PRIVACY AND COOKIES POLICY
I. General provisions
1. The administrator of the personal data collected via the www.oureden.io Platform is: EDENAPP LLC with registered office in Wrocław (address: Dmowskiego Street 3/9, 50 – 203 Wrocław), entered in the Register of Entrepreneurs kept by the District Court for Wrocław Fabryczna in Wrocław, VI Economic Department of the National Court Register, under KRS number: 0001025484, REGON No.: 524775094, NIP No.: 8982290764, share capital: 10 000.00 PLN. All statements should be addressed exclusively to this entity.
2. Contact with the Administrator is possible by email: firstname.lastname@example.org
1) Cookies – means computer data, in particular small text files, recorded stored on the devices through which the User accesses the Website
2) Personal data – information about an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person;
3) User – means an entity to whom electronic services may be provided in accordance with the law, or with whom an Agreement for the provision of electronic services or a Distance Selling Agreement may be concluded;
4) Profiling – means any form of automated processing of personal data which involves the use of personal data to evaluate certain personal factors of an individual, in particular to analyse or predict aspects relating to that individual’s performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
5) Processing – means an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
6) Website / Platform – means the website operated by the Service Provider at www.oureden.io through which it is possible to use the Services;
7) Terms and Conditions – the document made available on the Website, setting out the terms and conditions of use of the Website and the terms and conditions of use of the Platform.
8) Suppliers – external entities that provide or may provide content available on the Service, including a payment provider.
II. Legal basis and purposes of the processing of your data
1) to conclude and perform the agreement for the provision of services by electronic means and to ensure the functionality of the Website (scope of data: name, surname, company, VAT number, address in the form of street, serial number, postal code, city and country, IP address, e-mail address, telephone number and other necessary data on the Device used by the User – on the basis of Article 6(1)(b) of the RODO, i.e. due to the fact that the processing is necessary for the performance of the agreement to which the data subject is a party.
2) informing Users about issues related to the functioning of the Service (scope of data: e-mail address, telephone number, data of the Device used by the User) – on the basis of Article 6(1)(b) and (f) RODO, i.e. due to the fact that the processing is necessary for the performance of a contract to which the data subject is a party, as well as for the performance of purposes resulting from the legitimate interests pursued by the Administrator or by a third party,
3) to assert claims and protect rights (data scope: as in paragraph 1 and any data obtained from the User necessary to prove the existence of a claim or to defend rights) – on the basis of Article 6(1)(f) RODO, i.e. due to the fact that the processing is necessary for purposes stemming from the legitimate interests pursued by the Administrator or by a third party,
4) fulfilment of legal obligations incumbent on the Administrator in connection with the running of the business (scope of data: any data obtained from the User) – on the basis of Article 6(1)(c) of the RODO, i.e. due to the fact that the processing is necessary for the fulfilment of a legal obligation incumbent on the Administrator,
5) to carry out its own marketing and promotional activities (scope of data: any data obtained from the User) – on the basis of Article 6(1)(f) RODO,
6) to carry out marketing and promotional activities on the basis of a separately granted consent (Article 6(1)(a) RODO),
7) sending commercial information by electronic means in accordance with Article 10(2) of the Act on the provision of services by electronic means of 18 July 2002 (Journal of Laws of 2017, item 1219 as amended), including the sending of notifications (scope of data: as in paragraph 2 and any data obtained from the User) – on the basis of a separately granted consent (Article 6(1)(a) RODO).
III. Data collected by the service administrator
1) identification data (name, surname, company, VAT number, address)
2) contact details (e-mail address, telephone number),
3) details of the device you are using (IP address, device type, device make, device model, device name, device language, device location and configuration),
4) data relating to the User’s use of VPN software or a Device with a modified operating system;
5) other data voluntarily provided by the User in the course of his/her contact with the Administrator, including data concerning his/her Device, correspondence data and other data not mentioned above.
3. As part of the registration on the Website, the Administrator collects the following personal data:
2) Email address,
3) other necessary data about the Device used by the User.
IV. Profiling of collected data
V. Duration of processing of personal data
- 1) necessary for the performance of the agreement for the provision of services by electronic means set out in the Terms of Service, concluded through the Website, including after its performance due to the possibility for the parties to exercise their rights under the agreement, as well as due to possible debt recovery – until the expiry of the limitation period for claims;
2) until such time as you withdraw your consent or object to the processing of your data – in cases where your personal data are processed on the basis of a separate consent;
VI. User rights
1) access to the content of the data – in accordance with Article 15 RODO,
2) to rectify/update the data – in accordance with Article 16 RODO,
3) deletion of data – in accordance with Article 17 RODO,
4) Restriction of data processing – in accordance with Article 18 RODO,
5) data portability – in accordance with Article 20 RODO,,
6) to object to the processing of your data – in accordance with Article 21 RODO,
7) to withdraw the consent given at any time, whereby the withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal – pursuant,
8) to lodge a complaint with the supervisory authority, i.e. the President of the Office for the Protection of Personal Data – in accordance with Article 77 of the RODO.
4. The controller shall notify the rectification or erasure of the personal data or the restriction of the processing it has carried out in accordance with the User’s request to any recipient to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort.
VII. The need to transmit data
2. Where the provision of personal data occurs for the purpose of entering into a contract with the Administrator, it is a condition for the conclusion of the contract. The provision of personal data in this situation is voluntary, but the consequence of failing to provide such data will be the impossibility of concluding a contract with the Administrator.
VIII. Release of information
2. In such cases, the amount of data provided is limited to the necessary minimum. In addition, the information provided by users may be made available to the competent public authorities, limited to situations where this is required by applicable law.
3. To recipients not mentioned above, the personal data processed shall not be made available externally in a form that would allow any identification of Users, unless the User has consented to a specific release of data.
IX. Technical measures
2. The Administrator applies the necessary security measures for servers, connections and the Website. However, the measures taken by the Administrator may not be sufficient if Users fail to comply with the security rules.
X. Transfer of personal data outside the European economic area
2. The Administrator stipulates that Suppliers may process and transfer personal data outside the European Economic Area.
XI. Processors of data on behalf of the controller
1. Users’ personal data may be entrusted for processing on behalf of the Administrator to portals that support the Administrator’s marketing campaign. Each processor is obliged to take care of the security of the processing and to comply with the principles of processing your personal data to the same extent as the Administrator.
2. When using the Website, small files are stored on the User’s device, in particular text files, which are used to remember the User’s decisions, maintain the User’s session, remember the data entered, collect information about the User’s device and his/her visit for security purposes, as well as to analyse visits and adapt content.
3. Cookies do not contain any data identifying a User, which means that it is not possible to establish a User’s identity from them. The cookies used by the Website are not in any way harmful to the User or the device and do not interfere with the User’s software or settings.
4. The cookie system does not interfere with the operation of the User’s computer and can be deactivated.
5. The user has the option to set the browser to block certain types of cookies and other technologies by specifying the permissible extent of information collection.
7. The Administrator informs that in the event that the files are necessary for the operation of the Platform, limiting their use may make it impossible to use the services of the Platform.
DESCRIPTION OF THE PURPOSE OF THE FILE
ORIGIN OF THE FILE
PERIOD OF OPERATION
This file has the function of providing information about the user’s session
FILES STORED IN THE SESSION MEMORY OF THE WEB BROWSER
User ID of the logged-in user
11. The Administrator may also use the services of Google Analytics and other Providers, including social networks for traffic analysis and affiliate connections. These analytical and marketing tools store information in cookies in order to generate statistics on the traffic of our Service and to establish affiliate connections. These functions are necessary for browsing, and monitoring the performance of the Service, as well as disseminating and improving it. When using these tools, we do not process personal data or other identifiers leading to the indirect identification of data subjects. However, the Administrator stipulates that your personal data may be processed by the Providers of these services, based on the privacy policies provided by them.
XIII. Revision of the privacy and cookies policy
1. The Administrator is entitled to amend this document, of which the User will be notified in a way allowing him/her to become acquainted with the changes before they come into force, e.g. by posting appropriate information or sending a notification to the e-mail address indicated by the User. changes come into force, e.g. by posting relevant information on the Website or by sending a notification to the e-mail address indicated by the User.
2. If the User objects to the changes made, he/she may request the deletion of his/her personal data on the Service. Continued use of the Service after the publication or sending of a notification of changes to this document shall be deemed to be consent to the collection, use and sharing of the User’s personal data according to the updated content of the document.
3. This document does not limit any of your rights under generally applicable law.