PRIVACY POLICY

I. CONTROLLER OF PERSONAL DATA

IDivine limited liability company with its registerred office at Bohdana Zaleskiego 1 street, 31–525 Cracow, Poland, entered into register of entrepreneurs of National Court Register under the number: 0000650206, NIP (tax identification number): 5732873109, REGON (statistical number): 365995833, share capital: 5.000 PLN, hereinafter referred to as the Controller.

II. CONTACT

You may contact the Controller by phone: +48–503-041–000, or by email: support@dizply.com.

III. MEANS AND PURPOSES OF PROCESSING PERSONAL DATA

  1. In order to send an email notification regarding the services offered through the Website (newsletter), we process the below mentioned personal data:

    1. an email address.

    2. The legal basis of such data processing is the statement of consent for data processing provided by selecting one of the options under the subscription form by the User – then the legal basis of such data processing is article 6 sec. 1 letter a of GDPR, authorizing the processing of personal data on the basis of a consent made in voluntary way.

  2. In order to register on the Website through the Registration Form, we process the below mentioned personal data:

    1. name and surname (full name),

    2. an email address,

    3. data of User’s business activity (name, address, NIP), if the User is an entrepreneur.

    4. The legal basis of such data processing is the conclusion of Website account maintenance contract – then the legal basis of such data processing is article 6 sec. 1 letter b of GDPR, authorizing the processing of personal data if it is necessary to perform the contract, or to take action before the conclusion of the contract.

  3. In order to provide electronic services offered on the Website, consisting of keeping the User account, we process the below mentioned personal data:

    1. name and surname (full name),

    2. an email address,

    3. data of User’s business activity (name, address, NIP), if the User is an entrepreneur,

    4. data necessary to make payment for the order.

    5. The legal basis of such data processing is the conclusion d the agreement for providing the services electronically on maintenance of Website account– then the legal basis of such data processing is article 6 sec. 1 letter b of GDPR, authorizing the processing of personal data if it is necessary to perform the contract, or to take action before the conclusion of the contract.

  4. In order to issue billing documents (invoices) and to fulfill other obligations resulting from tax law (including storage of accounting documentation for a period of 5 years from the end of the tax year), we process the below mentioned personal data:

    1. name and surname (full name),

    2. entrepreneur’s company name,

    3. billing address,

    4. tax identification number.

    5. The legal basis of such data processing is article 6 sec. 1 letter c of GDPR, which allows personal data to be processed, if such processing is necessary for the Personal Data Controller to fulfill its legal obligations

  5. In order to answer the queries sent by the Contact Form available on the Website, we process the below mentioned personal data:

    1. User’s name,

    2. an email address.

    3. The legal basis of such data processing is taking actions on request of data subjects, before the conclusion of the contract – then the legal basis of such data processing is article 6 sec. 1 letter a of GDPR, authorizing the processing of personal data on the basis of a consent made in voluntary way.

  6. In order to create the registers and records related to obligation arising from GDPR, including for example the register of the clients who submit an objection in accordance to GDPR, we process such personal data as:

    1. Name,

    2. an email address.

    3. The legal basis of such data processing are:

    1. article 6 sec. 1 letter c of GDPR, which allows personal data to be processed, if such processing is necessary for the Personal Data Controller to fulfill its legal obligations — including in particular obligations to document processing activities for demonstrating compliance and accountability of personal data processing as well as in the event of exercising the rights of individuals the data to which they refer, including objections to the processing of data for marketing purposes, in order to know whom to do without such measures,

    2. article 6 sec. 1 letter f of GDPR, which allows personal data to be processed, if, in this way, the Personal Data Controller performs its legitimate interest (the legitimate interest of the Controller is to have knowledge about the persons who exercise their rights under Section III of the GDPR).

  7. For analytical purposes i.e. to study and analyze traffic on dizply.com website, we process the following personal data:

    1. time and date of visiting the website,

    2. type of operating system,

    3. approximate localization,

    4. the type of web browser used to visit the website,

    5. time spent on the website,

    6. visited subpages,

    7. the subpage where the contact form has been filled out.

    8. The legal basis for processing of abovementioned data is article 6 sec. 1 letter f of GDPR, which enables personal data to be processed, if, in this way, the Personal Data Controller performs its legitimate interest (the legitimate interest of the Company is to know the activity of users on the website).

  8. In order to use cookies on the website, we process text information (cookies will be described in a separate section). The legal basis for processing in this respect is article 6 sec. 1 letter a of GDPR, which allows personal data to be processed on the basis of a voluntary consent (when you enter the website for the first time, you will be asked for permission to use cookies).

  9. In order to administer a website, we process the following personal data:

    1. IP address,

    2. server date and time,

    3. information about the web browser,

    4. information about the operating system

    5. Those data are automatically saved in the so-called server logs at each time the Website is used. It would not be possible to administer the website without using the server and apply the abovementioned automatic recording. The legal basis for data processing for the above purpose article 6 sec. 1 letter f of GDPR, which allows to process of personal data if the Controller has the legitimate interest (the legitimate interest of the Administrator of personal data is the administration of the website).

IV. RECIPIENTS OF PERSONAL DATA

  1. Personal data processed by the Company may be transferred to the public authorities under the provisions of generally applicable law or decision of the competent authority.

  2. Personal data processed by the Company are provided to companies cooperating with the Controller, such as the hosting company and the company that operates a website. Personal data can also be transferred to entities providing accounting or legal services.

  3. Personal data, to the extent necessary to handle payments, are transferred to Chargbee Inc with its registered seat in 340 S Lemon Avenue, #1537 Walnut, California 91789, USA – the chargebee.com website operator, which we use in the scope of handling settlements related to payments for using the Website. Detailed information regarding the transfer of personal data to this recipient, constituting the transfer of personal data to third countries, can be found in part VI of this Policy.

V. DURATION OF DATA STORAGE

  1. Personal data are processed for the following periods:

    1. The duration of the contract – in relation to personal data processed for the purpose of entering into performance of the contract and undertaking activities leading to its conclusion at the request of the data subject,

    2. Until the consent is withdrawn or the purpose of processing is achieved but no longer than 3 years – in relation to personal data processed on the basis of the consent of the data subject,

    3. Until the object has been successfully filed or the purpose of the processing has been achieved, but no longer that 3 years – in respect of personal data processed on the basis of the legitimate interest of the Data Controller, or personal data processed for marketing purposes,

    4. Until the obsolescence of the data, but no longer than 3 years – in relation to personal data processed mainly for analytical purposes, the use of cookies and administration of the Website.

  2. The periods referred to in section 1 above, are counted from the end of the year in which personal data was obtained. This is to improve the management of personal data processing and the process of their removal after expiration of processing periods. In the event of a request to exercise the right to be forgotten, each application is considered individually.

VI. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

  1. In the operation of the dizply.com Website we use the services and technologies offered by third parties such as Google, Chargebee Inc., or Drift, which has its registered office outside the European Union — and consequently — in accordance with the GDPR — are treated as entities from a third country.

  2. GDPR provides the restrictions on the transfer of personal data to third countries. Due to the fact that European regulations does not apply there, the protection of personal data of EU citizens may be insufficient. Therefore, each personal data controller is required to establish the legal basis for such transmission.

  3. The controller ensures that when using the services and technologies, the personal data are transferred only to entities form the United States of America who have joined the Privacy Shield program, based on the European Commission’s executive decision of July 12, 2016 (details available here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_pl ). The entities who are the members of the Privacy Shield program, guarantee the compliance with the high standards in personal data protection that are in force in EU, so using their services and technologies is legal.

  4. At any time, the Controler is ready to provide the additional explanations regarding the transfer of personal data, especially if it raises any doubts.

  5. You have the right to obtain at any time a copy of your personal data that has been transferred to a third country.

VII.THE RIGHT OF THE DATA SUBJECT

  1. The Data subject has the right to:

    1. Access to personal data and receive the copy thereof,

    2. Request for rectification or supplementation of personal data,

    3. Request for erasure of personal data – in the data subject considers that is no basis to process their personal data, may request for their removal.

    4. Request for restriction of processing personal data – the data subject may request to controller to limit the processing of their personal data only to store them or perform activities agreed upon them, if the data is incorrect or the processing has no legal basis, or the data subject does not want to remove them due to the need to keep the data to establish, investigate or defend claims or until ending the verification whether the legitimate grounds of the controller override those of the data subject.

    5. Object to processing of their personal data:

  2. Processing personal data for direct marketing purposes — the data subject has the right to object to the processing of personal data for direct marketing purposes. By using this right, the personal data controller will cease processing personal data.

  3. Object on grounds of his/her particular situation — The data subject has the right to object to the processing of his/her personal data on the basis of a legitimate interest for purposes other than direct marketing. In the statement of opposition, the data subject shall indicate which particular situation concerns the data subject as a justification of the demand to cease the processing of personal data. The controller of personal data shall cease to process personal data for those purposes, unless the controller demonstrates compelling legitimate grounds for further processing override the rights of the data subject or that such data is necessary to establish, assert or defend claims.

    1. Request for transfer of personal data – the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

    You can exercise your rights by sending an email to: support@dizply.com .

VIII. THE RIGHT TO WITHDRAW OF CONSENT FOR PROCESSING OF PERSONAL DATA

  1. The Personal data object may at any time withdraw the consent for processing its personal data, which are processed on the basis of the consent. Withdrawal of consent does not affect the lawfulness of data processing carried out prior to its withdrawal.

  2. You may exercise your rights by sending an email to: support@dizply.com .

IX. THE RIGHT TO SUBMIT THE COMPLAINT TO SUPERVISORY AUTHORITY

The Person who considers that his/her personal data are processed unlawfully, may lodge a complaint to the Polish President of Personal Data Protection Office.

X. REQUIREMENT OF PROVIDING THE PERSONAL DATA

Providing the personal data is voluntary, but it is necessary, if the data subject is willing to use or obtain the information about the services offered through the dizply.com Website.

XI. COOKIES

  1. The website dizply.com uses cookies files for its operation. The cookies are short text information, saved in a web browser. When you are re-connecting to the website, the site recognizes the device on which the page is opened. The files can be read by the system, used by the Controller as well as service providers used in creating the dizply.com Website (e.g. Google, Drift, Chargebee).

  2. Some cookies are anonymized, which means that there is no possibility to identify the user without having additional information.

  3. The browser, which is used by the User, allows by default to use the cookies on devices used by the user. That is why the message asking you to agree to the use of cookies appears when you visit Website for the first time. In case you do not wish to use cookies during the use of the Website, the browser settings can be modified by completely blocking the automatic handling of cookies files or requesting each time your browser to notify cookies. Settings can be changed at any time.

  4. The cookies has the following functions (if the information is insufficient, please contact us):

    1. Session state – cookies store information, including information on how visitors use the Website, eg. which subpages are most often displayed, as well as give us the opportunity to identify errors displayed. Session files help us to improve the website and increase the browsing experience.

    2. Statistics – we use cookies to analyze the way of using our Website (how many people visited it, how much time they spent on the Website, which content is the most interesting to the visitors). This allows us to continuously improve our Website and adapt its operation to Users’ preferences. In order to track activities and create statistics, we use Google tools, such as Google Analytics. In addition to reporting website usage statistics, the Google Analytics pixel can also be used, along with some of the cookies described above. It is used to help display for the user more relevant content on Google services (e.g. Google search) and across the entire Internet network.

  5. Your web browser by default allows cookies to be used on your device, so when you visit our Website for the first time, please agree to the use of cookies.

  6. In case you do not want to use cookies when browsing the website, the settings in the web browser can be changed in the following way:

    1. you can completely block the automatic handling of cookies, or

    2. you can request a notification whenever cookies are placed on the device. Settings can be changed at any time.

  7. Please be advised that disabling or limiting the use of cookies may result in significant difficulties in using the website, eg. in the form of a longer website loading period, restrictions in the use of functionality, etc.

XII. SERVER LOGS

  1. Information about certain actions initiated by Users are subject to registration in the form of logging in on the server and on the web hosting provider’s server. These data are used only for proper administration of the Website and to ensure efficient service of communication related to the services offered through the Website.

  2. Recoding may be subject to:

    1. URL address,

    2. Information about User’s browser,

    3. Information about the User’s IP address.

  3. The log of user activities may be also recorded, including, for example, the email address that was given when placing the query available on the website. In that case, the logs are available in the tools used to create the website and tools that support the functionalities available on the website.

  4. The data indicated in sec. 2 above are not associated with specific people who visit the website, the personal data controller uses it only in order to administer the Website.

XIII. AUTOMATED INDIVIDUAL DECISION-MAKING AND PROFILING

The Controller does not make any automated individual decision-making, including automated individual decision-making on the basis of profiling. The content of the inquiry, which is sent via the contact form, is not subject to assessment by the IT system.

XIV.FINAL PROVISIONS

  1. In the scope, which is not covered by this Privacy Policy, the provisions on the protection of personal data shall apply.

  2. Any changes to this Privacy Policy will be notified / notified by email.

  3. This privacy policy is valid from 01/08/2019.