[INCLUDING POLICY ON PERSONAL DATA AND COOKIES]
(Axence Sp. z o.o. Sp. j. – hereinafter referred to as the “Company”)
(version dated 07.05.2019)
1. General information
2. Specific purposes of data processing as part of the selected data processing procedures:
With regard to the implementation of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, as of 25 May 2018, we would like to provide you with some important information on the manner in which we process your personal data and on your rights related to that processing.
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). Therefore, this term refers to such data as first name, surname, address, date of birth, phone number or e-mail address (non-exhaustive list).
With regard to the provision of services by the Company, information not being personal data (not relating to an identifiable natural person) may also be processed, which is further discussed below. However, even in such case, the Company implements relevant security measures in order to ensure high level of security, similarly as in the case of personal data processing. In addition, the Company systematically assesses the risks related to possible re-identification of the indicated information.
The following personal data:
- personal data revealing one’s racial or ethnic origin, political views, religious or philosophical beliefs, affiliation to trade unions, as well as genetic or biometric data processed in order to unambiguously identify a natural person, or data concerning the health, sexuality or sexual orientation of that person are the so-called sensitive personal data.
Personal data controller is an entity which, on its own or in collaboration with others, sets the purposes and modes of personal data processing, i.e. decides on how your personal data are processed and is responsible for their processing in accordance with the law.
The Controller of personal data categories presented below is the company:
Axence Sp. z o.o. Sp. j., with its registered office and address in Kraków (30-527), ul. Na Zjeździe 11, entered in the Register of Entrepreneurs kept by the 11th Economic Division of Krajowy Rejestr Sądowy (KRS, National Court Register) of the District Court for Kraków - Śródmieście in Kraków under KRS number 0000903894; NIP [Tax Identification Number]: 6751399589.
Personal data are protected in accordance with the requirements of commonly applicable provisions of the law, and the data are stored on secured servers.
You have the right to access your data, including the right to obtain a copy of your data, the right to data portability, the right to rectify and erase your data, the right to restrict their processing and the right not to be subject to a decision which is based only on automated processing, including profiling, and which has legal effects or is otherwise significantly affected (see more: www.uodo.gov.pl). We also recommend that you read the brochure concerning your rights, available at https://www.gov.pl/cyfryzacja/rodo-informator. The effectiveness of submitted claims shall be evaluated by the Data Controller with regard to the applicable provisions of the law. For example, despite a request for data erasure being submitted, pursuant to GDPR, the Data Controller may still process them within the scope in which the processing is necessary to determine, pursue or defend claims (for the time necessary to fulfil these purposes).
You also have the right to lodge a complaint with the supervisory body (President of the Personal Data Protection Office) -> see www.uodo.gov.pl.
Remember that each time when your personal data are processed pursuant to Article 6(1)(f) of GDPR (see below), i.e. in case of legitimate interest of the Data Controller, at any time, you may object – for reasons related to a specific situation – to the processing of your personal data. After such an objection, the Data Controller shall no longer be able to process your personal data, unless it proves the existence of important, legitimate grounds for the processing, overriding the interests, rights and freedoms of the data subject, or any grounds for determining, pursuing or defending claims.
You may object to the processing in the manner indicated below (in the part explaining how you can contact us).
GDPR provides for a number of legal bases for the processing of personal data. One of them is a consent. If the processing of personal data is performed based on your consent, you may withdraw the consent at any time (e.g. by sending a request to the address: firstname.lastname@example.org ). The withdrawal of the consent does not affect the legitimacy of the processing performed on the basis of the consent prior to its withdrawal. The consent may be given only by an adult with full legal capacity. The consent is always voluntary. After you withdraw the consent, your personal data will no longer be processed and they will be erased or anonymized, except for the scope necessary for documenting the proper performance of obligations related to data processing (e.g. proper documentation of consent withdrawal), for the purposes of defending against claims (Article 6(1)(f) of GDPR, the so-called legitimate interest of the Data Controller) and for the purpose of performance of obligations arising from GDPR (e.g. accountability of Article 6(1)(c) in conjunction with Article 5(2) of GDPR). If you withdraw your consent, the data shall be processed for the maximum period of limitation of possible claims related thereto.
Your personal data will be accessed only by authorized employees, acting under the instructions. The data may be also disclosed to IT service providers supporting the pursuit of the purposes of Data Controller indicated below (after prior conclusion of relevant agreements on entrusting data processing). The details are indicated below. In particular, for the purpose of sending marketing information by e-mail, we use a tool provided by:
a) GetResponse Sp. z o.o. based on the agreement on entrusting data processing the content of which is available at:
In all matters related to personal data protection (including the intention to object or withdraw the consent, matters related to the observed breach of the provisions on personal data protection, or the wish to exercise your other rights), you can contact us by email at: email@example.com or by sending correspondence to the address: Axence Sp. z o. o. Sp. J. ul. Na Zjeździe 11, 30-527 Kraków.
In response to your request, you may be asked to provide those data which are necessary for the purpose of identification of your personal data (e.g. finding such information) or verification of your identity. In such case, only those personal data that are necessary for documenting proper performance of obligations related to data processing (e.g. proper documentation of consent withdrawal) for the purposes of defending against claims (Article 6(1)(f) of GDPR, the so-called legitimate interest of the Data Controller) and for the purpose of performance of obligations arising from GDPR (e.g. accountability of Article 6(1)(c) in conjunction with Article 5(2) of GDPR). For the above purposes, the data shall be processed for the maximum period of limitation of possible claims related thereto.
Considering the state of technical knowledge, the cost of implementation, the nature, scope, context and purposes of the processing and the risk of breach of rights or freedoms of natural persons with various degree of probability and importance, the Company implements appropriate technical and organizational measures in order to ensure the level of security corresponding to that risk, including, as applicable:
The Company takes action in order to ensure that each natural person acting under the authorization of the controller or the processor and having access to personal data processes them only at the request of the controller, unless it is required by the law of the European Union or a Member State.
Personal data provided in the forms and on the subpages of the Website are treated as confidential and are not visible to unauthorized persons. Personal data of persons visiting the Website are stored in a data base in which technical and organizational measures have been applied in order to ensure the protection of the processed data in accordance with the requirements set forth in the applicable provisions of the law. For this purpose, such measures as the secure socket layer (SSL) protocol are used. At the same time, the Company declares that the modern techniques of securing the Accounts and access to data, applied for Website protection, are designed to provide the highest level of security; however, for technical reasons, they cannot guarantee full confidentiality of the information which is stored and sent.
On the website https://axence.net/pl/ there may appear links to other websites. Such websites operate independently from the website and are not monitored by the website: https://axence.net/pl/ in any way. These websites may have their own privacy policies and regulations that we recommend you to read.
Below, we present a list of purposes, legal bases and periods of data processing, as well as the information if the provision of data is voluntary or mandatory under the following data processing procedures:
Personal data will be processed for the following purposes:
The company may entrust your data to e.g. IT service providers.
The data will be processed for the purpose of:
The company may entrust your data e.g. to IT service providers.
If you give your consent for the receipt of the newsletter (https://axence.net/pl/aktualnosci#newsletter), the data will be processed for the purpose of direct marketing of the data controller on the basis of the consent given (Article 6(1)(a) of GDPR, pursued by mailing (see Article 10 of the Act on the provision of services by electronic means)).
The Company may entrust your data e.g. to IT service providers.
The provision of data is voluntary.
Personal data of the Licensees, i.e. the parties to the license contract concluded (conditions available at: https://axence.net/pl/regulamin-axence-account), as well as their representatives and other persons performing the contract, e.g. the users of the Axence account website, will be processed mainly for the following purpose:
The Company does not obtain access to personal data (pertaining to identifiable natural persons) collected using the Axence nVision software. In this case, the Company may collect only statistical data aimed at the improvement of the quality of the performed service and the proper performance of the license contract, in accordance with the following rules:
For the purpose of conclusion and performance of the contract, including presentation of an offer, personal data from CEIDG (Central Registration and Information on Business) and KRS (National Court Register) may be obtained (within the scope indicated therein – basis: Article 6(1)(b) of GDPR and Article 6(1)(f) of GDPR in the case of natural persons other than the party to the contract, and also for the purpose of presenting an offer at the initiative of the data Controller).
Each time the data are obtained otherwise than directly from the data subject, the data Controller (at the first contact at the latest – unless the law requires the information to be provided earlier), apart from other information indicated in Article 14 of GDPR, will provide the information about the source from which the data have been obtained and the scope in which they have been obtained from that source.
The data will not be disclosed to anyone, unless it is necessary for the performance of the contract (pursuant to Article 6(1)(b) or (f) of GDPR, of which the person whose data are processed will be informed separately or which will result from the provisions of the law). The Company may disclose (after verifying the legal basis for such a disclosure) the aforementioned personal data categories to e.g. IT or accounting service providers and legal advisors, and it may share the correspondence between the authorized employees of the Company.
Personal data will be removed or anonymized after the maximum period of prescription of possible claims related to the performance of the contract (including public-law liabilities), in particular, those resulting from the process of conclusion and performance of this contract and public-law liabilities. Personal data may be erased or anonymized earlier, if an effective objection is raised or if the consent is withdrawn (if such a consent has been obtained). The data Controller will verify, in particular, whether there is still a basis for the processing of data obtained for the purposes of the offer presentation, if the contract is not concluded.
The provision of data is voluntary, but necessary for the fulfilment of the aforementioned purposes. In the case of performance of public-law liabilities, the provision of data may be obligatory.
Given that the Company may obtain personal data both directly – in the case of data of a Contractor, and indirectly – in the case of data of employees or associates of a contractor/customer (processed for the aforementioned purposes), the Customer should inform the persons whose data are provided to the Company about the fact, the basis and the scope of sharing of such data.
The Customer may share the personal data of its employees/associates with the Company only based on a legal basis for sharing of such data. If such a basis is other than a consent (instead, e.g. the legitimate interest of the data controller), the Contractor/customer should analyze the existence of the legal basis for data processing with due care.
The Company may process the following data characterizing the manner of use of persons visiting the website (the so-called operational data):
The aforementioned operational data are not connected with such information as first name and surname, e-mail address and other data allowing for easy identification of a person visiting the website. Likewise, the processing is not used for the profiling of persons visiting the website. The processing of the foregoing information may, but does not have to be related to the installation of cookies or similar technologies on the end device used to view the website (the information in this scope is presented below). If the cookie mechanism is used, the operational data may include the information described below – obtained through these files.
The aforementioned operational data may constitute personal data within the meaning of GDPR (General Data Protection Regulation 2016/679) –> if the aforementioned information is qualified as personal data, we inform that the Company (see contact details above) is the Controller of these data.
The processing of the aforementioned data categories is necessary for the operation of the website and taking care of its quality, i.e. the purposes arising from legitimate interests of the controller (Article 6(1)(f) of GDPR) -> as a result of which the following actions are important and necessary:
Based on the foregoing information, statistics may be created, which, however, will not contain any information identifying or allowing for identification of a person visiting the website https://axence.net/pl/kontakt. Since the identification of a person using the website is very difficult, the implementation of the rights indicated in Articles 15–20 of GDPR is impossible, unless the data subject, in order to exercise its rights under these Articles, provides additional information allowing for their identification.
The data Controller may entrust personal data to e.g. providers of IT services or share the correspondence between the authorized employees of the Controller. You have the right to access your data, including the right to obtain a copy of your data, the right to transfer your data, the right to correct and erase your data and the right to limit their processing. You also have the right to object to the processing (if the processing is performed pursuant to Article 6(1)(f) of GDPR). You also have the right to lodge a complaint with the supervisory body (President of the Personal Data Protection Office). Personal data will be erased or anonymized after the maximum period of prescription of possible claims related to the use of the website or earlier, if you raise an effective objection. The provision of data is voluntary, but necessary for the fulfilment of the aforementioned purposes.
Through cookies, the website may store or access information already stored in the device and used for viewing – only within the scope necessary for viewing. Cookies or similar technologies are not intended for obtaining information about persons visiting the website. They are not used for tracking their navigation either. Cookies used on the website https://axence.net/pl/kontakt are not used for the storage of personal data or any other information collected from persons visiting the website.
Through cookies, the website may store or access information already stored in the device and used for viewing:
Such information as first name, surname or e-mail address are not used by the operator of this website by Google Analytics. Likewise, they are not compared with other information for the purpose of identification of a person visiting the website. Google observes the rules specified under the EU-US Privacy Shield program, provided by the Trade Department of the United States of America, pertaining to collection, use and storage of personal data of the citizens of the European Union. The observance of these rules is monitored by the Federal Trade Commission. In this statement, Google, Google Inc. and its subsidiaries in the United States of America confirm that they observe the applicable rules of the privacy protection in accordance with the rules of the Privacy Shield.
Within the scope in which Google operates as part of the Google Analytics service on behalf of our Company during the monitoring of our website, an agreement on entrusting data processing is concluded on the following terms: https://privacy.google.com/businesses/processorterms/
On the following website, you can find out to what extent Google acts on our behalf and to what extent it acts as an independent data controller: https://privacy.google.com/businesses/adsservices/
The User of the Website may change cookie settings at any time. In order to do this, the User has to change the settings of the web browser regarding cookies. These settings may be changed, in particular, in a way allowing to block the automatic handling of cookies in the web browser settings or inform of each case of cookies being placed in the User's device. Detailed information regarding options and methods of handling cookies are available in the software settings (web browser).
Some subpages of the Website and other means of communication with Users may contain the so-called “web beacons” (electronic images, also known as clear gifs). Web beacons allow to receive information such as IP (Internet Protocol) address of the computer on which the website with an embedded web beacon has been loaded, as well as the URL of the website, the loading time of the website, the type of web browser and other information contained in cookies, in order to measure the efficiency of our advertising.
You can disable or limit the installation of cookies at the browser level.
How to disable cookies:
Podziel się z nami swoją opinią o stronie axence.net i miej wpływ na jej udoskonalenie