Privacy Policy Basic Terms Website/Data Administrator – the Website Administrator and the Personal Data Administrator (hereinafter: “Administrator”) is Alsendo spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, at ul. Franciszka Klimczaka 1, 02-797 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, XII Commercial Department of the National Court Register: KRS: 0000678992, REGON: 367328934, NIP: 8971840043 (hereinafter: “Alsendo”). User – any natural person whose personal data is processed by the Administrator. Device – an electronic device with software through which the User gains access to the Website. Personal data – all information concerning a natural person identified or identifiable by one or more specific factors determining the physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, location data, Internet identifier, and information collected through cookies and similar technology. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (general regulation on data protection). Website – the “Alsendo.com” online service operating under https://alsendo-new.sc.testbox.pro/. Processing of personal data – any operations concerning personal data, especially those performed in IT systems, such as collecting, recording, storing, processing, altering, sharing, and deleting personal data; Violation of personal data – a security violation leading to accidental or unlawful destruction, loss, modification, unauthorized disclosure, or unauthorized access to Personal Data transmitted, stored or otherwise processed. Cookies – text data collected in the form of files placed on the User’s Device. Purpose and legal bases for the processing of personal data Your Personal Data may be processed by the Administrator on the basis of: consent (Art. 6 section 1 letter a of the GDPR) in order to: establish contact with the User within the scope of a message sent via the contact form functioning on the Website; conduct marketing and promotion of services provided by the Administrator, consisting in informing the User about the current offer and new functionalities of the Website. necessity to perform an agreement or to take action before its conclusion (Article 6 section 1 letter b of the GDPR); in order to fulfil other obligations arising from legal provisions (Art. 6 section 1 letter c of the GDPR); in order to pursue other legitimate interests of the administrator or a third party (Art. 6 section 1 letter f of the GDPR), in particular handling complaints and possibly determining and pursuing claims or defending against them. The Administrator processes personal data of Users visiting the Administrator’s profiles handled in social media (Facebook, Instagram, YouTube, Twitter, Google+, LinkedIn). This data is processed in order to inform Users about the Administrator’s activity, to offer services, as well as to communicate with Users through tools available in social media. The legal basis for the processing of personal data for this purpose consists in the Administrator’s legitimate interest (Art. 6 section 1 letter f of the GDPR) consisting in promoting own brand and offered services as well as building and maintaining a branded community. If it is provided by the Website, by checking the appropriate window in the registration form, the User may refuse or agree to receive commercial information by means of electronic communication, in accordance with the Act of July 18, 2002 on the provision of electronic services (Journal of Laws of 2002 No. 144, item 1024 as amended). In the event that the Website User has agreed to receive commercial information by means of electronic communication, the User has the right to withdraw such consent at any time. Exercising the right to revoke consent to receive commercial information is carried out by sending a proper request by e-mail to the Administrator’s address, along with the User’s name and surname.4. As part of the Website, the Administrator may automatically adjust certain content to the User’s needs, i.e. perform profiling, using the personal data provided by the User. This profiling consists primarily in automatically assessing which products the User may be interested in, based on the User’s previous activities undertaken on the Internet, including as part of the Administrator’s websites and in displaying product advertisements profiled in this manner. Profiling carried out by the Administrator does not result in making decisions that have legal effects on the User or affect the User in a similarly significant manner. The Administrator processes Users’ personal data to the extent necessary for the purposes specified in sec. 1 above and for a period necessary to implement these purposes, or until the consent is withdrawn by the Website User. Not providing data by the Website User in some situations may result in the inability to achieve the purposes for which providing data is necessary. Personal data processed via a form The following personal data of the User may be collected by using the form on the Website: name, surname, e-mail address, telephone number, tax identification number (NIP). The data provided in the form located on the Website is processed for purposes resulting from the function of the form, and additionally, it may be used by the Administrator also for archival and statistical purposes. The consent of the data subject is expressed by checking a proper window in the form. Data contained in the forms, provided to the Administrator by the User, may be transferred by the Administrator to third parties cooperating with the Administrator in connection with implementing by the Administrator the purposes set out in point II of sec. Personal data security The Administrator keeps records of persons authorized to process personal data. Persons authorized to process data are required to keep the personal data and the methods of securing it strictly confidential. The Administrator and persons authorized to process this data apply technical and organizational measures providing protection of the personal data being processed. A third party with access to personal data processes this data only on the basis of a contract for entrusting the processing of personal data and only at the request of the Administrator. User rights In accordance with Article 15 – 22 of the GDPR each User of the Website has the following rights: the right to access data – at the User’s request, the Administrator provides information concerning the processing of personal data, about the purposes and legal bases of processing, the scope of possessed data, entities to which personal data is disclosed, and the planned date of their deletion; the right to obtain a copy of data – at the User’s request, the Administrator provides a copy of the processed data concerning the person submitting the request; the right to rectification – at the User’s request, the Administrator removes any inconsistencies or errors in the scope of the processed personal data, as well as supplements or updates the data if it is incomplete or has changed; the right to delete data – the User may request to delete data, in particular the data which processing is no longer necessary to achieve any of the purposes for which it was collected or if the consent on which the processing is based has been withdrawn and there is no other legal basis for its processing; the right to limit processing – Users have the right to limit the processing of personal data in the cases indicated in Art 18 of the GDPR, in particular in the event of questioning the accuracy of personal data; the right to limit processing is exercised at the User’s request notified to the Administrator; the right to transfer data – to the extent that data is processed in connection with the concluded contract or expressed consent and in an automated manner, the Administrator issues data regarding the person submitting the request provided by that person, in a structured, commonly used machine-readable format; the right to object to data processing – a person whose personal data is being processed may at any time object to the processing of personal data. An objection in this respect should contain a justification and is subject to the Administrator’s assessment; the right to withdraw consent – if the data is processed on the basis of consent, the data subject has the right to withdraw it at any time, however, this does not affect the lawfulness of the processing carried out before the withdrawal of the consent; i. the right to complain – if it is determined that the processing of personal data violates the provisions of the GDPR or other provisions on the protection of personal data, the data subject may file a complaint with the supervisory authority. An application concerning exercising the rights of data subjects may be submitted: in writing to the following address: Alsendo spółka z o.o., ul. Franciszka Klimczaka 1, 02-797 Warsaw; by e-mail at: iod@alsendo.com; A reply to the sent request will be provided within one month of its receipt. If it is necessary to extend this period, the Administrator will inform the sender about the reasons for such an extension. The answer will be provided to the e-mail address from which the application was sent, and in the case of requests sent by post, to the address indicated by the applicant by registered mail, unless the content of the letter indicates a desire to receive feedback to an e-mail address (in this case, an e-mail address must be provided). Cookies files During the User’s visit to the Website, data concerning the User’s visit is automatically collected, including in particular: IP address; domain name; browser type; type of operating system; type of device from which the connection is established; time of connection to the Website. Automatically collected data cannot be changed or removed. The scope of collected data can be modified by expressing or withdrawing consent for using specific Cookies in accordance with this Privacy Policy or through proper settings of the web browser and User preferences (in the case of smartphones and tablets). Alsendo also uses Cookie files to collect information related to the User’s use of the Website. Cookies used by Alsendo are safe for the User’s Device. In particular, it is not possible for viruses, other unwanted software, or malware to reach the User’s device this way. These files allow identifying the software used by the User and adjust the Website to each User individually. Cookies usually contain the name of the domain from which they come, the period of storage on the device, and an ascribed value. The Website uses Website Cookies as well as third-party files, e.g. through plug-ins and tools of social networks, Google tools, as well as other analytical and statistical tools provided by Alsendo’s contractors. Below we have included details concerning the use of individual Cookies. Website Cookies are divided into session/temporary and permanent. Permanent files facilitate using the Platform and are saved on the User’s devices for a given period of time. They are used for the website to function and look properly in accordance with the User’s previous choices (e.g. location if the user has agreed to share the location). Session, temporary files are deleted after closing the web browser window. They are used to authenticate the user and improve the functioning of the Website. Cookie files of third-parties are divided into analytical and advertising ones. The Website uses the following tools for analytical and advertising files: GTM – a tool for generating, activating, and managing tags. It does not collect data about the user, it allows generating tags that are used to collect data; Google Analytics – a tool that allows anonymously collecting information in order to better understand how the website is used, user preferences, and trends. It is used to count visits, their duration, and to determine what functionalities or what parts of them are most often used or visited, and how they are used by individual users. The information collected in this way allows analyzing performance and determining the directions of development of new functionalities and services; Google Ads – Google advertising system, enabling the emission of text, image, and video ads as well as displaying sponsored links in Google search results and on websites cooperating under the Google AdSense program. We collect advertising Cookies used to implement advertising campaigns. We use them to provide relevant tailored marketing content; Facebook Pixel – allows tracking User behaviour after clicking on an advertisement on Facebook. The collected data is anonymous. However, this data is stored and processed by Facebook; Facebook Custom Audience – we use it to provide personalized advertising. Thanks to it, when visiting Facebook or other portal, Users can display personalized advertisements on websites that also use this tool; HotJar – we use this tool for analytical and statistical activities concerning traffic on the Platform, and then we use the statistical information obtained in this way to improve the quality of content and functionality posted on the Website. LinkedIn Insight Tag– it is a short JavaScript code that allows receiving detailed reports concerning the conducted campaigns and getting valuable information about visitors. The LinkedIn Insight Tag allows tracking conversions, redirecting visitors, and obtaining additional information concerning users who interact with ads. The User may independently and at any time change the Cookie settings, specifying the conditions for the storage and access of Cookies to the User’s Device. Changes in settings referred to in the previous sentence may be done by the User through the browser’s settings or by configuring the service. These settings can be changed, in particular, in such a way as to block the automatic handling of cookies in the web browser settings or to inform the User whenever Cookies are placed on the User’s device. Detailed information concerning the possibility and methods of using cookies can be found in your software (web browser) settings. The User may at any time delete Cookies taking advantage of the functions available in the used web browser, or the user preferences of the Device used to visit the Website (in particular smartphones and tablets). Limiting the use of Cookies may affect some of the functionalities available on the Website. Alsendo may use the data collected automatically, for example, for the following purposes: analyzing Users’ behaviour on the Website; optimizing and increasing the efficiency of services provided by Alsendo; implementing processes necessary for the complete functionality of websites; adapting the content of the Website pages to the User’s preferences and optimizing the use of the Website’s pages. In particular, these files allow recognizing the basic parameters of the User’s device and properly display the website, adjusted to the User’s individual needs; analyzing, examining and auditing viewing; creating anonymous statistics that help to understand how Users use the Website’s pages, which allows improving their structure and content; ensuring the security and failure-free operation of the Website. Security measures and risks The SSL protocol constitutes a type of security measure consisting in encoding data before sending it from the User’s browser and decoding after safely reaching the server. The information sent from the server to the User is also encrypted, and then decoded after reaching the destination. SSL encrypts, authenticates, and ensures the integrity of messages. Alsendo informs that even if measures have been taken to secure the data provided by the User via the Internet, it is not possible to eliminate specific threats that are associated with using a service provided electronically. Alsendo identified the following threats: the possibility of receiving spam; the presence and operation of malware, including: computer viruses; the presence and operation of worms; the possibility of operating spyware; the possibility of being exposed to cracking or phishing; piracy; sniffing; the possibility of illegal devices providing unauthorized access to safety services being introduced by other persons using the ICT system and/or telecommunications network; cryptanalysis activities, meaning finding a weakness of the cryptographic system, and thus enabling breaking or bypassing it; the possibility of being exposed to other unwanted or “malicious” software performing activities unintended by the user, not included in the above, and occurring e.g. under the names: wabbit, trojan, backdoor, expoit, rootkit, keylogger, dialer, or hoax. To maintain security and reduce the risks of sec. 3 the User should: use the Website only via trusted computers with updated antivirus programs and operating systems; avoid using the Website via an open network and a network of an unknown provider. Manner of contact In the case of the User sending an inquiry via the contact form, Alsendo may, in order to improve the service process, send = contact the Customer via means of distance communication in order to: provide an answer to the User’s messages; provide the Customer with information regarding the inquiry; provide important information regarding this Privacy Policy or other information relevant to provide services by electronic means in a manner that is reliable and compliant with the law. If the User agrees to receive commercial information, Alsendo may send the ordered commercial information containing marketing content to the Customer via the e-mail address or telephone number provided by the Customer. Data Protection Officer Pursuant to Article 37 of the GDPR a Data Protection Officer has been appointed in Alsendo, who you can contact: via e-mail: iod@alsendo.com, via post: Alsendo spółka z o.o. ul. Franciszka Klimczaka 1, 02-797 Warsaw. You can contact the officer in all matters related to the processing of your personal data by Alsendo and exercising your rights under the above-mentioned regulation. Legal notice Alsendo spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, at ul. Franciszka Klimczaka 1, 02-797 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, XII Commercial Department of the National Court Register KRS: 0000678992, REGON: 367328934, NIP: 8971840043 (hereinafter: “Alsendo”) declares that the content published on the pages of this website (www.alsendo.com) is for informational purposes only and does not constitute Alsendo’s offer within the meaning of civil law. Alsendo strives to ensure that the content presented on this website is up-to-date and reliable, but is not responsible for the consequences of actions taken basing on this information. A person interested in more information concerning products and services should contact us via the provided contact form. Alsendo reserves the right to make changes as it desires and to amend the content of the website, change materials and descriptions, including temporarily or permanently disabling individual subpages or the entire www.alsendo.pl website. Alsendo is not responsible for the content placed on external websites to which links have been placed on this website. Alsendo is not responsible for the content of external services concerning Alsendo where links lead to this website. This Website – its graphic design and content are the property of Alsendo, and copying it in whole or in part requires the prior consent of Alsendo. All names, images, and logos identifying Alsendo are the property of Alsendo, are subject to legal protection and may not be used without Alsendo’s consent. All brands, products, services, and company names on this site belonging to third parties are trademarks, service marks, and trade names of their respective owners and may not be used without their consent.