- Who is the administrator of your personal data,
- What data we process,
- For what purpose and on what basis we process data,
- Who we share data,
- What rights are our Users entitled to as subjects of personal data,
- How long do we process data,
- Selected methods of data protection.
I. Basic information.
1. The administrator of the portal under thedomain eyenimage.pl and at the same time the administrator of personal data provided by users of the Portal is Eyenimage Limited Liability Company based in Suchy Las, registered by the District Court Poznań - Nowe Miasto and Wilda in Poznań, 8th Commercial Division of the National Court Register under KRS number : 0000719576, NIP 9721286273, REGON: 369536810, (hereinafter referred to as the "Administrator").
The Administrator is the Portal's service provider and decides on the purposes and methods of processing Users' personal data.
2. The Administrator can be contacted in writing by sending correspondence to the following address: Eyenimage Sp. z o. o., ul. Leśna 26, Suchy Las or by e-mail to the following address: [email protected].
3. Based on Article. 13 sec. 1 and sec. 2 and art. 14 sec. 1 and sec. 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/56 / EC (hereinafter: "GDPR" ) applied from May 25, 2018, in this document, we inform users about the manner and purpose for which we process their personal data (hereinafter referred to as "data"), as well as about your rights related to data protection.
II. The scope of collected personal data, the basis and purpose of their processing.
1. We process user data provided voluntarily during registration on the Portal and while using it. We collect in particular content, messages and other messages received from Users, location data, data on creating content, using the Portal's functions. In addition, we collect information about how the User uses our products, about the types of content displayed. We also process data by saving cookie files on end devices (so-called "cookies") and by saving technical logs.
2. If the User uses the services offered on the Portal or makes payments, we process data on transactions, including payment data. These are i.a. numbers and other details of debit or credit cards, account details and information transmitted when authenticating transactions, contact details.
3. Providing personal data in the fields required during registration is necessary to use the Portal. Data is collected only to the extent necessary to fulfill the provisions of the Portal Regulations, to the extent necessary to ensure compliance with our legal obligations, to the extent necessary to protect the interests of Users, to the extent required to secure the legitimate interests of the Administrator.
4. The data is processed in accordance with the provisions of the GDPR and Polish data protection regulations, including the Act of May 10, 2018 on the protection of personal data.
5. The data is processed on the basis of the consent granted (Article 6 (1) (a) of the GDPR) in order to enable the User to use the Portal, provide services on the Portal, make payments, display advertisements and relevant content, tailored to the preferences of users. For this purpose, we use the information we have about Users, in particular data about interested parties, contacts and activities in order to personalize the advertisement and share the content of the Portal.
6. We also use the information we have to develop, test and improve our services, including research and surveys of the services offered.
7. We also process Users' data in order to fulfill the obligations in connection with the provision of the Portal to Users and pursuant to art. 6 sec. 1 lit. c and f GDPR, when we fulfill legal obligations and pursue the legitimate purpose of the Administrator or a third party, as well as in certain cases based on art. 18 of the Act of July 18, 2002 on the provision of electronic services.
The above means that the data is processed primarily to enable users to use the Portal, inform about planned technical works, inform about significant configuration changes, inform about changes to the regulations, provide services offered on the portal, fulfill obligations imposed by law, satisfaction surveys. users, pursuing claims and defending against claims, direct marketing of products and services and for internal administrative purposes of the Administrator.
8. All Users' personal data will be processed only in accordance with the purpose for which they were collected.
9. Please be advised that the consent granted to the processing of data may be withdrawn at any time. Withdrawal of consent does not affect the lawfulness of data processing until the consent is withdrawn. Withdrawal of consent, however, prevents further use of the Portal and the need to remove all content posted by the User.
10. User data is subject to automatic decision making, including profiling. Profiling consists in collecting information about the user on the basis of his behavior on the Internet and shaping the content of the Portal accordingly, or offering products and services, as well as advertisements.
III. Provision of personal data.
1. In some situations, the Administrator has the right to transfer the personal data of users to other recipients, if it is necessary to enable the use of the Portal or to fulfill the obligations incumbent on the Administrator. In this case, we will transfer personal data to three groups of recipients:
- persons authorized by us, our employees and associates who must have access to personal data in order to perform their duties,
- processors entrusted with the processing of personal data, e.g. programmers, banks , payment providers, insurers, law firms. These data are transferred in order to improve the Portal, maintain the continuity of providing services, enable payments for services purchased on the Portal, perform legal obligations, and defend against claims.
2. We provide Users' data to public authorities, e.g. courts and law enforcement agencies, but only if there is a legal basis for this.
3. In certain cases, user data may be transferred to recipients in countries outside the European Union.
IV. Data storage period.
Users 'data will be processed for the period necessary to implement the indicated in paragraph II points 5-7:
- within the scope of the consent granted - until its withdrawal, and after that time, some Users' data will be stored on a different legal basis, e.g. for the period required by legal provisions or for the implementation of any claims,
Withdrawal of consent to data processing results in the need to delete the User's account and delete the content published by the User, such as photos, statuses, etc.
- in terms of fulfilling the legal obligations incumbent on the Administrator in connection with the conduct of business and the implementation of concluded contracts - until these obligations are fulfilled by the Administrator,
- until the legitimate interests of the Administrator that constitute the basis for this processing are fulfilled or until the user objects to such processing, unless there are legitimate grounds for further data processing,
- in case of for the necessity of data pursuing claims or defending against claims - for the limitation period plus one year.
V. User Rights.
Portal users have the right to:
- request access to their data, as well as request their rectification, limitation of their processing or their removal,
- withdrawal at any time of the consent previously given to the processing of data to the extent to which this consent relates, subject to the withdrawal consent will not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal,
- request the transfer of the provided data processed for the purpose of concluding and performing the contract or processed on the basis of consent,
- submit a complaint to the supervisory body which is in Rzeczpospolita. Polska is the President of the Personal Data Protection Office, if you believe that the processing of your data violates the provisions of the GDPR,
- object at any time to the processing of data for reasons related to your particular situation, when the Administrator processes data for purposes arising from legitimate interests or for purposes related to direct marketing, as well as to object to profiling.
VI. Selected methods of data protection.
1. The administrator attaches particular importance to respecting the privacy of users whose personal data is processed, and also takes special care in applying the best possible standards and practices related to the security of this data.
2. The administrator uses all the security required by applicable law to ensure the protection of personal data being processed, in particular protection against disclosure to unauthorized persons and data loss.
3. The administrator uses, among others the following protection mechanisms:
- user passwords are not saved in the database in an open or reversible way,
- the places of logging in and entering personal data are protected in the transmission layer (SSL certificate),
- data protection measures (e.g. disk arrays, regular backups),
- adequate physical measures to protect the processing sites,
- measures to ensure appropriate environmental conditions for servers as elements of the data processing system.
2. Cookies are used for the following purposes:
- creating statistics,
- maintaining the user's session (after logging in), thanks to which the user does not have to re-enter the login and password on each subpage of the Portal;
- keeping information about service commands for the purposes of the referral program;
- determining the user's profile in order to display him matched materials in advertising networks, in particular the Google network.
3. The website uses two types of cookies: session cookies and persistent cookies. Session cookies are temporary files that are stored on the User's end device until logging out, leaving the website or turning off the software (web browser). Persistent cookies are stored on the User's end device for the time specified in the cookie file parameters or until they are deleted by the User.
4. The web browser usually allows cookies to be stored on the User's end device by default. Website Users can change the settings in this regard. The web browser allows you to delete cookies. It is also possible to automatically block cookies. The effect of changing the settings in the browser, depending on the selected option, may be the loss of the ability to use some websites and services or some of the functions available in them.
5. Cookies placed on the User's end device may also be used by entities cooperating with the Portal, in particular the companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA), LinkedIn (Microsoft Corporation based in the USA), VKontakte (Mail.Ru Group based in Russia).
6. The administrator uses the Google Analytics service to analyze the traffic on the remarketing website, i.e. activities thanks to which advertising networks can display advertising messages tailored to his behavior on the Portal.
VIII. Final Provisions.
1. Any questions and requests regarding the processing of personal data can be sent by traditional mail to the address or by e-mail to the Administrator's addresses indicated in paragraph I. The