PRIVACY POLICY
effective from May 1, 2024.
The protection of the privacy of users of it-regatta.io is crucial for us, so IT-PEOPLE LTD - as a website owner, strives to ensure such privacy.
For a clear and fair presentation of the principles of processing personal data, we created this document, which we call the Privacy Policy. You will find in it both the rights you are entitled to and our obligations that we observe to ensure that the processing of personal data is lawful.
1. DEFINITIONS
To make it clear what we are talking about, we decided to define the concepts we use:
IT-Regatta (us) - the commercial company IT-PEOPLE LTD, UNITED KINGDOM based 3rd Floor, 86-90 Paul Street, EC2A 4NE, London, United Kingdom; REGON: 15310383 - the owner of the website it-regatta.io.
Cookies - This is a small piece of information, called cookies, sent by the website that we save on the end device (computer, laptop, smartphone) that we use when browsing the web.
EEA - European Economic Area
Account - a set of resources and settings created for the User as part of the Website, used to manage the services.
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals about the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (general regulation on protection data).
Website - a website owned by IT-PEOPLE LTD https://it-regatta.io as part of which IT-PEOPLE LTD provides its services.
User - an adult natural person who has an Account and uses the services offered by IT-Regatta on the Website.
Unauthorized user - an adult natural person, or a legal entity that uses the services offered by IT-Regatta on the Website, without Account.
You, your - User or Unauthorized user
2. THE CONTROLLER OF YOUR PERSONAL DATA
By email: it.people.agency@gmail.com
The controller of your personal data in connection with the use of the Website is:
IT-PEOPLE LTD
3rd Floor, 86-90 Paul Street, EC2A 4NE, London, United Kingdom
3. CONTACT WITH THE DATA CONTROLLER
By email: it.people.agency@gmail.com
4. PERSONAL DATA
IT-Regatta processes the personal data of Users entered in the application form, and Unauthorized user - provided in the form available at the order processing. These are the following data: name, surname, address, telephone number and e-mail address, in case of economic activity also tax number and company name. If the user wishes to deliver items to a different address than the address indicated in the data - also the address for shipping.
The scope of personal data of the User and the Unauthorized user are processed by us. Being a User, you will not have to enter your details, these will appear in the final form automatically.
The above data is necessary for the performance of the contract of sale and shipment of the ordered goods and for the provision of other services included in the IT-PEOPLE LTD offer and available on the Website.
5. ADDITIONAL INFORMATION ON PERSONAL DATA
Through the Website, the User and/or Unauthorized user can use further services, take advantage of new functionalities or, for example, take advantage of quick payment for services. If it will require the use of the User's data or the Unauthorized user a different way than described in this Privacy Policy, IT-Regatta will complete the missing information and provide it before obtaining this data, if possible. As a rule, and in this case, information about the processing of personal data contained in this Privacy Policy remains valid.
6. FOR WHAT PURPOSE, ON WHAT LEGAL BASIS, AND HOW LONG WE ARE PROCESSING PERSONAL DATA.
The personal data of the User and/or the Unauthorized user obtained in connection with the use of the Website, IT-Regatta uses for various purposes, in various scope and on a different legal basis specified in the GDPR, i.e:
Data scope: for this purpose, we process personal data provided by you in the registration form to the Website, that is the e-mail address and the password you set.
Purpose: performance of the contract.
Legal basis - indispensability to perform a contract for the provision of a service (Article 6 (1) (b) of the GDPR).
b) Sales and delivery of ordered goods, provision of services
Data scope: personal data necessary to perform the contract: name, surname, address, telephone number, e-mail address, business name, tax identification number, business address, correspondence address, to another address - indicated address for delivery.
Purpose: performance of the contract.
Legal basis - indispensability to perform a contract for the provision of a service (Article 6 (1) (b) of the GDPR).
c) Consideration of complaints and requests, answers to questions
Data scope: For this purpose, we may process some of the personal data provided by you in your profile, as well as data on the use of our services that result in a complaint or request, data contained in the documents attached to the complaint or application
Purpose: to recognize a complaint, complaint or inquiry.
Legal basis: Our legally legitimate interest (Article 6 (1) (f) of the GDPR), consisting in improving the functionality of services provided electronically and building positive relationships with Users and Unauthorized user, based on reliability and loyalty.
d) Payments
Data scope: data necessary to make settlements, including name, surname, address, company under which business activity is conducted, tax number.
Purpose: performing clearing obligations
Legal basis: fulfillment of the legal obligation incumbent upon the controller under art. 6 par. 1 lit. c GDPR
e) Statistics on the use of individual functional Services
Data scope: We process personal information about your activities on the Sites, such as pages visited and sub-pages of the Services, as well as the amount of time you spend on each of them, as well as data about your search history, your IP address, location, device ID and data about the browser and operating system.
Purpose: to improve and optimize the Site
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), based on the possibility of using the services provided electronically, as well as improving the functionality of these services.
f) Fixing, investigation and execution of claims
Data scope: For this purpose, we may process some personal data specified by you in your profile, or in the implementation of the order without creating a profile, such as name, surname, address, identity number, data on the use of our services, if the claims arise from the way you use our services, other data necessary to prove the existence of the claim, including the amount of damage caused.
Purpose: allows you to identify, investigate, and enforce claims.
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), based on the determination, investigation, and execution of the claim, as well as on the protection against claims in the proceedings by the courts and other state bodies.
g) Statistics
Data scope: For this purpose, we process Your personal data, including name, address, order history.
Purpose: to develop and analyze statistics related to sales parameters and results
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), based on the analysis of sales results, geographical location, forecasts and development of our activities.
h) Contact with IT-Regatta
Data scope: for this purpose, we may process certain personal data you have provided in your profile, as well as data about the use of our services that are the reason for contact, data contained in the documents attached to the request. Contact can be made via chat, phone or email.
Purpose: reply to request
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), creation and maintenance of relations with existing and future customers, and depending on the content of the correspondence – taking action on Your request, including even before the conclusion of a possible contract.
i) Direct marketing
Data scope: first name, last name, address, e-mail address.
Purpose: delivery of commercial information and marketing materials by e-mail or by mail, providing discounts and other benefits.
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), actions aimed at obtaining new orders.
j) Newsletter
Data scope: first name, last name, email address.
Purpose: delivery by e-mail newsletter containing, in particular, commercial information, information about new products, etc.
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), actions aimed at obtaining new orders.
k) Authorization
Data scope: the email address, profile, and user ID of Google (Google ID), access to view without the possibility of changing or deleting the files of the user that he/she placed on GoogleDrive.
Purpose: authorization of users.
Legal basis: Our legal interest (article 6, paragraph 1 of the letter. f GDPR), actions aimed at obtaining new orders.
7. COOKIES
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
8. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We store your personal data for the period of having an Account on the Website for the purpose of providing the Account service and related functionalities and other services in accordance with the Terms of service, as well as for marketing purposes. After deleting your Account, your details will be anonymized, except for the following data: first name, last name, email address, application history, and information about consent (we will store this data for a period of 3 years from deletion of the Account for the purpose of handling complaints and claims related to using our services).
We store the personal data of Unauthorized users for the time necessary to perform the order, and in order to secure claims and for statistical purposes - for a period of 3 years from the completion of the last order.
In addition, we store personal data for the period corresponding to the life cycle of the cookies stored on their devices.
9. WITH WHOM WE SHARE YOUR PERSONAL DATA?
We share your personal information with the following categories of recipients:
service providers that we use to run the Website. Service providers to whom we pass your personal data, depending on contractual arrangements and circumstances, or are subject to our commands as to the purposes and methods of processing these data (processors) or independently determine the purposes and ways of processing them (controllers).
Subjects processing.
We use or plan to use suppliers who process your personal data only on our instructions. They provide hosting services for us, provide and maintain the functioning of IT solutions (Service), provide us with systems for online marketing, behavioral remarketing, for displaying web push notifications, for sending e-mails, for analyzing traffic on websites, for analyzing the effectiveness of marketing campaigns, handling the newsletter, as well as support the implementation of specific Account functionalities.
entities providing consultancy, accounting or consultancy services
c) other data controllers that process it on their behalf:
i) payment systems
ii) Tax Office in order to perform public law duties
iii) post or courier companies in order to fulfill the delivery of the ordered goods
iv) entities providing legal and tax services to our company in the scope in which these entities are independent data controllers.
d) State authorities
We provide your personal data if we are approached by authorized state authorities, in particular organizational units of the prosecutor's office, the Police, the President of the Office for Personal Data Protection, the President of the Office of Competition and Consumer Protection, or the President of the Office of Electronic Communications.
10. TRANSFER OF DATA TO THIRD COUNTRIES
Ensuring the proper functioning of the Website and the possibility of a professional performance of services may involve the transfer of your personal data outside the EEA. When this situation occurs, IT-Regatta will ensure and do its best to guarantee a similar level of protection for your data. In particular, at least one of the following safeguards will be introduced:
Your personal data will be transferred to countries that the European Commission has recognized that provide an appropriate level of personal data protection. More information about this can be found here:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en By establishing commercial relations with our suppliers, we have contracts containing provisions approved by the European Commission, to provide certain personal protection of the same, which is provided to them in the European Union. More information can be found here:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_enWhen using the services of service providers headquartered in the United States, we may share data with them if they have been covered by the Privacy Shield program. This program imposes a duty on them to provide similar protection for data transferred between Europe and the United States. More information can be found here:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en If the performance of the contract requires it, your data may be transferred to our suppliers located outside the EEA also on the basis of art. 49 GDPR.
You may obtain a copy of the applicable security information by contacting us.
11. PROFILING AND AUTOMATED DECISION-MAKING PROCESS
We do not use profiling and automated decision-making.
12. YOUR RIGHTS
In connection with the processing of your personal data by IT-Regatta, you have rights, the implementation of which we are obliged to provide.
You can exercise your rights by submitting your request to us in writing or to the email address:
it.people.agency@gmail.comRemember, you have the right to:
access to your data
By doing so, you have the right, in particular, to obtain confirmation from us whether we process your personal data, and if this is the case, you have the right to:
i) get access to your personal data,
ii) obtain information about the purposes of processing, categories of personal data being processed, the recipients or categories of recipients of this data, the planned period of storage of your data or the criteria for determining this period, about your rights under the GDPR and the right to lodge a complaint to the supervisory authority data on automated decision-making, including profiling and safeguards applied in connection with the transfer of these data outside the European Union;
iii) get a copy of your personal data.
Legal basis: art. 15 GDPR
b) request correction of your data
You have the right to rectify and supplement your personal data. You can also do it yourself in the Profile settings if you are a User. With regard to other personal data, you have the right to request us to correct this data (if it is incorrect) and to supplement it (if it is incomplete).
Legal basis: art. 16 GDPR
c) request for deletion of data
You have the right to request the removal of all or some personal data. We will treat the request to delete all personal data as a request to delete an Account on the Website.
You have the right to request deletion of personal data if:
i) Your personal data has ceased to be necessary for the purposes for which they were collected or processed;
ii) you objected to the use of your data for marketing purposes,
iii) You objected to the use of your data to conduct statistics on the use of the Website and the satisfaction survey, and the opposition was considered justified,
iv) Your personal information is being processed unlawfully.
Despite the request to remove personal data, in connection with the opposition, we may retain certain personal data to the extent necessary to establish, assert, or defend claims. This applies in particular to personal data including name, surname, e-mail address, and history of the application, which we retain for purposes of handling complaints and claims related to the use of our services.
Legal basis: art. 17 GDPR
d) requests to limit the processing of your data
You have the right to request a restriction on the processing of your personal data. If you submit such a request, we will prevent you from using certain functionalities or services that will result in the processing of the requested data until we process your request. We will also not send any messages to you, including marketing ones.
You have the right to request restrictions on the use of your personal data in the following cases:
i) when you question the accuracy of your personal data - then we will limit their use for the time needed to verify the accuracy of your data, but no longer than for 7 days,
ii) if the processing of your data is against the law, and instead of removing the data, you will demand restriction of their use;
iii) when your personal information is no longer necessary for the purposes for which we have collected or used it, but it is necessary for you to establish, investigate, or defend claims;
iv) when you object to the use of your data - then the restriction takes place for the time needed to consider whether, due to your special situation, the protection of your interests, rights, and freedoms outweighs the interests that we process when processing your personal data.
Legal basis: art. 18 GDPR
e) object to the processing of your data
You have the right to object to the use of your personal data at any time, if we process your data based on our legitimate interest, e.g. in connection with the marketing of our products and services and our clients, keeping statistics on the use of individual Website functionalities.
If your objection turns out to be well founded and we have no other legal basis to process your personal data, we will delete the information for which you objected.
Legal basis: art. 21 GDPR
f) transfer data
You have the right to receive your personal information that you provided to us and then send it to another personal data controller of your choice, e.g. to another operator of similar websites. You also have the right to request that personal data be sent by us directly to such other controller, if it is technically possible.
We will send your personal data in the form of a CSV file. The CSV format is a widely used, machine-readable format that allows you to send the received data to another personal data controller.
Legal basis: art. 20 GDPR
g) submit a complaint to the Supervisory authority
If you believe that your right to the protection of personal data or other rights granted to you by virtue of the GDPR have been violated, you have the right to lodge a complaint with the Head of the Office for the Protection of Personal Data.
Legal basis: art. 77 GDPR
What time do we fulfill your request?
If, by exercising the aforementioned rights, you request us, we comply with this request or refuse to comply with it without delay, but no later than one month after receipt. However, if - due to the complexity of the request or the number of requests - we will not be able to meet your request within a month, we will meet them within the next two months, informing you in advance about the intended extension.
13. HOW WE CARE ABOUT THE SAFETY OF YOUR PERSONAL DATA ?
The security of your data is important to us, which is why we strive to meet the high standards. Remember, however, that the Website uses encrypted data transmission (SSL) during registration and logging in, which protects the data identifying you and significantly hinders interception of access to Your Account by unauthorized systems or persons.
Remember, however, that no method of providing information when using the Internet or electronic data storage does not give 100% certainty. Although we try to use solutions dedicated to protecting your data, we can not guarantee this protection will be absolute.
14. CHANGES IN THE PRIVACY POLICY
Following the development of technology and changes in the law, we adapt the Privacy Policy to them, changing or supplementing the provisions contained therein, as appropriate.
We will inform you about any changes or additions by posting relevant information on the Website, and in case of significant changes, we can also send you separate notifications to the e-mail address provided by you.
The Privacy Policy does not limit any rights you have under the Terms of Service and the law.