Website operator, Data Controller, Data Protection Officer
The Website Operator and Personal Data Controller within the meaning of the provisions on the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter referred to as “GDPR”) is Scramjet sp. z o.o., with registered office in Suwałki (full address: Suwałki 16-400, ul. Innowacyjna 1, Poland), KRS 0000841090.
Scramjet sp.z o.o. hereinafter will be referred to as the Controller or Website Operator.
The Controller declares that he has not appointed the Data Protection Officer.
Ways of obtaining data about Website users
We obtain information about you by:
- its voluntary introduction to the contact form
- its voluntary introduction as part of subscribing to the newsletter,
- collecting technical data about connection and visit to the website (IP address, type of browser used, time of using the website, etc.)
- collecting data about your preferences and activity on the Website by saving cookies in end devices (e.g. phone, computer, tablet, etc.).
Anonymous use of the Website
You can use the Website without revealing your identity and without providing any personal data that would make your identification possible. We will then collect only technical information necessary for the functioning of the Website (connection data, IP address, browser used) and the parameters of the visit to the Website (date of connection, duration of the visit).
From the perspective of the Website Operator, the above mentioned data is not personal data, as it does not make it possible to establish your identity without taking extraordinary measures. However, remember that in the event of a violation of the law on the Website, the above data may be used to establish your identity in conjunction with, for example, the data of your Internet provider.
Obligation to provide personal data
If you intend to use the services:
- contact form
it is necessary to provide personal data marked as mandatory during the subscription to the service. There is no legal obligation to provide such personal data, but refusing to provide it will prevent you from using the above services.
In some cases, it is possible to provide additional information - providing such information will then be voluntary. There is no legal obligation to provide such data, and failure to do so does not constitute an obstacle to using the services.
In each case, we inform you whether the information field is required or optional.
Data collected using forms on the Website - detailed information
Description Contact form Newsletter The scope of mandatory data Name, surname, e-mail address E-mail address Scope of voluntary data Any other data provided in e-mail correspondence None Legal basis for processing Legitimate interest (Article 6 (1) (f) of the GDPR) - correspondence with clients / potential clients regarding the services provided and the functioning of the Website. Consent (art. 173 ust. 1 Prawa telekomunikacyjnego, art. 10 ust. 2 UŚUDE). Purposes of processing Communication on the services provided and the functioning of the Website. Sending the ordered commercial information in the form of a newsletter. Processing period The correspondence is archived and kept for up to 3 years. Until consent is withdrawn. The storage period may be shortened in the event of effective exercise of the user's right, which is related to the cessation of data processing (e.g. objecting or requesting deletion of data)
The above-mentioned data may also be processed, to a limited extent, after the deadlines indicated in the table, in order to demonstrate by the Controller that the legal obligations related to data processing are fulfilled. The legal basis for such processing is Art. 6 sec. 1 lit. c) in connection with art. 5 sec. 2 GDPR, i.e. fulfillment of the Controller's legal obligation in terms of the principle of accountability. The period of data processing is determined on the basis of the limitation periods for users' claims and the dates in which it is possible to test the compliance of processing by the supervisory body (the President of the Office for Personal Data Protection).
Cookies - detailed information
We use cookie files. Cookies are small text files that are stored on your end device and that store certain settings and data regarding your interaction with our Website via your browser.
Cookies allow us to recognize your end device and immediately provide certain settings or preferences (such as font size and contrast) or register your activity on the Website (clicking certain options, keeping track of pages visited). Whenever possible, the cookies we use are first-party cookies. However, we also use third party cookies.
Types of our own cookies:
Name Service Purpose Type of cookie and period of use Legal basis cookie_consent Cookie consent Stores cookie preferences First-party persistent, 1 month Legitimate interest of the Website Operator (Article 6 (1) (f) of the GDPR) - ensuring the optimal presentation of the Website wai_settings Website availability Remembers accessibility settings First-party persistent, 3 months Legitimate interest of the Website Operator (Article 6 (1) (f) of the GDPR) - ensuring the optimal presentation of the Website
Types of third party cookies we use:
Detailed information on the possibilities and methods of handling cookies is available in the settings of the web browser software, e.g.
Users' rights related to the processing of their personal data
In connection with the processing of your data, you have the following rights:
- the right to information about processing (Article 13 of the GDPR) - the right is implemented through this Policy
- the right to access the processed data concerning you (Article 15 of the GDPR) - implemented by contacting the e-mail address indicated below
- the right to object to the processing of your personal data based on the legitimate interest of the Controller the purposes of scientific or historical research or for statistical purposes (Article 21 (1) and (6) of the GDPR) - implemented by contacting the e-mail address provided below
- the right to object to processing for direct marketing purposes - you can object at any time to the processing of your data for direct marketing purposes (Article 21 (2) of the GDPR) - implemented by contacting the e-mail address provided below or by clicking on the link to deactivate the newsletter -[email protected]
- the right to rectify, delete data and to limit their processing (Articles 16 - 18 of the GDPR) - implemented by contacting the e-mail address provided below;
- the right to transfer data (Article 20 of the GDPR) - implemented by contacting the e-mail address indicated below
- the right to withdraw the consent at any time - the withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of your consent before its withdrawal
- the right to lodge a complaint with a supervisory authority - the President of the Personal Data Protection Office
If you wish to exercise any of the above rights or any other rights that you may have in relation to your personal data, or if you have any other questions or requests, please contact us at: [email protected]
Your data may be transferred to third parties who may be data processors (based on a processing entrustment agreement) or separate data controllers. The recipients of the data may in particular be:
- entities providing services for the Website Operator related to the functioning of the website and requiring disclosure of your data (hosting providers, entities listed in point 10);
- advertising agencies, entities managing the display of advertisements on websites;
- offices, judicial bodies or other bodies authorized to obtain information on data (courts, prosecutor's office, police, other security services);
- providers of IT services and data security services.
Transfer of data to third countries (outside the European Economic Area)
Your data may be transferred to third countries (outside the European Economic Area), as part of the provision of the following services:
Recipient of the data: The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308, USA
Recipient of the data: Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, United States of America, and its subsidiaries.
The European Commission has approved the use of standard contractual clauses to ensure adequate data protection when it is transferred outside the EEA. Due to the inclusion of standard contractual clauses in the data processing agreements concluded with the above-mentioned data recipients, these data are protected during their transfer outside the EEA to countries that are not covered by the adequacy decision.
How do we keep your data safe
We store your data on specially protected servers in the European Union, as well as on the servers of our service providers, including the United States. They are protected by technical and organizational measures to prevent loss, destruction, access, modification or distribution of your data by unauthorized entities.
Your personal data is transmitted encrypted via the Internet. We use TLS (Transport Layer Security) encryption for data transmission.
In order to protect the integrity, confidentiality and availability of data, we also use other safeguards defined in accordance with our internal risk analysis.