• providing Services electronically on the terms described in the Application Terms & Conditions. The provision of our Services is inextricably linked with the processing of personal data and without these activities we would not be able to provide you with our services;
•  conducting marketing activities using electronic means of communication, e.g. SMS or e-mail; we will perform such activities only on the basis of your voluntary consent;
• pursuing our legitimate interests. Our legitimate interest should be understood as: conducting a User satisfaction level survey, possible determination, investigation and enforcement of claims or defence against claims, prevention of abuse and fraud, detection of cases of unauthorised use of services, ensuring IT security of the Application, financial analysis of the Controller, conducting activities for marketing nature, answering inquiries and messages from Users, keeping statistics and conducting analytical research and tests in order to better select services to the User’s needs or optimise processes, profiling the purpose of which is to best match the information sent to the needs and interests of the User, data storage for archiving and accountability purposes.

How long do we process personal data?

 
Your data will be processed as long as there is a basis for their processing, i.e.

• in the case of data processing on the basis of consent, until its withdrawal;
• in the case of the necessity to process data for the performance of the agreement, for the duration of its performance and until the expiry of the limitation of claims related to the subject of the agreement, taking into account the limitation periods for claims specified in generally applicable law;
• if the basis for data processing is the legitimate interest of the controller, until you object or the interest ceases to exist.

Do we share personal data?

Your data may be transferred to entities processing data on our behalf, e.g. IT service providers, marketing agencies, legal services, accounting services, customer service, etc., where such entities will process data only on the basis of relevant contracts and only in accordance with our instructions. We require our partners to maintain confidentiality and ensure appropriate security measures. Your data may also be made available to entities authorised to obtain it on the basis of applicable law, e.g. law enforcement authorities.

Data transmission outside the EEA

 
In principle, we do not transfer personal data to entities the registered offices of which are located outside the European Economic Area. The only exception is our cooperation with service providers operating under the Google brand. In connection with this cooperation we can provide data characterising the way of using services provided electronically (“operational data”) for marketing purposes. Google participates in the “EU-US Privacy Shield” programme, which guarantees that Google uses safeguards that are compliant with the provisions in force in the EEA.
 
Do we make decisions automatically?

 
We do not use automated data processing techniques.

• the right to access your data, including obtaining copies of data;
• the right to rectification of data;
• the right to request the data to be deleted (“the right to be forgotten”);
• the right to restrict data processing;
• the right to object to the processing of data on the basis of our legitimate interest;
• the right to transfer personal data;
• the right to withdraw your consent.