PROTECTION OF YOUR PERSONAL DATA AND OTHER DATA
We take great care to protect the privacy of those who use our Services. All personal data collected using the Site and Platform are processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, EU Official Journal L 119, 04/05/2016 pp. 1- 88) („GDPR”) and other relevant personal data regulations. Our top priority is to protect the rights and freedoms of those who have entrusted us with their personal data. The Site’s basic functionality is not contingent on you disclosing personal information to Gizmi. While providing personal data is entirely voluntary, some disclosure is mandatory for the provision of Gizmi’s Services. We understand how important it is to keep your personal data confidential. You can be certain that we are taking due care to ensure that your personal data is handled in accordance with the law when you provide your personal data.
WHAT IS PERSONAL DATA? WHAT DOES ‘PROCESSING PERSONAL DATA’ MEAN?
Personal data is any information relating to an identified or identifiable natural person. The processing of personal data is all operations performed on personal data and their collections, such as collecting, recording, organizing, structuring, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or otherwise sharing, matching or combining, limiting, erasing or destroying.
WHEN DO WE BECOME A PERSONAL DATA CONTROLLER?
When you provide us your personal data or make it available to us, we become a personal data controller under the GDPR.
HOW DO WE PROTECT YOUR INFORMATION?
We store and process the personal data you provide with care and diligence in compliance with the GDPR. While Gizmi takes reasonable steps to ensure the protection of the information provided to us, you acknowledge that Internet usage is not always fully secure, and as a result, we cannot guarantee the security or integrity of personal data provided to us by you or through the world wide web in all circumstances.
WHAT KIND OF DATA DO WE COLLECT, WHY DO WE COLLECT IT, AND ON WHAT LEGAL GROUNDS DO WE COLLECT IT?
The legal grounds for personal data processing are:
Your voluntary and explicit consent – in relation to data processed for the purpose of marketing services and products (including analyzing and profiling data for marketing purposes) offered by us in the scope related to the use of the Website and Platform and offered by third parties), to the extent unrelated to the use of the Website and Platform;
for our Services to be performed – in relation to data processed as part of the use of the Website and Platform and to provide other Services offered by Gizmi;
our legitimate interest – in relation to data processed in order to make statistical measurements and ensure the security of the Services and content we offer, improve them and adjust them to the needs and your convenience
compliance with a legal obligation incumbent on us – in relation to data processed on the basis of an obligation resulting from legal provisions, in particular data processed for tax and accounting purposes.
We process personal data that you have provided to us or that you have made available to us. The data may include: your name, address, date of birth, contact details, payment information, as well as other required info, such as those authorized by law. The majority of the information is made available directly from you through completed applications or other contact forms, as well as by maintaining track of information given by you in the context of ongoing Services provided to you. There may be moments when we will require further information to improve the Services provided. Providing and disclosing personal data is voluntary. While you are not obligated to provide or disclose your personal data with us, certain situations may require you to provide specific personal data for the purpose of concluding or performing contracts with Gizmi and using the Products and Services provided by or through Gizmi. As for the personal data that is processed based on your express and voluntary consent, the consent can be withdrawn at any time. The withdrawal of consent does not affect the lawfulness of the processing you had given consent to before the withdrawal.
WHERE DO WE OUTSOURCE YOUR PERSONAL DATA?
For our Services to be performed, we may outsource your personal data to third parties that process this data on our behalf. These may include IT service providers, banks, payment processors, research companies, entities providing accounting services and entities that are related to Gizmi by capital or remain with Gizmi in ongoing economic relations. The disclosure of your personal data to third parties listed above takes place under a data transfer agreement (DTA) for personal data and only after following our strict directions. The transfer of data will take place under a DTA, which demands data processing compliant with the GDPR, in a manner that protects your rights and freedom. We can also reveal your personal data to competent authorities or third parties who make a request for that information, provided that they can prove the request has a legitimate cause, implying a legal requirement for information, to the degree and in the manner required by actual legislation.
AUTOMATED DATA PROCESSING
As part of the processing of your personal data, we can perform profiling: with your consent, to provide you with Products and Services of Gizmi and Gizmi’s partners based on your needs and preferences (including the use of automated processes consisting of compiling the data within the scope of your consent received through the Site and Platform or from other sources and the profile we generate based on it, which result in the selection and presentation of offered Goods and advertisements of Gizmi and Gizmi’s partners corresponding to the profile);
without your consent, in order to tailor the promotional material and messages shown on the Site and Platform to your needs and interests, based on our legitimate interest in cookie processing.
Providing Services may require Gizmi to outsource personal data to entities providing services to Gizmi in other countries, including countries outside the EEA. Gizmi employs provisions in the form of standard data protection agreements introduced by the European Commission when outsourcing to countries that do not have an acceptable degree of personal data protection. You can obtain a copy of your personal data.
HOW LONG DO WE STORE YOUR PERSONAL DATA?
The duration of Gizmi’s processing of your personal data is defined by the processing basis and is as follows:
in case of personal data processed with your consent, we will continue to process this data until you withdraw, restrict, or take other steps to limit this consent;
personal data processed in regard with the conclusion and performance of the Agreement related to the use of the Products or Services we provide will be processed for the duration of the Agreement and until the actual or potential claims under this Agreement are barred by the passing of time, provided that the data is necessary for establishing, investigating, or defending claims in court, administrative or other out-of-court proceedings (according to existing legislation, the general expiration period for claims is six years, and three for claims for periodic benefits and claims relating to the operation of a business);
we will process personal data processed based on our legitimate interest until you object to the processing;
for personal data processed for tax and book-keeping purposes – to the extent and for the time according to applicable law.
WHAT RIGHTS DO YOU HAVE IN REGARDS TO THE PROCESSING OF YOUR PERSONAL DATA?
The right to object to the processing. As set out in Art. 21 of the GDPR, at any time you have the right to object to the processing of your personal data, including profiling, if Gizmi processes your personal data for its legitimate interests, such as the performance of the Agreement, marketing of Products and Services, keeping statistics on use of the different features of the Site and Portal, and facilitating the use of the Site and Portal. If your objection turns out to be justified and Gizmi has no other legal grounds to process personal data, Gizmi will erase your data the use of which you objected to.
The right to limit data processing. As set out in Art. 18 of the GDPR, you can demand to limit the processing of your personal data when: you believe the accuracy of your personal data is questionable (in that case, Gizmi limits the use of your personal data for as long as it is needed to check its accuracy but no longer than 14 days); the processing of your personal data is against the law, but you opt for limiting the data instead of erasing it; the personal data is not longer needed for its intended purposes, but you need it to establish, investigate or defend your claims; and when objected to the processing of your personal data (in that case, Gizmi limits the processing for as long as it is needed to determine if the protection of your interest, rights, and freedoms gives precedence to Gizmi’s interests for processing your personal data).
The right to access, rectify, and erase your data. Article 15 of the GDPR states you have the right to receive confirmation as to whether Gizmi processes your personal data. If yes, you have the right to access your personal data, receive information about the purposes of processing, types of personal data processed, the planned period of data storage or the criteria for determining this period, about your rights under the GDPR, the right to lodge a complaint with the supervisory body, etc. Furthermore, you have the right to request a backup of any personal data Gizmi has on file about you and to notify Gizmi of any identified inconsistencies. However, there are exceptions to this rule. You can notify Gizmi at any time that your data has changed or that you want Gizmi to rectify or erase the personal data they have on you. We will change, rectify or erase personal data from our database if asked, except to the extent to which it is required to store the data under law and regulations for the purpose of providing Services or keeping relevant business records.
The right to transfer data. As set out in Art. 20 of the GDPR, you have the right to receive your personal data that you had provided to us, and then send it to another Personal Data Controller of your choice.
WHEN WILL YOUR REQUEST BE APPROVED?
If you contact us to exercise any of the rights above, we will approve or refuse request immediately, but not later than within 30 calendar days from the day we’d received it. If, due to the scope of the request or the volume of requests submitted, we are unable to approve your request within 30 days, we will deal with it within the next two months. You will be notified in advance if the deadline is going to be extended.
HOW CAN YOU CONTACT US?
Please contact us to send a request for data access by confirming your identity and specifying the details you need. You can contact us at [email protected] In Gizmi has not been appointed Data Protection Officer.
more precise and convenient use of the Site and Platform, adapting and optimizing their content to your preferences. Particularly, these files allow to recognize your device and properly display the site according to your individual needs;
to investigate your presence on the Site and Platform to generate anonymous, aggregated data that assist us in understanding how you and other users use websites, allowing us to improve the functionality and content of these pages, as well as determining the source from which you come to the Site and Platform;
to maintain your session on the Platform (after logging in);
advertising content on the Site and Platform tailored to your preferences.
Based on how long they are kept on your end device, Gizmi can classify cookies into the following categories:
„necessary” cookies, used to access Services available on the Site and Platform, for example, authentication cookies used for services that require authentication;
cookies used for security purposes, for example, to detect authentication fraud within the Site and Platform;
„performance” cookies, used to collect information on how the Site and Platform are used;
„functional” cookies that ‘remember’ your settings and customizations to the Site and Platform;
„advertising” cookies, providing you with advertising content more tailored to your interests.
BROWSER SETTING MANAGEMENT
In many cases, the software used for browsing websites allows cookies to be stored on the User’s end device by default. Site Users can change their cookie settings at any time. These settings can be changed, mostly by blocking the automated cookie handling in the web browser settings or by informing about them every time they are placed on the User’s end device. Detailed information about the possibilities and methods of handling cookies, including disabling, blocking, and deleting cookies, is available in the software settings of the web browser.
LINKS TO OTHER WEBSITES
The Site and Platform may contain links to websites operated by other entities. We provide these links for your convenience, but do not review, control or monitor the privacy practices of third party websites. This Policy does not apply to websites operated by third parties. We are not responsible for the operations of third-party websites or your transactions with those third parties. We recommend reading the privacy policies on partner websites, particularly if they collect your personal data.
We reserve the right to make changes to this Policy. Changes are made by posting the new Policy content on the Site and Platform. The changes take effect immediately after they are implemented. We recommend that you review this Policy on a regular basis to stay up to date on any changes to its content. You acknowledge the content of this Policy by using the Site and Platform. If you disagree, Gizmi will deny you access to its Services, and you must stop using them immediately. If a conflict over this Policy cannot be resolved amicably, it will be resolved by a competent local and substantive common court. If the processing of personal data is considered to violate the provisions on personal data protection, you can file a complaint to the President of the Personal Data Protection Office.
If the Policy is written in a language other than Polish, the Polish version would take precedence in the event of a conflict between the two versions.