1. PERSONAL DATA
1.1. Personal data provided by Users within the frames of the Website are process by Conversion, the Personal Data Controller, in accordance with the terms prescribed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter referred to as “GDPR”). The Data Controller is available via e-mail at firstname.lastname@example.org. or via phone at +1 (646) 893 1230.
1.2. The scope of data processed by Conversion is determined by the contact form completed by the User, which is sent to the Controller. Such scope may comprise first and last name of the User, e-mail address and, additionally, phone number. Personal data of Users, upon their prior consent, may be used for contact with Users and may be shared with third-party entities for the purpose of sending newsletter and displaying advertisements.
1.3. Data of the Website Users will be processed for the following purposes: provision of responses, provision of services by electronic means, conclusion of an agreement between the User and Conversion or promotional or marketing actions of Conversion.
1.4. Personal data of Users will be processed for the following period:
(a) in the case of Newsletter – until the User unsubscribes from the Newsletter;
(b) in the case of filing a request for offer or other request – until the User ends the conversation, after that the data will be deleted, unless their further processing results from another legal basis.
1.5. The legal basis of processing within the frames of the website comprises: performance of an agreement to which the data subject is a party, or undertaking actions upon request of the data subject prior to conclusion of the agreement, as well as authorisation to processing, if this is necessary for purposes resulting from legitimate interests satisfied by the Seller or a third party, or User’s consent.
1.6. Personal data of Users may be transferred for processing. Recipients of personal data include: Conversion’s accounting firm, the provider of hosting for the Website, the company providing technical support for the Website, the payment provider, the company providing the CRM system. The personal data collected by Conversion may also be disclosed to: competent state authorities upon their request on the basis of relevant provisions of law or other persons and entities – in the cases prescribed in the provisions of law. The entity processing Users’ personal data on the basis of the Transfer Agreement will process Clients’ personal data from the effective date of GDPR through another entity only upon prior consent of Conversion.
1.7. Data of the Website Users will be processed in the form of profiling on the basis of the number of sessions on Users’ pages, which will result in an non-automated undertaking of commercial and marketing actions. The User may file an objection to profiling with email@example.com.
1.8. Conversion may disclose User’s personal data to other entities only upon User’s prior consent.
1.9. The User has the right to: remove the collected personal data referring to him/her both from the Conversion system and from bases of entities which have co-operated with Conversion, to restrict the processing of data and the right to portability of the personal data collected by Conversion and referring to the User and to receive them in a structured form, to file a complaint to the supervisory authority if the User finds that his/her data are processed in violation of the law, and to seek legal remedies before a court against the supervisory authority as the entity committing the violation.
1.10. If Conversion transfers User’s personal data to entities from third countries, such tansfer will be based on standard data protection clauses or adequacy decisions issued by the Commission with special regard to the EU-US Privacy Shield, ie. Commission Implementing Decision (EU) 2016/1250 of 12 July 2016
2. INFORMATION SECURITY
2.1. Conversion additionally applies within the Website all necessary technical measures as specified in Articles 25, 30, 32-34, 35-39 of GDPR, providing for enhanced protection and security of the processing of Clients’ personal data.
2.2. The use of the Website proceeds in secure https connection. The communication between a User’s device and the servers is encoded by means of the SSL protocol. In the case of logging through external platforms facebook.com or google.com and twitter.com the level of security is prescribed by https://pl-pl.facebook.com/privacy/explanation and https://privacy.google.com/intl/pl/your-security.html, https://twitter.com/en/privacy.