This document is addressed to all persons who:
1. visit the Administrator's websites:
2. visit the Administrator's social media pages:
fanpage on Facebook: https://www.facebook.com/Endego/
Linkedin account: https://www.linkedin.com/company/endego/
(hereinafter collectively referred to as the "Social Profile"),
3. contact the Personal Data Controller (e.g. by phone, e-mail),
4. are employees, collaborators or representatives of the Controller's contractors.
The Privacy and Cookie Use Policy applies to the situation of all persons whose personal data are processed in connection with the situations indicated in sections 1-4 above (hereinafter: "Users").
Personal Data Controller
The Controller of the Users' personal data is Endego spółka z ograniczoną odpowiedzialnością [limited liability company] with registered office in Krakow (KRS: 0000420015), ul. Samuela Bogumiła Lindego 1C, 30-148 Kraków (hereinafter: "Controller"). The Users may contact the Controller in the following way:
by post to the address: ul. Samuela Bogumiła Lindego 1C, 30-148 Kraków;
by e-mail: email@example.com;
by phone: +48 12 397 21 82
Data Protection Officer
The Controller has appointed a Data Protection Officer (hereinafter: DPO) - Ms. Renata Ciupka. The DPO is a person who can be contacted by the User in all matters concerning the processing of personal data and exercising rights in relation to data processing. The DPO can be contacted as follows:
by letter to the address: ul. Samuela Bogumiła Lindego 1C, 31-148 Kraków;
by e-mail: firstname.lastname@example.org.
Purposes and legal basis of personal data processing
Users' personal data will be processed for the following purposes and based on the following legal bases:
Providing answers to queries sent by the Users and contacting the Users in matters they have addressed to the Controller, among others, by sending a message to the Controller's e-mail address or through a chat communicator on the Social Profiles. The legal basis for data processing is the Controller's legitimate interest (Art. 6(1)(f) GDPR), consisting of the need to respond to the Users.
Setting up and maintaining an account at support.endego.com in order to use the Controller's support centre and obtain help or answers to questions regarding software or other services provided by the Controller. The legal basis for data processing is the necessity to perform the agreement (Terms of Service) or to take action before concluding an agreement with the User (Art. 6(1)(b) GDPR), as well as the Controller's legitimate interest (Art. 6(1)(f) GDPR), consisting of the need for proper communication with contractors and persons interested in the Controller's services.
Controlling and analysing traffic on the Website and on the Social Profiles, conducting marketing activities. The legal basis for data processing is the Controller's legitimate interest (Art. 6(1)(f) GDPR), consisting in promoting the Controller's services.
Contacting the Users in current matters, including in particular the execution of contracts between the Controller and the User, the User's employer or the entity the User represents, presenting offers, receiving orders and orders, answering questions. The legal basis for data processing is the Controller's legitimate interest (Art. 6(1)(f) GDPR), consisting in the need for current contact with the Controller's contractors.
Performing contracts concluded between the Controller and the User, the User's employer or the entity which the User represents, including accepting and processing orders, placing orders, concluding contracts, performing accounting activities, accounting services, debt collection. The legal basis is the necessity to perform the contract or take action prior to concluding a contract with the User (Art. 6(1)(b) GDPR), as well as the Controller's legitimate interest (Art. 6(1)(f) GDPR), consisting of the need to correctly perform contracts with the contractors.
Fulfilling legal obligations incumbent on the Controller, including in particular those under tax law (legal basis – Art. 6(1)(c) GDPR).
Establishing, securing and asserting of possible claims on the part of both the Controller and the User. The legal basis is the Controller's legitimate interest (Article 6(1)(f) GDPR) in being able to establish, assert or defend claims.
Categories of personal data concerned
Recipients of the data (categories of recipients)
Users' personal data may be made available to external entities providing services for the Controller, such as accounting services, as well as IT service providers, including e-mail and contractor support system. The Administrator may disclose personal data to third countries outside the EU only if an adequate level of personal data protection is found in that country. The Controller transfers data to:
Google LLC with its registered office in California, USA and Google Ireland Ltd - entities, which are responsible for traffic analysis within this website. Information about how Google LLC with and Google Ireland Ltd process personal data can be found here: https://policies.google.com/privacy?hl=en-US.
HappyFox, Inc. with its registered office in California, USA (47 Discovery, STE 170, Irvine, CA 92618) - this entity is responsible for providing the platform which ensures the functioning of the website support.endego.com. HappyFox Inc. acting in this capacity is a processor of personal data on behalf of the Controller. Information on how Happy Fox Inc. processes personal data can be found here: https://www.happyfox.com/privacy-policy/.
Google Ireland Ltd and Facebook Ireland Ltd are entities under the laws of Ireland and thus apply the EU rules on the processing of personal data. HappyFox Inc. Is an entity organized under the laws of the State of California, USA.
Period of personal data retention
We will retain your data for the period necessary to fulfil the purposes set out above. If:
the User's personal data are processed in connection with the performance of a contract concluded with the User, his employer or the entity which the User represents, we shall store them for the period of performance of the contract and, to the extent necessary, for 5 years counting from the end of the calendar year in which the deadline for payment of tax due in connection with the conclusion and performance of the contract expired, or longer if required by law;
the User has contacted the Controller - their data will be processed for the period necessary for the purposes of contacting the User and for a period of 2 years after the end of the contact,
our personal data is processed in connection with the use of Social Profiles, for the period that you have an account on that Social Profile.
If the User's personal data is no longer necessary for the purposes for which it was processed, the Controller shall keep it for the purpose of establishing, investigating or defending against possible claims on the part of both the Controller and the User only for the period of the statute of limitations for the claims laid down by law.
Consequences of not providing personal data
Apart from cases in which the provision of personal data is a legal requirement, the provision of personal data is entirely voluntary, but failure to do so will make it difficult or impossible for us to fulfil the purposes set out above.
Information on automated decision-making
Users’ data shall not be processed in order to take automated decisions with regard to the User, including the User's profiling by the Controller.
Source of personal data
The Users' personal data, which is not collected directly from them, may be collected from their employers, collaborators or entities which the User represents. The Controller may also process personal data from publicly available sources.
Rights in relation to personal data processing
The User shall have the following rights in relation to personal data processing:
The right of access to personal data, the right to request rectification, erasure or restriction of personal data processing, insofar as these rights are not excluded or restricted by law.
The right to object to personal data processing due to the User's specific situation - in cases where the User's personal data is processed on the basis of the Controller's legitimate interest.
The right to transfer data, i.e. the right to receive personal data in a structured, commonly used and machine-readable computer format. You may transfer this data to another controller or request that we transfer the data to another controller. However, we will only do this if such a transfer is technically possible.
the right to lodge a complaint with the authority - the Polish Data Protection Commissioner.
Other rights arising from generally applicable regulations.
To exercise the above rights, please contact the Controller.
What are cookies?
Cookies are web data, in particular text files, which are stored on the User's terminal device (computer, mobile phone, tablet). First of all, they contain the name of the website of their origin, its unique number, time of storage on the terminal device. Cookies provide the Controller with statistical information about User traffic, User activity and the manner of using the Website. They make it possible to adapt content and services to User preferences.
What are cookies used for?
1. The cookie mechanism is not used to obtain any information about the Users, with the exception of information about their behaviour on the Website.
2. The Controller stores cookies on the Users' terminal equipment in order to:
a. adjust the Website to the Users' needs and to optimise the use of the websites;
b. remember User's preferences and individual settings, to recognise User's device and to appropriately display the website adapted to User's needs (full version, mobile version of the website);
c. create viewing statistics for the Website, which help to understand how the Users use the Website, making it possible to improve its structure and content;
d. maintain the User session (after logging in), thanks to which the User does not have to re-enter his/her login and password on each sub-page of the Website;
e. analyse User behaviour, including with the help of third parties (Google), and adjust advertisements displayed.
3. Due to the fact that the Website contains a plug-in for the social networking sites of Facebook and Linkedin, sometimes cookies may also be used in order for these Social Networks to take note of the User's presence on the Website, as well as to adapt the advertisements displayed to the User's activity.
What types of cookies do we have?
There are two main types of cookies used on the Website:
session cookies; and
Session cookies are temporary files that are stored in the User's terminal equipment until logging off, leaving the website or switching off the software (web browser). Persistent cookies are stored in the terminal equipment of the User for the time specified in the parameters of cookies or until they are deleted by the User.
The following types of cookies are used on the Website:
strictly necessary cookies to enable the use of services available on the Website, e.g. authentication cookies used for services requiring authentication on the Website;
cookies used for security purposes, e.g. used to detect misuse of authentication on the Website;
efficiency cookies, enabling the collection of information on how the Website's pages are used;
functionality cookies, which make it possible to "remember" the User's selected settings and personalize the User's interface, e.g. with regard to the chosen language or region of origin of the User, the font size, website layout, etc.
statistics cookies which enable analytical measurements to be made regarding User activity on the Website; for this purpose the Controller uses Google Analytics technology.
How to block cookies?
In many cases, web browsers allow cookies to be stored by default in the terminal equipment of the User. Website Users may at any time make changes in settings concerning cookies, e.g. in such a way as to block the automatic handling of cookies or inform on their each placing in the equipment of the Website User. Detailed information on the possibility and methods of using cookies are available in the settings of browsers or on the following websites:
in Microsoft Edge browser
in Mozilla Firefox browser
in Chrome browser
in Safari browser
in Opera browser
In addition, the User can block the sharing of Google Analytics about their activity on the Website using the solutions available here: https://tools.google.com/dlpage/gaoptout.