Privacy Policy

effective from 23.03.2020.

Dear User and Service Recipient,

Michał Jankowski Smart Solutions, NIP: 7691986621, 50-536 Wrocław, 4/11 Srebrnogórska St. as the owner of Imcado service makes every effort to ensure the security and confidentiality of your personal data. We care about your privacy both when you visit our website, register an account with us and use our services, as well as when you contact us by phone or e-mail, subscribe to a newsletter or visit our social media channels. We act in accordance with the letter of the law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).

In this document, we want to provide you with the most relevant information about the processing of personal data. For simplicity, we have compiled them in the form of questions and answers. This is so that you can find out for what purpose, on what basis and for how long we are processing your data, who has access to it and what rights you have.

Who is the Administrator of your personal data?

The administrator of the personal data is Michał Jankowski Smart Solutions with the seat at 4/11 Srebrnogórska Street, 50-536 Wrocław, NIP: 7691986621, REGON:380948954.

All requests, demands and requests concerning the processing of personal data should be sent electronically to the following e-mail address: mail@imcado.app

If you have any questions or concerns, you can contact us by e-mail at the following address: mail@imcado.app

For what purpose do we process personal data?

We process your personal data for the following purposes:

  • in order to maintain the recipient’s account – the personal data you provide to us upon registration is necessary for you to order our services;
  • In order to provide the service, the personal data you provide us with are necessary for the execution of the order, the settlement of the contract and the possible enforcement of our claims,
  • to answer your questions by phone or email, including a form on our website and individual social media channels (Facebook, Instagram, LinkedIn, Twitter);
  • to send you the newsletter – based on your consent to receive it,
  • For marketing and statistical purposes, the information about visits to our website and social media is related to the promotion and development of Imcado and the work on improving the products and quality of our services;

Is it voluntary to provide personal data?

The provision of personal data is voluntary, however, the refusal to provide such data may hinder or prevent the execution of the concluded agreement.

On what legal basis do we process personal data?

The legal basis for our processing of personal data is accordingly:

  • agreement or pre-contractual action at the request of the data subject (Article 6(1)(b) GDPR),
  • the relevant legal provisions if the processing is necessary to fulfil our legal obligations (6.1.c GDPR), e.g. regulations specifying the scope of the data to be indicated on the invoice,
  • our so called legally justified interest, which we have in carrying out marketing activities, creating statistics on the use of particular functionalities of the service and maintaining business relations with you (6 paragraph 1 letter f GDPR),
  • Your consent is clearly and voluntarily expressed (Article 6(1)(a) of the GDPR) – if we ask for and are given your consent, e.g. if you wish to receive the newsletter;
  • to establish, pursue or enforce claims, which is our legitimate interest to initiate proceedings and defend ourselves against claims in proceedings before the courts and other state bodies (Article 6(1)(f) of the GDPR).

How long do we process personal data?

We will process your personal data for as long as necessary to achieve the purposes indicated above, unless you make a valid and correct request to delete your personal data. In addition, the period of processing may depend on the content of the legal provisions applicable to us, e.g. in the case of the storage of financial documents or the time limits for claiming.

Do we share data with others?

In some situations, the further transfer of personal data may be necessary to enable us to properly and professionally fulfil our contractual obligations and conduct business activities. However, we require the recipient to guarantee adequate protection and confidentiality before providing personal data.

We may transfer your personal information:

  • entities participating in the performance of our contracts, e.g. accounting offices, IT service providers, cloud computing providers,
  • Our authorised employees and associates for whom access to your data is necessary for the proper performance of their duties,
  • a state authority empowered by the applicable law.

Do we transfer personal data to third countries?

As a rule, we do not transfer personal data to countries outside the European Union. However, if it is necessary in connection with the sale of our products and the provision of services, we will assess the circumstances and take care to ensure an adequate level of data security so that processing is carried out in accordance with the applicable legal regulations.

At the same time, we would like to inform you that in running our service we use the services and technologies offered by such entities as: Facebook, Microsoft, Google, Stripe, Twilio, which are based in the United States. In the light of the GDPR regulations, these will be so-called entities located in third countries, with respect to which it must be demonstrated that an adequate degree of protection or a mention of appropriate safeguards is provided. We therefore assure you that the above entities have joined the Privacy Shield Program on the basis of the European Commission’s Implementing Decision of 12 July 2016 and ensure that they comply with the high data protection standards that apply in the European Union. Therefore, the use of their services and technologies in the processing of personal data is legal.

Do we process personal data in an automated way?

We do not take automated decisions, in particular those which could produce legal effects on natural persons or which could affect them in a similarly significant way.

Do we use so-called cookies?

On our website, we use so-called “cookies”, i.e. short text information saved on your computer, phone, tablet or other user’s device which can be read by our system, as well as by the systems of other entities whose services we use (e.g. Facebook, Google, Hotjar). Thanks to Cookies we collect anonymous data about visits to our website, which we can then use to improve the functions available on the site, identify errors or our marketing activities.

Web browsers usually allow cookies to be used on your device by default. However, users can block and restrict the installation of cookies at their own discretion, either by using their browser settings or by using one of the many available (free) solutions. Please note that disabling or restricting the use of cookies may cause difficulties in the use of the website, e.g. it may result in a longer loading period of the website or restrictions on the use of the functionality or liking of the website on Facebook.

How do we protect your data?

In order to ensure a high and consistent level of protection, we apply appropriate IT environment protection measures, as well as technical and organisational measures, among others:

  1. use of technology offered by Microsoft Azure, which ensures the security of the person’s data authentication procedure,
  2. TLS encryption,
  3. making backup copies,
  4. equipping data centres with data protection mechanisms,
  5. conducting regular safety tests,
  6. monitoring the security of personal data,
  7. Minimising the risk of potential abuse and reacting quickly if it occurs,
  8. implementing data protection policy,
  9. Ensure the continued confidentiality, integrity, availability and resilience of processing systems and services,
  10. to allow access to personal data only to authorised persons.

What rights do the people whose data we process have?

The persons whose data we process are entitled to:

  • to access their personal data;
  • to correct personal data;
  • delete personal data;
  • restrictions on the processing of personal data;
  • to object to the processing of personal data;
  • the transfer of personal data;
  • withdrawal of consent to data processing.

However, the above mentioned rights are not absolute and in some situations, after analysis, we may legitimately refuse them.

We would also like to inform you that revoking your consent to data processing will not affect the lawfulness of the data processing that took place on the basis of your consent before its revocation.

If you request us to exercise any of the above powers, we will respond to you as soon as possible, but no later than one month after receipt. If, due to the complexity of the request or the number of requests, we are unable to comply with your request within one month, we will comply with it within the next two months. However, we will inform you in advance of the intended extension of the deadline.

How can I challenge irregularities in the processing of personal data?

If you believe that your personal data is being processed by us in violation of the law, you may file a complaint with the President of the Office for Personal Data Protection, Stawki 2 00-193 Warszawa, tel. 22 531-03-00, kancelaria@uodo.gov.pl, Info line: 606-950-000

Can we change our Privacy Policy?

Yes. Data protection is a process that we adapt to current needs and changing technology. Therefore, our Privacy Policy may be supplemented or changed and we will inform you of this by posting information on our site and, in the event of significant changes to the registered recipients of the service, we will send separate notices by e-mail.

Where can I find more information about third party cookies?

This information is contained on third party websites, in particular:

  1. Google Analytics:
    • Tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
    • It automatically collects information about your use of our site (including demographic data) so that we can optimise our site in the future based on statistics.
    • Google LLC participates in the EU-US-Privacy Shield programme, which confirms that they ensure an adequate level of protection of personal data as required by European legislation.
    • In order to block data registration and transfer to Google you need to install a plug-in available on the website: https://tools.google.com/dlpage/gaoptout
    • Additional information on the processing of data within the framework of Google Analytics is available on this website: https://support.google.com/analytics/answer/6004245.
  2. Google Adwords
    • Tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
    • This tool allows you to promote your website in search engine results and on third party websites.
    • Google LLC participates in the EU-US-Privacy Shield programme, which confirms that they ensure an adequate level of protection of personal data as required by European legislation.
    • Disabling the use of cookies is available in your account settings on the site: https://adssettings.google.com.
    • Additional information on the processing of data within the framework of Google Adwords is available on this website: https://policies.google.com/privacy.
  3. Hotjar
    • Tool provided by Hotjar Limited, Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta
    • It automatically collects information about your use of our site (including demographic data) so that we can optimise our site in the future based on statistics.
    • The deactivation of the possibility to create an anonymous profile is available at https://www.hotjar.com/legal/compliance/opt-out.
    • Additional information related to Hotjar data processing is available on the website: https://www.hotjar.com/legal/policies/privacy.
  4. Facebook Pixel