The Administrator shall attach great importance to the protection of personal data of the Entities and of information entrusted them. The Controller’s policy is aimed at ensuring the greatest possible level of confidentiality of personal data of the Entities, in particular as regards the protection against unauthorized access or unauthorized alteration, disclosure or destruction of personal data.
1. The Controller of personal data provided by the Entities in the course of registration and Account creation procedure, and in connection with the use of Website shall be the Controller that is Skriware spółka z ograniczoną odpowiedzialnością with its seat in Warsaw, address: ul. Kolejowa 19/21, 01-217 Warszawa, entered in the Register of Entrepreneurs by the District Court for the Capital City of Warsaw, 13th Commercial Division of the National Court Register under entry No. KRS 0000540128.
2. For the purpose of service provision, the Controller processes the following personal data of the Entities:
- name and surname,
- personal identification number PESEL, or the number of passport, ID card or other identification document,
- address for correspondence,
- email address,
- IP number,
- bank account number.
3. It is recommended for the Entities not to use their personal data in the user name and email address.
4. Providing personal data is necessary to use some of the Website functionalities by Entities if basic contact data are not provided, we will not be able to respond to Entities’ queries or manage their accounts.
5. The Controller processes personal data of the Entities to share, maintain and provide services, to advertise their services, as well as in connection with the use of Website functionalities, and the execution of transactions between the Users and the Uploaders.
6. The Controller processes personal data of the Entities based on the following legal bases:
- Processing of data is necessary for the purpose of performing contract with Entities (i.e. managing accounts with us and operating the market)
- In processing Entities’ contact data, we pursue our legitimate interest in direct marketing of our services and products.
7. Each Entity has the right to object to the processing of their personal data by us and to request that we correct or delete data. If an Entity files such a request, we will stop processing their data and delete it, unless there exists an important overriding legal interest (e.g. defense of claims or existence of a legal obligation to retain the data) which will entitle us to keep the Entity’s data for a longer period. Entities also have the right of access their data, as well as the right to data portability and to restriction of processing. A relevant request in this respect shall be sent by mail to the address provided in subclause 1 above, or by email to the email address [email protected]. The Entities also have the right to file a complaint with the relevant data protection authority.
8. The Controller represents and warrants that the personal data of the Entities is:
- processed in accordance with the law,
- collected for specified and lawful purposes, and in principle, it is not subject to further processing which would be noncompliant with these objectives,
- relevant and adequate in relation to the purposes for which they are processed.
9. We process Entities’ personal data only for as long as necessary for the purposes, for which it was collected. In establishing the retention period for your personal data, we take into account, among others, the following criteria: (i) whether The Entity expresses continuous interest in our services, (iii) if the Entity told us during the call or in a message that they would like to be contacted in the future (iii) if Entities are active on their account with us.
10. We entrust the processing of personal data to third party providers, who act on our behalf and solely based on our instructions (data processors). In particular we use data processors, whom we select carefully, to store your data on secure servers located within the territory of the EU.
11. We may have to share Entities’ personal data with competent authorities (in particular the police or prosecution service), if they approach us with such a request, provided that there exists an appropriate legal basis for making your personal data available to them (e.g. a court order).
13. The provision of personal data by an Entity may also occur or be necessary if an Entity makes a request to the Administrator for the provision of specific information.
14. The Entity can neither in the course of registration nor during the use of any Website functionality provide any personal data of other Entities or non-Entity third parties, and in particular the Entity may not disclose personal data of other Entities or third parties in the Model names. If this obligation is violated, the Administrator shall not be liable in this respect, in particular to entities whose personal data has been entered by the Entity.
15. The Entities have an absolute obligation to comply with the law regarding the protection of personal data.
16. The Controller shall offer the Entity a possibility to remove their personal data in the cases where the provisions of law so provide, and in particular at the request of the Entity. If personal data is included in a user name or an email address provided during the registration procedure, in the event of a request to remove the personal data, the Entity shall be required to indicate a new user name and a new email address. Otherwise, the Entity shall not have access to the Account and shall not be able to benefit from the Controller’s services.
17. The Controller under any circumstances (except as provided by applicable law) shall not process personal data disclosing racial or ethnic origin, political opinions, religious or philosophical beliefs, religious, party or union affiliation, as well as the data on health condition, genetic code, addictions or sexual life, and data referring to convictions, decisions imposing penalties and fines, and other decisions issued in court or administrative proceedings. The Entities are not allowed to provide the above mentioned data.
18. The Controller may delegate data processing to another entity by way of an agreement in writing, to which the Entity gives their consent.
19. Personal data of Entities are protected thanks to a safe and stable system of data protection used by the Controller.
20. The Entity may at any time contact the Controller for the purpose of obtaining information about whether and how the Controller uses or intends to use personal data of the Entity. The Entity may request this information by mail sent to the address provided in subclause 1 above, or by email sent to the email address [email protected].
22. Cookies are the small text files / fragments of text that the Website sends to the browser and which are sent back by the browser at the next entrances to the website, for the purpose of keeping the browser session or storing user page data.
23. Web beacons (also known as pixel tags) are transparent image files used to monitor your journey around the Website and the way you interact with the Website and its content.
24. Google Analytics is a tool we use in order to calculate visits to our website, check which functionalities of our website are used most and improve the operation of the Website.
25. We also use Hotjar tool on our Website. Hotjar monitors and stores users' behaviour on the website. Hotjar processes the following data: navigation, website scrolling, cursor movement. Other data such as location, device id, operating system, browser and cookies are also processed.
26. Device fingerprinting is a technology which allows us to collect information about your device (what browser or operating system you use, plug-ins, time zone, other settings). We use this information to identify you and to ensure security of our website.
28. The following types of cookies are used by the Website – ‘session cookies’ which are erased when the user logs out or closes the browser and ‘persistent cookies’ which remain on the user's device for a pre-defined period of time or until the user deletes them manually.
31. Handling and use of "cookies" is allowed automatically. However, these settings can be changed at any time. For details on how cookies are handled and used, see the settings of your web browser. You can learn more about cookies and similar technologies and check how to disable them for the browser you use by visiting the following website: http://www.allaboutcookies.org.
32. If you wish to learn more about Google Analytics tools and your privacy, please visit the following site: https://support.google.com/analytics/answer/6004245?hl=en. You can also opt out from Google Analytics by installing a browser add-on available here: https://tools.google.com/dlpage/gaoptout?hl=en-GB