Who is the Personal Data Controller?
The personal data controller is Virtus Lab Sp. z o.o. with its registered office in Rzeszów (35- 211), ul. Zofii Nałkowskiej 23, KRS: 0000349785, NIP (Tax Identification Number): 517031965, REGON (National Business Registry Number): 180526627. Contact address: firstname.lastname@example.org. The Users whose personal data are processed may contact the Controller in any other way they choose, including orally or in writing.
Purpose and legal basis for the processing of personal data:
- Provision of the User’s Services:
Certain User’s Services may require the provision of personal data. In such a case, personal data are processed in order to take action at the request of the User prior to the conclusion of the agreement and in order to perform the agreement (Article 6(1)(b) of the GDPR). Failure to provide personal data shall result in the inability to provide certain Services to the User.
- E-mail correspondence:
personal data are processed in order to communicate with the User (Article 6(1)(f) of the GDPR). Providing personal data is voluntary, but necessary to receive an answer from the Controller. The processing of personal data in such a case results from the Controller’s legitimate interests. The legitimate interest of the Controller is communication with the person submitting an enquiry to the Controller. The Controller considers also the following to be a legitimate interest under Article 6(1)(f) of the GDPR: direct marketing of own services, pursuit and defence of claims, prevention of fraud, conducting statistics and analyses, ensuring the security of the ICT environment, application of internal control systems.
Recipients of personal data:
Personal data may be processed by Amazon Web Services Ireland Limited and entities providing services to the Controller, such as legal, advisory, consulting, archiving and IT services. The data of the Users shall not be made available to other third parties, unless this proves necessary and the User gives their consents to it, or the obligation to provide the data results from the mandatory provisions of law, a final court decision or a final decision of the competent authority. The Controller does not transfer personal data outside the EU, unless this applies to the requirements of the GDPR in this respect have been met in advance.
What is profiling and are data on the Platform subject to profiling?
Profiling involves any automated processing of personal data, making it possible to assess the personal characteristics of a natural person and, in particular, to analyse or forecast aspects concerning work effects, economic situation, health, personal preferences or interests, reliability or behaviour, location or movements of the data subject – if it produces legal effects in relation to that data subject or significantly affects them. Data on the Platform are subject to profiling. Profiling on the Platform consists in matching Users the tailored technical publications on the basis of data provided by the User. The profiling takes place under Article 22(2)(a) of the GDPR, i.e. it is necessary for the provision of the User’s Services. Without profiling, the Service Provider could not provide the User with the Services. The Services have been designed as Services using automated decision-making mechanisms, so it is not possible to provide the Services without these mechanisms. Users who do not agree to profiling should stop using the Services. The Controller has implemented appropriate measures to protect the rights, freedoms and legitimate interests of the Users, including the possibility of human intervention on the part of the Controller, as well as the possibility to express one’s own position and challenge the decision. The User shall be able to appeal against automatic decisions concerning them. Such an appeal shall be examined by the competent person on the part of the Service Provider on the terms and conditions of complaint processing.
How changes can be made to personal data?
How does the Controller secure personal data?
The Controller protects the Users’ data against unauthorised access, disclosure, modification and destruction. In particular, the Controller uses data encryption, physical security measures and verification in IT systems. The Controller uses also antivirus software and network firewalls. Only authorised persons bound by the confidentiality obligation shall have access to the Users’ data, as well as subcontractors who have entered into personal data agreements with the Controller and meet the security criteria specified therein.
In what period are personal data processed?
The data of the Users are processed for the period of using the Platform. In the case of providing the User’s Services, personal data shall be processed for the period of providing these Services. In the case of e-mail correspondence, personal data are processed for the period necessary to give a reply to the User. Personal data may be also processed to a limited extent after the end of the specified periods, until the expiry of the limitation periods for any claims,or as long as this is possible or required in accordance with the applicable provisions of law, e.g. for statistical purposes. After the processing period has expired, personal data are permanently deleted or anonymised.
Other rights of the Users in connection with the processing of data.
The User has the right to lodge a complaint with the President of the Office for the Protection of Personal Data if they believe that the processing of personal data concerning them violates the mandatory provisions of law.
This Policy shall be effective as of the date of its publication on the Platform. The amended version of the Policy shall
enter into force on 1 March 2021.
This Policy is intended to inform the users of the vived.io Platform (Platform) (Users) about the purposes of storing and accessing Cookies on the end devices of the User, as well as about the possibilities of determining terms and conditions of storing or gaining access to Cookies by means of web browser / application settings. The Platform Administrator (Administrator) may store Cookies on the Users’ end devices and access them.
What are Cookies?
Cookies are information stored in text files, sent by the Platform to the User’s web browser / application and sent back by the User’s Platform browser / application upon the next visits to the Platform. Cookies are stored on the User’s End Device. Cookies are used to maintain the User’s session and to save other data, so that the User does not have to enter the same information every time they return to the Platform. Cookies remember, among other things, the Platform name, the details of the User’s browser / application, unique settings and data storage period. Cookies may contain personal data in the form of system identifiers allowing for the unique identification of the system user in the Vived, Google Analytics and Fibre Cloud Messaging services.
What cookies are used by the Platform?
- Session cookies - files stored in the memory of the web browser / application until it isclosed; they are necessary for the functionalities of the Platform to operate smoothly.
- Fixed cookies - files stored in the memory of the web browser / application for a specified period of time. They ensure, among other things, the correct navigation and layout of the Platform. The storage period of these files depends on the choices made by the User in the settings of their web browser / application. This type of Cookies allows for the provision of information to the Platform whenever the Platform is visited by the User.
- Google Analytics cookies – files stored in the memory of the web browser / application for statistical analysis of traffic on the Platform. The analysis services are provided by Google Inc. with its seat in the USA. Information obtained using this tool is not made available to entities other than Google and is intended solely for reporting the User's interactions on the Platform.
Who is the Platform Administrator?
The Platform Administrator is Virtus Lab Sp. z o.o. with its registered office in Rzeszów (35- 211), ul. Zofii Nałkowskiej 23, KRS (National Court Register Number): 0000349785, NIP (Tax Identification Number): 517031965, REGON (National Business Registry Number): 180526627. Contact address: email@example.com.
Internet browser settings.
The User’s web browser / application may allow cookies to be stored by default. The User may at any time determine the terms and conditions of storing and accessing the data recorded in Cookies through the browser settings. Cookies may be blocked, the possibility of storing Cookies may be limited (e.g. by informing about the installation of Cookies each and every time) or access to Cookies may be limited. It must be noted, however, that the blocking or limitation of cookies may prevent the use of the Platform on the User’s end device. Detailed information about the possibilities and ways of managing Cookies is available in web browser settings. As part of the functionality of a given web browser, more information can be obtained about Cookie management.
This Policy shall be effective as of the date of its publication on the Platform.