1. General Information

This document containing Privacy Policy, including the use of cookies (hereinafter referred to as: The Policy) on our web site zepterit.com and beyond the Internet has been created and adopted by Zepter IT sp. z o.o. (limited liability company) with its registered office in Warsaw (02-672), 37 Domaniewska St., Poland,  e-mail: zepterit@zepterit.com as personal data Controller. 

To increase transparency and improve reception of information in the Policy, our customers and site users shall be indicated with personal pronoun ‘you’, and the Controller of personal data with – ‘we’. 

We are the Controller of your personal data because we decide about the purposes and methods of their processing, and as a Controller we are also responsible for their legitimate and secure processing. The protection of personal data is very important to us and therefore we encourage you to review the policy which will clearly explain and will help you to understand the basic principles governing the collection and processing of your personal data by us. 

At the same time, we reserve that we shall each time pass the information required by law, in particular regulation of the European Parliament and the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter: Regulation), including the legal basis and the purposes of the processing of your personal data, for the period of their storage and your powers with regard to the processing of your personal data, at the latest upon the acquisition of your personal data or this information will be appropriately amended – in the case when you share your additional personal data or express consent to the processing for additional purposes. 

In certain cases we may also process your personal data as a Processor. Your data is processed by us and the controlling entity is the respective Zepter entity in the country of your registration. Please refer to the below territorial responsibility: 

Australia,
Belgium, 
Bulgaria, 
Cyprus, 
Denmark, 
Estonia, 
Finland, 
France, 
Greece, 
Ireland, 
Luxembourg, 
Malta, 
Mexico, 
Moldova, 
Monaco, 
Netherlands, 
New Zealand, 
Norway, 
Poland, 
Portugal, 
Slovenia, 
South Africa, 
Spain, 
Sweden, 
UK 

2. Safety

In accordance with the requirements of the Regulation, we have appointed the Data Protection Officer to coordinate the regularity of the processing of your personal data in our company. You can contact them at the email address: mobileapp.privacypolicy@zepterit.com l or at: Data Protection Advisor, Zepter IT sp. z o.o. (limited liability company), 37 Domaniewska St., 02-672 Warsaw, Poland to obtain answers to questions regarding the processing of your personal data or to exercise the powers related to their processing described in the Policy. 

We shall ensure that only trained and authorized persons shall have access to your personal data, only to the extent necessary to perform the operations on the data arising out of the aim approved for processing. 

We collect your personal information for specific, explicit, and legitimate purposes and we do not process them further in a manner inconsistent with the previously set objectives. We store the collected personal data for no longer than is necessary for the purposes for which the data are processed. Our processing of your personal data is always in accordance with legal grounds, we strive for it to be reliable and carried out in the most transparent way for you and to keep your data up to date. To ensure adequate security of your personal information, we apply technical and organizational measures to protect them against unauthorized or unlawful processing and accidental loss, destruction, or damage. To do this, we have implemented the appropriate procedures and we process personal data that are adequate, relevant and limited to what is necessary for the purposes for which they are processed in accordance with the principle of minimizing. We also make every effort to make the transfer of your data within our web page as safe as possible and to this end we apply secure encryption protocol communication (SSL). 

If we need to entrust your personal data to entities processing them on our behalf, we do this in accordance with the law and on the basis of agreements governing the processing rules and imposing safety standards adopted by us on the data processor. You can read more on the transfer of your data in points 5 and 6. 

3. Collection and processing of personal data

a) Directly from you

You can visit this and other of our websites without giving your personal data. However, if you decide to conclude a contract or benefit from our services (on-line and outside the Internet) you will be asked to provide personal data necessary for the implementation of the aforementioned aim and their provision will be the prerequisite to the conclusion of the agreement or the provision of a specific service. For more information on when the provision of personal data is necessary for the conclusion of the agreement or the provision of services, see below in the section on grounds and the purposes of the processing of personal data. 

We may also receive your personal data during recruitment processes when you decide to send us your application form, documents or when you contact us for another purpose, making a contact in any form. 

In addition, when you use our web page, we also come in the possession of such personal data for which the collection is a consequence of the operation of our IT systems (e.g. IP number). IP is a number assigned to a computer or other device when connected to the Internet that allows communication between your computer/device and the server. IP addresses together with information on visitors’ activity may be recorded by us in the system logs, to ensure the security of networks and information and for diagnostic purposes. 

In addition, we also have access to the data on your activity on our website. This information may be used in aggregate form to carry out the analysis of trends and evaluation of web page. Based on this data, we do not identify individual users. 

You can read more about the collection of data on your activity on our website in points 7, 8 and 9. 

b) From other sources

We can also obtain your personal data from other sources such as: 

• If you are paying for our IT services or products through a bank or payment operator, we shall come into possession of information about what account, or through which payment institution, you have made your payment. These data will be processed to verify that you have made the correct payment and if necessary, also to reimburse your payments. 
• Your data can also be obtained if you are identified as the recipient of IT services or products purchased from us. 
• We may also come in possession of your data due from another Controller or Processor, e.g. when we purchase a database for marketing purposes, which contains your personal data. However, they may only be transferred if you consent to such provision by the Controller or Processor that transfers them to us. 

4. Grounds and purposes of personal data processing

a) The conclusion and implementation of contracts and the provision of services

You will be required to provide your personal data, if you decide to purchase any of our products or use our services. This may take place when: 

• you conclude and implement of an agreement – you will receive more information on the processing of personal data before the conclusion of an agreement from our employees, representatives, or through appropriate information clauses. 
• you contact us via forms available on our website. 

Under the agreements concluded with us and the services provided for you we process only personal data necessary for their conclusion and implementation and each time before giving your personal data in detail we shall specify their scope necessary for the implementation of the assumed objective. For example, for agreements these will be: 

• first name, 
• surname, 
• address (place of residence), 

• phone number, 
• email 

and in the case of the company: 

• company name, 
• tax ID no. (NIP), 
• address (of the registered office), 
• phone number, 
• email 

b) Processing of data to meet our legal obligations

In addition to the processing of your personal data for the implementation of the agreements and the provision of services, we are also entitled to their processing to fulfill our legal obligations. For example, we are obliged by law to issue and store for a set period of time an invoice that documents the sale or service for tax and accounting purposes, which includes buyer’s data, i.e. yours. 

c) Processing of data in the legitimate interest

We can also process your personal data for the purposes of our legitimate interests. Such a legitimate interest may exist because of the relationship between the person whose data are processed and the Controller, for example, where the person is Controller’s client. A legitimate interest when we can use your personal data is for example marketing of our products and services. To meet this objective, we will be entitled to provide you information about the processing of your data, e.g. through appropriate information clauses. 

d) Processing of data based on the consent

In addition, you can give additional voluntary consents for the processing of your personal data to: 

• conduct direct marketing using automated calling systems and using your telecommunications devices. Phone, tablet, computer are the most popular and fastest means of communication today used also for the purposes of advertising and marketing and communication conducted with their use is possible without direct human intervention on sender’s part (automatically). However, to contact you this way, the law regulations require us to obtain your permission. We shall use this communication channel reasonable by sending you marketing information about our products, 
• or trade information about us or our products and services by electronic means. If you would like to receive such information from us to your electronic mail address, we are also obliged to obtain your permission – regardless of the consent described above. 

5. Personal data sharing

Your personal information will be made available to third parties only to the extent necessary and for the purpose resulting from agreements concluded between us and for the provision of services to you. As we have already indicated above, we share personal data always in accordance with the applicable law and based on agreement binding us with the entities which we share them with. This way your personal data may be made available to: 

• payment operators: e.g. banks, 
• postal operator to send mail, 
• providers of our IT services including providers of program and software platform for our online services that we provide by electronic means and providers of technical support for our IT systems, 
• entities with the help of which we conduct marketing activities such as advertising agencies that on our behalf will organize advertising campaigns, 
• entities which provide advisory, audit, tax and legal aid services for us, e.g. expert auditor in connection with the audit of financial statements in our company. 

6. International transfers of personal data

Due to the fact that we use providers who maintain servers around the world, data may be processed on servers located outside the European Economic Area (EEA). The transfer of data to countries outside the EEA may take place if the European Commission determines that the country in question ensures an adequate level of protection of personal data, either on the basis of standard contractual clauses or binding corporate rules or subject to exceptions in specific situations. 

The transfer of data based on the adequacy decision taken by the European Commission will concern the transfer between Zepter IT and UBA United Business Activities Holding AG based in Switzerland, Sihleggstrasse, 23 Wollerau 8832.  

The transfer of data under the standard contractual clauses which have been approved by the European Commission will involve a transfer between Zepter IT and Zepter International entities based outside the EEA. 

7. The rights available to you regarding the processing of your personal data

The Regulation grants you several rights associated with the processing of your personal data that you can take advantage of: 

• The right of access to your personal data – you can always ask us about the processing of your personal data (their scope, basis, the purpose of the processing, storage time of data or other issues you are interested in and which are related to the processing of your personal data) and you can ask us to provide their copies. 
• The right to rectify your personal data – we want and we are obliged by the provisions of the Regulation to care that your data which we process were in accordance with the facts and always up to date. This is not possible without your help. We encourage you to contact us when your personal data will be changed, or you notice an error. If we no longer have the grounds or the purpose of the processing of your personal data is no longer valid, if you withdrew your consent to the processing or opposed to their processing, or in any other case, in which the processing of personal data is inconsistent with the provisions of the Regulation, you can request to have your personal data removed.  

• The right to limit the processing of personal data – you can request to have the operation on your personal information suspended if you find that: (I) they are incorrect – until they are corrected, (II) we process them in accordance with the law, but you do not want to have them removed and only limit their use, (III) the purposes for which we processed your personal data are no longer valid and they are not needed any more, but you need them to determine, investigate or defend claims, (IV) in the case of raising reasoned objections – until we consider them. 
• The right to transfer data – you can request to have your personal data transferred to another Controller of your choosing or have them transferred to you. However, this right only covers the data provided to us by you if they are processed to comply with the agreement or on the basis of the consent and in an automated way. 
• If you expressed consent to the processing of your personal data at any time and in any form, you can withdraw it, but it will not affect the compliance with the law of the processing of your personal data before the withdrawal of the consent. 
• You have the right to be forgotten – at your request, your data will be deleted and will stop being processed if it is no longer necessary for the purposes for which it was collected or otherwise processed. The right to be forgotten also applies if you revoke your consent or if you object to the processing of your personal data, or if the processing of your data is not otherwise compatible with the Regulation or if the data was processed illegally. 
• If we process your personal data in our legitimate interests, you can also raise an objection against such processing reasoned with your situation. In the case of raising reasoned objections, we will examine whether our legitimate interests are still valid and current and if they still have priority over your interests and your privileges and after such evaluation, we will take a decision as to the further processing or its cessation. However, if our legitimate interest is direct marketing of our products and services, you are eligible for the right of objection. In the event of an objection to the processing of data for direct marketing purposes, your personal data will not be further processed. 

• You can also bring a complaint to the Main Inspector of Personal Data or other supervising body established in its place, if you decide that our processing of your personal information violates the provisions of law. 

8. Cookies

When you use our web page, you agree to use cookies in accordance with this Policy. Only when the cookies are active, you can use all the features that are available on our website. If you do not agree to the use of cookies, you should change the settings of your browser or unsubscribe from the use of our page. 

a) What are cookies?

Cookies are small text files saved and stored on your computer when you are on the Internet and they allow to save your preferences using the visited web page. Cookies usually contain the name of the web site which they come from, the period of their existence or a randomly generated unique number used to identify the browser you are using. After the browser received the cookies, it sends them as additional information back to the server whenever you enter our website. The Web server creates separate cookies for each user. Cookies allow us to recognize our website users and, in this way, to send them the requested information. They also allow us to store your login data on the website. Cookies themselves do not contain user’s email address information or their personal data. Our statistical analyzes may contain other identifiers, including IP addresses that are used to determine the number of unique users of our website and trends by country of origin and not to determine the identity of individual users. 

In our cookies, we do not save personal data. We use them only to collect information that helps us later to improve the operation of the web page, for example to find and repair errors on the page. These files in no way change the settings of your computer nor settings of the installed software. 

Our website may use the following types of cookies: 

• session cookies – they remain on your computer until you turn off the internet browser, 
• persistent cookies – they remain on your computer if they have a period of validity set or until you clear them, 

• statistical cookies – they allow collecting information about how to use the page, 
• cookies are used to store preferences and user settings. 

b) Why do we use cookies?

• to better fit the content of our web page to your expectations and interests, 
• to collect statistics that allow us to improve the functionality and content of our web page. 
• for statistical analyzes of users’ behavior. 

You can read more about our other tools for third-party services in points 8 and 9 below.  How can you change the settings for cookies or delete them?

Most Internet browsers allows storage of cookies on your computer by default. But you can change the settings for cookies in your browser at any time. These settings can be changed in such a way as to block the automatic support of cookies or inform you each time they are posted on your computer. You can find detailed information about the capabilities of cookies and how to support them in the settings of your web browser. Below, you will find links to technical support for the management of cookies in the most popular web browsers:  

Support Microsoft | Support Google | Support Mozilla | Support Opera

Failure to change the browser settings for cookies means that they will be included in your computer and thus we will store information on your local computer and access this information. Remember, however, that if you block our cookies, it will affect the convenience of use of our page, e.g. you may not be able to visit certain areas of the site or you will not receive personalized information during their view. We will also not be able to collect anonymous information about the use of our site to improve its content and services. Exclusion of the use of cookies may cause inconvenience in use of certain services on the web page, in particular requiring login, but you may still read or watch the content placed on the site. 

9. Google Analytics

Our website use Google Analytics – a service for statistical analysis of web page provided by Google Inc. (‘Google’). Google Analytics use cookies which analyze how you use web page. Information generated by the cookies on how you use our web page, are used by us, and sent to the Google servers. 

You can prevent the collection of the data generated by cookies on how you use our website (including your IP address), and the processing of such data by Google, by downloading and installing the available plug-ins to the browser available under the following address: Https://tools.google.com/dlpage/gaoptout?hl=pl remember, however, that the use of these anonymization techniques, including IP masking, may lead to incorrect operation of web page. 

10. Data retention

We will retain personal data in a form that permits your identification only for so long as necessary for the purposes for which it is processed or as required pursuant to applicable law, whichever is longer. We will fully dispose of (or retain only in an anonymous or de-identified form possible) your personal data that is no longer required in a secure manner and in accordance with applicable law, unless:  

• to defend itself against legal claims,  
• there are mandatory (statutory or contractual) retention or archiving obligations that require longer storage or  

• personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes subject to implementation of the appropriate technical and organizational measures. 

11. Contact

If you have any questions regarding the collection, processing or use of personal data or other matters related to their processing and in order to exercise your powers, you can contact us or Data Protection Advisor using the contact information provided in points 1 and 2 hereof. 

12. Amendments to the policy

The rules described in this Policy may change. We shall update the Policy by sharing its latest version on our site.