SpyroSoft

SPYROSOFT SPÓŁKA AKCYJNA PRIVACY POLICY

§ 1

  1. The Controller of the personal data you provide is SPYROSOFT Spółka Akcyjna with its registered office in Wrocław, Plac Teatralny 8, entered in the Register of Entrepreneurs kept by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division, under the KRS number: 0000616387, Tax payer id. no. (NIP): 8943078149, hereinafter referred to as the Controller; the Controller shall carry out the processing of your personal data.
  2. The Controller can be contacted in writing by postal mail at the following address: Plac Teatralny 8, 50 – 051 Wrocław or by email: rodo@spyro-soft.com
  3. The basis for the processing of your personal data is:
    1. Your consent to the processing of personal data and receiving marketing communications, in particular expressed through the form placed on the websites used by the Controller to conduct business activity,
    2. necessity resulting from the legally justified interests pursued by the Controller, such as providing information about the business activity conducted by the Controller and the products offered, reliable performance of the obligations assumed by the Controller, in particular the implementation of agreements, offering products/services of the highest standard, as well as providing information about the Controller. The processing of personal data in the above-mentioned scope is within the scope of business activity conducted by the Controller and is necessary for the provision of information, products and services to customers.
    3. in the case of concluding a contract – the necessity of reliable performance of obligations resulting from the contract.
  4. Your personal data shall be processed for the purpose of:
    1. presentation of the offer concerning the services or products provided by the Controller, as well as the information on introducing new solutions,
    2. the provision of information and communications of a marketing nature,
    3. providing information about meetings, promotions and other activities related to the Controller’s activity,
    4. in the event of concluding an agreement with the Controller covering the provision of services, your data will be used for purposes related to the reliable performance of such an agreement, including accounting purposes and the processing of complaints,
  5. Your personal data may be made available to recipients who directly perform activities within the framework of performed services or to recipients through the mediation of whom the Controller performs marketing or informational activities.
  6. Your personal data may also be transferred to an entity providing hosting services for the Controller, which has appropriate safeguards against access by third parties to the stored data.
  7. Your personal data shall not be transferred to recipients located in a third country, i.e. outside the European Economic Area.
  8. You have the right to:
    • request the Controller to access his/her personal data, rectify them, delete or limit the processing of personal data,
    • to appeal against such processing,
    • to the transfer of data,
    • to lodge a complaint with the supervisory authority.
  9. These rights may be exercised by transmitting the request using the data referred to in paragraph 2 above.
  10. Your personal data may be subject to automated decision making, including profiling.
  11. Your personal data shall be processed:
    1. on the basis of the consent given, until such time as the consent is revoked or the purpose for which the data were collected ceases to exist. Consent granted may be withdrawn at any time without affecting the lawfulness of processing carried out on the basis of the consent before its revocation
    2. in connection with the performance of the agreement concluded with the Controller – until the lapse of the period in which You or the Controller may pursue claims related to the agreement concluded, or until the lapse of the period in which proceedings may be instituted by public administration bodies in connection with the performance of the agreement,
    3. in connection with marketing and information activities – until the end of the Controller’s activities consisting in offering products and services and conducting marketing campaigns.

§ 2

  1. The service you use is available at the following address: www.spyro-soft.com (Service), does not collect any information by automatic means, except for the information contained in cookies files.
  2. Cookies files are informatics data, in particular text files, which are stored in the end device used by you to use the Website and enable you to use it. Cookies usually contain the name of the website from which they come, the duration of their storage on the end device and a unique number.
  3. The Controller is the entity that places and accesses cookies on your end device.
  4. Cookies files are used for the purpose of:
  5. adjusting the content of the Service’s websites to the user’s preferences and optimizing the use of the Service’s websites; in particular, these files allow to recognize the Service’s User’s device and display the Service’s website, adjusted to his/her individual needs, accordingly;
  6. the production of statistics that help to understand how the users of the Service use the websites, which allows for the improvement of their structure and content;
  7. maintaining the session of the Service User (after logging in), so that the user does not have to re-enter the login and password on every subpage of the Service;
  8. The following types of cookies are used within the Service:
  9. “necessary” cookies, enabling the use of services available within the Service, e.g. authentication of cookies used for services requiring authentication within the Service;
  10. security cookies, for example, used to detect fraud in the authentication of the Service;
  11. “performance” cookies, which enable us to collect the information about the way the Service’s websites are used;
  12. “functional” cookies, which allow the user to “remember” and personalize the user interface of his/hers choice, for example, with regard to the language or region chosen, the font size, the design of the website, etc.;
  13. “advertising’ cookies, which make it possible to provide users with advertising content more suited to their interests.
  14. In many cases, web browsing software (web browser) by default allows cookies to be stored on a user’s end device. Service Users may change their cookie settings at any time. These settings may be changed, in particular, to block the automatic use of cookies in the settings of your browser or to inform you of any placement of cookies on your device. Detailed information about the possibility and methods of using cookies are available in the settings of the software (web browser).
  15. The Controller informs that restrictions on the use of cookies may affect some functionalities available on the website of the Service.
  16. Cookies placed on the end device of the Service user, can also be used by the advertisers and partners cooperating with the Service operator.
  17. For more information on cookies, please visit http://wszystkoociasteczkach.pl/or the “Help” section of your browser’s menu.

§ 3

  1. The Controller formulated particular objectives in the scope of personal data security and undertook actions necessary for their occurrence in the company run by him:
    1. ensuring that personal data are processed lawfully, fairly and transparently for the Data Subject (‘lawfulness, fairness and transparency’);
    2. to ensure the collection of personal data for specified, explicit and legitimate purposes and not to further process such data in a way incompatible with those purposes; (‘purpose limitation’);
    3. ensuring that personal data are collected adequately, appropriately and limited to what is necessary for the purposes for which they are processed (‘data minimization’);
    4. The Controller shall take steps to ensure that personal data are correct and, where necessary, kept up to date, and that any reasonable steps are taken to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are immediately erased or rectified (‘correctness’);
    5. The Controller shall take steps to ensure that personal data are kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed (“retention restriction”);
    6. The Controller shall take actions to ensure that personal data are processed in a manner ensuring their appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organizational measures (“integrity and confidentiality”).
  2. The objectives set out in paragraph 1 shall be attained by taking appropriate measures and by applying effective safeguards, which shall include in particular:
    1. adequate security of the IT systems in which personal data are processed,
    2. constantly raising the awareness and knowledge of employees/coworkers in the field of personal data security,
    3. communicating the consequences, including disciplinary consequences, to employees/coworkers in the event of a personal data breach,
    4. granting access to documents, materials or systems containing personal data only to authorized persons,
    5. Securing documents, materials or systems form loss or destruction of personal data stored within.
    6. implementation of detailed rules defining the method of user rights management and authentication rules in all systems operated by the Controller,
    7. carrying out in-depth tests in the process of preparing new software,
    8. reporting of information security incidents,
    9. regular risk analysis in the area of information security and designing actions to minimize potential risks,
    10. entrusting personal data only to third parties that provide sufficient guarantees for the implementation of appropriate technical and organizational measures to ensure that the processing meets the requirements of generally applicable law of this document and protects the rights of data subjects.
  3. Taking into account the state of technical knowledge, the cost of implementation and the nature, scope, context and purposes of the processing as well as the risk of infringement of the rights or freedoms of natural persons with different probabilities of occurrence and the gravity of the risk resulting from the processing, the Controller has implemented – both at the time of determining the means of processing and during the processing itself – appropriate technical and organizational measures designed to effectively implement data protection principles in order to comply with the requirements of generally applicable legal provisions and to protect the rights of the Data Subjects.