Privacy Policy
I. INFORMATION ABOUT THE PERSONAL DATA CONTROLLER
In accordance with the requirements of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the “Regulation”, we inform you that:
1. Personal data administrator
The administrator of personal data, hereinafter referred to as the “Administrator”, is:
SmartDrones Spółka z ograniczoną odpowiedzialnością
ul. Gospodarcza 26, 20-213 Lublin
KRS: 0000843434
NIP: 8172196878
The administrator of personal data is responsible for using personal data in a safe manner, in accordance with the purposes for which they were collected and in accordance with applicable law.
2. Contact with the Administrator
In the event of any questions regarding the processing of data at the Administrator’s headquarters,
please contact the Administrator using the following contact details:
– telephone: +48 785085505
– e-mail: office@smartdrones.ai
– correspondence address:
SmartDrones Spółka z ograniczoną odpowiedzialnością
ul. Gospodarcza 26, 20-213 Lublin
II.GENERAL PROVISIONS ON DATA PROTECTION
We use the obtained personal data only for specific, legally justified purposes for which the data was collected. The scope of personal data, the purpose of their processing, the legal basis for such processing, the period of processing and the categories of data recipients result from the legal requirements incumbent on the Administrator and the nature and scope of actions taken by the data subject.
1. The purpose of data processing by the Administrator and the legal basis for processing:
The Administrator collects and processes personal data for the following purposes:
a) Taking action at the request of the data subject before concluding a contract (e.g. preparing an offer) on the basis of art. 6 sec. 1 letter b) of the Regulation;
b) Concluding and performing a contract (including ensuring appropriate quality of services) on the basis of art. 6 sec. 1 letter b) of the Regulation;
c) Conducting direct marketing (sending messages to carefully selected, individual customers, in individual contact, in order to obtain a direct response) on the basis of art. 6 sec. 1 letter f) of the Regulation;
d) Conducting marketing on the basis of art. 6 sec. 1 letter a) of the Regulation (“consent of the data subject”);
e) Issuing, collecting and storing invoices and accounting documents and maintaining accounting records based on art. 6 sec. 1 letter c) of the Regulation in connection with art. 74 sec. 2 of the Act of 29 September 1994 on Accounting and in connection with art. 86 § 1 of the Act of 29 August 1997 – Tax Ordinance;
f) Conducting service activities based on art. 6 sec. 1 letter b) or art. 6 sec. 1 letter
c) of the Regulation;
g) Providing responses to complaints within the time and form provided for by the provisions based on art. 6 sec. 1 letter c) of the Regulation;
h) Expressing an opinion by the Client based on art. 6 sec. 1 letter a) of the Regulation (“consent
of the data subject”); i) Detection and prevention of abuses pursuant to art. 6 sec. 1 letter c) of the Regulation;
j) Determination, defense and pursuit of claims raised by or against the Administrator (including the sale of receivables to another entity) pursuant to art. 6 sec. 1 letter f) of the Regulation in connection with art. 74 sec. 2 of the Act of 29 September 1994 on accounting.
The processing of personal data does not require consent if, among other things, the processing is necessary for the performance of the contract or taking action prior to the conclusion of the contract (art. 6 sec. 1 letter b) of the Regulation), results from a legal obligation incumbent on the Administrator (art. 6 sec. 1 letter c), or is necessary for the implementation of the legitimate interest of the Administrator (art. 6 sec. 1 letter f). In the event that consent is necessary to be able to process personal data for a specific purpose, the Administrator requests such consent. The consent granted may be withdrawn at any time.
2. Retention period
Data is stored for the period necessary for the purposes described above, including:
a) for the period necessary for the performance, termination or expiration of the contract and settlements based on it, until the claims arising from the contract are time-barred;
b) in the case of marketing activities – for the duration of the legitimate interest pursued by the Administrator, until the effective withdrawal of consent or expression of objection by the data subject, and for the period after which any claims become time-barred.
c) performance by the Administrator of obligations arising from legal provisions, including the Civil Code, Tax Ordinance, Accounting Act
3. Obligation or lack of obligation to provide personal data
Using the Administrator’s services and providing them with personal data is voluntary. However, providing personal data is necessary in connection with:
- concluding an agreement with the Administrator – each time the scope of data required to conclude an agreement is communicated to the data subject. The consequence of not providing data is the inability to conclude an agreement.
- fulfilment of the obligations imposed on the Administrator by law – in this case, providing personal data is a statutory requirement resulting from the provisions imposing on the Administrator obligations related to the necessity of processing personal data (e.g. in connection with the obligation to issue, collect and store invoices and accounting documents and to maintain accounting records). Failure to provide this data will prevent the Administrator from performing the indicated obligations, which will result in the inability to conclude an agreement.
4. Rights of the person whose data is processed by the Administrator
Under the principles set out in the Regulation, the person whose data is processed has the right to:
a) demand from the Administrator access to their personal data, i.e. to obtain information whether this data is being processed, what is the scope and purpose of processing personal data, and what rights they have towards the Administrator,
b) demand immediate rectification of the processed data and its supplementation,
c) demand deletion of the processed data,
d) demand restriction of the processed data,
e) the right to transfer data the right to object to processing;
f) object to the processing of this data for marketing purposes, including profiling, to the extent that the processing is related to direct marketing;
g) lodge a complaint with the supervisory authority, i.e. the President of the Personal Data Protection Office; h) withdraw the consent to the processing of data at any time (withdrawal of consent will not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal)
In order to exercise the above rights, an application should be submitted to the Administrator by e-mail, letter or by submitting an application in person at the Administrator’s office. In order to be sure that the person submitting the application is entitled to submit it, the Administrator may ask for additional information confirming the identity of the person submitting it.
The provisions of the Regulation indicate to what extent each of these rights can be exercised. This will depend in particular on the legal basis and the purpose of processing personal data by the Administrator. The above rights can be exercised free of charge, however, in accordance with Article 12 paragraph 5 of the Regulation, if the data subject’s requests are clearly unjustified or excessive, in particular due to their ongoing nature, the administrator may charge a reasonable fee in accordance with Article 12 paragraph 5 letter a) or refuse to take action in connection with the request in accordance with Article 12 paragraph 5 letter b). b).
5. Automated decision-making and profiling
Personal data will not be used for automated decision-making that would have legal consequences for the data subject, including profiling.
6. Data recipients
In order to perform the contract and to ensure the proper operation of the Administrator’s websites, the Administrator uses the services of external entities cooperating with it (e.g. post office, couriers, entities handling payments). Personal data is transferred to external entities only when and to the extent necessary to achieve the purpose of processing. External entities may use the transferred personal data only for the purpose of performing the task assigned by the Administrator.
Personal data may be transferred to the following external entities (recipients) cooperating with the Administrator:
a) entities conducting postal, courier and similar activities – to the extent necessary to complete the delivery and correspondence,
b) entities handling payments by payment cards or handling electronic payments – to the extent necessary to handle these payments,
c) entities granting credit – to the extent necessary to handle payments in an installment system,
d) selected entities acting on behalf of the Administrator in handling accounting, tax, advisory, legal and debt collection matters (including entities purchasing receivables) – to the extent necessary to achieve a specific purpose of processing,
e) entities providing technical support services provided to the Administrator and providers of IT solutions enabling the Administrator to conduct its business (for example, software providers, e-mail providers and hosting) – the Administrator provides personal data to a trusted provider acting on its behalf only in the case and to the extent necessary to achieve a specific purpose of processing,
f) providers of solutions used to express/publish customer opinions – to the extent necessary to express opinions.
7. Transfer of data outside the European Economic Area
Personal data may be transferred outside the European Economic Area (including the European Union, Iceland, Liechtenstein and Norway) to Google LLC based on appropriate legal safeguards, which are standard contractual clauses for the protection of personal data approved by the European Commission. See also: Part III (Cookie Policy) point 6 (Web analytics).
III.COOKIE POLICY
1. Cookies
The Administrator’s websites use cookies, i.e. text files saved on the User’s end device. These files enable analysis of the way the website is used and identification of the User’s web browser.
The Administrator may process the data contained in cookies for anonymous analysis of the activities of visitors, study of their behavior (e.g. opening specific pages) in order to provide them with advertisements tailored to their expected interests, also when they visit other websites that are partners in the advertising network of Google Inc. and Facebook Ireland Ltd. and to improve the administration of the Administrator’s websites.
By entering appropriate browser settings, you can block the installation of cookies – this may limit the functionality of the website.
2. How can you block the saving of cookies?
To block the saving of cookies, the User should enable settings in the web browser that allow acceptance of the saving of cookies only when they consent to it.
To accept the use of Administrator cookies while blocking the use of third-party cookies, select the “Block cookies from external sites” option in your browser settings.
3. Banner advertising
A banner advertisement is an advertisement that, when clicked, takes the User to another page. As part of a banner advertisement, the User is presented, for example, with products that they have viewed or similar products. We may also present advertisements from our partners.
Banner advertising uses cookies or pixels. Direct User Information is not saved. Only anonymized data is used.
4. Onsite Targeting
The Administrator uses cookie technology to analyze the activities of visitors (e.g. opening specific subpages) and may present the User with advertisements and/or special offers. The purpose of these activities is to present the User with advertisements for services/goods, the content of which is created based on clicks within the website, which is intended to present the most attractive offer that corresponds to the User’s areas of interest.
5. Retargeting, third-party cookies and data collection by third parties for banner advertising purposes
The Administrator’s websites use retargeting (remarketing) technology.
In this respect, the Administrator uses the services of the third parties presented below, which use cookies on the Administrator’s website:
- Google Analytics, Universal Analytics and Google Remarketing provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Detailed information on the operation of the above services is available at www.google.com/intl/pl/policies/privacy/partners/ see also www.policies.google.com/privacy/update?hl=pl&gl=pl and from the
- Facebook Pixel service provided by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). Detailed information is available at www.facebook.com/about/privacy
6. Web analysis
The Administrator uses the Google Analytics web analytics service provided by Google. Google Analytics analyzes user behavior on the website using cookies. The information generated by the cookies about the user’s use of the website (including their IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information to analyze the user’s use of the website, create reports for websites using Google Analytics and provide other services. Google may also transfer this information to third parties if required by law or if third parties process this information on Google’s behalf.
The website is analyzed by Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are processed only in abbreviated form, which prevents direct association of the address with a given User.
By using the website, the User consents to the processing of data concerning them by Google in the manner and for the purposes specified above. The consent to the collection and storage of personal data may be withdrawn at any time with future effect.
The User may opt out of cookies by making appropriate browser settings. This may limit the functionality of the website and make it impossible to use all of its features.
In order to prevent the data generated by the cookie relating to the User’s use of the website (including the IP address) from being sent to Google and the processing of this data by Google, simply download and install the blocking plugins available at the following address in your browser: www.tools.google.com/dlpage/gaoptout?hl=en
7. Server log files
The web browser provides data on the User’s activities on the Administrator’s websites, which are saved in the server log files. The data records saved in this way contain the following data: date and time of download, name of the page being accessed, amount of data downloaded, as well as information on the product version of the web browser used, IP address, URL of the reference page (address of the page from which the User was redirected).
The data records of the server log file are analyzed for the purpose of debugging, managing server performance, protecting against DDoS attacks and adapting the offer.
8. Final provisions
The Administrator’s websites may contain links (references) to other websites. Such websites operate independently of the Administrator and are not supervised by the Administrator in any way. The Administrator recommends that after going to other websites, you familiarize yourself with their own privacy policies. The Administrator is not responsible for the rules for handling data on these websites.