Codefog Shop Privacy policy

Recitals

Codefog respects and protects the privacy and security of its Users.

The privacy policy applies to data provided by Users via websites https://codefog.pl/ and https://shop.codefog.pl/. The websites are used to process data transferred directly by the User as well as data collected automatically (via cookies).

The primary purpose of data processing is to ensure the functionality of the websites, to enable Clients to make purchases through them and to provide support to the Clients. However, the data may be processed also for the marketing and statistical purposes.

§1 Definitions

  1. The definitions adopted in the Codefod Online Shop Rules and Regulations, with the exception of item 2 thereof, apply also here.
  2. Any reference in this Policy to:
    • the Privacy Policy – will mean this document;
    • GDPR – will mean the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Data Protection Regulation);
    • the Website – will mean the websites run at the address https://codefog.pl/ and https://codefog.pl/contact.html which enable the purchase of software licenses, among others;
    • Data Controller – will mean a natural or legal person, public body, unit or other entity that independently or jointly with others sets the purposes and means of processing personal data, which in the case of data processed by the Portal is CODEFOG Agencja Interaktywna Kamil Kuźmiński, ul. Warszawska 42 lok. 1, 11-100 Lidzbark Warmiński, Lidzbark District, WARMIA and MAZURY voivodeship, Tax Identification Number (NIP): 7431990519, Statistical Identification Number (REGON): 281093831
    • cookie files – will mean small files saved on the End User device (a computer, smartphone, tablet) which save the settings and information used on the website visited by the User. The files include an identification feature. Depending on their type they are deleted after the end of a session or saved for a longer period of time on the hard drive of the device.

§2 Cookie files

  1. The Shop automatically collects information included in cookie files. The Shop’s website does not gather automatically any other information.
  2. The Data Controller is the entity placing cookie files on the End User device.
  3. The Website uses the following types of cookie files, among others:
    1. cookies enabling the use of services available via the Website, such as authenticating cookies used for services requiring authentication within the Website,
    2. “performance” cookies enabling the collection of information about the use of the Website,
    3. “necessary” cookies enabling the use of services available at the Website, for example, authenticating cookies used for services requiring authentication on the Website;
    4. “functional” cookies enabling the storage of settings selected by the User and personalisation of the User’s interface, for example, with regard to a selected language or region from which the User originates, size of font, layout, etc.;
    5. “advertising” cookies enabling the submission of advertising content to Users depending on their interests.
  4. The cookie files are used, among others, to:
    1. adjust the Shop adequately to the needs of the Users,
    2. store information about preferences and individual settings of the Users,
    3. develop statistical data on the website traffic.
  5. The Data Controller informs that the use of the cookies by the Website on the End User device depends on the settings of the web browser used by the User. The User has the right to disable the use of cookies by the Website at any time by changing the settings of the web browser.
  6. The use of the Website without changing the settings of the web browser is tantamount to consenting to the use of cookies, subject to §3.
  7. The Seller informs that disabling the use of cookies by the Website may limit access to some of its functionalities.

§3 Cookie files used for the purpose of customisation and analysis

  1. In addition to the cookies necessary to ensure the proper functioning of the Website (for example to eliminate the need to log in every time when switching between tabs of the Website), the Website uses cookies that are used for the purpose of researching and analysing the interest in the content, pages, and products of the Data Controller.
  2. Cookie files used for the purpose of customisation and analysis are only used after the User expressly agrees to their usage during the first visit on the Website.

§4 Processing of other personal data

At the Website the Data Controller collects and processes personal data provided directly by the User via registration forms:

  1. at the moment of registration in the Client’s Panel;
  2. at the moment of purchase;
  3. while using the contact form.

§5 Protection of personal data

  1. The Data Controller applies appropriate organizational and technical measures as well as privacy policies to ensure protection of personal data in accordance with the provisions of the GDPR and national regulations.
  2. Personal data collected through the Website is processed only by persons authorized by the Data Controller to process them. Moreover, personal data may be entrusted for processing to third parties which provide the Data Controller with bookkeeping and accounting services, money transfers, Website hosting and User contact.

§6 The scope and period of processing of personal data

  1. Personal data of the Users obtained by the Website will be processed:
    1. with the User’s consent - the legal basis for the processing is Article 6 (1) (a) of the GDPR. In this scope the following data is processed:
      • for the purpose of profiling, consisting in adjustment of the presented ads, pages and content to the User's preferences and analysis of interest in the content, websites and products;
      • for the purpose of providing the User with the commercial and marketing information (Newsletter) sent by the Data Controller via means of electronic communication (e-mail);
    2. in order to initiate actions at the request of the data subject before the agreement is concluded – the legal basis for the processing is Article 6 (1) (b) of the GDPR;
    3. in order to execute the agreement concluded via the Website (mainly the provision of the Client’s Panel, granting of the license and provision of support services) – the legal basis for the processing is Article 6 (1) (b) of the GDPR;
    4. in order to fulfil the legal obligation of the Data Controller – the legal basis for the processing is Article 6 (1) (c) of the GDPR;
    5. if it is necessary for purposes arising from legitimate interests pursued by the Data Controller or by a third party – the legal basis for the processing is Article 6 (1) (f) of the GDPR – the purpose resulting from legally justified interests pursued by the Data Controller or by a third party is to counteract violation of the rights of such entities, e.g.: to bring an action against the violation of proprietary copyrights of the Data Controller or to initiate proceedings against a User who obtained unauthorized access to Client’s Panels other than that User’s Panel.
  1. The period of processing of the Users’ personal data is:
    1. with regard to data processed on the basis of an agreement – until the date of withdrawal of consent and maximum 30 days after said date, due to the need to perform technical activities to delete this data;
    2. with regard to data processed on the basis of a demand of the data subject, before the agreement is concluded – until the moment the demand is satisfied or until the basis for their satisfaction ceases to exist;
    3. with regard to data processed for the purpose of the performance of the agreement – for the whole duration of the perofrmance of the agreement and until the expiry of the claims arising from the contract; the obligations performed under the contract concluded through the Website are, primarily:
      • maintaining the Client’s Panel;
      • granting license to the purchased software;
      • providing the support services, namely making the updates and additional filed available for a period of 365 days from the date of the license purchase;
    4. with regard to data procesed in order to fulfill the legal responsibility imposed on the Data Controller – until the moment the legal responsibility imposed on the Data Controller is fulfilled or ceases to exist;
    5. with regard to data processed for the purposes arising from legitimate interests provided by the Data Controller or a third party – for a period of 5 years, counting from the moment of license purchase or extension of the software subscription or until the moment of finalising the proceedings pending against the User who had violated the rights of the Data Controller or of another User, if the proceedings were initiated in said period

– while the User data will be processed for no less than 5 years, if it is necessary for the Data Controller to store the accounting documentation, ledgers and documents related to their keeping. Such period will be calculated in accordance with the provisions of the Accounting Act and the Tax Ordinance

  1. Granting consent to the processing of personal data is voluntary. The consent to the processing of personal data may be withdrawn at any time. Withdrawing the consent does not affect the compliance with law of the processing of data performed on the basis of the User’s consent before the withdrawal.
  1. Providing the personal data is voluntary, while:
    1. provision of personal data in order to satisfy a demand of the data subject, before the agreement is concluded
    2. or in order to perform the agreement
  2. constitute, respectively, the requirement for the conclusion of the agreement or a contractual requirement and is necessary for the purpose of conclusion or performance of the agreement. The failure to provide the personal data makes it impossible.
  1. The User, at any time, has the right to demand the Data Controller to be granted access to the collected data, to have them corrected or removed and has the right to limit the scope of the processing. The User may at any time oppose to the Data Administrator with regard to the processing of personal data relating to them: for the purposes of direct marketing, including profiling, to the extent to which the processing is related to such direct marketing; for purposes resulting from legitimate interests pursued by the Data Controller by a third party.
  1. The User whose data is processed in an automated way and on the basis of consent granted or concluded agreement has the right to transfer their data. It means that the User has the right to receive their personal data delivered to the Data Controller in a structured, commonly used electronic format and the User has the right to send the data to another controller without any hindrance from the Data Controller. By exercising their right to transfer data, the User has the right to demand to have the personal data sent by the Data Controller directly to another controller, if it is technically possible.
  1. The User has the right to file a complaint with the supervisory authority if they think their data is processed by the Data Controller in a manner which is against the provisions of law.
  1. The processing of personal data uses the automated decision-making procedure (with regard to Users who do their shopping on the Website) by automatic verification of the completeness of personal data supplemented by the User, required to grant them a software license and by means of verification of payment for granting a license. Their intended consequence is to provide the User with the software (via the means of electronic communication), to which they acquired the right of use.

§7 Redirecting to other websites

The Website may contain links which redirect the User to another website. The Data Controller tries to ensure that the links located on the Website do not lead to addresses which may pose a threat to the User. In most cases the links refer to the websites of the business partners of the User and the providers of advertisements. However, the Data Controller does not oblige and does not expect from the User to visit these websites and is not responsible for their content, the means of protection of these connections and the rules of the processing of personal and operational data applied by entities running these websites.

§8 Final provisions

  1. The fastest way to contact the Data Controller in the matters regarding the privacy and protection of personal data of the Clients is by sending an e-mail message to info@codefog.pl or with the use of the contact form available on the website https://codefog.pl/contact.html.
  2. The Data Controller reserves the right to change this Privacy Policy by publishing a new version of the taxt of the document on the Website.