Privacy policy of Firmao
This privacy policy defines the privacy policies adopted by:
Firmao Polska Sp. z o.o. with its registered office in Łódź (90-223) at 82 Rewolucji 1905 Street, registered in the National Court Register under KRS No. 0000440920, with the following identification numbers: NIP 7252063825 and REGON 101503556 rules for the processing of personal data collected from users of the application (hereinafter: the "Application").
The Privacy Policy document is an expression of concern for the rights of visitors to the Application located on the company's domains and using the services offered through it.
This Privacy Policy is Appendix No. 3 and is an integral part of the Main Regulations.
This document is the fulfillment of the information obligation under Article 13 of the RODO. It is also an expression of concern for the security of personal data of Users using the services offered by the Application.
It also fulfills the information obligation under:
Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L119 of 4.05.2016, p. 1) (hereinafter RODO).
Personal information
1. Personal data - according to the disposition of Article 4(l) RODO means information about an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
Administrator of personal data
1. The Administrator of the personal data of the Application Users is:
Firmao Polska Sp. z o.o. with its registered office in Łódź (90-223) at 82 Rewolucji 1905 Street, registered in the National Court Register under KRS number 0000440920, NIP 7252063825, REGON 101503556.
Mailing address: Lodz (90-223) at 82 Rewolucji 1905 roku St.
Tel. +48 22 300 1111
Mail: pbagnpg@sveznb.vb
Basis, purpose and content of processing
3. The data Administrator declares that it processes users' personal data in accordance with:
(Article 6(l)(b)) - i.e., the processing is necessary for the performance of a contract to which the data subject is a party, or to take action at the request of the data subject prior to entering into a contract; or (Article 6(1)(a)) - i.e., based on the consent of the data owner in the case of marketing use.
4. The data Administrator processes personal data for the purpose of fulfilling the contract (providing the service of providing access to the system) or the purpose indicated in the consent. The data Administrator processes data only to the extent necessary for these purposes and for the period necessary to fulfill the contract, or until the user withdraws consent. Data is processed at system.firmao.pl and system.firmao.net depending on the language of the Application.
5. The Administrator's Application located under the name CRM Firmao collects the following personal data of users:
- Name, surname,
- Email address,
- Phone number,
- Phone call history, including phone number, call direction, start time, end time, duration,
- Identifiers associated with a specific device.
6. Recipients (processors of entrustment) of personal data will be: Entity providing application maintenance services and entities providing IT services to Firmao Polska Sp. z o.o., including entities in the European Economic Area.
7. Personal data of the Application Users are not shared with third parties, except when such sharing results from applicable laws obliging the Personal Data Administrator to transfer the data to authorized entities.
8. The Administrator collects logs of the Application, however, does not associate them in any way with personal data. Based on the log files, statistics may be generated as an aid to administration. Aggregate summaries in the form of such statistics do not contain any personally identifying characteristics.
Users' Rights. Right of access to data
According to Articles 15 - 22 of the RODO, each user has the following rights:
1. Right of access to data (Article 15 RODO)
A data subject is entitled to obtain confirmation from the Administrator as to whether or not personal data concerning him or her is being processed, and if it is, he or she is entitled to access it. Pursuant to Article 15, the Administrator shall provide the data subject with a copy of the personal data being processed.
2. Right to rectification of data (Article 16 of the RODO)
The data subject has the right to request from the Administrator the immediate rectification of personal data concerning him/her that is incorrect.
3. Right to erasure of data ("right to be forgotten") (Article 17 RODO)
The data subject has the right to request from the Administrator the immediate deletion of personal data concerning him/her, and the Administrator is obliged to delete the personal data without undue delay if one of the following circumstances applies:
a) personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
b) the data subject has withdrawn the consent on which the processing is based;
c) the data subject objects under Article 21(1) to the processing and there are no overriding legitimate grounds for the processing;
4. The right to restrict processing (Article 18 RODO)
The data subject has the right to request the Administrator to restrict processing in the following cases:
a) When data is incorrect - in time to correct it
b) The data subject has objected under Article 21(1) to the processing - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for the data subject's objection.
c) The processing is unlawful and the data subject objects to the erasure of the personal data, requesting instead that the use of the data be restricted.
5. Right to data portability (Article 19 RODO)
6. Right to object
If personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him or her for such marketing, including profiling, to the extent that the processing is related to such direct marketing.
7. The user may exercise his/her rights by sending an appropriate request to pbagnpg@sveznb.vb. The request, in order to be correctly identified, should be sent from the email address from which registration was made. This is the implementation of 12(6) of the RODO. The request can also be made by letter - by sending a registered letter containing such a request to the mailing address of the Company run by the Data Administrator.
8. In accordance with the law, the Administrator will give the person who made the request up to one month to respond to the action taken. If the Administrator does not take such action, it will inform the person who made the request.
9. You have the right to file a complaint against the actions of the Administrator with the Supervisory Authority.
Additional Limits on Use of Your Google User Data
Firmao use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Google Calendar Integration
The Subscription Service will have access to both your Google Calendar and any other calendar you access via Google in order to power our Meetings tool, and allow you to associate events with contacts in your Firmao account. The Subscription Service will have the ability to: create or change your calendars, and update individual calendar events.
Security
The application is equipped with security measures to protect personal data under the Administrator's control from loss, misuse and modification. The Administrator also has appropriate documentation and has implemented relevant procedures related to the protection of personal data in the company.
The Administrator shall ensure that it protects all disclosed information in accordance with the applicable regulations and security protection standards and, in particular:
a) Only authorized employees or associates of the Data Administrator and authorized persons involved in the operation of the Application who have been granted appropriate authorizations have direct access to the personal data collected by the Data Administrator in accordance with 29 RODO.
b) The Administrator declares that when contracting other entities to provide services, it requires partners, in accordance with the disposition of 28 RODO, to ensure appropriately high standards for the protection of entrusted personal data, to sign appropriate entrustment agreements in which partners confirm the application of standards and , the right to control the compliance of these entities with these standards.
c) In order to ensure adequate protection of the services it provides electronically, the Application Administrator applies a high level of security, including cryptographic protection of personal data transmission (SSL protocol) in accordance with Part C to the Regulation of the Minister of Internal Affairs and Administration of April 29, 2004 on documentation of personal data processing and technical and organizational conditions to be met by devices and IT systems used for personal data processing (Journal of Laws No. 100 item 1024).
d) Due to the public nature of the Internet, the use of electronically provided services may involve risks, regardless of the Data Administrator's due diligence.
Cookies mechanism. Links to other sites
Some areas and functions of the Website may use cookies, i.e. text files saved on the user's computer, identifying it in a way necessary to enable certain operations. Cookies are used, among other things, to remember the data necessary to log in the user. The condition for cookies to work is that they are accepted by the browser and that they are not deleted from the disk.
Cookies
1. The website uses "session" cookies (saved until you leave the website or close your browser) and persistent cookies (saved on your computer for a specified period of time).
2. Website users can change the settings in this regard. The web browser allows you to delete and block files. Detailed information on this subject can be found in the help or documentation of the web browser.
3. Disabling cookies will most often limit or block some website functionalities.
Third party cookies
1. The website uses third-party cookies - Google Analytics - more information can be found at: google.com/analytics/learn/privacy.html
2. Cookies used the website do not store personal data.
Changes to the Privacy Policy
1. The Administrator of the Application reserves the right to change the above privacy policy at any time and place, at the same time undertaking to promptly publish the new privacy policy and inform all registered Users.
2. The Data Administrator reserves the right to make changes, withdraw or modify the functions or features of the Application, as well as any legal action permitted by applicable law.