Cybergeeks

Privacy policy

I. Preliminary information

The privacy and security of the data are top priority for us. For this reason, we make every effort to apply effective protection measures that guarantee the confidentiality, integrity and availability of the information processed. Moreover, another element that is of importance to us is the transparency of our processes - you have the right, as a data subject, to know the purpose and way we process your personal information. This document presents the types of personal data processing activities that can be carried out within the scope of our services and identifies the procedure. However, if you do not find all the answers to your questions, you can always contact: **Data Protection Officer** - Marcin Grott **Deputy Data Protection Officer** - Małgorzata Sitkiewicz at: iod@cybergeeks.pl

II. Who is the controller of your personal data?

The Controller of your data is Cyber Geeks Sp. z o.o. with its registered office in Zielona Gora, Poland, at 17B Wroclawska Street (hereinafter referred to as the Company). The Controller can be contacted by email to the following address contact@cybergeeks.pl.

III. How do we process your personal data?

Personal data are any information that can identify a person, such as his or her name, phone number, email address. In the case of legal persons, the data also include information about the members of the management board representing the entity, details on the proxies, and data on employees who are the contact persons. The Privacy Policy applies to personal data and other information that we collect, whether they are provided through a website, a phone, text message, email, letters and other correspondence, in person or from other sources. We are obligated to protect the personal data processed. We carefully select and apply the appropriate security measures adequate to the identified risks. We are obliged to use the personal data in accordance with the applicable data protection legislation - in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the Act of 10 May 2018 on the protection of personal data and special provisions. At the same time, we guarantee that the data will be processed in accordance with the purpose for which they were transferred to us, and if their processing is based on voluntary consent, it is possible to withdraw it at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal. In the following section of this Privacy Policy you shall find the following information: - **What information is collected and how is it processed?** - **How long are the personal data stored?** - **What is the legal basis for the processing of personal data?** - **Are the personal data shared with others?** - **What are your rights with respect to the personal data you provide?**

IV. What information is collected and how is it processed?

###### **1. Establishing business relations** In case of establishing business relations with legal persons, we process personal data of the members of the management board representing the legal person, data of legal persons’ proxies, as well as data of employees who are contact persons of the legal person. These data are processed solely for the purpose: - to conclude and perform an agreement between the Company, being a party to the agreement, and another entity - the legal basis is the Company's legitimate interest to conclude and perform the agreement, - to fulfil the Company's legal obligations in connection with its business activities - the legal basis for data processing is the necessity to fulfil the legal obligation imposed on the controller by the provisions of tax and accounting laws, - to pursue possible claims or to protect its rights in connection with an agreement entered into between the Company and another entity - the legal basis for the processing is the necessity of the processing for the fulfilment of the Company's legitimate interest, which is the possibility to pursue its claims or to protect its rights. Personal data are stored for the period necessary to fulfil the aforementioned purposes of the processing, in particular: within the scope of agreement fulfilment for the time of its completion, and then in the legally justified interest of securing possible claims, or until the expiry of the obligation to store data resulting from legal regulations. These provisions may concern, in particular, the obligation to preserve accounting documents relating to the agreement. The provision of data is a statutory requirement, to the extent specified in the provisions referred to above. Providing personal data is also necessary for the conclusion and performance of the agreement. ###### **2. Communication** Your personal data are also collected when you contact us via the available channels, including the helpline and the contact form. Depending on the channel of contact, the data collected include, among others, your name and email address. We process your data for purposes directly related to the operation, correct execution of our services and operating a specific contact channel. We store information about you included in the messages for the time necessary to fulfil your request and as long as required by law. ###### **3. Cookies or similar technologies** **Website** When you use our website, we may also gather information such as technical data about the devices you use to access them, including your internet connection, IP address, or other technical details provided by your browser. We collect data using cookies or similar technology. For more information, please refer to our Cookies Policy, which is an integral part of this Privacy Policy. We are not responsible for the privacy policies of other websites, either those accessible via links from our website or those which link to it. Therefore, if you use external websites, we recommend that you review the relevant privacy policies posted on those sites. **Email messages with commercial information** If you consent to receive commercial communications to your email address, you will receive messages from us containing marketing content. For the purposes of measuring or understanding the effectiveness of our marketing efforts and tailoring content or marketing efforts, we may conduct monitoring of these emails using a pixel tag or links contained in the body of the email. Pixel tags are a graphic element of the pixel size. With its help, we collect information primarily about whether the message was opened and when. In addition, we can also receive your IP address (which allows us to determine your approximate location) or data about your device, such as information about the web browser, type and version of the operating system. You can express or revoke your consent to our use of the pixel tag through the settings in your email program or service as indicated by its provider. Information on changing the pixel tag settings in selected email programs or services is available on the following pages: - [Gmail](https://support.google.com/mail/answer/145919?hl=en&co=GENIE.Platform%3DDesktop&oco=1) - [Apple Mail](https://www.apple.com/legal/privacy/data/en/mail-privacy-protection/) - [Microsoft Outlook](https://support.microsoft.com/en-us/office/block-or-unblock-automatic-picture-downloads-in-email-messages-15e08854-6808-49b1-9a0a-50b81f2d617a) If you click on a link in the email, we will know that you have visited the linked website and when this visit took place. If you do not want to be monitored in this way, you can unsubscribe from receiving commercial information by contacting us at contact@cybergeeks.pl. ###### **4. Marketing** When filling out forms on our website, we may ask you for your voluntary consent enabling us to process your personal data for the purpose of direct marketing of the services we provide and our activities. Depending on the form, consent may be expressed by checking a dedicated field or entering your email address or telephone number. Expressing consent in this way is equivalent to granting consent to receive commercial information from us through the contact channel selected or provided by you in the form. If the consent also includes measuring or understanding the effectiveness of our marketing activities and adjusting the content or marketing activities - profiling (automated assessment based on your personal data we have), we will inform you about it in the form. If you change your mind, you have the right to withdraw your consent at any time by contacting us at contact@cybergeeks.pl. ###### **5. Newsletter and similar services** The processing of your personal data also takes place when you subscribe to our Newsletter or similar services (e.g. signing up for a webinar). The legal basis of the processing of personal data, in this case, is your consent, expressed by subscribing to the specific service and providing us with your email address. Submission of personal data and consent is voluntary. At any time, you can unsubscribe from the specific service and withdraw your consent to the processing of personal data through the deactivation link received in the content of the Newsletter or email of another similar service. Removal from the list of subscribers will be carried out immediately. You can also withdraw your consent at any time by contacting us at contact@cybergeeks.pl. ###### **6. Media** In the case of the media, we process the personal data of their representatives for the purpose of ongoing contact, in particular, for answering journalists’ questions or sending information related to our business. The collected data may include name and surname, editorial office name, email address and telephone number. In this case, the basis for processing is our legitimate interest in handling media contact.

V. How long do we store the personal data?

All personal data obtained by us are stored on our servers or on those of our affiliates. We use appropriate technical and organizational security measures to protect your personal data against unauthorized or unlawful processing, accidental loss, damage or destruction. The entities cooperating with us are also obliged to manage the data in accordance with the security and privacy requirements adopted by us. We only process the personal data for the period necessary to fulfil the objectives set out in this Privacy Policy. Please be informed that the specific nature of our services means that in most cases we are required by law to process your data even if you no longer use our services. Such obligations arise from tax or accounting regulations. If you have only contacted us, we will keep this information for as long as it is necessary for legal reasons or related to the accountability of the operations carried out. We may also process personal data for as long as is necessary to assert claims or protect your rights. We assure you that if we do not need your personal data in order to provide the services or for other reasons (in particular legal reasons), such data will be immediately erased or anonymized.

VI. What is the legal basis for processing personal data?

We process personal data in order to enable you to use our services, which can be defined as necessary for our legitimate interest. In addition, data may also be processed as part of our legitimate interest to assert or defend our rights. We also process data when this is necessary to fulfil legal obligations imposed on us. In other cases, the basis for processing is the consent you have voluntarily given, which you can withdraw at any time without affecting the lawfulness of the processing carried out prior to the withdrawal of consent. This applies, for example, to the sending of commercial information.

VII. Do we disclose personal data to others?

Recipients of the data may be entities that support our activities (processors), in particular with regard to the provision of ICT solutions used by us. Recipients of personal data may also be state authorities authorised to access personal data by law. In addition, we may use the services of professionals providing legal, tax, accounting or auditing services. Please be informed that if you use the online forms available on this website, we will make a request via the reCAPTCHA plugin which will include sending you your IP address and any other data required by Google LLC. Your personal data may be transferred to third countries (outside the European Economic Area) - e.g. the USA, as we use the ICT services of international providers. If we share data with entities that are outside the EEA we make sure that these entities provide an adequate level of protection and that the transfer is supported by appropriate safeguards, including but not limited to European Commission adequacy decisions or European Commission standard contractual clauses. Any questions regarding transfers outside the EEA, including information about the safeguards in place, can be sent at iod@cybergeeks.pl.

VIII. Your rights

At any time, you have the right to object to the processing of your data where the data collected are processed by our legitimate interest. You also have the right to withdraw your consent (if the processing of your personal data was based on consent). In any case, you may withdraw your consent at any time. You have the right to access your data, rectify them, obtain a processing restriction and request for them to be forgotten. Moreover, you have the right to data portability. You can exercise your rights by contacting us at iod@cybergeeks.pl or contact@cybergeeks.pl. In addition, you can lodge a complaint with the Personal Data Protection Office.

IX. Changes to the Privacy Policy and other relevant information

We reserve the right to make changes to the Privacy Policy. Each time, you can find the current version of this document on our website. Please note that we are open to any suggestions and comments regarding confidentiality, protection or processing of your personal data. All of them can be sent to iod@cybergeeks.pl.