Data Privacy

I. Introduction

In this Privacy Policy (hereinafter referred to as the "Policy"), we provide information on how e-Xim IT spółka akcyjna with its registered office in Warsaw (hereinafter the "Company" or "we") processes your personal data. The personal data is information regarding an identified or identifiable natural person is considered to be personal data. Personal data are, for example, name, surname, e-mail address, bank details, payment card number, or the IP address of the computer. The policy is an expression of the fulfillment of information obligations by the Company towards natural persons whose personal data the Company collects (“you” or “User”), resulting from the provisions on the protection of personal data, including the provisions of:

  • Regulation of the European Parliament and of the Council (EU) 2016/679 of 27/04/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC ("GDPR");
  • The Act of July 18, 2002 on the provision of electronic services; 
  • The Act of July 16, 2004, Telecommunications Law.

II.  The scope of information indicated in the Policy and its application

This Policy contains information , the purpose of which is in particular to explain:

  1. who is the controller of your personal data;
  2. how and why we collect and use your personal data;
  3. when and why we will transfer your personal data to others entities;
  4. what rights do you have in relation to the processing of your personal data by us. 

The Policy applies if:

  1. you contact with us in order to obtain information regarding to our products and services;
  2. you visit our website;
  3. you use the functionalities available on our website;
  4. you download our software, in particular our products from Altassian Marketplace, such as [●].[ES1] 

III. The collector of personal data

The collector of your personal data is e-Xim IT spółka akcyjna with its registered office in Warsaw, address: ul. Posag 7 Panien 1 Street, 02-495 Warsaw, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw XIII Commercial Division KRS (court registration number) under KRS number 0000568611, with REGON number 146820827, NIP (Tax ID): 7010390992, with share capital in the amount of 123.285 PLN.

Our contact data: 

·       our seat address: ul. Posag 7 Panien 1, bud. C, 02-495 Warszawa 

At the same time, we explain that the data controller is an entity that determines the purposes and methods of personal data processing. 

The administrator has appointed the Personal Data Protection Inspector (DPO) – Ms. Izabella Pobudkiewicz, who can be contacted by e-mail: iodo@e-xim.pl or in writing to the address of the Administrator's seat.

IV. Purposes and legal grounds for processing your personal data

We process your personal data for the following purposes: 

  1. in order to fulfill the obligations incumbent on the Company, related to its activities, resulting from the provisions of law, including tax, accounting, accounting and reporting obligations regarding the storage of specific documentation (the legal basis for the processing of your personal data for this purpose is Article 6 (1) (c) of the GDPR); 
  2. in order to implement the legitimate interests of the Company, including: responding to your inquiries addressed to the Company (e.g. via the electronic contact form available on the Website, electronically or by phone), marketing of the Company's products and services, relationship management, monitoring and quality improvement services provided by the Company, determining, investigating or defending claims, making economic and statistical analyzes, counteracting fraud, reporting and reporting obligations of the Company (the legal basis for processing your personal data for this purpose is Article 6 (1) (f) of the GDPR); 
  3. in order to perform the contract to which you are a party or to take action on your request, leading to the conclusion of the contract, inter alia, as a result of downloading our software, in particular products from Atlassian (the legal basis for processing is Article 6 (1) (b) of the GDPR ); 
  4. in other cases (e.g. in order to send you commercial information by electronic means regarding our products or services) your personal data will be processed only on the basis of your prior consent, to the extent and for the purpose specified in the consent (the basis legal processing of your personal data for this purpose is art.6 par.1 lit.a) GDPR).

V.  The scope of collected your personal data

The company collects your personal data to the extent necessary to achieve the purposes of processing indicated in point IV.above and corresponding to the relationship that connects you with the Company. In particular, the Company may process the following categories of your personal data: identification and contact data, technical data (related to the use of the Website), data related to communication with us.

VI. Means of acquired your data

We receive your data directly from you when you fill out a contact and when you download our software, especially apps from Atlassian Marketplace, such as [●].[ES2] 

VII. Atlassian Marketplace

If you use the Atlassian Cloud Application, your data will be stored on Amazon Web Services and Heroku servers. Please see the Amazon Web Service Privacy Policy https://aws.amazon.com/privacy/ and Heroku: https://www.salesforce.com/company/privacy. Customer data for all cloud-based applications is created once a day and encrypted. We also support our work by using Google Analytics (https://www.google.com/analytics/terms/us.html) to collect anonymous data to see how Users use our applications.

VIII. Recipients of your personal data

In connection with the processing of your personal data for the purposes outlined above, the Company may disclose your personal data to the following recipients or categories of recipients:

  1. public authorities and entities performing public tasks or acting on behalf of public authorities, to the extent and for the purposes that result from legal provisions; 
  2. entities processing personal data on behalf of and on behalf of the Company, including IT service providers, financial intermediation.

IX. Transferring your personal data to third countries

Your data will be transferred outside the European Economic Area, i.e., to Microsoft, Google, Facebook. This providers guarantees a high level of personal data protection. These guarantees arise in particular from the obligation to use standard contractual clauses adopted by the EU Commission or participation in the ‘Privacy Shield’ program established by Commission Implementing Decision (EU) 2016/1250 of July 12, 2016, on the adequacy of protection provided by the EU-US Privacy Shield.

 

X. The period of storage of your personal data

Your personal data will be kept by the Company for the period necessary to achieve the purposes of processing, as indicated in point IV. of this Policy. In particular, in cases where the basis for the processing of your personal data is your consent to the processing of personal data, your personal data will be stored until the Company completes the purpose to which the consent was given, but no longer than until you withdraw your consent.

Your personal data will also be kept for the period and to the extent required by law or for the Company to implement the legitimate interests of the data controller, to the extent specified by us in point IV. above.

XI. Your rights

Due to the processing of your personal data by the Company, you have the following rights: 

  1. the right to request access to your personal data, including the right to obtain a copy of this data; 
  2. the right to rectify or supplement your personal data, if you find that your data is processed by us inconsistently with reality, in particular if you find that the data is incorrect or incomplete; 
  3. the right to request the deletion of your personal data in the cases specified in the law; 
  4. the right to demand that the processing of your personal data be restricted; 
  5. the right to object to the processing of your personal data;
  6. the right to transfer personal data; 
  7. in cases where the processing of personal data takes place on the basis of your consent to the processing of data - you have the right to withdraw consent at any time without affecting the lawfulness of the processing which was carried out on the basis of consent before its withdrawal.

If you want to submit an application for the implementation of the above rights, you can do so by contacting us by correspondence or e-mail, using our contact details indicated in point III. of this Policy. 

The company is obliged to provide the information you request without undue delay - and in any case no later than within one month of receiving your request. If the request is complex or the number of requests is large, the Company has the right to extend the deadline for considering your request for an additional two months, about which the Company will inform you in advance within one month of receiving your request. The maximum deadline for completing your application may not be longer than 3 months from the date of receipt of the application.

In addition to the rights indicated above, if you believe that the processing of your personal data by our Company violates the provisions of the GDPR, you have the right to lodge a complaint with the supervisory body which is Prezes Urzędu Ochrony Konkurencji i Konsumentów (address: plac Powstańców Warszawy 1, 00-950 Warszawa, contact: uokik|uokik.gov.pl| |uokik|uokik.gov.pl).

XII. Obligation/voluntary provision of personal data

Providing your personal data is voluntary, but failure to provide it will make it impossible to achieve the goals referred to in point IV. of this Policy, in particular, it will make it impossible to consider your loan application or to respond to your inquiries.

XIII. Contact in matters related to the protection of personal data

In all matters related to the processing of your personal data by the Company, in order to exercise your rights referred to in point IX. above, please contact the Company or the Data Protection Officer via the contact details indicated in point III. of this Policy.

XIV. Use of Cookies

According to Art. 173 of the Act of 16 July 2004 Telecommunications Law, we use cookies constituting IT data, in particular text files, which are stored on the end device of the person visiting our website. Cookies usually contain the name of the website they come from, the storage time on the end device and a unique number.

Cookies are used for the following purposes:

  1. to facilitate the use of our website while browsing it; 
  2. subsequent association of the User in the event of reconnecting the website with the device on which they were saved; 
  3. creating statistics that help to understand how Website Users use websites, which allows improving their structure and content; 
  4. adapting the content of websites to the User's specific preferences and optimizing the use of websites, tailored to the individual needs of the User.

As part of our website, we use the following types of cookies:

  1. "Session" - are stored on the User's end device until logging out, leaving the website or turning off the web browser; 
  2. "Permanent" - stored in the User's end device for the time specified in the parameters of Cookies or until their removal by the User; 
  3. "Efficiency" - they enable the collection of information on the way websites are used; 
  4. "Necessary" - enabling the use of services available on the website; 
  5. "Functional" - making it possible to remember the settings selected by the User and to personalize the User's interface; 
  6. "Own" - posted by us; 
  7. "External" - originating from an external site than our site.

The information is in no way combined with the personal data of the Website User and is not used to identify the User. The scope of information collected automatically depends on the User's web browser settings. The User should check the settings of his browser to find out what information is provided by the browser automatically or to change these settings. For this purpose, we recommend that you read the "Help" of the web browser used. 

Software for browsing websites, i.e. a web browser, usually allows cookies to be stored on the User's end device by default. Website Users can change the settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is included in the help or documentation of the web browser used by the User.