The following document concerns personally identifiable information (personal data) that you can be asked to provide and that can be processed by our Company. Such data are needed to fulfil agreements executed within cooperation with the Company (more information concerning this aspect can be found on a further part of this document).
At your request, the Company can provide you with further information concerning processing and protecting personal data while visiting websites of the Company or during the communication with the Company using other channels.
The Company as a controller of personal data
Iseno spółka z ograniczoną odpowiedzialnością with a registered office in Warsaw, Poland with the address (00-095) at Plac Bankowy 2 entered into the register of entrepreneurs under KRS number: 0000775753 kept by District Court in capital city of Warsaw, XIII Commercial Division for National Court Register, with tax identification number NIP: 524288256, statistical number REGON: 382807991, with share capital PLN 5,000.00 (hereinafter referred to as “Company”), is a controller of personal data provided by you and collected on the website https://iseno.net/. Data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”), as well as other adequate regulations concerning personal data.
In case of any complaint concerning processing your personal data that cannot be dealt with by our Company, please contact the competent Personal Data Protection Office.
Collecting personal data
We hope the following information will help you to make a conscious decision related to providing your personal data to us. We would like to remind that you are always able to decide to provide or not to provide such data.
If you already cooperate with the Company or you are willing to do so, you can be provided with marketing and promotional materials, as well as other general information, or you can contact us online and due to that the Company may collect the following personal data (depending on a communication channel):
- contact data – a name and a surname, a position at the company, the company name, a phone number (including a mobile phone number, if provided), a mailing and postal address, as well as all other information that the you provide of your own free will in the addressed message;
- business data – data concerning affairs you provide information about or cases you are involved in;
- information from public sources – e.g. LinkedIn and other community websites, internet sources and publications;
- information concerning your affairs in the scope necessary to deal with them on your behalf;
- information concerning subscriptions and preferences – while signing up for various newsletters and instant messengers to specify what content you are interested in;
- information about providers – contact data and other information about your company and other entities that provide you with products or services;
- social media content – posts, likes, tweets and other interactions concerning social media activities;
- technical information – while entering the website (IP address, information about a web browser, e.g. Internet Explorer, Firefox, Safari, time zone data, web browser plugins, an operating system, e.g. Vista, Windows XP, MacOS, a type of device and its model, MAC address, universally unique identifiers and data concerning mobile networks);
- data available online – while visiting the website (information concerning the visited website, including URL and all visits on our websites, including the exact time, data concerning user’s networks, e.g. information about devices, nodes, configuration data, internet connection speed and network efficiency; visited and searched websites, responsiveness, download errors, duration of visits on websites, information concerning interactions such as scrolling, clicks, moving the mouse pointer, as well as information about opening messages and email messages.
The Company does not collect personal data of users that concern online activities on external websites and services provided by them.
All above data are provided to us directly by you or entities that deal with data verification and which support us in fulfilling law obligations according to regulations that are related to preventing from money laundering, sanction screening and regulatory control.
Legal basis of collecting and processing personal data
Regardless what services of the Company you are interested in, we ask you to provide us with personal data only when there is a legal basis for that. If your consent to collect and process your personal data is needed, a form to give such consent shall be delivered to you in a transparent and clear form.
Your personal data may be processed by us for the following reasons:
- you have given us consent to do so, for example while providing us with detailed information for the particular reason;
- it is necessary to provide services within the agreement that has been executed;
- it is necessary to perform legal or regulatory activities, especially to prevent from money laundering and to perform obligatory verification control or to disclose information to public authorities or law enforcement bodies;
- it is necessary to conduct and assert legal claims;
- to contact you after having used our contact form;
- processing data is necessary for the legitimate interest of the Company or third parties if the above does not infringe upon the interest or laws that are entitled to you as an individual entity. The “ legitimate interest of the Company” is understood as managing our relationship with you, your company or organisation as a customer, specifying your needs, improving services and solutions offered by the Company, fulfilling conditions of providing services, websites, as well as other conditions, keeping our systems secure, managing relationships with providers of products and services, developing existing relationships with business partners, making payments and legal protection of interests of the Company.
If we have asked you to give us consent to process your data, you have the right to withdraw your permission at any time by contacting us. If you decide to do so, we are not going to use or process your data any longer. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
How do we use your personal data?
The Company may use your personal data for the following purposes:
- to provide services to perform a contract (GDPR, Art. 6, section 1[b]);
- to maintain business relationships – managing and administering our relationship with you, your company or organisation, including registering business activities, services and payments to adjust our offer to your needs, develop our relationship and appropriately target our marketing activities and campaigns (GDPR, Art. 6, section 1[f]);
- to provide proper communication – sending email messages, newsletters and other information about our services, responding to your messages sent by a contact form or in any other way (GDPR, Art. 6, section 1[a,f]);
- to collect customer feedback, including information about events and activities concerning providing feedback and collecting clients’ opinions, as well as dealing with problems and doubts (GDPR, Art. 6, section 1[f]);
- to monitor websites – taking care about proper functioning of websites and other technological services, as well as optimising their functionality (GDPR, Art. 6, section 1[f]);
- to provide online security – protecting information resources and technological platforms against unauthorized access or improper use, as well as monitoring to detect malware and other possible dangers (GDPR, Art. 6, section 1[f]);
- regulatory purposes – fulfilling legal and regulatory obligations of the Company, including obligations related to audits and reporting activities (GDPR, Art. 6, section 1[c]);
- managing relationship with providers of services (GDPR, Art. 6, section 1[a,f]);
- whenever it is necessary for the legitimate interests specified in the following Policy (GDPR, Art. 6, section 1[f]).
Are your data transferred beyond the European Economic Area (EEA)?
Our Company is currently not planning to transfer personal data beyond the European Economic Area (i.a. the area that links the EU Member States, Iceland, Lichtenstein and Norway) except for electronic communication services provided using cloud computing with the provisions specified by providers of such services (Google).
If the Company decides to transfer data beyond EEA, it shall be done only under the provisions of adequate law, especially provided under GDPR such as contractual clauses approved by the European Commission.
Exchange of information
The Company never discloses or sells personal data to other companies or individuals. Subject to provisions laid down by Policy, or under your consent, personal data may be disclosed to or exchanged with:
- personal data providers and controllers that cooperate with the Company, including providers of IT and telecommunications services, for business support purposes, administrative service providers, for legal process outsourcing purposes, to providers of postal and courier services, as well as payment services (banks, payment institutions), judicial authorities to conduct legal proceedings, entities cooperating with the Company to support tax advisory, accounting and legal services;
- companies that are parts of the corporate group, i.e. E-UX.PRO LTD, with registered office in Poole (BH15 1DX) United Kingdom, Suite 18 Equality Chambers, 249 High Street North, registered in the Register of Entrepreneurs kept under number 12828926 for the purposes of direct marketing by companies that are parts of the corporate group;
- law enforcement authorities and regulatory bodies, as well as other competent bodies in compliance with laws and regulations and good practice;
- competent parties in case of emergencies, especially to protect health and safety of our clients, staff and the organisation;
- your company or organisation regarding services provided by our Company;
- verification service providers – to fulfil law obligations that are related to preventing from money laundering, sanction screening and regulatory control.
Data may be disclosed to companies that are parts of ISENO sp. z o.o. [Polish limited liability company] corporate group in the scope necessary to provide services for clients, business entities, perform marketing activities and provide services for companies the corporate group consists of.
Due to the globalisation of electronic services (the Internet), we can store and process personal data collected on our website in every country where our hosting service providers keep their systems. Being provided with services by our Company in an electronic way, you agree to transfer your personal data to such entities, including those located in other countries.
Exchange of confidential information
We ask you not to provide us with any confidential information until we have confirmed in a written form that we represent or act on behalf of you or your company or organisation. Receiving email messages from entities that are not our clients is not equivalent to establishing a customer-service provider relationship. Such messages are not classified as confidential, therefore they may be disclosed to third parties.
We try to implement proper technical and organisational solutions to protect your personal data against accidental or illegitimate destruction, loss or change, as well as against their disclosure or unauthorized access and any other illegal way of processing them. Our purpose is to provide security and proper precautions concerning your personal data to minimise the chance of any abuse while using and processing them.
The access to your personal data is limited to our employees, co-workers and providers that need to use this information and process it on your behalf and that are obliged to maintain confidentiality and security of your data.
Do we profile personal data?
We do not make any decision that is solely based on automated processing of personal data, including profiling them.
Inaccuracies and invalid data
While processing your personal data, we try to assure their accuracy and validity. Incomplete and inaccurate data are going to be deleted. To update or correct personal data, it is necessary to send a request to the following email address: [email protected]
When all services have been provided, your personal data are stored within civil claim limitation period. After this period all data are deleted.
If the legal basis to process your data is your consent, it can be withdrawn at any time. After such a withdrawal, the Company may be obliged to store your personal data for some period due to law obligations, or in some circumstances, related to legal disputes.
Links to third-party websites
The Company may use information provided on our website or in any other way for direct marketing purposes or other purposes related to receiving emails, newsletters and other information about our services, including events that, in our opinion, may be within the scope of your interest.
The companies that are parts of the Iseno sp. z o. o. corporate group may perform direct marketing activities within the range of data they have been provided with.
At any time, you can decide not to receive direct marketing content from our Company. To do so, it is enough to send us a message to the e-mail address [email protected]
Rights provided within the Policy
Individuals or business entities whose personal data are processed have the following rights:
- the right to access personal data (submit a request concerning processing data and receive a copy of their personal data, including a copy of personal data that are disclosed to entities in other country), correct it, delete, limit the processing of data (suspending operation performed on such data or not deleting them – in accordance to the request), as well as to transfer data to another data controller (in accordance to Article 20 of GDPR);
- the right to withdraw consent to process personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
- in exceptional cases, at any time you have the right to object to the processing your data by the Company if the premise to use them is related to legitimate interest of the Company or public interest. In such a situation, after processing such a claim, the Company shall not be entitled to process data, subject to this claim, unless the Company proves other justified grounds for processing personal data that take precedence over interests, rights and freedoms of an individual or grounds for establishing, exercising and defending legal claims,
- to lodge a complaint with a supervisory authority.
An individual whose data are processed within direct marketing activities has the right to object to the processing data for marketing purposes.
The scope of above rights and situations in which they are applicable arise from generally applicable law. In order to protect data against unauthorized access, the Company may require additional verification of a data subject or other additional information.
The enforcement of any of above rights arises from provisions of generally applicable law and depends on legal basis concerning data processing and the purpose for their processing.
Examining motions within the scope of your rights
The Company may charge an administrative fee to examine a motion (including groundless ones) whenever it is provided for by the law.
All submitted motions shall be examined by the Company in a due manner and without delay, within 30 days at the latest after receiving them.
If a motion is rejected or if it is noted that the processing personal data by the Company violates proper regulations, including the GDPR, an individual whose is a data subject has the right to file a complaint to the President of the Personal Data Protection Office.
The nature of data
Providing us with your personal data may be of the following nature:
- contractual – submitting personal data while making an agreement is voluntary, but at the same time it is necessary to execute and perform an agreement. The failure to submit data shall be equivalent to the failure to execute and perform an agreement;
- voluntary – data are submitted based on the consent given by you, however, failure to do so may prevent, depending on the specific case, the conclusion of a contract, use of selected services, use websites functionality or receipt of marketing content.
The Company reserves the right to amend the following Policy. It is not expected to introduce major changes, however it is possible in specific circumstances. The date of last modification is submitted at the beginning of the Policy. Such changes shall also be announced on our website.
Cookies are small text files that are sent are placed on a user’s device by visited websites. They do not cause any configuration change of a device. They are not used to process or store your data.
Our website may use the following types of cookies:
- session cookies – allow to use all functions of a website, they are deleted when a web browser has been closed;
- persistent cookies – allow to use some functions of a website and collect statistical data, once their expiration date is reached, they are destroyed, you can also delete them earlier.
Web browsers enable cookies by default. It is possible to change such settings and to completely or partly block cookie files, as well as to make a web browser notify you about cookies that are to be stored on your device. Further information about cookie settings can be found on a website or in the “Support” or equivalent page provided by a web browser provider. Blocking cookie files may partly or completely disable particular functions or sections of our website.
In case of any further questions or to exercise your rights, you can contact us via email ([email protected]).