Privacy Policy - Cropchart

PRIVACY POLICY

§1. Personal Data Administrator

1. The administrator of personal data within the meaning of art. 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of On April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (GDPR) is Seth Software Limited Liability Company with its registered office in Głogów Małopolski at ul. Strefowa 1, 36-060 Głogów Małopolski, NIP: 8132709001, REGON: 690512599, KRS: 0000114098, registration court: District Court in Rzeszów, 12th Commercial Division of the National Court Register, share capital PLN 50,000.

2. Contact details of the data administrator: e-mail address sales@cropchart.net.

3. The administrator pursuant to art. 32 para. 1 RODO adheres to the principle of protection of personal data and applies appropriate technical and organisational measures to prevent the accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access to personal data processed in connection with their activities.

4. Providing personal data is voluntary, but necessary to establish cooperation and/or conclude a contract with the data administrator.

5. The data administrator processes personal data only to the extent required for the proper performance of the service for the data subject.

§2. Purpose and grounds for processing personal data

The administrator processes personal data for the following purposes:

a) preparation of a commercial offer in response to the client 's interest, which is the legitimate interest of the data administrator (Article 6 (1) (f) of the GDPR);

b) the provision of services via the Portal and the performance of contractual obligations, based on the concluded contract (Article 6 (1) (b) of the GDPR);

c) handling the complaint process, based on the obligation of the data administrator in connection with applicable law (Article 6 (1) (c) of the GDPR);

d) accounting related to the issuance and receipt of payment documents, pursuant to the provisions of tax law (Article 6 (1) (c) of the GDPR);

e) archiving data for possible determination, investigation or defence against claims or the need to prove facts, which is the legitimate interest of the data administrator (Article 6 (1) (f) of the GDPR);

f) contact by phone or via e-mail, in particular in response to inquiries addressed to the data administrator, which is the legitimate interest of the data administrator (Article 6 (1) (f) of the GDPR);

g) sending technical information regarding the functioning of the Website and services used by the client , which is the legitimate interest of the data administrator (Article 6 (1) (f) of the GDPR);

h) marketing, which is its legitimate interest (Article 6 (1) (f) of the GDPR) or based on prior consent (Article 6 (1) (a) of the GDPR).

§3. Data recipients. Transmission of data to third countries

1. The recipients of personal data processed by the data administrator may be entities cooperating with the data administrator when it is necessary for the performance of the contract concluded with the data subject.

2. The recipients of personal data processed by the data administrator may also be subcontractors – entities whose services are used by the data administrator when processing data, e.g. accounting offices, law firms, entities providing IT services (including hosting services).

3. The data administrator may be required to disclose personal data on the basis of applicable law, in particular to disclose personal data to authorised state authorities or institutions.

4. Personal data in connection with the administrator's use of traffic analysis and tracking tools on the Website may be transferred to an entity based outside the European Economic Area, e.g. to Google LLC, Hotjar Ltd. or Inspectlet Inc. based in the USA. As an appropriate data protection measure, the data administrator has agreed to standard contractual clauses pursuant to Art. 46 of the GDPR with the providers of these services. More information on this is available at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_en.

§4. Period of personal data storage

1. The data administrator stores personal data for the duration of the contract concluded with the data subject and after its termination for purposes related to the pursuit of claims related to the contract, performance of obligations under applicable law, but for no longer than the limitation period in accordance with the provisions of the Civil Code.

2. The data administrator stores personal data on payment documents (e.g. invoices) for the period of time specified by the provisions of the VAT Act and the Accounting Act.

3. The data administrator stores personal data processed for marketing purposes for a period of 10 years, but not longer than until the consent to data processing is withdrawn or an objection to data processing is raised.

4. The data administrator stores personal data for purposes other than those indicated in par. 1-3 for a period of 3 years, unless the consent to data processing has been withdrawn and the data processing cannot be continued on a basis other than the consent of the data subject.

§6. Automated decision making. Profiling

Personal data shall not be processed automatically, including through profiling.

§7. Google Analytics

1. The administrator uses Google Analytics, a web analytical service provided by Google Inc. based in the USA.

2. Google Analytics uses cookies that enable an analysis of the user's use of the website. The information generated by the cookie about use of the website is transferred and saved on a Google server. On behalf of the Administrator, Google will use this information to analyse the use of the website by users, to prepare reports on website activity and to provide other services related to the use of the website and the internet to the commissioning entity.

3. The data shall not be used for the purpose of identifying any natural person.

4. The user may prevent the storage of cookies through appropriate browser settings; however, in this case, he will not be able to use the full functionality of the website. In addition, users can prevent Google from collecting data generated by cookies and relating to their use of the website (including the IP address) as well as the processing of these data by Google by downloading and installing a browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=pl.

5. At any time, the user may object to the collection and processing of data related to the use of the Google website by downloading and installing the browser plug-in, which is available at the following address: https://tools.google.com/dlpage/gaoptout?hl=en.