Privacy Policy

This Privacy Policy (hereinafter: Policy) is a document in which we inform you to what extent and for what purpose Digimuth sp. z o.o., as the controller of your personal data, collects and processes your personal data. In addition, the Policy contains information about cookies used on the Website.

This Privacy Policy of the Service is for reference only, which means that it is not a source of rights or obligations for the Controller or Users.

If you have questions or concerns, you can contact us by e-mail: [email protected]

Article 1. Definitions

In this Policy the following terms and expression shall mean as follows:

1. Controller - Digimuth, a limited liability company with its registered office at ul. Garbary 67, 61-758 Poznań, KRS number: 0000828464, NIP: 7831812862, share capital in the amount of PLN 10,000, the register books of which are kept by the District Court Poznań - Nowe Miasto i Wilda in Poznań, 8th Commercial Division of the National Court Register;

2. Website - this website;

3. User - a person using the Website;

4. Contact form - the form available on the Website at https://digimuth.com, through which you can contact the Controller.

Article 2. General provisions

1. The Controller processes the User's personal data under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR) and in accordance with national provisions of generally applicable law on the protection of personal data, and the Act on the provision of electronic services of July 18, 2002 (Journal of Laws 2002 No. 144, item 1204, as amended).

2. The Controller shall act with due diligence to protect any interests of data subjects, the Controller shall ensure that the data are:

   1. processed lawfully, fairly and in a transparent manner in relation to a data subject (“lawfulness, fairness and transparency”);

   2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes ("purpose limitation");

   3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”);

   4. accurate and, where necessary, kept up to date; every reasonable step shall be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”);

   5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (“storage restriction”);

   6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (“integrity and confidentiality”).

3. The Controller has not appointed the Personal Data Protection Inspector.

4. The Website and The Controller’s services are not intended or directed to people under 18 years of age. The Controller does not knowingly collect or process data of persons under 18 years of age.

Article 3. Data collection manner

1. The Controller may collect Users' data in the following ways:

   1. providing them by the user in the Contact Form or in a message sent to the e-mail address;

   2. by using cookies, provided that the user expresses his consent to the use of cookies.

2. Providing any data by Users is voluntary, however failure to do so may result in the inability to:

   1. contact via the Contact Form;

   2. responses from the Controller;

   3. concluding a contract with the Controller.

Article 4. Scope, purpose and manner of data processing

1. The Controller may collect the following information about Users:

   1. first name and last name;

   2. e-mail address;

   3. IP address;

   4. technical information about any devices used by the User to access the Controller's services, including: internet and / or network connections, any identifier of a mobile device, operating system, type of browser or other software, or data on computer hardware and other technical information; these are technical data about Users and their actions and action diagrams that do not contain personal data;

   5. any other information provided by the User.

2. The Controller may process the collected data for the purpose of:

   1. replies to messages sent via the Contact Form or e-mail;

   2. conclusion of the contract in accordance with the will of the User;

   3. performance of the contract concluded with the User, including the provision of services and pursuing claims;

   4. performance of legal obligations incumbent on the Controller (in particular: issuing invoices, keeping accounting books, fulfilling requests from authorized authorities);

   5. direct marketing, including profiling;

   6. keeping statistics;

   7. sending commercial information or offers ordered by the User;

   8. making and storing backup copies, ensuring the ability to continuously ensure confidentiality, integrity, availability and resilience of processing systems and services; ensuring the ability to quickly restore the availability and access to personal data in the event of a physical or technical incident;

   9. implementation of the so-called legitimate interest within the meaning of the GDPR.

3. The User's personal data may be transferred to the following types of entities:

   1. employees, associates, proxies and subcontractors of the Controller;

   2. entities providing services to the Controller, in particular accounting offices, law firms, tax advisors, hosting, IT or programming service providers (in particular for the purposes of servicing the Website, e-mail and data storage in the cloud);

   3. authorized state authorities;

   4. Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA) - an entity that can process data outside the territory of the European Union; the transfer takes place on the basis of a decision of the European Commission (the so-called Privacy Shield) stating that entrepreneurs based in the United States of America who have joined the Privacy Shield program provide an adequate level of personal data protection. The collected data makes it impossible to identify a specific person, and more information on the privacy standards of the tool is available at the link www.google.com/intl/en/policies/privacy/partners/.

4. Users' personal data will not be transferred to third parties for marketing purposes.

5. The Controller processes data for the period necessary to achieve a specific purpose, including in particular:

   1. in the case of contract performance - until the claims under the contract are time-barred;

   2. in the case of processing for marketing purposes - for the User to exercise the rights excluding the processing of personal data for direct marketing, including until the objection is submitted or consent is withdrawn.

In addition, the period of data storage will not be shorter than that resulting from generally applicable laws.

Article 6. Cookies policy

1. Cookies are small text information in the form of text files sent by a server and saved on the website of a visitor to the Online Shop (e.g. on a hard drive of a computer, laptop or smartphone memory card - depending on the device used by the User). Details on cookies are available here: https://en.wikipedia.org/wiki/Cookie.

2. Cookies are used for the following purposes: maintaining the security of services and preventing fraud, improving website performance, registering visits for marketing and statistical purposes, supporting website personalization (e.g. saving language settings). Cookies may also be used and posted by partners cooperating with the Controller - then they are subject to cookie policies or privacy policies of the entities that publish them.

3. Most popular web browsers accept cookies by default, so if you do not change your browser settings, you consent to the use of cookies. The links below contain information on cookie settings in the most popular browsers:

   • Google Chrome: https://support.google.com/chrome/answer/95647?hl=en

   • Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

   • Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/macL

   • Microsoft Edge: https://docs.microsoft.com/en-us/microsoft-edge/devtools-guide/debugger/cookies

   • Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

4. The Controller informs that disabling or limiting cookies may cause difficulties or inability to use the Website.

5. The Website uses plugins from Google Inc. (headquarters address: 1600 Amphitheater Parkway, Mountain View, CA 94043, USA), which may use cookies: Google Analytics and Google reCAPTCHA.

Article 7. Rights of data subjects

1. The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the information set forth in this provision - Article 15 of the GDPR.

2. The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Considering the purposes of processing, the data subject has the right to request completion of incomplete personal data, including by submitting an additional statement - Article 16 of the GDPR.

3. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the grounds as set forth in this provision applies - Article 17 of the GDPR.

4. Principle of law: The restriction of processing means the marking of the stored personal data in order to restrict their future processing. After such marking, their processing, apart from storage, shall only be possible based on consent or for the purposes as specified in this provision. Restrictions may be requested in the cases as referred to in that provision - Article 18 of the GDPR.

5. Principle of law: The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller - Article 20 of the GDPR.

6. If the Controller intends to process or processes the User’s or the Customer’s data for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of his/her personal data, including profiling.

7. If the Controller processes the User's or Customer's personal data based on consent, consent may be withdrawn at any time, without affecting the legality of the processing carried out before withdrawal of consent.

Article 8. Final Provisions

1. The Policy applies only to this Website. The Controller informs that the Website may contain links to other websites or multimedia players (such as YouTube and Soundcloud) that are not run by the Controller. The Controller encourages you to read the privacy policy and cookie policy after visiting the websites of other entities.

2. The Controller uses technical and organizational measures to ensure the protection of personal data being processed, appropriate to the threats and categories of data protected, and in particular, protects the data against unauthorized disclosure, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction.

3. The Controller provides technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons.

4. The Controller may periodically update this policy.

5. If it is found that personal data are processed contrary to the provisions of the law, the User has the right to lodge a complaint with the President of the Office for Personal Data Protection. More information is available here: https://uodo.gov.pl/pl/83/155