I) General Information
(hereinafter referred to as “Website“) is addressed to the users of the Website (hereinafter referred to as “User“) and determines the type, scope, and ways of use of the personal data as well as the rights and obligations of the User and the means of protection of personal data.
- The controller of the personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), , hereinafter referred to as the “GDPR“) is Neurohm z o.o. sp.k., with its registered office in Warsaw (00-586), Poland, at 9/2 Flory St., entered in the National Court Register under entry no. 0000449548, registered by the District Court for the capital city of Warsaw in Warsaw, XII Commercial Division of the National Court Register, NIP 7010369265, REGON 146535475 (hereinafter referred to as “Service Provider“).
- You can contact the Service Provider in the following ways: by email email@example.com, by telephone +48 22 417 42 70, or you can write a letter to the Service Provider on following address Warsaw (00-586), Poland, at 9/2 Flory St.
II) The collected data
Data collected by creating an iCode™ account
- In order to use the Website, new User has to register by creating an iCode™ account (hereinafter referred to as the: “Account”) and provide the following personal data: contact name (i.e. name and surname of company representative; individual person – User), company name, email, password – are obligatory, country, city, zip code, address, mobile phone, tax id (if applicable) are optional at this step (User might skip it). They will be obligatory in the moment of requesting the report.
Data collected automatically
- During the use the Website by the User the following personal data of the User is automatically collected: e-mail address and the operating system type. These data can be collected by the so called cookies files, Google Analytics and icodert.com
- Cookies, referred to in the point 1 above, are the files sent to a computer or other device of the User while browsing the Website. Cookies remember user preferences, enabling to improve the search results and relevancy of the displayed device by the Service Provider is granted using the settings of the browser installed on your device. If you want to delete existing cookies from your device, you can do it using the options of your browser.
- The Service Provider uses the following types of cookies (unless otherwise specified):
- necessary cookies – files which are essential to enable Users to navigate the Website and use its features, such as access to safe areas on the Without these cookies some services used the User cannot be provided;
- performance cookies – files collecting information about how Users use the Website, which parts of the Website are visited most often, and whether the Users receive error messages from the The data collected by these cookies is anonymous and used only to improve the functioning of the site;
- Google Analytics, referred to in 1, is a web analytics system that gives an insight into the traffic of the Website used to carry out marketing activities.
Data collected by chat service
- To be able to quickly contact us, you can use the chat service. Livechat is a web service used in remote customer service. A messenger application that does not require the software installation process on the user’s device and access to it is done by clicking the chat button. We process all personal data provided during a conversation with our consultant (eg name and surname, email address, telephone number, address data).
- Our servers store log files, which record any access to them. The log files contain data about the type of each access, including IP addresses, files displayed on our website, operating system versions, device type and time stamps.
III) Use of data
- Data given by the User or the data collected automatically are used (processed) by the Service Provider for following purposes:
- performance of the service, registration and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);
- to ensure the proper functioning, configuration, security and reliability of the Website – the processing is necessary for the performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);
- monitoring of the status of the session – the processing is necessary for the performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);
- to adjust the display of the information to the User – the processing is necessary for the performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);
- analyses, statistics, research and audit the views of the Website – these processing activities are necessary for the Service Provider’s legitimate business interest in managing the Website and improving the services (Art. 6 Sec. 1 letter (f) of GDPR);
- direct marketing of the Service Provider’s products and services – these processing activities are necessary for the Service Provider’s legitimate business interest in the direct marketing (Art. 6 Sec. 1 letter (f) of GDPR);
- the processing is necessary in order for the Service Provider to comply with any legal or regulatory obligations, especially tax and accounting obligations (Art. 6 Sec. 1 letter (c) of GDPR);
- the processing is necessary for the establishment, exercise or defence of legal claims – these processing activities are necessary for the Service Provider’s legitimate business interest in the establishment, exercise or defence of legal claims (Art. 6 Sec. 1 letter (f) of GDPR).
- Providing personal data listed in the point II.1 is voluntary, however it is necessary to conclude and execute the service (failure to provide data results in the inability to conclude and perform the service, and consequently the inability to use the Website).
- The Service Provider may disclose the User’s personal data to following recipients: employees and co-workers of the Service Provider, IT service providers, entities providing advisory and legal services, banks, entities operating the module instant payments at the Website.
- The Service Provider may disclose the User’s personal data to the enforcement and judicial authorities or to the other entities entitled to receive them under the law, if there are justifiable legal ground for such
- The Service Provider does not intend to transfer the User’s personal data to a third country or international organization outside the European Economic Area.
- The Service Provider will not make automated decision making towards Users, including profiling.
IV) Data retention
- The User’s personal data will be processed for the period necessary to achieve the purposes for which the data is processed (see point III.1 above) or until the objection (if the ground of processing is the legitimate interest of the Service Provider) – depending on which event occurs earlier.
- Later, the Service Provider will retain the User’s personal data as long as the duration of applicable limitation period under applicable law or the obligation to store data arising from the provisions of law (e.g. tax law) expires – depending on which event occurs later.
V) The rights of User
- The User has the following rights: the right to request access to the User’s personal data;
- the right to request rectification of the User’s personal data;
- the right to request erasure of the User’s personal data;
- the right to restrict processing of User’s personal data;
- the right to receive the User’s personal data, which User has provided to the Service Provider, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller;
- the right to object to processing of the User’s personal data, if the ground of the processing is the legitimate interest of the Service Provider
- In order to exercise the above rights, please contact the Service Provider, using the above-mentioned contact details (see point I.3 above).
- In addition, the User has the right to lodge a complaint with the supervisory body dealing with the protection of personal data (pol. Prezes Urzędu Ochrony Danych Osobowych), if User thinks that the data processing violates the GDPR.
- Any changes concerning the User’s personal data may be made by the User once he is registered and/or logged on the Website or via the link sent by the Service Provider to the User via e-mail.
VI) Protection of personal data
- Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Service Provider as a controller implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk,, in particular, the Service Provider protects the personal data of the Users from making them available to the unauthorized persons, as well as from loss or
- Communication between the User and the server of the Website is encrypted. Security of the data transmission is ensured through the use of transmission protocol SSL (Secure Socket Layer). SSL consists in coding data before it is sent from the User’s browser and decoding if after the safe arrival on the server hosting the The information which is sent from the server of the Website to the user is encoded and decoded.
VIII) Final provisions