Privacy and cookies policy

§1 General provisions

  1. The privacy policy concerns the processing and protection of personal data of Users in connection with their use of https://www.flexdevgroup.com., hereinafter called “the Portal”, including its webpages, administered by FlexDev sp. z o.o. sp.k. with its registered office in Poznań, ul. Baraniaka 6, 61-131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register, hereinafter called “FlexDev”.
  2. The privacy policy contains the principles for collecting and using the Users’ data applied by the Portal. Moreover, the Policy regulates the processing of personal data by FlexDev sp. z o.o. sp.k.
  3. The overall objective of FlexDev sp. z o.o. sp. k. is to guarantee the safety of personal data at the level required by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter called “GDPR”).

§2 The principles for collecting personal data

  1. Your personal data:
    1. will be processed in a lawful, fair and transparent manner in respect of the natural person concerned (“lawful, fair and transparent processing)
    2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (“purpose limitation”),
    3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”),
    4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”),
    5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”),
    6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).

§3 Information on personal data processing
General information on personal data processing (agreements, contractors, contact form)

  1. The controller of your personal data is FlexDev sp. z o.o. sp.k. with its registered office in Poznań, ul. Baraniaka 6, 61–131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
  2. In matters relating to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: iod@flexdevgroup.com or by calling the telephone number +48 570 966 933.
  3. Your personal data will be processed:
    1. for the purposes of sending an offer - based on your consent (Article 6(1)(a) GDPR),
    2. for the purposes of answering the questions asked in the contact form, exchanging correspondence with an interested party – based on a legitimate interest pursued by the Controller, such as ongoing contact with customers (Article 6(1)(f) GDPR),
    3. for the purposes of performing a contract – based on a contract entered into (Article 6(1)(b) GDPR),
    4. for the purposes of compliance with legal obligations (including tax obligations) – based on a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR),
    5. and may be processed for the purposes of pursuing claims resulting from the provisions of the civil law, if any such claims occur – based on a legitimate interest of the Controller (Article 6(1)(f) GDPR).
  4. Your data will be processed by authorized employees and associates of the Controller. The personal data recipients will be the entities providing services to the Controller, including in particular IT and accounting services.
  5. Your data will not be transferred to any third countries (i.e. countries that are not members of the European Union or the European Economic Area).
  6. Your personal data will be processed during the term of the agreement and the period required by law, including the prescription period of claims (if any). Your data which is processed based on your consent will be kept until such consent is withdrawn.
  7. You have:
    1. the right to access your personal data,
    2. the right to rectify, erase, or restrict the processing of your data,
    3. the right to object.
  8. You have the right to file an objection with the supervisory authority, i.e. the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, if you believe that the processing of your data violates the personal data protection regulations.
  9. Although the provision of personal data is voluntary, it is necessary to sign the agreement. It is not possible to execute the agreement unless such data is provided. The provision of personal data for the purposes of sending an offer or making contact is voluntary, however, sending an offer or answering the questions asked in the contact form is impossible without the provision of such data.
  10. Your data will not be used for the purposes of automated decision-making or profiling.

If the Controller processes your data due to the fact that you are the representatives, employees/associates of its Customer/Contractor, and the data was provided to the Controller for the purposes of ongoing execution of a contract or a legal relationship between the parties in connection with a contract signed, please be informed that:

  1. The Controller of your personal data is FlexDev sp. z o.o. sp.k. with its registered office in Poznań, ul. Baraniaka 6, 61-131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
  2. In matters relating to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: iod@flexdevgroup.com or by calling the telephone number +48 570 966 933.
  3. Your personal data must be processed for the following purposes:
    1. performance of the contract signed with your employer/customer – i.e. based on a contract signed (Article 6(1)(b) GDPR);
    2. compliance with a legal obligation by the Controller – i.e. based on a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR);
    3. pursuance of the legitimate interests by the Controller, such as protection against claims and collection of receivables, or internal administrative, analytical and statistical purposes (Article 6(1)(f) GDPR).
  4. The Controller may also process personal data obtained in email correspondence. In such cases, the personal data will be processed for communication purposes – i.e. based on the Controller’s legitimate interest (Article 6(1)(f) GDPR) referred to herein. Such personal data will be processed throughout the prescription period of claims, if any, depending on the subject matter of the emails.
  5. Your personal data will be transferred to the entities processing data on behalf of the Controller, which take part in the performance of the Controller’s tasks, including the operators and providers of IT systems and the providers of accounting and hosting services. Your data will also be made available to other controllers, including postal operators and couriers.
  6. Your personal data will not be transferred to any third countries.
  7. Your personal data will be processed throughout the term of the contract and the prescription period of claims (if any). In the event of a pending dispute or proceedings, in particular court proceedings, this period may be extended.
  8. The Controller will collect your personal data from your employer/customer or directly from you.
  9. The Controller may process in particular the following categories of personal data: name, correspondence address, telephone number.
  10. You have the right to access your data, rectify it, erase, restrict its processing, or file an objection.
  11. You have the right to file a complaint in connection with the processing of personal data by the Controller with a supervisory authority, i.e. the President of the Personal Data Protection Office.
  12. The provision of your personal data is necessary for the performance of the contract between your employer/customer and the Controller.
  13. Your personal data will not be used for the purposes of automated decision-making or profiling.

§4 Profiling and cookies

  1. The Controller does not collect automatically any information other than information contained in cookies.
  2. Cookies are data files, including in particular text files, which are stored on the terminal device of a Portal User for the purposes of using the websites making up the Portal. Cookies usually contain the name of the website from which they originate, the duration of their storage on the terminal device and a unique number.
  3. Information from cookies is used for automatic identification of a specific User by the server, which on this basis may generate a website addressed to that User.
  4. Actions that may be taken based on the information about a User include:
    1. preparing statistics that will help to understand how the Portal Users use the websites in order to improve their structure and content;
    2. defining a User’s profile in order to display personalized material on advertising networks, including in particular the Google network.
  5. Two types of cookies are used by the Portal:
    1. session cookies – these are temporary files which remain on the device until the website is exited or the browser closed, and are subsequently removed,
    2. persistent cookies – these files are stored on the User’s device for a fixed period defined in the cookie parameters or until they disable themselves.
  6. Web browsers usually by default allow the storing of cookies on the Users’ terminal devices. The Portal Users may change this by changing the settings. The browser makes it possible to remove cookies. A User may change his/her preferences relating to cookie settings or remove them completely at any time. To do this, the User should change the browser settings. Information on cookies is contained in software settings, i.e. the settings of browsers such as Chrome, Opera, Mozilla Firefox, or Internet Explorer.
  7. Restrictions relating to the use of cookies may affect some functionalities available on the Portal websites.
  8. Cookies stored on the terminal device of a Portal User may also be used by advertisers and partners cooperating with the Portal operator. The Controller recommends reading the privacy policies of such firms in order to become familiar with the principles of using cookies for statistical purposes: Google Analytics privacy policy.
  9. Cookies may be used by advertising networks, including in particular the Google network, to display advertisements tailored to the manner of using the Portal by a particular user. For this purpose, they may store information on the user’s navigation path or the time spent on a particular website.
  10. A User may view and edit information on his/her preferences accumulated by the Google advertising network in cookies using the following tool: https://www.google.com/ads/preferences/.

§5 Google Analytics

  1. The Portal uses Google Analytics, an analytical service provided by Google. Google Analytics is a system of statistics which provides the Controller with information about a User visiting the Controller’s website. Data about a User collected and processed by Google Analytics contain, e.g. information on how the User found the Shop, the region where the User is located, the system and software used by the User.
  2. The legal basis for using Google Analytics is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest, which involves preparing statistics and making constant effort to improve the Shop and increase the comfort of using it.
  3. Information about the User’s activities in the Shop generated by cookies may be sent to a Google server in the USA to be stored there. From the EU perspective, in the USA there is no “sufficient level of protection” with respect to personal data processing, which would match the European standards. The required protection level may, however, be confirmed at the level of the individual companies by the EU-US Privacy Shield certification. Google has a Privacy Shield compliance certificate.
  4. The Portal uses Google Analytics with “_anonimizelp()” filename extension and therefore IP addresses are processed further in an abbreviated form only. The purpose is to make it impossible to assign an IP address directly to a person. As a result of activating the IP anonymization option on this website, a User’s IP address will be abbreviated by Google if the User is located in an EU Member State or another country which is a party to the Agreement on the European Economic Area. In exceptional cases, a full IP address is sent to a Google server in the USA and abbreviated there.
  5. The IP address sent by your browser for Google Analytics is not combined with other Google data.
  6. A User may use the solution described on https://tools.google.com/dlpage/gaoptout to prevent collecting data generated by cookies, which relate to using the website, as well as the processing of such data by Google.
  7. In order to make changes to the volume of data provided, the User should check the settings of its browser. Some of the information is made available automatically, however, a User may change the scope of information sent at any time.

§6 Final provisions

  1. The Controller reserves the right to change and update this Privacy Policy. The Controller will communicate every change to this Policy to the Users through the website https://www.flexdevgroup.com, the Privacy Policy tab.
  2. This Privacy Policy shall enter into force on 2019-09-01