This document is the output of the information policy of BeCREO TECHNOLOGIES spółka z ograniczoną odpowiedzialnością with registered office in Poznań with regard to the users of the Scottie Go! Edu, Scottie Go!, Scottie Go! Labyrinth, Scottie Go! Dojo (hereinafter each referred as ‘Application’) in all personal data processing and protection aspects. We attach a great importance to the protection, collection, processing and use of your personal data according to the applicable law.
- Information on the Data Controller and on collecting personal data
1.1. The Data Controller under Article 4 (7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as “The Regulation”) in relation to your personal data is BeCREO TECHNOLOGIES sp. z o.o. with its registered seat in Poznań at ul. Plac Andersa 7, 61-894 Poznań, entered in the Business Register maintained by the District Court for Poznań-Nowe Miasto and Wilda in Poznań VIII Business Department of the National Court Register under the KRS number 0000716935, REGON: 369401813, NIP: 7831771896, company’s capital 30,000.00 PLN (hereinafter referred to as “The Controller”).
1.2. The Controller processes the personal data supplied by you in order to ensure the correct functioning of the Website, enable contact via the Website tools including, but not limited to, the contact form, other forms of communication and contact, in order to present you with our offer, enter a sale agreement, send trade information, execute the sale agreement, prepare accountancy and financial reports, enforce claims as well as for marketing purposes. For those reasons the Controller collects your personal data such as: first name and surname, address, e-mail address, telephone number, and, if any, company name, NIP number, REGON number, bank account number for refunds. When entering an agreement, providing personal data is prerequisite to execute the agreement. If processing the data is optional, it will be processed pursuant to your consent, which will result from the contents of the consent given.
1.3. Processing data is performed pursuant to:
- a) Article 6 (1)(b) of the Regulation – in the scope of personal data required to execute an agreement as well as in the scope of personal data provided by you in order to take action on your request before entering the agreement, e.g. to ensure contact before entering the agreement, answer any questions etc.
- b) Article 6 (1)(c) of the Regulation – in the scope of personal data whose processing is required to fulfil the legal obligations by the Controller, e.g. in order to issue invoices, to ensure accountancy and financial reports,
- c) Article 6 (1)(f) of the Regulation – in the scope of personal data whose processing is required to reach the aims resulting from the legitimate interests pursued by the Controller, i.e. in order to make an offer, send trade information as well as in order to carry out direct marketing,
- d) Article 6 (1)(a) of the Regulation – provided the consent was granted, if the data processing is optional.
1.4. The Controller processes the personal data provided by you in the contact form in order to provide the online service – the contact form. To this end the Controller can collect your personal data such as: e-mail address. Providing your e-mail address is prerequisite to answer a query made online through the contact form. Your personal data is processed pursuant to Article 6 (1)(b) of the Regulation.
1.5. The Controller can also use data contained in cookie files for analytical purposes. Those files provide data on the users’ activity on the Website. We use cookie files based on your consent. You have the option to turn off cookie files at any times by changing settings in your browser.
1.6. The Controller makes no automated decisions in relation to your personal data, including, but not limited to, the decisions that are the result of automated processing, including profiling as defined in the Regulation.
- Rights of the data subject
2.1. You have the right to obtain from the Controller a confirmation whether they process your personal data, the right to request access to such data and the right to obtain information from the Controller about the purposes of processing and about the categories of personal data processed, information about recipients or categories of recipients to whom the personal data is disclosed, about the planned period of personal data storage, about the data source in case it was not collected from the data subject and about the information whether the Controller takes automated decisions against the data subject, including decisions based on profiling. You also have the right to obtain a copy of the data.
2.2. Moreover, you have the right to request the rectification of personal data, the right to request the deletion of personal data, the right to request processing restrictions, the right to transfer data and the right to object to the processing. You can exercise these rights:
2.2.1. regarding your request to rectify data: if your data is incorrect or incomplete;
2.2.2. regarding your request to delete data: if your data is no longer necessary for the purposes for which it was collected by the Controller; if you withdraw your consent to data processing; if you object to the processing of your data; if your data is processed unlawfully; if the data should be deleted in order to comply with the legal obligation or if the data has been collected in relation to offering information society services;
2.2.3. regarding your request to restrict processing data: if your data is incorrect – you have the right to request to restrict its processing for a period allowing the Controller to check the correctness of this data; if your data is processed unlawfully, but you do not want it deleted; if your data is no longer needed by the Controller, but it will be necessary for you to establish, investigate or defend claims; or if you file an objection to the processing of data – pending the determination of whether the legitimate grounds on the Controller’s side override the grounds of objection;
2.2.4. regarding your request for data transfer: if your data is processed on the basis of a given consent or an agreement, or/and if the processing is automated;
2.2.5. regarding your right to object: if the processing of your personal data is based on a legitimate interest and your objection is justified by your special situation, and/or if your personal data is processed for direct marketing purposes, including profiling.
2.3. If you consider that processing personal data related to you infringes the provisions of the Regulation, you are also entitled to file a complaint with the supervisory authority. The supervisory authority in Poland is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warszawa).
2.4. The implemented security procedures mean that before you exercise your rights, we can ask you to prove your identity.
- Consent for processing personal data
3.1 If the data processing is optional, e.g. if the Controller processes personal data that is not necessary for performing the service or execute the agreement, you will always enter the data voluntarily, after you have given your consent to the processing of the data.
3.3. You may withdraw your consent at any time in the same way the consent has been given.
3.4. Moreover, you can always withdraw your consent by sending your statement on withdrawing your consent to the Controller in the manner indicated in point 6 of this Policy.
3.5. Withdrawal of your consent does not affect the lawfulness of the data processing which was carried out on the basis of your consent before its withdrawal.
- Information about the personal data recipients / categories of personal data recipients
4.1. The Controller may also partially use external service providers who process personal data on behalf of the Controller, e.g. hosting service providers, e-mail service providers, courier companies, accounting service providers. The transfer of data can, however, only serve the purpose of carrying out their service. The Controller can only use the services of such entities that provide sufficient guarantees to protect the rights of data subjects. The processing of personal data by these entities is based on written agreements concluded with the Controller. These entities follow the Controller guidelines and are subject to audits conducted by the Controller.
4.2 Furthermore, in the context of the use of specific services by the Controller, data may be transferred outside the EEA, provided, however, that guarantees of a sufficient degree of protection exist, in particular resulting from the use of standard contractual clauses approved by the European Commission.
- Personal data security
5.1. The Controller processes your personal data in accordance with the provisions of the Regulation, including taking appropriate technical and organizational measures to ensure the security and appropriate confidentiality and integrity of personal data, including protection against unauthorized access, unauthorized modification, disclosure or destruction of such data.
5.2. With regard to the use of free access to the Platform and the “Scottie Go! Dojo” application, the data is obtained through a form provided by Microsoft (Microsoft Corporation based in Redmond, United States), in accordance with the data processing principles used by that company, available under https://privacy.microsoft.com/pl-pl/privacystatement#mainnoticetoendusersmodule
- Contact data
6.1. Should you have any demands, requests, notifications and/or queries related to processing personal data, you may send them by e-mail to email@example.com or regular mail at: BeCREO TECHNOLOGIES sp. z o.o. with its registered seat in Poznań, ul. Plac Andersa 7, 61-894 Poznań.
Status as of 20th February 2021