Policy Privacy Apzumi.com

I. General information and definitions


1. The following terms, used in the Privacy Policy, have the following meaning:


1) Apzumi - Website administrator providing the service of sharing resources and information
for people visiting the Website or profiles in Social Media: Apzumi sp. z o. o. sp. k. (limited partnership) with its seat in Poznań (Poland), at ul. Feliksa Nowowiejskiego 5, postal code: 61-731, registered at the District Court Poznań-Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register under the KRS number:  0000450819, NIP:  7831696924, REGON: 302352722, e-mail contact@apzumi.com,
2) Customer - a natural person, legal person or an entity without legal personality, but able to acquire rights and incur obligations on its own behalf - using services or purchasing goods from Apzumi,
3) Guest - a natural person who visits and browses the content of the Website and / or Apzumi Social Media,
4) Instant messaging - remote communication applications used by Apzumi to contact with clients, which are functioning as part of or in connection with the maintenance of Apzumi Social Media accounts,
5) Offer - description and photos of the services provided and goods sold by Apzumi as part f its business activities, used to promote them; all announcements, advertisements, price lists posted on the Website or Social Media should be treated not as an offer within the meaning of the Polish Civil Code, but as an invitation to submit offers by the Customer,
6) Person - a natural person whose Personal Data is processed by Apzumi, in particular Guest, Supplier or Customer or their employee or representative,
7) Personal data - all information (e.g. name, surname, telephone number, e-mail address or home address) regarding an identified or identifiable natural person,
8) Service - a service provided electronically by Apzumi for Guests, consisting in sending data via public Information and Communication Technology systems on individual request, without the simultaneous physical presence of the parties in order to perform the tasks resulting from the contract for the provision of services electronically, including, inter alia: providing Offers via the Website and Social Media, correspondence via e-mail addresses, etc.
9) Social Media - a common name for online social platforms (websites) on which Apzumi runs profiles and through which it provides the Services to Customers listed in § 3 of the Regulations. This applies to websites such as Facebook (profile address: https://www.facebook.com/apzumi/), LinkedIn (profile address: https://www.linkedin.com/company/apzumi/) and Twitter (profile address: https://twitter.com/apzumi),
10) Supplier - a natural or legal person or an entity without legal personality, but able to acquire rights and incur liabilities on its own behalf, - which provides certain services to Apzumi or delivers goods to Apzumi; the term Supplier should also be understood as natural persons who are employees and / or representatives of the Supplier, acting on his behalf,
11) Website - an online platforms at  https://apzumi.com and    https://en.spatial.apzumi.com  , through which Apzumi provides Services to Guests under the contract for the provision of electronic services, The reference to the term "process" or "processing" in this document means all activities and operations performed on personal data (e.g. storing or analyzing it for the purpose of providing services), unless otherwise stated.

2. The overriding goal of Apzumi as the data controller of personal data of Guests, Customers and Suppliers is to ensure privacy protection at a level at least corresponding to the standards specified in applicable legal provisions, in particular regarding:

1) personal data protection - Regulation of the European Parliament and of the Council (EU) 2016 / 679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation) (hereinafter: "GDPR"),
2) providing services by electronic means - the Act of 18 July 2002 on the provision of electronic services,
3) protection of consumer rights - the Act of 30 May 2014 on consumer rights.

3. In connection with the above, and in order to provide Persons whose data is processed by Apzumi,
access to information related to the protection of privacy, Apzumi has developed and adopted this
document containing the privacy policy. The document contains information in particular on:


1) the processing of personal data, including their collection and storage by Apzumi,
2) the manner of using personal data and other data collected in connection with the use of the Website, visiting Social Media, communication via Instant messaging or e-mail, as well as concluding with Apzumi and performing contracts for the provision of electronic services, contracts for the service provision or contracts for the sale of goods or other contracts concluded by Apzumi with Guests, Customers or Suppliers,
3) sharing personal data with other entities,
4) accessing, modifying and deleting personal data,
5) security of personal data and information processing,
6) period of personal data storage.

4. Apzumi obtains personal data from Guests, Customers and Suppliers:

1) when browsing and using by these persons and entities the content of the Website or Social Media as information:
a) provided to Apzumi directly by these persons/entities, including information provided when visiting and using Social Media (including, inter alia, marking content posted by Apzumi as likes or comments), exchanging correspondence via e-mail and Instant messaging,
b) obtained and collected by Apzumi when using Services via the Website or Social Media, in particular regarding: the method of using the Services, the internet protocol used, IP address, data on the operation of the device that is used to use the Services, as well as about breakdowns, activity of IT systems, equipment settings, type and browser language, dates and times sent requests and referring URLs, "cookies",
2) when communicating with Apzumi via e-mail or via Instant messaging,
3) during negotiating and concluding contracts with Customers and Suppliers

II. The method, scope and purposes of the processing of personal data


1. Apzumi processes, i.e. collects, stores and analyzes personal data for the following purposes:

1) concluding and performing concluded contracts (Article 6 (1) (b) of the GDPR), including contracts
for the provision of electronic services, contracts for provision of the services, contracts for the sale of goods and contracts with Suppliers. This applies in particular to contacting Guests, Customers and Suppliers in connection with negotiating, concluding and performing contracts, which includes providing information, handling inquiries and complaints, as well as pursuing claims and defending against claims arising from these contracts,
2) compliance with obligations arising from legal provisions, in particular regarding data processing for tax and accounting purposes (Article 6 (1) (c) of the GDPR) and ensuring accountability of personal data protection, i.e. to evidence that:
a) personal data are processed in accordance with the data subject is legally, reliably and transparently,
b) the purpose of data processing is clearly defined,
c) the processed data is adequate, relevant, limited only for the purposes related to their processing,
d) personal data is correct and, if necessary, updated,
e) personal data is processed in a manner ensuring their security,
f) data storage is limited to the strict minimum necessary to achieve the purposes for which they are processed,
3) consent (Article 6 (1) (a) of the GDPR) to the extent to which obtaining consent is required by applicable law when processing data based on "cookies", as well as in the field of direct marketing of services provided by Apzumi,
4) the implementation of legitimate interests of Apzumi (Article 6 (1) (f) of the GDPR), such as:
a) direct marketing of services provided by Apzumi, including contacting Guests, Customers and Suppliers for purposes related to permitted marketing activities by e-mail or telephone,
b) monitoring Guests activity on the Website pages and in Social Media, resulting from the "cookies" policy applied by Apzumi in order to:
- ensure the security of the Services that are provided by Apzumi under the concluded contracts
for the provision of electronic services, including enforcement of the internal rules of the
Website and Social Media and counteracting all abuses and ensuring safety traffic flow on the
Website,
- optimizing the content and operation of the Website, performing statistical analyzes,
obtaining information on the range and interaction factors on the Website

2. When it is necessary for the provision of services by Apzumi or when it constitutes a legitimate interest of Apzumi - the company is entitled to automatically obtain and record data provided by Guests, Customers and Suppliers, in particular data transferred to the server by browsers Internet or devices through which Guests gain access to the Website or Social Media. These data include: parameters and identification numbers of the software and hardware used, pages viewed, information on the use of the Website or other resources, as well as other data on devices and system use. The collection of the above- mentioned information will take place in particular when the Guest uses the Website or Social Media. How Apzumi uses this type of technology is described in more detail in the "Cookies" Policy available on the Website.

3. Apzumi may perform profiling, i.e. automated processing of personal data of Guests, Customers and Suppliers in order to infer about their characteristics. Profiling is used when it is necessary to perform certain services, as well as to improve the quality of services offered and for marketing purposes. However, Apzumi does not take any automated decisions based on profiling that could cause any legal effects or similarly significantly affect the scope of rights and obligations of data subjects.


III. Sharing and transferring data to third parties and to third countries

1. Apzumi may:

1) entrust the data of Persons to third parties that participate in the provision of services or support the
implementation of Apzumi obligations,
2) disclose the data to third parties (independent data controllers):
a) when allowed by contract or generally applicable law - for the purposes and on the terms resulting from these provisions, or
b) with the consent of the Persons.

This applies in particular to:
- Internet service providers, server rooms, IT companies, telecommunications companies, in the
scope of which these entities participate in the provision of services to Persons,
- third parties, e.g. specialized providers of data storage services, analytical services, in order to
provide services by these entities to Apzumi, marketing, consulting or auditing companies
supporting Apzumi in running a business and in the provision of electronic services, as well as in
the provision of website and application development services, as well as branding and marketing
- banks, payment institutions, accounting companies that support the settlement of receivables for
the services provided and resulting from concluded contracts,

2. In case of entrusting personal data, third parties to whom the data are entrusted are not authorized to use the personal data of Persons for their own purposes - the data will be processed on behalf and for the needs of Apzumi - and the actions of third parties are subject to the provisions of applicable law and this Privacy Policy. Entrusting data to another entity takes place in each case in the smallest possible dimension, both in terms of the scope of the processed data, as well as the scope of permitted data processing activities.

3. When it is allowed by the Person’s consent, by the contract or by generally applicable law Personal Data may be shared with other data controller separate from Apzumi. Apzumi reserves that in such case it has no influence on the data protection policy pursued by such data controller and is not responsible for it.

4. Apzumi may provide third parties with anonymised data (data transformed in a way that prevents the identification or assignment of individual information to a specific or identifiable natural person to whom the data relates or by whom the data was provided) in the form of statistical data.

5. Apzumi does not transfer personal data outside the European Economic Area or to international organizations without Person’s consent. However, if the Guest uses the content posted by Apzumi on Social Media or contacts Apzumi via Instant messaging, the Guest also uses the services provided by the administrators of these Social Media or producers of remote communication software. These services are provided by other entities, on the basis of separate regulations, privacy policies and on the basis of a separate contract for the provision of electronic services (separate legal relationship), to which Apzumi is not a Party. In this case, the data may be processed by entities based outside the European Union, therefore Apzumi recommends that you read the relevant regulations, instructions and privacy policy regarding the provision of the above-mentioned services by entities other than Apzumi.


IV. Accessing and modifying personal data


1. Each person whose personal data is processed by Apzumi has the right - to the extent resulting from
applicable regulations - to:


1) access the processed personal data, including receiving a copy thereof,
2) receive information on:
a) the purposes of personal data processing,
b) the categories of personal data processed,
c) information about the recipients or categories of recipients to whom personal data are disclosed,
d) the period of personal data processing,
e) the use of automated decision-making (including profiling),
3) rectification of the personal data if it is incorrect,
4) supplementing incomplete personal data (taking into account the purposes of processing),
5) deletion of personal data concerning her, if:
a) the data are no longer necessary for the purposes for which they are processed by Apzumi,
b) the data subject withdraws his consent to their processing, and the consent was the only basis legal basis for data processing or an effective objection to data processing has been made,
c) data processing is unlawful,
6) restrict of personal data processing if:
a) the correctness of the data is questioned - then the data subject may request restriction of data
processing  for the period allowing Apzumi to check the correctness of the data,
b) the data is processed unlawfully, but the data subject will not want their data to be deleted,
c) the data is no longer needed by Apzumi, but is needed by the data subject to defense or pursuing claims,
d) an objection to data processing has been raised - until it is determined whether the legitimate interests of Apzumi override the interests of the Persons indicated as the grounds for objection
7) object to data processing in the event data processing is:
a) conducted in order to perform the task carried out in the public interest or in the exercise of official authority entrusted to Apzumi,
b) resulting from the legitimate interests of Apzumi, where these interests are overridden by the interests or fundamental rights and freedoms of the data subject,
c) serving the needs of direct marketing, including profiling,
8) receive data in a structured format, including for the purpose of transfer to another data controller and
request Apzumi to transfer this data to another controller, if technically possible; this applies to a situation where the processing takes place on the basis of consent or a concluded contract and in an automated manner,
9) withdraw the consent to the processing of personal data with future effect in relation to the processing of such data, which are processed on the basis of consent; this applies, for example, to data from websites and mobile applications processed as part of cookies (in this case, changes must be made to the configuration of the web browser on the principles set out in the Cookie Policy used by Apzumi, which may, however, affect some of the functionalities available on the Website or Social Media).
10) lodge a complaint with the President of the Personal Data Protection Office.


V.Data and information security


Apzumi makes every effort to ensure that all collected and processed data are protected using adequate technical measures and security procedures to protect them against unauthorized access, unauthorized modification, disclosure and destruction. In particular:

1) the Website records attempts of unauthorized access and, in the event of a suspected intrusion, it is possible to quickly verify whether there has been a breach of security rules,
2) when providing Services by electronic means, Apzumi uses SSL encryption and firewalls,
3) data on the Website's servers are subject to cyclical archiving (backup),
4) access to personal data is provided only for those employees and contractors of Apzumi for whom it is necessary to process the data for the purposes indicated in this privacy policy. Apzumi affiliates, trusted partners and external service providers manage data in accordance with security and privacy requirements, and in the event of failure to comply with these obligations, they may face appropriate legal consequences.


VI.The period of storage of personal data


1. Personal data is stored by Apzumi for the period necessary to achieve the purposes of processing, in particular for the duration of contracts being the basis for data processing, as well as after their termination for the following purposes:

1) pursuing claims or protecting against claims resulting from the contract,
2) performance of obligations arising from legal provisions, including in particular tax and accounting regulations - until the claims or legal obligations are time-barred.

2. Apzumi stores personal data for marketing purposes until the data subject objects to such processing.


VII.Changing the provisions of the privacy policy


The Apzumi privacy policy is subject to change. The rights of persons resulting from this Privacy Policy will not, however, be limited in any way without their express consent. Any changes to the Privacy Policy will be published on the Website, and Apzumi will also inform about them in a visible manner.


VIII.Data Protection Inspector


Due to the lack of a legal obligation, Apzumi has not appointed a Personal Data Protection Inspector. Therefore, in all matters related to the processing of personal data, you should contact Apzumi directly. Contact details are provided in section IX of this document.


IX. Contact details


1. Apzumi seat is at ul. Feliksa Nowowiejskiego 5, 61-731 Poznań, Poland.
2. If you have any questions regarding this Privacy Policy, please contact Apzumi at the following e-mail address: contact@apzumi.com.

This privacy policy comes into force on January 1, 2023