The controller of personal data of Users who are natural persons processed within the Application is Vasco Electronics spółka z ograniczoną odpowiedzialnością spółka komandytowo-akcyjna, with its registered office in Krakow, 1/CTA/350 Aleja Pokoju Street, 31-548 Krakow, entered in the Register of Entrepreneurs run by Sąd Rejonowy dla Krakowa – Śródmieścia in Krakow, XI Wydział Gospodarczy Krajowego Rejestru Sądowego under the KRS number: 0000421705, having NIP number: 6772369151, REGON number: 122581850 (hereinafter referred to as the „Controller”).
In matters related to the protection of personal data, the User may contact the Controller by an e-mail sent to the following e-mail address: mail@vasco-technologies.com
The Controller processes Users' personal data in accordance with the requirements arising from the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the "GDPR"), the Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000, as amended), and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws 2017, item 1219, as amended).
When registering the Account in the Application, as well as during the use of the Application and Services provided therein, the Controller may request the User to provide personal data, also by agreeing to receive them by the Controller from external applications i.e. Facebook or Google, such as:
name and surname;
e-mail address;
profile photo.
The provision of personal data is voluntary, but the lack of such data makes it impossible to register the Account and use Services within the Application.
The User's personal data will be processed only for the following purposes:
related to the conclusion and performance of the Agreement and the provision of Services, as well as handling complaints and requests and answering the User's questions (pursuant to Article 6 section 1 letter b) or f) of the GDPR);
possible determination, investigation, enforcement of claims or defense against claims that are the realization of the Controller's legitimate interest, as well as to prevent abuse and fraud (pursuant to Article 6 section 1 letter f) of the GDPR);
storing data for archiving purposes and ensuring the accountability (pursuant to Article 6 section 1 letter f) of the GDPR).
The Controller provides the application of appropriate technical and organizational measures to ensure the security of processed personal data, in particular to prevent access to them by unauthorized third parties, or their processing in violation of the provisions of generally applicable law, preventing the loss of personal data, their damage or destruction.
The User's personal data will be stored for a period:
of the duration of the Agreement concluded with the Controller, and after its termination, in connection with the Controller's legal obligations resulting from the generally applicable law;
necessary to pursue claims by the Controller in connection with the conducted activity or to defend against claims made towards the Controller, on the basis of generally applicable provisions of law, taking into consideration the periods of limitation of claims specified in generally applicable provisions of law;
in case of giving consent to the processing of personal data for a given purpose - until the withdrawal of such consent or no longer than it is necessary to achieve the purpose for which the data was collected;
for the purpose of the accountability, i.e. to prove the compliance with the regulations concerning the processing of personal data - in which the Controller is obliged to keep the data or documents containing them so as to document the fulfilment of legal requirements and enable the control of their fulfilment by public authorities.
The User who provided the Controller with his/her personal data, has the right to:
access his/her data and receive a copy of it;
correct his/her data;
delete the data (the so-called right to be forgotten);
limit the processing of personal data;
transfer his/her data to another controller;
object to data processing;
withdraw the consent in case that the Controller processes the User's data on the basis of the consent, at any time and in any way, without affecting the lawfulness of the processing which was made on the basis of the consent before its withdrawal;
8) file a complaint to the President of the Personal Data Protection Office, if the User considers that the processing of his/her personal data violates the provisions of the GDPR.
Within the scope of exercising the rights referred to above, the User may apply to the Controller to perform specific actions. The request should be sent via e-mail to the e-mail address indicated in section 3 above. In order to verify whether the person requesting to carry out a specific operation on personal data has the right to do so, the Controller may request additional data allowing the verification of the identity of the person making the request.
If the User permanently removes personal data necessary for the Controller to provide Services under the Agreement via the Application, the User will lose the possibility to use those Services.
The Controller does not provide for any automated decision-making, including profiling, in the course of data processing.
The Controller may entrust the processing of personal data to the third party providing IT services related to the Application, in particular the maintenance/service/hosting services of the Application.
Personal data will not be transferred to international organizations. Due to the Controller 's use of software and tools of third parties whose registered seats are located outside the European Economic Area, i.e. in the United States of America, data concerning the Users may be transferred to third countries that do not provide the standard of personal data protection required by the GDPR. The Controller's use of the aforementioned software and tools is necessary to ensure the provision of Services to the Users as part of the Application; therefore, if the User does not agree to this, installation of the Application is not permitted.