Privacy policy

I. GENERAL INFORMATION

This Privacy Policy provide the rules of using the App “Prosoma Mobile“, hereinafter referred to as the “App”. The policy sets out the rules for processing all personal data or other information that has been obtained in connection with the use of the App.

II. PERSONAL DATA CONTROLLER

The Controller of personal data is Prosoma sp. z o. o. with its register office in Wrocław, Sudecka 74/14 street, 53-129 Wrocław (Poland) entered in the Register of Entrepreneurs of the National Court Register, whose files are kept by the District Court in Wrocław, VI Commercial Department of the National Court Register, under KRS number: 0000730440, NIP: 8992844477, REGON: 38007935200000, hereinafter referred to as the “Controller“.

The Controller attaches great importance to the protection of the privacy and confidentiality of the personal data of the App users (“Users”), and also selects and applies appropriate technical and organizational measures to ensure the protection of personal data processed with due care exercised. The Controller protects personal data against disclosure to unauthorized persons, as well as against their processing in violation of applicable law.

The Controller processes information about the User in accordance with the provisions of law, in particular with EU General Data Protection Regulation of 27 April 2016 (hereinafter: GDPR).
The Controller is entitled to process personal data belonging to third-party data sets that have been made available to the Controller solely on the basis of a data processing agreement.

III. SCOPE, PURPOSES AND LEGAL BASIS FOR PROCESSED PERSONAL DATA

Registration and login
The use of the App requires registration by the User. The registration requires the following data to be provided:

  • email address;
  • username;

The User is also obliged to setting a password.

Notwithstanding the foregoing, the User may register in the App by Facebook account login data (Facebook Connect service) – in this case the Controller shall obtain only the e-mail address and possibly the Facebook username (full name) to contact. The User may also log in to the service using a Google Account (Google Access) – in this case, no User data will be transferred to the Google service operator during the registration and logging, and the Administrator only receives the full name and email address entered in the Google service.

The above data will be processed to enable User to use the App and login authentication each time. The legal basis for processing in this regard is Art. 6 clause 1 lit. b) GDPR.

Using the app
As part of using the App, we may process data entered by you into the App through its specific functionality. This may be data such as your image (set as an Avatar). In this regard, the basis for the lawfulness of data processing is the necessity of data processing for the performance of the contract (art. 6 para. 1 point b) GDPR) or in case that the processing takes place on the effect of your prior consent – your voluntary consent, which you can withdraw at any time without affecting the processing activities carried out before its withdrawal (art. 6 para.1 point a) GDPR).

User’s activity data
We also process data about your activity in the App , such as the number of interactions with individual functions, the amount of time spent in the App , the date and time of using the App , technical information about the device in which you use the App , the device ID, and its location. These data are processed for statistical purposes and to improve the quality of services and functionalities available as part of the App or , which is the legitimate interest of the Controller (art. 6 para. 1 point f) GDPR).

Defense against claims and pursuing legal claims
Your data may be processed by the Controller to defend against potential legal claims or to enable the Controller to pursue its potential legal claims related to your use of the App – in this case, the legal basis for data processing is the Controller’s legitimate interest, consisting of the possibility of defense against claims or the possibility pursuing claims (art. 6 para. 1 point f) GDPR).

Processing in connection with the query
Your data that you provide to the Controller for this purpose may be processed in order to answer a question or solve a problem related to the use of the App – in this case the legal basis for data processing is the legitimate interest of the Controller, consisting in the need to answer your question (art. 6 para. 1 point f) GDPR).

Processing to comply with a legal obligation imposed on the Controller
In some cases, we will have to process your data, because a legal provisions imposes such an obligation on us. This will apply, for example, when we will be obliged to bill paid services or in the event that we will consider your complaint regarding the services available as part of the App. In such cases, the basis for processing will be (art. 6 para. 1 point c) GDPR)

IV. THE PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED

Your data processed for the purpose of registration, logging in and using the functionality of the App will be stored until the account is deleted. After deleting the account, for 3 years, we will store only data that may be necessary to defend against any claims or to pursue claims related to your use of the App.

Personal data processed to respond to your inquiry will be processed for the period necessary to complete the inquiry. If specific messages may constitute or constitute evidence in any proceeding before a court or other authority, they will be kept until the end of the limitation period for any claims or until the final termination of the proceeding, if initiated, whichever is the later.

Data that will be processed in order to perform the obligation imposed on the Controller under the law, will be stored until the fulfillment of this obligation, unless the law requires further storage of this data.

Data processed for the purposes of the legitimate interests pursued by the Controller or by a third party, in particular statistical and analytical data, will be processed until the User expresses effective objection to their processing.

The data will also be deleted when it is no longer necessary for the purposes for which it was collected. However, the information necessary to prove that the User has consented to the processing of data for a specific purpose will be processed for a period of 3 years from the date of termination of processing of such data.

V. SHARING DATA TO OTHER ENTITIES. DATA RECIPIENTS.

In order to protect your personal data against accidental or unlawful disclosure to unauthorized persons, removal by unauthorized persons, destruction, loss, damage or modification as well as processing contrary to the provisions of law, the Controller uses technical and organizational security measures to protect data.

Please be advised that the Controller has access to the user account and any data collected there. All personal data processed by the Controller are accessible only to authorized employees or associates of the Controller and external entities providing individual services to the Controller, which are related to the service of the App , who were entrusted with these data and who were obliged to keep confidential any Users personal data to which they have access. Your data which you made available to the public may be visible to other Users.

Personal data of App users may be made available to entities authorized to receive them under applicable law, including relevant state authorities.

VI. USER’S RIGHTS

The User who provided personal data has the following rights:

  • access to the content of his data,
  • correcting the data,
  • modification of the data.
  • limitation of data processing,
  • deleting data,
  • transferring data processed in an automated manner on the basis of the User’s voluntary consent or processed in an automated manner if their processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract.

The User also has the right to object, at any time, to the processing of personal data by the Controller when:

  • processing is carried out for the purpose of direct marketing – if the User exercises this right, we will immediately stop processing his personal data for this purpose,
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party – if the User exercises this right, we will immediately stop processing his personal data, unless we can prove that there are valid legitimate grounds for further data processing, superior to the interests, rights or freedoms indicated by the User.

If the User exercises one of the the above rights, the Controller will immediately take actions to eliminate the incompatibility in the processing of personal data.

In addition, when the processing of personal data is based on consent, the User is entitled to withdraw consent to the processing of personal data. Consent may be withdrawn at any time, without affect to any processing operations carried out prior to the withdrawal of consent.

In order to exercise the rights referred to above, you can contact the Controller by e-mail hello@prosoma.com, or by correspondence to the following address:

Prosoma sp. z o.o.
ul. Sudecka 74/14
53-129 Wroclaw, Poland

The User also has the right to lodge a complaint with the supervisory authority, if he considers that the processing of data by the Controller violates the provisions of applicable law, in particular the provisions of GDPR.

VII. SAFETY OF USER AND CHILDREN’S DATA

The Controller undertakes that he will apply adequate technical measures to achieve the highest level of security of User’s personal data, trying to prevent unauthorized access to data.

The Controller undertakes to protect data against accidental or unlawful disclosure to unauthorized persons, destruction, loss, damage, alteration and processing in violation of applicable law.

The Controller declares that he will not knowingly collect and process personal data from persons under 16 years of age, without first obtaining permission from their parents or other legal representatives.

In the event that the Controller receives information that he has unknowingly obtained the personal data of persons under 16 years of age, the Controller undertakes to immediately take measures to stop data processing and delete them.

VIII. FINAL REMARKS

This Privacy Policy may change due to technological development and modification of existing standards. Therefore, the Controller undertakes to periodically and regularly verify the Policy in order to introduce the most current regulations, both legal and technological.

In case of any doubts as to the content of this Policy, explanations can be obtained by contacting by e-mail to the address: hello@prosoma.com or by correspondence to the following address:

Prosoma sp.z o.o.
ul. Sudecka 74/14
53-129 Wroclaw, Poland