GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Customer: an entity with whom the Controller has entered into or is negotiating to enter into an agreement pursuant to which the Controller will provide it with its services.
Representative: a person who contacts the Controller on behalf of the Client or another entity with whom the Controller cooperates or communicates.
[Data and effects of refusal to provide data]
This policy applies to the processing of Data collected from:
- Customers (if they are natural persons) or their Representatives in connection with the services we provide, such as in the course of entering into a contract or during the performance of a contracted project. [In this context, providing Data may be a condition of entering into a contract, and failure to do so may prevent performance of the contract].
- Subscribers to our newsletter. [Without receiving the necessary Data we will not be able to send you the newsletter].
- Persons contacting Us, in particular by telephone, e-mail or the contact form located at https://www.skyrise.tech/ [Failure to provide data may result in not receiving a response to the message].
Data may include, but is not limited to: the identifiers of the devices through which you access our site or which you use in the course of the relationship between us and you or the Customer you are a Representative of, contact information such as name, surname, e-mail address, registered or correspondence address, professional position, possibly other data, necessary for the purposes indicated below.
[Purposes, legal basis and duration of processing of Data].
We process your personal data for the purposes set out below. For each purpose, we have indicated the legal basis for the processing and the criteria for the period of processing for that purpose.
|PURPOSE||LEGAL BASIS||PROCESSING PERIOD CRITERIA|
|Processing data to provide services and ongoing contact with Customers. Providing resources and services to Customers.||Article 6 (1) (f) of the GDPR – legitimate interest of the Controller, which is the delivery of resources and services to Customers as well as providing communication.||Until the termination of cooperation with a given Customer and the statute of limitations for claims.|
|Newsletter delivery. Providing marketing and advertising materials and information about Controller’s activities.||Article 6 (1) (f) of the GDPR – legitimate interest of the Controller, which is to provide marketing information to willing individuals.||Immediately upon the individual’s objection, or when the Data is no longer relevant to the Controller.|
|Website usage statistics. Analysis of website utilisation statistics||
Article 6 (1) (f) of the GDPR – legitimate interest of the Controller. The controller’s legitimate interests in this regard include analysing how visitors use the site, displaying the most appropriate version of the site for particular user groups, providing users with a better and more personalised experience.
|Administration of concluded contracts with service providers and clients. Protection of Controller’s rights and enforcement of claims||Article 6 (1) (f) of the GDPR – legitimate interest of the Controller. The legitimate interest of the Controller, in this case, is the proper implementation of contracts concluded with service providers or customers, as well as the defence of rights and enforcement of claims of the Controller.||Until the statute of limitations on claims.|
|Invoicing. Invoicing and financial reporting. Issuing invoices/payment documents to clients, bookkeeping.||processing is necessary to comply with Controller’s legal obligation to issue VAT invoices and financial reporting||5 years counted from the end of the fiscal year.|
We only process Data for as long as it is necessary. After the purpose for which the Data was processed has been fulfilled, the Data will be deleted or anonymised, unless we are required or authorized by law to retain some or all of the Data.
In some situations, we transfer your Data to third parties. Their recipients may be:
- entities to whom we outsource Data processing services, these will include our subcontractors, accounting entities, law firms;
- Public authorities, including the Police, the National Tax Administration, other law enforcement agencies, in connection with their proceedings under the relevant provisions of law.
GDPR, depending on your situation, grants you a number of rights in relation to the processing of your Data. These are:
(a) right of access by the data subject and to receive a copy of personal data undergoing processing.; (b) right to rectification; (c) right to erasure (‘right to be forgotten’); (d) right to restriction of processing; (e) right to withdraw consent at any time. Please, keep in mind that consent withdrawal is not affecting the lawfulness of processing based on consent before its withdrawal;(f) the right to data portability; (g) the right to object to the processing of Data;
If you believe that processing of your data by us violates the law, you can file a complaint with the President of the Office for Personal Data Protection. For more information please click here: https://uodo.gov.pl/en
[Automated Decision Making]
We do not make decisions by automated means, including profiling.
If you have any concerns about our processing of your Data, please contact us by sending an email to: firstname.lastname@example.org.