This Privacy Policy has been developed based on the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC, hereinafter referred to as GDPR.
- The administrator of personal data of recipients of physical persons is BeeCode LTD Company Number: 12214564. You can contact via the e-mail address [email protected]
- The administrator processes the following personal data of the service recipients: e-mail address.
- Providing personal data specified in point 2 is not a statutory requirement and is voluntary, but it is a condition of concluding an agreement on provision of electronic services with the Administrator, hereinafter referred to as the “Agreement”. If the recipient does not provide this data, then the Agreement will not be concluded.
- During the term of the Agreement, the Administrator may enter into other data of the recipient – the IP number of the device used by the recipient and data on the recipient using a specific telecommunications network, software or devices, as well as the usege of the Administrator’s website.
- The administrator processes the personal data of the service recipients for the following purposes:
- conclusion and execution of the Contract connecting the parties, in particular a proper performance of services and consideration of complaints,
- fulfilling the legal obligations of the Administrator, in particular issuing and storing invoices and other accounting documents,
- pursuing claims and defending against them,
- detection and prevention of fraud,
- direct marketing,
- creating analyzes and statistics, for the Administrator’s own needs, in particular reporting, marketing and market research, service development planning, testing preferences and behaviors of service recipients, for the purpose of improving the quality of services provided by the Administrator,
- specified in 5e and f points after the Contract has been executed – with the consent of the recipient,
- transfer to third parties – with the consent of the recipient, to the extent and purpose covered by this consent.
- Legal basis for the processing of personal data of service recipients for the purpose defined:
- in point 5a – constitutes art. 6 par. 1 b GDPR (performance of the Contract),
- in point 5b – constitutes art. 6 par. 1 c GDPR (legal obligation),
- in points 5c-f – constitutes art. 6 par. 1 f. GDPR (legally justified interest of the Administrator),
- in points 5g and h – constitutes art. 6 par. 1 and GDPR (consent of the recipient).
- The Administrator will store personal data processed for the purpose specified:
- in point 5a – for the duration of the Agreement and settlements after its completion,
- in point 5b – for the period in which the Administrator orders the law,
- in points 5c and d – until the claims under the Agreement are time-barred,
- in points 5e and f – for the duration of the Agreement,
- in points 5g and h – until the customer withdraws his consent.
- According to art. 19 para. 2 of the Act on the provision of electronic services, after using the services, the Administrator may process only personal data of service recipients which is:
- necessary to settle the service and claim for payments for using the service,
- necessary for the purposes of advertising, market research and behavior and preferences of recipients with the purpose of research results for the purpose of improving the quality of services provided by the Administrator – with the consent of the recipient,
- necessary to explain the circumstances of unauthorized use of the service,
- allowed for processing on the basis of mandatory legal provisions or contracts.
- The administrator does not provide the personal data of the service recipients to third parties, unless he obtains the prior explicit consent of the recipient or if the right or obligation to provide such data results from the generally applicable provisions of law.
- The administrator entrusts the personal data of the service recipients to the following processors:
- Providing marketing and advertising services on behalf of the Administrator,
- serving the Administrator’s IT systems,
- providing the Administrator with postal, courier, payment, audit, legal, and accounting services.
- The personal data of the service buyers will not be transferred outside the European Economic Area.
- The recipient has the following rights:
- the right to request access to his data, i.e. obtain confirmation of whether personal data concerning it are processed,
- the right to rectify data, i.e. to demand the rectification of personal data concerning him that is incorrect,
- the right to request the deletion of his personal data,
- the right to demand the restriction of his personal data,
- the right to object to data processing,
- the right to transfer data.
- The scope of each of the powers specified in point 12 and the situations in which they can be exercised are determined by generally applicable laws, in particular by the GDPR.
- The Service Recipient may use the powers specified in point 12 by contacting the Administrator.
- If the processing of personal data of the recipient takes place on the basis of his consent, the service recipient has the right to withdraw it at any time without affecting the legality of the processing which was made on its basis prior to its withdrawal.
- For the purposes set out in points 5c-f, the Administrator may perform automated analysis of data of service recipients and prepare predictions about their preferences or future behaviors. Profiling may in particular be used to analyze and forecast the personal preferences or interests of service recipients. Such action of the Administrator will not cause any legal consequences in relation to the service recipients, nor will it significantly affect their situation.
- For the purposes set out in points 5c-f, the Administrator may use so-called cookies. These are small text files placed on the service recipient’s device, on the basis of which information is collected that allows in particular to identify the service recipient’s device, its IP number, and the browser used by the recipient.
- The service recipient can set his/her browser – thanks to the appropriate options available in it – to disable automatic installation of cookies, prevent their use, or completely remove them from their device. The procedure for handling and deleting cookies varies depending on the browser used by the recipient.
- Cookies are divided into:
- temporary (session) – files temporarily contained in the browser cache, which remains in it until the session ends,
- permanent – files remaining in the browser cache as long as the browser settings selected by the recipient allow it,
- own – files managed by the Administrator,
- external – files managed by third parties,
- configuration – files related to the movement of the service recipient on the Administrator’s website and ensuring proper navigation. They allow in particular to follow the choices made by the recipient (choice of language, size of the font used), recognize the device used by the recipient and manage the browsing session,
- analytical – files used for statistical and analytical purposes,
- advertising – files used for advertising purposes, e.g. for displaying personalized ads.
- Detailed rules of operation of cookies placed on the Administrator’s website are defined below:
- https://policies.google.com/privacy/update
- https://www.google.com/analytics/learn/privacy.html
- The administrator applies appropriate technical and organizational measures to protect the personal data of service recipients against their loss, misuse, or modification. The access rights to the personal data of recipients have been limited in a restrictive way so that this data is not in the hands of unauthorized persons.