Who are we?
Appsilon spółka z ograniczoną odpowiedzialnością with its registered seat in Warsaw at Chmielna 2/31, postal code 00-020, Poland, entered into the register of entrepreneurs kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register, under KRS number: 0000483137, NIP [tax identification number]: 5252569920, with share capital PLN 5000, further referred to as “the Company” is a data controller under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation further referred to as “GDPR”).
WHAT DO WE COLLECT?
We may collect the following information:
- name, surname, e-mail address, phone number, name of the organization that you are affiliated with, and any other data you provide voluntarily when you contact us via electronic forms or in other ways (e-mail, phone, correspondence),
- name, e-mail address, when you subscribe to our newsletter or subscribe for tutorials, exclusive articles, and updates,
- name, surname, e-mail address, phone number, organization that you are affiliated with, professional experience, education, image, address, social media content (LinkedIn, Github other portfolio sites), and all additional data you provide us via sending us your curriculum vitae and filling in the form for the recruitment process,
- name, surname, address, e-mail address, telephone number, bank account details, and personal identification numbers when you are a current customer, partner, or co-worker of the Company.
WHY DO WE COLLECT DATA?
Personal data are processed to:
- answer all your questions and requests sent through the electronic forms and using contact addresses published on the Site, including interactive windows (Article 6 point 1 f) GDPR),
- communicate and provide commercial or marketing information (tutorials, articles, updates) via newsletter on the basis of your voluntary consent (Article 6 point 1 a) GDPR),
- establish cooperation with the Company, including verification of your data and preparation of an offer at your request to enter into a cooperation with us (Article 6 point 1 b) GDPR),
- perform the provisions of an already concluded contract if you are an existing Client or another entity cooperating with Company (Article 6 point 1 b) GDPR),
- maintain contact with business partners, including business customers and suppliers e.g. persons responsible on the partner’s side for performing the contract with the Company, the Company processes contact details of such persons in order to communicate with business partners on an ongoing basis and to maintain contacts with them. Article 6 point 1 f) GDPR,
- fulfill legal obligations of STX Next relating in particular, to accounting and taxation and for archival purposes (Article 6 point 1 c) GDPR),
- adapt and develop the functionalities of the Site including its structure and content to your needs and those of other users, produce aggregated statistics, and maintain the security and quality of the Site (Article 6 point 1 f) GDPR),
- contact you and carry out the recruitment process in connection with your submission of application documents on the recruitment subpage (as far as personal data are required by law, the legal basis for processing is Article 6 point 1 c) GDPR, and for additional data, the provision of which is not required by law, the legal basis for processing is Article 6 point 1 a) GDPR),
- take application documents into account in future recruitment processes (Article 6 point 1 a) GDPR),
- investigate or safeguard against possible claims and defend our rights (Article 6 point 1 f) GDPR),
The Company processes the personal data of users who have interacted with our social profiles held on popular social networking sites. The data is processed in order to enable the running and ongoing management of our profiles, including communicating with the community and organizing events or competitions, on the principles defined by the functionalities of individual social media and their rules of procedure. Data of community members is also processed for statistical and analytical purposes and may be processed for the purpose of asserting and defending against claims (Article 6 point 1 f) GDPR).
Providing the personal data is voluntary, however, failure to do so may prevent you, depending on the specific case, use of selected functionalities within the Site or contacting us. If personal data are not collected from the data subject, they were obtained e.g. from Company’s clients, contractors, partners, or co-workers, as well as from publicly accessible registers and Internet platforms.
If at any time you would like to unsubscribe from receiving a newsletter or taking part in future recruitment processes you can simply email firstname.lastname@example.org and withdraw your consent, without effect on the lawfulness of the processing prior to the withdrawal. You can always withdraw your consent in each case when processing is based on your consent article 6 point 1 a) GDPR.
HOW LONG DO WE PROCESS YOUR DATA?
The period of personal data processing depends on the purpose and legal basis of the processing.
Personal data obtained through the contact forms or addresses indicated for communication with the Company will be processed for the duration of the communication or until an objection to the processing is raised, but no longer than the claims limitation period under applicable law. Personal data processed for the purposes of newsletters and other subscriptions will be processed until the consent is withdrawn. Personal data of contractors, partners, or clients will be processed for the duration of the agreement, and after this period for the time necessary to comply with the law and to establish, investigate or defend against any claims. Personal data collected for the purposes of recruitment will be processed for the whole duration of the recruitment process but no longer than 24 months, and in the event that a given candidate agrees to the processing of data for the purposes of future recruitment, they will be stored until such consent is withdrawn, but no longer than for 4 years. Personal data processed in order to fulfill the legal obligations of the Controller will be processed for the period resulting from the relevant legal provisions. In case of data processing on the basis of a legitimate interest of the Company, the data shall be processed for the period enabling its realization or until an effective objection to the data processing is raised. Each processing period may be extended if the processing is necessary for the establishment, investigation, or defense against possible claims, and after this period, only if and to the extent required by law. After the end of the processing period, the data shall be irreversibly deleted or anonymized.
RECIPIENTS OF DATA
The recipients of personal data will be other entities providing appropriate IT services related to the maintenance of the Site, hosting, mailbox administration and management, consulting, accounting, finance, recruitment, legal, newsletter and legal companies, contractors, and co-workers of the Company, affiliates of the Company, trusted vendors, marketing agencies, app, and social media platform providers, banks, couriers.
The Company reserves the right to disclose selected information concerning the data subject to competent authorities or to third parties who request such information on an appropriate legal basis and in accordance with the provisions of the applicable law.
Personal data may be transferred outside the European Economic Area (EEA) to a third party country, to entities fulfilling a required protection level based on the European Commission requirements. If there is any transfer of data from EEA to other countries, data processors shall comply with the law regulations that ensure an adequate level of security to that of the EU regulations. If personal data is transferred to a third country that does not comply with EC requirements, any processing will be based on up-to-date standard contractual clauses approved by the European Commission. Information and copy of safeguards including such standard contractual clauses may be provided at the Company’s registered office or via e-mail.
If the Company processes your data, you have the right to:
- access the data,
- rectify the data,
- restrict the processing of the data,
- erase the data,
- transfer the data,
- object to the processing of data that takes place on the basis of the Company’s legitimate interest,
- withdraw your consent (where processing is based on consent) at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
The users whose data are processed have the right to lodge a complaint with the adequate supervisory body e.g. in Poland to the President of the Office for Personal Data Protection (postal address: ul. Stawki 2, 00-193 Warsaw, Poland).
INFORMATION AUTOMATICALLY COLLECTED
The Company automatically logs information about you and your computer when you visit our Site. For example, we log your computer operating system type, browser type, browser language, the website you visited before browsing our Site, pages you viewed, how long you spent on a page, access times, Internet protocol (IP) address, and information about your use of and actions on our Site.
We may log information using “cookies.” Cookies are small data text files stored on your device by a website. Cookies help us make our Site and your visit better. Cookies allow for recognition of the device and appropriate display of the Site adjusted to the individual preferences of the user. Cookies usually contain the name of the website they come from, the time of storage on the device, and the unique number.
In addition, cookies are used to create anonymous, aggregated statistics that enable us to check how users use the Site, which makes it possible to improve the content and structure of the Site, excluding the personal identification of a user. Cookies also make it possible to maintain a user session, in order to store preferences, consents, etc., so that the user does not have to enter the same information each time he visits the Site.
With regard to the time of cookies’ storage on the device there are:
- temporary cookies – placed on the device for the time of use of the browser, after closing the session, are deleted,
- permanent cookies, which are stored on the device of the user for the time specified in the parameters of cookies or until they are deleted by the user.
Cookies do not cause any configuration changes in the user’s device or in software installed on such devices.
When you visit our Site for the first time, there will be a pop-up with an explanation about cookies. As soon as you save preference, you consent to us using the categories of cookies and plug-ins you selected in the pop-up. Please be informed that necessary cookies are always active.
Here is a list of cookies used by the Site:
- necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the Site, anonymously
|PHPSESSID||Necessary||This cookie is native to PHP applications. The cookie is used to store and identify a users’ unique session ID for the purpose of managing user sessions on the website. The cookie is a session cookie and is deleted when all the browser windows are closed.||session|
|_lfa||Necessary||This cookie is set by the provider Leadfeeder to identify the IP address of devices visiting the website, in order to retarget multiple users routing from the same IP address.||2 years|
- functional cookies are here to ensure that certain parts of the Site work properly and that user preferences remain known. By placing functional cookies, it is easier for you to visit our Site.
|mailmunch_second_pageview||Functional||Mailmunch sets this cookie to manage subscription services to mailing lists.||never|
|_mailmunch_visitor_id||Functional||Mailmunch sets this cookie to create a unique visitor ID for the Mailmunch mailing list software.||never|
- advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
|_fbp||Advertisement||This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.||3 months|
|test_cookie||Advertisement||The test_cookie is set by doubleclick.net and is used to determine if the user’s browser supports cookies.||15 minutes|
- analytical cookies for statistical analysis purposes so that we understand how visitors use and move around our Site, which improvements and adaptions should be made, or ensuring that our Site works properly on the devices and technologies that our visitors use such as:
|_gcl_au||Analytics||Provided by Google Tag Manager to experiment with advertisement efficiency of websites using their services.||3 months|
|_ga||Analytics||The _ga cookie, installed by Google Analytics, calculates visitor, session, and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.||2 years|
|_gid||Analytics||Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.||1 day|
|_gat_gtag_UA_46680230_1||Analytics||Set by Google to distinguish users.||1 minute|
THIRD PARTY SITES AND PLUGINS
On our Site, we use hyperlinks and social plugins (Linkedin, Github, Twitter, Facebook) to third parties websites. When using plug-ins, your Internet browser establishes a direct connection to the servers of the respective social network. This tells the provider that your browser has displayed our Site, even if you do not have a user account with the provider or are not currently logged in there. The log files (including the IP address) are sent by your browser directly to a server of the relevant provider and stored there. The provider or its server may be located outside the EU or EEA.
The plugins are independent extensions of the social network providers. We, therefore, have no influence on the extent of the data collected by the social network providers using the plugins.
If you do not want the providers of social networks to receive data and possibly save or use them, you should not use the respective plugins on our Site.
SECURITY OF YOUR PERSONAL INFORMATION
We take steps to help protect personal information. All information provided to us is stored on secure servers and guarded by strict procedures and well-trained staff. The Company processes personal data with due diligence when selecting and applying appropriate technical and organizational measures.
Personal data collected by the Company are:
- processed in a lawful manner,
- collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes,
- adequate and limited to what is necessary for the purposes for which they are processed,
- corrected and, if necessary, updated,
- kept for no longer than necessary to achieve the purpose of processing,
- processed in a manner that ensures appropriate security.