Privacy Policy

PRIVACY POLICY
v. 3.0 of September 27, 2023

GENERAL OVERVIEW

This Privacy Policy applies to personal data collected by us (“FPWD”, “we”, “us” and/or “our”) when you use our website (“Site”) and/or our products, services or apps (“Services”), or otherwise you provide us with your personal data. Please read this Privacy Policy carefully to understand our practices regarding your personal data and how we will process it.

If you do not agree with our Privacy Policy, please do not use our Site or Services, or do not otherwise provide us with your personal data. In order to provide the Site and Services, we process personal data from our Site visitors (“Site Visitors”) and/or our customers (“Customers”) in accordance with the rules set forth below.

WHO WE ARE

FPWD is a company registered in Poland (UE) with the following identification data:

FPWD sp. z o.o.
ul. Czysta 10/5, 31-121 Kraków, Poland (EU)
NIP: 6762568854
REGON: 383961027
KRS 0000796238
Share capital: PLN 30.000
e-mail: [email protected]

Please be advised that we are the data controller within the meaning of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC – General Regulation on the Protection of Personal Data (“GDPR”).

GDPR have replaced the EU Data Protection Directive 95/46/EC of 1995 and superseded each EU Member States legal regulations regarding the processing of personal data. Its purpose is to protect the rights and freedoms of natural persons (i.e. living individuals) and to ensure that personal data is processed lawfully and safely.

GDPR applies to all data controllers that are established in the EU who process personal data in connection with their activity. GDPR also applies to controllers not established in the EU, if they process personal data in order to offer goods and services or monitor the behavior of data subjects who are resident in the EU.

TO WHOM DOES THIS PRIVACY POLICY APPLY?

This Privacy Policy applies to:

1. Site Visitors: visitors to our Site, including those who may opt-in to receive commercial communications from us and/or those who may send us their personal data in order to communicate with us;
2. Customers: this includes any person who provide us with personal data individually or on behalf of an entity or organization in order to use our Site and/or Services.

Children’s Privacy: Please note that FPWD does not knowingly collect information from children under the age of 16. If you are under the age of 16, please do not submit any personal data to us. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal data without their permission. If you have reasons to believe that a child under the age of 16 has provided personal data to FPWD through the Site or Services, please contact us at [email protected] or via the contact form available on our Site and we will endeavor to delete that personal data from our databases.

PERSONAL DATA WE PROCESS

What personal data we collect and process depends on how and why you use our Site and/or Services. In general, we process personal data that we receive: (a) directly from you, when you provide us with your personal data, such as in connection with our Site and/or Services; (b) indirectly, i.e. through automated technologies such as cookies (for more information about cookies please see section 4 below).

Please note that you can visit our Site without having to submit any personal data. However, if you want to use the full functionality of our Site, or you want to use our Services or otherwise provide us with your personal data, we will process this information in the following way:

1. Contact Form: If you contact us via the contact form on our Site, we will ask you to provide your personal data (your first and last name, email address, company name, size of the company).
2. Device and Usage Information: When you use or interact with the Site we, or authorized third parties engaged by us, may automatically collect information about your use of the Site via your device. This information is collected via cookies and/or similar technologies (“Device and Usage Information”) and consists of:
   • Information about your device: Information about the devices and software you use to access the Site — primarily the Internet browser or mobile device that you use, the website or source that linked or referred you to the Site, your IP address or device ID, the operating system of your computer or mobile device, and other similar technical information.
   • Usage information: Information about your interactions with the Site, including access dates and times, device event information, log data and cookie data. This information allows us to understand the screens that you view, how you’ve used the Site and/or Services, and other actions on the Site. We, or authorized third parties, automatically collect log data when you access and use the Site. We use this information to administer and improve the Site and/or Services, analyze trends and track users’ use of the Site.
   • Location information: based on the Device and Usage Information, we are also able to determine general location information, but we do not store IP addresses.
3. We use Piwik PRO Analytics Suite as our website/app analytics software and consent management tool. We collect data about website visitors based on cookies. The collected information may include a visitor’s IP address, operating system, browser ID, browsing activity and other information. See the scope of data collected by Piwik PRO.We calculate metrics like bounce rate, page views, sessions and the like to understand how our website/app is used. We may also create visitors’ profiles based on browsing history to analyze visitor behavior, show personalized content and run online campaigns.We host our solution on Microsoft Azure in Germany/Netherlands/United States/Hong Kong/ElastX in Sweden, and the data is stored for 14/25 months.The purpose of data processing: analytics and conversion tracking based on consent. Legal basis: Art. 6 (1)(a) GDPR.Piwik PRO does not send the data about you to any other sub-processors or third parties and does not use it for its own purposes. For more, read Piwik PRO’s privacy policy.
4. Videos: Our Site may contain videos and/or links to videos and other materials relating to our Services. If you click on a link or view a video, we do not collect any information, however, the third-party video platforms, such as YouTube, may collect some personal information as set forth in their privacy policies.

COOKIES

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you. The information does not usually directly identify you. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the Site and/or our Services we are able to offer you. You can manage cookies when you first visit our Site by clicking the “Settings” button. You can also change your settings at a later time.

We may use cookies and other tracking technologies for the following purposes:

1. Strictly necessary cookies: These cookies are necessary for the operation of the Site and cannot be disabled in our settings. They are usually used in response to actions taken by the Visitor (e.g. requests for our Services, setting privacy preferences, filling out the contact form). You can set your browser to block or alert you about these cookies, but some parts of the Site will not then work properly. Strictly necessary cookies do not store any data that directly identifies you.
2. Targeting cookies: These cookies may be set through our Site by our advertising partners. They may be used by those entities to build a profile of your interests and show you relevant adverts on other websites. They do not store directly personal information, but are based on data uniquely identifying your browser and your internet device. If you do not allow these cookies, you will experience less targeted advertising.
3. Functional cookies: These cookies enable the Site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our Site. If you do not allow these cookies then some or all of these services may not function properly.
4. Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Site. They help us to know which pages are the most and least popular and see how Site Visitors move around the site. If you do not allow these cookies we will not know when you have visited our Site, and will not be able to monitor its performance.

To obtain a current list of cookies that we use, please contact us at this e-mail address: [email protected] or via the contact form available on our Site.

HOW DO WE USE YOUR PERSONAL DATA?

We use your personal data for a number of different purposes, as further explained below. In accordance with the provisions of the GDPR, we must have a valid legal basis in order to process your personal data. The legal bases under the GDPR that justify our processing of your personal data are:

1. performance of a contract: when your personal data is processed in order to enter into or perform a contract concluded between us, such as when you engage us to provide you with our Services;
2. your explicit consent: when you have consented to our use of your personal data for marketing and advertising purposes;
3. our legitimate interests: when we use your personal data to achieve a legitimate interest (i.e. when you provide us with your personal data via the contact form available on our Site) and our reasons for using it outweigh any prejudice to your data protection rights;
4. our legal obligation: when we must process your personal data in order to comply with our legal obligations;
5. defending legal claims: when processing of your personal data is necessary for us to defend, prosecute or make a claim.

Below are the purposes and corresponding legal bases for which we may use your personal data:

1. providing you access to the Site and/or Services, including providing content, features and functionality (depending on the context – our legitimate interest or performance of a contract);
2. carrying out our obligations and enforcing our rights arising from a contract entered into between us (depending on the context – performance of a contract or defending legal claims);
3. processing transactions, including verifying payments and sending you related information, purchase confirmations, invoices and notices (depending on the context – performance of a contract or our legitimate interest);
4. developing and improving the Site and/or Services, as well as improving user experience and conducting research studies and/or surveys (our legitimate interest);
5. responding to your queries and requests, or otherwise communicating with you such as to give you response to your application or to manage customer service or feedback (depending on the context – performance of a contract or our legitimate interest);
6. site maintenance and updates, as well as enabling new features and enhancing both Visitor and Customer experience (our legitimate interests);
7. detecting fraud, illegal activities or security breaches (depending on the context – compliance with our legal obligations or our legitimate interest);
8. ensuring compliance with applicable laws (compliance with our legal obligations);
9. conducting statistical analyses by monitoring and analyzing trends, usage, and activities on the Site (your explicit consent, where required, or legitimate interests);
10. increasing the number of customers who use our Site and/or Services through marketing and advertising (your explicit consent);
11. sending commercial communications, in line with your communication preferences, about products and services, newsletters, offers and events (your explicit consent);
12. providing information to regulatory bodies when legally required, and only as outlined below in this Privacy Policy (compliance with our legal obligations).

DISCLOSURE OF YOUR PERSONAL DATA

We only disclose your personal data as described below:

1. Third-Party Service Providers: We may disclose your personal data to our third party agents, contractors, or service providers who are hired to perform services on our behalf. These companies do things in order collect specific information and/or help us provide the Site and/or Services. Below is a list of functions for which we may use third-party service providers:
   • hosting and content delivery network services;
   • analytics services;
   • marketing and social media partners;
   • customer support services;
   • payment processors;
   • functionality and debugging services;
   • professional service providers, such as auditors, lawyers, consultants, accountants.
2. Compliance with legal obligations, ensuring safety and cooperation with our clients: In addition to the above, we may disclose your personal data in limited circumstances, including: (i) on the basis of your explicit consent for specific purpose; or (ii) when it is required by applicable laws, such as pursuant to a subpoena, warrant or other judicial or administrative order; or (iii) to protect your safety or the security of our Site and/or Services or to prevent spam, abuse, or other malicious activity of actors with respect to the Site and/or Services; or (iv) when it is required by our clients in order to manage our business cooperation on the bases of a separate agreement; or (v) to protect our rights or the rights of those who use the Site and/or Services. If we are required to disclose your personal data by applicable laws, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to only respond to requests that are properly issued in accordance with applicable laws and to the extent required by these laws.

PERSONAL DATA SECURITY

We respect and protect your privacy, which is why we have put in place reasonable security measures to protect your personal data. What’s more, we constantly monitor the processing of your personal data so that it complies with the provisions of the GDPR.

Please note that you are responsible for any personal data provided to us via our Site and/or Services. When processing your personal data we undertake to use reasonable security measures to ensure the safety of your personal data. However, our liability is limited to the scope indicated in the preceding sentence, in particular we will not be responsible for any damages, including lost profits, resulting from the processing of personal data that: (a) violates the provisions of applicable laws, or (b) infringes the rights of third parties, or (c) constitutes sensitive personal data (i.e. personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, as well as genetic data, biometric data or data concerning health, sexuality or sexual orientation).

ILLEGAL CONTENT AND PROHIBITED USE

You may not use our Site and/or Services for any illegal or unauthorized purpose, nor may you violate any laws in your jurisdiction (including but not limited to copyright laws). It is prohibited to process via our Site and/or Services any illegal content, including personal data, that constitutes a violation of any laws in your jurisdiction, in particular: (a) content inciting hatred, in particular due to race, age, gender, nationality, national or ethnic affiliation, worldview, sexual orientation; (b) content that offends religious feelings; (c) content promoting totalitarian ideologies, in particular national socialism, fascism or communism; (d) content that violates the privacy rights of third parties; (e) content violating the intellectual property rights of third parties, including the right to a trademark or other markings, as well as violating the copyright or related rights of such persons; (f) content promoting, encouraging or facilitating the commission of a crime or misdemeanor, including a fiscal crime or misdemeanor; (g) content that may pose a threat to the proper functioning of our Products, including Apps, as well as our IT system or IT systems of any third parties (hereinafter collectively referred to as: “illegal content”).

If you become aware of any illegal content being processed via our Site and/or Services, you should immediately report this fact to us by sending a message to the following e-mail: [email protected] or contacting us via the contact form available on our Site.

We are entitled to refrain from providing access to our Site and/or Services to any Visitors and/or Customers in the event of receiving information about the storage, processing or transmission of any illegal content via our Site and/or Services by such user. In such case we will promptly delete such illegal content and take other necessary steps in order to remediate the issue.

In addition to the above-mentioned prohibitions, you are also prohibited from using the Site and/or our Services: (a) for any unlawful purpose; (b) to solicit others to perform or participate in any unlawful acts; (c) to violate any international, federal, provincial or state regulations, rules, laws, or local ordinances; (d) to infringe upon or violate our intellectual property rights or the intellectual property rights of others; (e) to harass, abuse, insult, harm, defame, slander, disparage, intimidate, or discriminate based on gender, sexual orientation, religion, ethnicity, race, age, national origin, or disability; (f) to submit false or misleading information; (g) to upload or transmit viruses or any other type of malicious code that will or may be used in any way that will affect the functionality or operation of the Site and/or Services, or of any related websites or the Internet; (h) to collect or track the personal data of others; (i) to spam, phish, pharm, pretext, spider, crawl, or scrape; (j) for any obscene or immoral purpose; or (k) to interfere with or circumvent the security features of the Site or any related websites.

A breach or violation of this Privacy Policy will result in an immediate termination of your Services which means, among other things, that you will not be able to continue using our Site and/or Services.

HOW LONG DO WE PROCESS YOUR PERSONAL DATA

We use the following criteria to determine the retention periods of your personal data: (a) the type and sensitivity of your personal data; (b) the reasons for which we collect and process your personal data; (c) the length of time we have an ongoing relationship with you and provide you with access to our Site and/or Services; (d) applicable legal requirements.

We store your personal data for as long as it is necessary to provide you with our Services on the basis of a separate contract concluded between us. If your personal data is processed on the basis of applicable laws, information about you will be processed for the period specified in these provisions. If you have consented to the processing of your personal data for the marketing and advertising purposes, your personal data will be processed by us for no longer than 10 years, unless you withdraw your consent before the expiry of this period. In other cases, your personal data will be processed until you withdraw your consent or until we no longer need to process your personal data. If your personal data is processed in connection with the protection of our claims, these data will be stored until all claims are time-barred.

If you do not wish to receive marketing and advertising information from us, we remind you that you can withdraw your consent at any time directly from the unsubscribe link contained in any electronic marketing message we send to you. If you do so, we will promptly update our databases and take all reasonable steps to promptly comply with your request. You can also contact us to the following e-mail: [email protected] or via the contact form available on our Site.

Note, however, that we may retain some of your personal data which are relevant to us (and delete others on a regular basis) in order to optimize the amount of personal data we hold about you. We will also retain your personal data we have collected from you if we are dealing with our legitimate interest or when it results from a legal obligation imposed on us (for example, to comply with applicable tax or accounting requirements). In addition, we cannot delete information when it is necessary to establish or defend our legal claims. In this case, the information about you will be kept for as long as it is necessary to assert or defend against these claims. Once we no longer have a legitimate interest to process your personal data, we will delete it immediately. If you have any questions about the storage of your personal data, please contact us at: [email protected] or via the contact form available on our Site.

In some instances, we may choose to anonymize your personal data instead of permanently deleting it, for example for statistical purposes. When we decide to anonymize your personal data, we guarantee that it will not be possible to associate this information directly with you.

WHAT ARE YOUR RIGHTS

You have certain rights in relation to your personal data:

1. the right to be informed: our obligation to inform you that we process your personal data (this also applies to information on the scope, purpose and legal basis of data processing);
2. the right of access: your right to request a copy of your personal data;
3. the right of rectification: your right to request that we correct personal data about you if it is incomplete or inaccurate;
4. the right to erasure (also known as the ‘right to be forgotten’): under certain circumstances, you may ask us to delete your personal data (unless the processing of your personal data is necessary on another legal basis, e.g. due to a legitimate interest of the data controller or to comply with a legal obligation; in such case, we will inform you);
5. the right to restrict processing: your right, under certain circumstances, to ask us to suspend our processing of your personal data;
6. the right to data portability: your right to ask us for a copy of your personal data in a common format;
7. the right to object: your right to object to us processing your personal data.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns and/or complaints before you approach the supervisory authority, so please contact us directly first.

You will not have to pay a fee to access your personal data or to exercise any of the other rights unless your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with your request under those circumstances.

We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. If we cannot reasonably verify your identity, we will not be able to comply with your request. We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a large number of requests. In this case, we will notify you and keep you updated as required by law.

If you wish to exercise any of the rights set out above, you may contact us at: [email protected] or via the contact form available on our Site.

INTERNATIONAL DATA TRANSFERS

In order to operate our global business, including operating our Site and providing the Services, in certain circumstances we may transfer your personal data to third countries or organizations outside the EU or the United Kingdom where the same standard of security for personal data does not apply. If you access our Site and/or use our Services or otherwise share your personal date with us, your personal data may be transferred to those third countries or organizations. Because different countries may have different data protection laws than the EU laws, we take necessary steps to ensure adequate safeguards are in place to protect your personal data, e.g. we enter into data processing agreements with our clients and customers and, where necessary, use Standard Contractual Clauses in accordance with the provisions of the GDPR.

CHANGES TO THIS PRIVACY POLICY

This Privacy Policy was last updated on the date indicated above, but we suggest that you review it from time to time, as our Site and/or Services may change. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. However, if we make changes that we believe will materially impact this Privacy Policy or your rights, we will promptly notify you of those changes. Your continued use of the Site and/or Services after any changes to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

CONTACT US

If you have any questions or suggestions regarding our Privacy Policy, please contact us at: [email protected] or via the contact form available on our Site.