Chat with us, powered by LiveChat

Privacy policy

 

Privacy policy

  1. Introduction

Grandmetric Sp. z o.o.
ul. Baśniowa 42, 60-193 Poznań, Poland
TAX id: PL7792433527
Company entered into the Register of Entrepreneurs of the National Court Register under number KRS 0000569722, with share capital of PLN 5 000, fully paid up.
e-mail address: info@grandmetric.com

hereinafter Grandmetric is controller of the personal data gathered by this website.

This privacy policy has been compiled to better serve those who are concerned with how their personal data (hereinafter referred to as Personal Data) is being used online. Personal Data, according to the law on protection of personal data and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personal Data in accordance with our website’ s policy.

This document has been updated on 15.05.2018.

 

  1. What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your email address or other details to help you with your experience. Giving your Personal Data is voluntary, however, declining to provide them may make it harder or impossible to use our services.

 

  1. When do we collect information?

We collect information from you when you place an order, subscribe to a newsletter, Use Live Chat or enter information on our site.

 

  1. What are the purposes and legal basis of our processing of Personal Data?

We only gather such Personal Data that is necessary to achieve the goals for which the data has been obtained. If additional optional information is needed, Users are informed about that prior the collection of such data.

The Personal Data we gather is processed for the following purposes, depending on the situation in which the data has been provided:

  • concluding and performing an agreement with the User (regardless of the form in which it was concluded: in writing or by using our services provided by electronic means via Internet services) – in the scope necessary for commencing, defining the content, changing, terminating and proper performance of the services we provide;
  • fulfilling our legal obligations, e.g. issuing and storing invoices and accounting documents, responding to complaints, ensuring security of the services we provide;
  • determining, securing and pursuing claims;
  • direct marketing of Grandmetric products and services;
  • creating reports, analyses and statistics for internal purposes of Grandmetric, including in particular: reporting, marketing research, targeting of ads, re-marketing, planning the development of services, development works in IT systems, creating statistical models; assessing the functioning of Grandmetric’s Internet systems, including page view statistics;
  • if you agree to Grandmetric’s sending you commercial information by electronic means, we will also process your Personal Data in order to provide you with information about our services, offer and events we organise, as well as information about products and services of our partners (with our knowledge and explicit consent).

Personal data is not used for purposes other than those stated in Privacy Policy, unless Grandmetric receives your consent to process data for other purposes, or legal regulations require or permit other use of such information.

To the extent, within which the processing of your Personal Data is necessary:

  • to perform an agreement concluded with you or take actions at your request prior to conclusion of the agreement – the legal basis for processing your Personal Data by Grandmetric is the agreement;
  • to fulfil our legal obligation – the legal basis is this obligation;
  • for purposes arising from legally justified interests pursued by Grandmetric, i.e. for direct marketing of our products and services, fraud prevention or pursuing and securing claims – the legal basis is legally justified interest of Grandmetric.

If our use of your personal data is not necessary for performing an agreement, fulfilling a legal obligation or is not our legally justified interest, we may ask you to express your consent to certain uses of your data. Expressing the consent may take the form of ticking a check box while viewing the Website, selecting technical settings for using information society services or other statement or behaviour that clearly shows in a given context that you have accepted proposed processing of Personal Data. You can withdraw your previously expressed consent at any moment (this will not affect the fact that the use of your data prior to withdrawal of such consent was compliant with the law).

Provision of Personal Data is not mandatory, however, failing to do so will prevent Grandmetric from performing actions for the purposes of which the data is required.

Grandmetric will not make automated decisions with regard to you based on your Personal Data, including decisions as a result of profiling.

 

  1. What are the rights of Personal Data subjects?

Access to Personal Data, right to correct, right to complement

Anyone whose Personal Data is processed by us is entitled to access the content of their Personal Data and immediately correct inaccurate data. Taking into account the purposes of data processing, the person to whom the data pertains is entitled to request that incomplete Personal Data is complemented, including by submitting an additional statement.

Right to withdraw the consent at any moment

If you consent to data processing, in particular for marketing purposes (including sending commercial information by electronic means), you can withdraw your consent at any moment. User who receives specific information or services, such as electronic information bulletin (the so-called Newsletter), may unsubscribe at any time, following the instructions included each time when such document is sent to them.

Right to delete Personal Data

A person who shares their Personal Data with us is entitled to request that Grandmetric immediately deletes their Personal Data, and Grandmetric is obliged to delete such Personal Data without undue delay, if one of the following occurs:

  • the Personal Data is no longer necessary for the purposes for which it has been collected;
  • the person who is the subject of given data has withdrawn the consent on which data processing was based and there is no other legal basis for data processing;
  • the person being subject of data raises objections to the processing;
  • the Personal Data has been processed unlawfully;
  • the Personal Data must be deleted in order to fulfil a legal obligation provided for in EU law or the law of the member state governing Grandmetric.

Limited processing

Persons who share their Personal Data with Grandmetric are entitled to request limitation of Personal Data processing, if:

  • the person to whom the data pertains questions the accuracy of Personal Data – for a period that allows Grandmetric to verify the accuracy of such data;
  • such processing is unlawful, and the person to whom the data pertains objects to deletion of their Personal Data demanding instead limitation of its use;
  • Grandmetric no longer needs such Personal Data for the purpose of processing, but it is needed by the person subject to data for determining, pursuing or securing claims;
  • the person subject to data has objected to the processing – until establishing whether Grandmetric’s legally justified bases prevail over the objection bases raised by the person subject to data.

Automated data processing

If we process Personal Data in an automated way based on a consent or agreement, the person subject to data is entitled to receive, in a structured, commonly used machine-readable format, their Personal Data that has been provided to us by them, and is entitled to send such Personal Data to another controller.

The person subject to data is entitled to request that we directly send their Personal Data to other controller, if this is technically possible. To exercise the rights referred to above, you can contact Grandmetric as indicated in point 16 below.

Each recipient with whom Personal Data has been shared will be informed about correction or deletion of Personal Data or limitation of its processing made at your request, unless doing so is impossible or requires excessive effort.

Complain to the supervisory authority

With regard to our processing of your Personal Data, you are entitled to file a complaint to the supervisory authority.

 

  1. How do we use User Personal Data?

Personal Data gathered during registration, purchase, signing in for the newsletter, responding to a market survey or marketing research, surfing the Website or using other features of the Website can be used as follows:

  • For customising the use of the Website and enabling the provision of the content and product offer that may be of most interest to the User.
  • For enabling us to provide a better service in a response to suggestions from the customer service office.
  • For fast performance of User transactions.

 

  1. How do we protect User Personal Data?

We declare that we do our best to ensure high level of security of the Personal Data we process. Any incidents affecting data security, including suspected sharing of files containing viruses and other files of similar character, or destructive mechanisms other than files, should be reported to Grandmetric, at the e-mail address indicated in section 1 of this document.

Personal Data is stored in a database in which technical and organisational measures have been implemented to ensure protection of processed data in accordance with the requirements specified in generally applicable legal regulations concerning Personal Data protection. Only persons authorised by the data administrator can access the database.

We do not use vulnerability scanning and/or scanning in accordance with PCl standards. We do use SSL certificate.

We use an appropriate technical and organizational measures for protecting Personal Data against unauthorised loss, misuse, change or damage. We make sure that user Personal Data is only accessed by persons who are required to know such information. Persons who have the access to data are obliged to maintain their confidentiality.

Moreover, we take special care to ensure that personal information is:

  • accurate and processed in compliance with law;
  • collected only for specific purposes and is not processed further contrary to these purposes,
  • adequate, relevant and not redundant,
  • precise and up-to-date,
  • stored no longer than necessary,
  • stored while respecting the rights of persons (subject to data), including the right to cancel the sharing,
  • processed safely,
  • not transferred without proper protection.

 

  1. How long do we store Personal Data?

Your Personal Data will not be stored longer than necessary, i.e. deending on the purpose of its processing:

  • concluding and performing an agreement between you and Grandmetric – during the term of the agreement and settlements after its termination;
  • fulfilling a legal obligation imposed on Grandmetric:
    • during the period of fulfilling the obligations;
    • for as long as we are obliged by regulations to store data (e.g. tax data), or
    • for a period during which we can bear legal consequences of failure to fulfil the obligation, e.g. receive a financial penalty from state agencies;
  • purposes resulting from legally justified interests pursued by GRANDMETRIC:
    • direct marketing of our products and services – during the term of the agreement and after its termination – for the period during which you take advantage of the effects of the service we provide;
    • fraud prevention – for the period during which proceedings before relevant bodies take place;
    • pursuing and defending complaints – for the period during which claims become invalid by lapse of time.

If we process Personal Data based on your consent to specific uses of data, your data will be processed during the period indicated when obtaining your consent, and if no such period is indicated – until you withdraw your consent.

 

  1. With whom do we share your personal data?

We share your data with:

  • entities that process data on our behalf, and participate in performing our activities:
    • our sales representatives, advertising agencies and other entities that are intermediaries in the sale of our services or organisation of marketing campaigns;
    • entities that run our information and communication systems or make information and communication tools available to us;
    • subcontractors that support us, e.g. in performing services ordered by you, handling communication or providing customer service process;
    • entities that provide advisory, consulting and audit services, legal, tax and accounting support, research agencies performing work commissioned by us;
  • other data controllers that process data in their own name;
    • entities that are engaged in postal or courier activities;
    • entities that acquire debts – if you fail to pay our invoices within the lime limit;
    • entities that cooperate with us in handling accounting, tax and legal matters – to the extent they will become data controllers.

We do not sell, trade or transfer in any way Personal Data to third parties, unless we inform Users prior to that. This does not include hosting partners or other third parties that help us to manage the Website, manage our affairs or provide services to our Users, as long as they keep this information secret. Moreover, we may share personal data at the request of government or law enforcement authorities, or when it is required by relevant laws, court judgements or other national regulations. Sharing Personal Data may also be required when data privacy or security audits are conducted and/or while processing complaints or taking actions to implement the policy of the Website or protect our or others’ rights, property or security.

When using services of Grandmetric Watch, you also share your personal data with our partner Teachable, Inc based in New York, US (16 W. 22nd Street, 6th Floor, New York, New York 10010, USA). Information about how Teachable uses personal data can be found at: https://teachable.com/privacy-policy. If you have any questions, please contact Teachable at: accounts@teachable.com

Information about Website visitors other than Personal Data may be provided to third parties for marketing, advertising and other purposes.

 

  1. Do we use ‘cookies’?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

  • Understand and save user’s preferences for future visits.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If you turn cookies off, some of the features that make your site experience more efficient may not function properly.

 

  1. Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our Website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

 

  1. Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

 

  1. We have implemented the following:

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our Website.

 

  1. Opting out:

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.

 

  1. California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

 

  1. According to CalOPPA, we agree to the following:

Users can visit our site anonymously.
Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.
Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes on our Privacy Policy Page.

You have full access to your Personal Data and you can change your personal information by emailing us: info@grandmetric.com

How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking.

 

  1. COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

Do we let third-parties, including ad networks or plug-ins collect PII from children under 13?
We do not specifically market to children under the age of 13 years old.

 

  1. Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email within 7 business days.

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

 

 

[DOWNLOAD POLISH VERSION]

 

Newsletter