- Personal data – information relating to an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, on the basis of an identifier such as, for example: name, surname, address, telephone number, e-mail address, image, tone of voice, and vehicle registration number. Information relating to companies (e.g. KRS (National Court Register) number and registered office) or associations does not constitute personal data.
- Processing of personal data – operations performed on personal data, e.g. collection, storage, modification, retrieval, consultation, disclosure, erasure or destruction.
- Personal Data Controller (Controller) – a natural or legal person, body, entity or any other body that takes decisions on the purposes and means of processing personal data.
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Website – the website operated by the Controller at http://eagile.me/
- User – a natural person visiting the Website or using one or more services or functionalities of the Website.
The Controller of your personal data is Digitree Group S.A., ul. Raciborska 35a, Rybnik, Poland, NIP (Polish Tax Identification Number): 6422884378, REGON (National Official Register of Business Entities) No.: 240018741, registered at the District Court in Gliwice, 10th Commercial Division of the National Court Register, no. 0000369700.
Purpose of personal data processing
We process your personal data for the following purposes:
- to take actions intended to result in the creation of an account in the ‘Eagile Automation’ Programme and to manage that account (the legal basis for such processing is Article 6(1)(b) of the GDPR, which allows the processing of personal data where it is necessary for the performance of a contract or for taking steps prior to entering into a contract);
- to enter into and perform the provisions of a contract (the legal basis for such processing is Article 6(1)(b) of the GDPR, which allows the processing of personal data where it is necessary for the performance of a contract or for taking steps prior to entering into a contract);
- marketing purposes – in the event that you have given your consent in this regard as required by generally applicable law (the legal basis for such processing is Article 6(1)(a) of the GDPR, which allows the processing of personal data on the basis of voluntarily granted consent);
- to reply to a message sent via a contact form (the legal basis for such processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data on the basis of a legitimate interest. The legitimate interest is the use of personal data to provide an answer to a question asked);
- to carry out official communications where the entity we cooperate with has identified you as a contact person / representative (the legal basis for such processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data on the basis of a legitimate interest. The legitimate interest is the use of personal data to communicate with you);
- to fulfil tax and accounting obligations (the legal basis for such processing is Article 6(1)(c) of the GDPR);
- to handle complaints and applications (the legal basis for such processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data on the basis of a legitimate interest. The legitimate interest is to properly conduct a complaint procedure or a procedure for handling complaints and applications);
- to possibly establish, exercise or defend against your possible claims (the legal basis for such processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data on the basis of a legitimate interest. The legitimate interest in this case is the defence against potential complaints or allegations);
- analytical and statistical purposes (the legal basis for such processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data on the basis of a legitimate interest. The legitimate interest is to improve the functionalities used and services provided thanks to conclusions drawn from statistical activities);
Duration of data retention
Your data will be processed:
- for the period necessary to perform the contract between us, and thereafter – for pursuing any claims – until the expiry of the limitation period under the provisions of the Civil Code, in principle for a period of 3 years or 10 years, starting from the date on which the claim has become due;
- if you have been designated (by your employer or another entity we cooperate with) as a contact person / representative in connection with the conclusion/performance of a contract, for the duration of the communication and thereafter for the duration of securing potential claims, but not later than the date of filing an effective objection to the data processing;
- where consent is the basis for the processing: until the moment of withdrawing consent;
- where processing is necessary for the purpose of handling complaints and applications: for the duration of the contract or until the expiry of surety or the settlement of a complaint;
- where processing is necessary in order to reply to a message sent using a contact form: for a period of 60 working days;
- where the processing results from the fulfilment of tax and accounting obligations: until the expiry of data retention obligations under the law, in particular the retention of accounting documents (in principle, for 5 years after the year in which a legal event that obliged the party involved to issue an accounting document occurred);
- within the scope of internal administrative purposes and the pursuit of our legitimate interests, until the legitimate interests giving rise to the processing are fulfilled or until you object to such processing;
- where the processing takes place for the purpose of establishing, exercising and defending against possible user claims: until the expiry of the limitation periods for contractual claims – in accordance with applicable law.
Recipients of the data
In connection with our business, your personal data may be disclosed to the following entities:
- entities commissioned by us to support our operations, in particular: providers of external IT systems, the entity providing accounting services, entities providing legal, analytical and marketing services, entities conducting quality of service research, debt recovery entities, and entities auditing our operations;
- entities with whom we cooperate;
- postal operators and couriers;
- operators of electronic payment systems and banks within the scope of execution of payments;
- commercial partners – in the event that you have given your consent in this regard as required by generally applicable law;
- bodies entitled to receive personal data under the law. .
Other ways of logging in
To register or log in into a client’s account, you can also authorize using your Google account.
For this purpose, use a Google icon on the registration or login site. You have to directly give data and transfer processing consent prior to using this function.
After clicking the Google icon, a new modal dialog will be opened, which will enable registering / logging into the Program with Google account login data. After using this authentication method,
Google will share your email address with us. Registering or login process with Google will not cause sharing to us your Google password. We can assign shared data to your account or process it, only for
login or registration purposes. We ask you to be acquainted with regulation and Google rules of processing personal data, when using the external authentication service.
In order to perform the authentication, registration and logging-in process, your IP address is being sent to Google. We have no impact on the purpose and the data scope collecting and on further data processing by Google Inc., (1600 Amphitheater Parkway, Mountainview, California 94043, USA;
Rights in relation to the data processed and voluntary character of their provision
Every person whose data is processed has the right to:
- access their data and to receive a copy of their data;
- rectify (amend) their personal data;
- restrict the processing of personal data;
- the erasure of personal data;
- data portability.
You also have the right to object to the processing of data – on grounds relating to a particular set of circumstances.
In cases where the processing of data is based on the consent granted by you, you have the right to withdraw your consent for particular purposes of processing, at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out until the withdrawal of consent.
Furthermore, you have the right to lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office.
Do you have to give us your personal data?
The submission of personal data is voluntary, but necessary for the purposes of entering into contracts and settling the operations conducted, as well as for us to comply with legal requirements. This means that if you want to use the products we offer, you have to provide your personal data. Failure to provide the data will prevent us from entering into a contract with you. Otherwise, the submission of personal data is voluntary.
Transferring personal data to third countries
Your data will not be transferred to any third countries or international organisations.
Processing of personal data by automated means
No automated decision-making mechanism including profiling will be applied to your personal data.
Data Protection Officer
We have appointed a Data Protection Officer whom you can contact on matters relating to data protection and the exercise of your rights at: firstname.lastname@example.org.
Will commercial information be sent to you?
Any information deemed, pursuant to generally applicable law, to be commercial information or direct marketing will be sent to you only if you have given your consent in this regard, in accordance with the provisions of Article 10 of the Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws 2002, No. 144, item 1204, as amended) and the Act of 16 July 2004 (Telecommunications Law) (Journal of Laws 2004 No. 171, item 1800).
- Cookies are IT data, in particular text files, which are stored in the Website User’s terminal equipment and are intended for the use of the Website pages. Cookies contain the name of the website they originate from, the period of storing them in the terminal equipment, and a unique number.
- The entity which places cookies in the Website User’s terminal equipment and gains access thereto is the Administrator of the Website.
- Cookies are used for:
- adjusting the content of the Website pages to User preferences and optimising the use of the Website pages. In particular, these files make it possible to recognise a given Website User’s device and display the Website pages appropriately, adapting them to the User’s individual needs;
- creating statistics that help to understand how Website Users use the Website pages, which makes it possible to improve the structure and content of the latter;
- maintaining a given Website User’s session (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage of the Website;
- The following types of cookies are used within the Website:
- ssssion cookies are temporary files, which are stored in the User’s terminal equipment until logging out, leaving the website or disabling the software (web browser);
- persistent cookies are stored in the User’s terminal equipment for the time specified in the parameters of cookies or until they are deleted by the User;
- Google Analytics – Controller: Google Inc. based in the USA;
- Google Tag Manager – Controller: Google Inc. based in the USA;
- Facebook Pixel – Controller: Facebook Inc. based in the USA;
- Adform – Controller: Adform based in Denmark;
- Revhunter – Controller: INIS sp. z o.o. based in Rybnik, Poland.
- In addition, the following types of cookies are used within the Website:
- ‘essential’ cookies that enable the User to use the services available on the Website;
- cookies that are necessary to ensure security;
- ‘performance’ cookies that allow the collection of information on how the Website pages are used;
- ‘functional’ cookies that make it possible to ‘remember’ the User’s selected settings and personalising the User’s interface;
- In many cases, the software used to browse the Internet (web browser) allows for the
storage of cookies in the User’s terminal equipment by default. Website Users may change their settings concerning cookies at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of the web browser, or to inform about the placement of cookies in the Website User’s device each time. Detailed information on the possibility and methods of handling cookies is available in the settings of the User’s software (web browser).
- Cookies placed in the Website User’s terminal equipment may also be used by advertisers and partners cooperating with the Website Administrator.
- The User has the possibility of changing the scope of cookies that will be collected on the Website – through the settings of their web browser.