Privacy Policy
VT Cyber Sp. z o.o.
With the security of your personal data in mind, we have developed this privacy policy. The protection of personal data and all processed or generated information is a priority for our COMPANY. We operate on multiple levels, and our tools and software are used to support numerous processes, businesses, and entities. We strive to ensure that the services we provide are of the highest quality. We feel a particular responsibility for the security of personal data processed in connection with our activities. Our primary goal is to fulfill the information obligation regarding the processing of personal data at the highest level and in accordance with current regulations, i.e., the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2019, item 1781) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). This policy provides information on the legal bases for processing personal data, the methods of collecting and using personal data, and the rights of data subjects.
What do we mean by personal data and its processing?
Personal data refers to any information relating to an identified or identifiable living individual. Individual pieces of information that, when combined, can lead to the identification of a person’s identity also constitute personal data. Processing personal data means performing any operations on personal data, whether automated or not (e.g., collecting, storing, recording, organizing, modifying, accessing, using, disclosing, restricting, deleting, or destroying).
When does this privacy policy apply?
This privacy policy applies in all cases where VT Cyber Sp. z o.o. is the controller of received, collected, transferred, or entrusted personal data. This includes all instances where VT Cyber Sp. z o.o. processes personal data obtained directly from the data subject as well as data obtained from other sources. VT Cyber Sp. z o.o. fulfills its information obligations in accordance with the requirements of Articles 13 and 14 of the GDPR.
Who is the controller of your personal data?
The controller of your personal data is VT Cyber Sp. z o.o., with its registered office at ul. Wiertnicza 117, 02-952 Warsaw, entered into the register of entrepreneurs maintained by the District Court for the Capital City of Warsaw, under KRS number 0000430605, REGON 146203773, NIP 7010348079. Contact with the Data Protection Officer at VT Cyber Sp. z o.o. is possible via email at: iod@vtcyber.pl or by phone at: +48221225543.
What data do we process?
Dear Sir or Madam, we process data that you provide or share through your browsing history on our website in connection with its use and the performance of our services on your behalf. We also conduct automated analysis of your activity on our websites. The personal data we collect is provided voluntarily by you but is necessary for the provision of our services, such as handling inquiries submitted via the contact form, sending newsletters, and processing orders in our online store. We only collect data that is necessary for the performance and provision of services specified in the forms available on our websites, in the following scope:
contact and address details (such as company name, first name, last name, correspondence address, phone numbers, email address);
financial data, including data related to transactions (e.g., data concerning financial transactions);
technical and search-related data on the website that may constitute personal data (e.g., IP addresses, etc.).
What is the purpose of processing your personal data, the legal basis, and justification?
Conclusion and performance of a contract with a client or contractor – Art. 6(1)(b) and (f) GDPR
For the duration of the contract and, after its termination, until the expiry of the limitation period for claims arising from it, we contact employees/collaborators of clients and contractors for justified purposes related to the conclusion or performance of the contract.
Handling complaints and claims – Art. 6(1)(b) and (f) GDPR
Until the expiry of the warranty period or the resolution of the complaint. The controller, in connection with handling complaints, contacts employees/collaborators of clients for justified purposes.
Pursuing or defending against legal claims – Art. 6(1)(f) GDPR
For the duration of proceedings regarding pursued claims, i.e., until their final resolution, and in the case of enforcement proceedings, until the final satisfaction of the pursued claims. The controller, in connection with pursuing or defending against legal claims, may process the data of employees/collaborators of clients or contractors for justified purposes.
Archiving documents, i.e., contracts and settlement documents – Art. 6(1)(c) GDPR
For periods specified by law, and if not specified for certain documents, for the time when their retention falls within the controller’s legitimate interest, determined by the potential period for pursuing claims.
Maintaining statistics – Art. 6(1)(f) GDPR
Until the completion of other processing operations listed in this table. We do not store personal data solely for statistical purposes. Having information about the statistics of the controller’s activities allows for the improvement of operations.
Conducting marketing activities without the use of electronic communication means – Art. 6(1)(f) GDPR
Until an objection is raised, i.e., until you indicate in any way that you do not wish to remain in contact with us or receive information about our activities. Conducting marketing activities to promote our operations.
Conducting marketing activities using electronic communication means – Art. 6(1)(a) GDPR
These activities, due to other applicable regulations, in particular the Telecommunications Law and the Act on Providing Services by Electronic Means, are carried out based on obtained consents. Until consent is withdrawn, i.e., until you indicate in any way that you do not wish to remain in contact with us or receive information about our activities, and after withdrawal, for the purpose of demonstrating compliance with legal obligations incumbent on VT Cyber Sp. z o.o. and related claims. Conducting marketing activities to promote our operations using email addresses and phone numbers.
How long do we process personal data? What are the criteria for determining such periods?
The duration of personal data processing depends on the purposes for which the data was collected and the legal provisions imposing specific obligations on VT Cyber Sp. z o.o. in this regard, as well as, in the case of consent, until its withdrawal, restriction, or other actions initiated by you limiting the previously given consent.
VT Cyber Sp. z o.o. processes data for the period necessary to achieve the processing purposes. For example, VT Cyber Sp. z o.o. retains data related to the performance of a contract until its completion and subsequently in the legitimate interest to secure potential claims or until the expiry of the obligation to retain data arising from legal provisions. These provisions may concern, in particular, the obligation to retain accounting (financial, tax) documents related to the contract, obligations arising from anti-money laundering and counter-terrorism financing regulations, compliance with international tax obligations, and regulations on the automatic exchange of tax information with other countries.
In the case of judicial or extrajudicial proceedings, retention periods may be extended, e.g., due to the interruption or suspension of the limitation period for claims.
Please note that data may be processed/stored separately due to specific purposes or legal bases for processing (e.g., withdrawing consent for processing data for third-party marketing purposes will not cause VT Cyber Sp. z o.o. to cease processing data for other purposes arising from legal requirements).
What rights do you have as data subjects?
In accordance with applicable regulations, you have the following rights in connection with the processing of personal data by other entities cooperating with VT Cyber Sp. z o.o., as well as trusted partners:
the right to access your data, including obtaining a copy of the data;
the right to request rectification of data;
the right to erasure of data (the right to be forgotten);
the right to lodge a complaint with the supervisory authority for personal data protection, which in Poland is the President of the Personal Data Protection Office – https://www.uodo.gov.pl/pl (in case of concerns or doubts, we encourage you to contact us first);
the right to restrict data processing;
the right to object (objection to processing, objection to direct marketing, including profiling, justified objection to processing data in the controller’s legitimate interest).
If data is processed based on consent or as part of a provided service (data is necessary to provide the service), you may additionally exercise the following rights:
the right to withdraw consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. If your data is processed based on consent or for the purpose of performing a contract (necessary to provide the service);
the right to data portability, i.e., to receive your personal data from the controller in a structured, commonly used, machine-readable format for transmission to another controller.
To exercise the above rights, please contact us via the Contact tab and fill out the relevant form at , or send correspondence to VT Cyber Sp. z o.o.
In the case of a request for rectification, erasure, or restriction of personal data processing, we will inform the recipients of such data to whom the personal data was disclosed, unless this proves impossible or involves disproportionate effort. At your request regarding your data, we will also inform you about these recipients.
Who do we share data with?
Your data may be transferred to entities processing personal data on behalf of the controller, including companies cooperating with VT Cyber Sp. z o.o., IT service providers, and marketing agencies. These entities process data based on a contract with the controller and only in accordance with its instructions. In such cases, third parties are required to maintain confidentiality and security of information, and it is verified whether they provide adequate data protection measures.
Your data may also be shared with entities entitled to obtain it under applicable law, e.g., law enforcement authorities. To the extent permitted by applicable law, we may also share your data with institutions dealing with debt collection and trading in receivables.
Processing is based on voluntary consent by trusted entities of your personal data, which is shared in the browsing history of the website and online store, for marketing purposes (including automated analysis of activity on the website, including the placement of web tags, such as cookies) on your devices and reading such tags. The aforementioned data may be shared with our trusted partners.
List of trusted partners:
Google Analytics: More information about Google Analytics, including how it works and what data it collects, can be found at: tools.google.com. If you wish to block tracking by Google Analytics, you can install a browser add-on, such as the “Google Analytics Opt-out Browser Add-on,” available at tools.google.com. This helps users protect their privacy by preventing Google Analytics from collecting data about their online activity.
Facebook: More information about Facebook’s privacy policy, ad settings, and how to manage personal data can be found at: www.facebook.com. You will find details on how Facebook collects, uses, and shares user data, as well as options for controlling your privacy settings.
Microsoft: More information about Microsoft’s privacy policy, including details on the collection, processing, and protection of personal data, can be found at: privacy.microsoft.com/en-GB/privacystatement. This page provides comprehensive explanations regarding the use of cookies, analytical technologies, and user data management options.
Cynet: More information about Cynet’s privacy policy, including how the company collects, uses, and protects personal data, can be found at: www.cynet.com. Cynet collects information, such as IP addresses, for risk and fraud analysis and website optimization. The company shares personal data with third parties for purposes related to customer experience, marketing, and analysis, but users can request modification or deletion of their data by contacting Cynet. Details about these processes and user rights are available in the privacy policy on their website.
This document was published on: 17.12.2024.