I. GENERAL PROVISIONS
- The Controller of your personal data is BitByBit Sp. z o.o. with its registered office in Poznań (61-768), ul. Zamkowa 7/13, KRS [company registration number]: 0000729952, NIP [tax identification number]: 7822809748, REGON [statistical number]: 380074254, hereinafter referred to as: the Controller or The BitByBit Company.
- As the Controller, The BitByBit Company pays special attention to the protection of privacy and confidentiality of personal data processed in connection with its business activity, including the data entered by users into the electronic forms on the domain and subdomains https://thebitbybit.com.
- You can contact the Controller in all matters related to the protection of your personal data via e-mail: email@example.com
- The BitByBit Company shall act with due diligence when selecting and applying appropriate technical and organisational measures to protect the personal data being processed.
- The BitByBit Company shall protect personal data against unauthorized access and processing in violation of applicable regulations.
- Your personal data shall be processed by the Controller in accordance with the law, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as ‘GDPR’).
- Personal data collected by The BitByBit Company shall be:
- processed in a lawful manner,
- collected for specified, lawful purposes and not subjected to further processing incompatible with these purposes,
- adequate and limited to what is necessary for the purposes for which they are processed,
- corrected and, if necessary, updated,
- kept for no longer than necessary to achieve the purpose of processing,
- processed in a manner that ensures appropriate security.
II. PURPOSES AND LEGAL BASIS FOR PERSONAL DATA PROCESSING.
- Each time the purpose, scope and recipients of personal data processed by The BitByBit Company depend on whether you are only a website visitor, a potential or existing The BitByBit Company client or a candidate for The BitByBit Company team.
- Your personal data may be processed in order to:
- establish cooperation with The BitByBit Company, including verification of your data and preparation of an offer at your request if you would like to enter into a contract with us – in this situation, data processing is necessary to take action at your request before entering into a contract (Article 6(1)(b) of the GDPR),
- answer your questions and requests submitted through the forms and contact addresses available at the thebitbybit.com website, including the interactive windows available on each subpage of the website – on the basis of the legitimate interest of The BitByBit Company (Article 6(1)(f) of the GDPR),
- perform the provisions of an already concluded contract if you are an existing The BitByBit Company client or another entity cooperating with The BitByBit Company (Article (6)(1)(b) of the GDPR),
- fulfil legal obligations of The BitByBit Company relating, inter alia, to accounting and taxation and for archival purposes (Article 6(1)(c) of the GDPR),
- send marketing content, such as information about products and services, information about planned events and workshops, commercial information, questionnaires, newsletters, eBooks and other materials via electronic messages, on the basis of your voluntary consent (Article (6)(1)(a) of the GDPR) or, if the law allows it, on the basis of the legitimate interest of The BitByBit Company (Article (6)(1)(f) of the GDPR),
- adapt and develop the functionalities of the website, including its structure and content to your needs and those of other users, produce aggregated statistics and maintain the security and quality of the services provided by The BitByBit Company – based on the legitimate interest of The BitByBit Company (Article 6(1)(f) of the GDPR),
- contact you and carry out the recruitment process in connection with your submission of application documents on The BitByBit Company recruitment subpage – in this situation, data processing is necessary to take action at your request before entering into a contract (Article 6(1)(b) of the GDPR),
- take application documents into account in future recruitment processes – based on your voluntary consent (Article 6(1)(a) of the GDPR),
- establish, exercise or defend any claims based on the legitimate interest of The BitByBit Company (Article 6(1)(f) of the GDPR).
III. CATEGORIES OF COLLECTED PERSONAL DATA
The controller processes different personal data depending on the purpose and legal basis of the processing. The BitByBit Company may process in particular the following categories of your data: first and last name, e-mail address, address, data of your company, contact number, bank account number (for payment processing), data of contact persons from your company, IP address and other data necessary to achieve the purposes mentioned above (e.g. data provided by you in the contact form).
IV. PERIOD OF PERSONAL DATA PROCESSING
- The period of personal data processing depends on the purpose and legal basis of the processing.
- Personal data obtained through the contact form and other channels or addresses indicated for the communication will be processed for the duration of the communication or until an objection to the processing is raised, but no longer than eight months from the date of the last contact, unless another legal basis for the processing of personal data applies.
- The clients’ personal data will be processed for the duration of the contract, and after that period for the time necessary to comply with the law and to establish, exercise or defend against possible claims, but no longer than 5 years from the expiry or termination of the contract entered into with The BitByBit Company.
- Personal data processed for the purpose of fulfilling the Controller’s legal obligations will be processed for the period resulting from the relevant legal regulations.
- Personal data collected for the purpose of sending marketing content will be processed until you object to the processing or withdraw your consent.
- Personal data collected for the purposes of recruitment will be processed for the duration of the recruitment process, and if you consent to the processing of data for the purposes of future recruitment, they will be stored until your consent is withdrawn.
V. INFORMATION ABOUT PROCESSING
- The recipients of your personal data may be business partners (e.g. subcontractors), technological partners (e.g. providers of IT services, marketing tools), logistics partners (e.g. courier companies) and organizational partners (e.g. consulting companies, accounting companies, accounting firms) of The BitByBit Company, as well as entities which process data on the basis of generally applicable law.
- Your personal data may be transferred to a third country outside the European Economic Area (EEA) or to an international organisation only in the cases and under the conditions provided for by the applicable legislation, e.g. when the European Commission has established that the third country or international organisation in question ensures an adequate level of protection or, in the absence of such a decision, where the controller has provided adequate safeguards (e.g. by applying binding corporate rules or standard data protection clauses adopted by the European Commission) and provided that there are enforceable rights of data subjects and effective legal protection measures.
- Your data will not be subject to automated decision-making, including profiling.
- Regardless of the purpose of the processing, providing the data is voluntary. However, failure to provide them may prevent you, depending on the specific case, from entering into a contract, obtaining answers to questions, using selected services or functionalities, receiving marketing content from The BitByBit Company or participating in the recruitment process.
VI. YOUR RIGHTS
- You have the right to:
- access the data,
- rectify the data,
- erase the data,
- restrict the processing of the data,
- data portability,
- object to the processing of data which takes place on the basis of the Controller’s legitimate interest,
- withdraw your consent (where processing is based on consent) at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
- If you believe that the processing of your personal data violates the provisions of the GDPR, you also have the right to lodge a complaint with the President of the Office for Personal Data Protection (postal address: ul. Stawki 2, 00-193 Warsaw, Poland).