND ANALYTICAL TOOLS
Cookies. Cookies are small data files stored on your hard drive by a given website. Cookies help make the Site and your visit more user-friendly.
Data collected by cookies may include, in particular, identification data (name, surname, IP address), contact details (e.g. e-mail address, telephone numer) and behavioural data on how you use the Site.
Depending on the type of cookies, the legal basis for processing your personal data will be the Company’ legitimate interest / the legitimate interest of a third party – Article 6(1)(f) GDPR or your consent – Article 6(1)(a) GDPR.
You are informed of the details of the cookies during your first visit to the Site via the cookie banner – you then learn when the Company needs your consent to process the personal data collected by cookies and you have the option to consent or reject the use of some or all cookies.
Whenever the basis for processing your personal information is your consent, you can withdraw it at any time by sending an email to: firstname.lastname@example.org or by changing your browser settings – this does not affect the lawfulness of the processing operations carried out up to the time of withdrawal of consent.
How to control cookies?
You can block and delete all existing cookies by changing your own browser settings in a way that blocks all or only some cookies. Please note that if you use your browser settings to block all cookies (including essential cookies), you may not be able to access the functionality of the Site.
Web beacons. The Company may log information using digital images called Web beacons on the Site or in emails. Web beacons are used to manage cookies, count visits, and to learn which marketing activities work and which do not. Web beacons are also used to tell if you open or act on our emails.
Google LLC tools. Google Analytics, DoubleClick, Google Tag Manager. The use Google Analytics, DoubleClick and Google Tag Manager are tools provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The Google Analytics tool serves the Company’ legitimate interest consisting in the creation and analysis of statistics to optimize the Site. As far as DoubleClick files are concerned, they allow the Company to check whether you have completed certain activities on the Site after viewing or displaying one of our ads or advertisements visible on Google or other platforms. Google Tag Manager is a tag management system for tracking and analytics on websites. Tags are small code elements that, among other things, are used to measure traffic and visitor behaviour: to understand the effect of online advertising and social channels; to set up remarketing and orientation towards target groups; and to test and optimize websites.
Facebook Pixel. – marketing tools provided by Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA. These tools allow the Company to target advertisements on Facebook at you, which is based on legitimate interest in marketing our own products or services. In order to personalize the ads you receive, Facebook Pixel is used – a tool that automatically collects information about your use of the Site. This information is usually transferred to a Facebook server in the USA and stored there.
YouTube. The Company sometimes post videos from YouTube. For this purpose cookies of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA are used. Such files are loaded when playing the videos.
Social media tools. The Site uses plugins and other social tools provided by social networking sites, such as Facebook, Twitter, Instagram, Google, LinkedIn. When displaying a website that contains such a plug-in, your browser will establish a direct connection to the servers of the social network administrators (service providers).
4. RECIPIENTS OF YOUR PERSONAL DATA
The Company may give access to your personal data to its service providers – entities that help the Company provide services (IT service providers), organize internal work, provide accounting, marketing and legal / commercial consulting services.
In each case, the transfer of your personal data to other entities will be based on an appropriate agreement and in accordance with GDPR.
In some cases, your personal data may also be transferred to public authorities. This only occurs if we are obliged to do so by law.
Your personal data is generally processed within the European Economic Area (“EEA“). If the Company has business dealings with an entity outside this area, your personal data may also be transferred to a country in which this entity is established. In that case, the transfer will only be made (i) to the extent necessary in connection with the provision of services by that entity to the Company; (ii) taking into account the requirements set out in Chapter 5 GDPR, including putting in place appropriate safeguards such as standard contractual clauses adopted by a decision of the European Commission.
5. YOUR RIGHTS
As a person whose personal data the Company processes, you may be entitled to:
- access your personal data (and also receive information on which personal data are processed);
- request rectification and restriction of the processing of your personal data (e.g. where your personal data is inaccurate or incomplete, you can request that we make appropriate changes to your personal data);
- request erasure of personal data (e.g. where it has been processed unlawfully);
- transfer your personal data (processed on the basis of consent or on the basis of necessity to perform a contract) to another data controller;
- withdraw consent (only to the extent to which processing is based on consent) at any time, whereby the withdrawal of consent does not affect the processing carried out by us in accordance with the law prior to its withdrawal – in the case of withdrawal of consent, remember that we can still process your personal data if another prerequisite for processing has been updated (e.g. we need to process your data to fulfill a legal obligation incumbent on us);
- make an objection to the processing of your personal data (you may object to the processing of your personal data if the basis of the processing is Our legitimate interest – e.g. for direct marketing purposes, including profiling related to direct marketing);
- lodge a complaint to the competent authority for personal data protection.
If you wish to exercise the above rights, or raise any questions about the personal data we hold about you, please contact us at our e-mail address: email@example.com Implementation of any changes could take up to 24 hours so please be aware that you could still get some unwanted communication within this period.
6. SECURITY OF YOUR PERSONAL INFORMATION
The Company takes steps to help protect your personal information. All information provided to us is stored on secure and encrypted servers and guarded by strict procedures and well-trained staff.