This policy is addressed to users of the website www.apptorium.com [hereinafter referred to as the Website]. The policy describes the rules for collecting and using the data of Website users that is collected directly from them.
Data Administrator and Contact Details
The administrator of personal data [hereinafter referred to as the Administrator] designated in connection with the use of the Apptorium Website is Marcin Krzywonos the registered office for Apptorium is located at: ul. Podgórna 79/1, 65-246 Zielona Góra, Poland, e-mail firstname.lastname@example.org In matters related to the processing of your personal data by the Administrator, he can be contact him at the above address.
Personal data is processed by the Administrator in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [hereinafter referred to as the GDPR].
The Scope of Collected Data
The Website allows you to contact the Administrator and provide your identification and contact data, as well as data related to the content of messages, transmitted using forms on the Website or in e-mail messages. The main personal data required to contact you and to provide the services offered, obtained through the Website's forms, is your email address.
If you contact the Administrator, the data will be made available directly to you. On the other hand, if your data has been transferred in connection with the matter being dealt with by the person who referred the matter to the Administrator, then the data source is that person. In this case, the Administrator receives identification, address and information related to the case, such as a description of the case.
Data Processing of Minors
In accordance with the provisions on the protection of personal data in force in Poland, the Website is not intended for children under 13 years of age. No one under the age of 13 can submit any of their data via the Website. The administrator does not knowingly collect personal data of children under 13 years of age. If they become aware that any personal data of a child under 13 years of age has been received, such data will be deleted immediately, in particular the contact form, since the assumption is that the purchase of software is offered only to adults who can make independent decisions. If the legal guardians of a minor have information that such minor has filled out the form available on the Website without the consent of the guardians, they should contact the Administrator to delete this data, or withdraw consent by sending an appropriate request to the e-mail address email@example.com.
Purpose and Legal Basis for Processing Personal Data
Personal data collected through all types of forms posted on the Website are processed on the basis of your consent, in accordance with Article 6(1)(a) of the GDPR, and in the case of purchasing the application also on the basis of Article 6(1)(b) of the GDPR to perform the purchase contract or to take action at your request before buying.
In addition, your data may be processed for the purpose of:
- analyzing network traffic, ensuring security on the Website, and adapting content to the needs of users based on the Administrator's legitimate interest, in accordance with Article 6(1)(f) of the GDPR;
- answering questions, forwarding the ordered offer (newsletter) and conducting correspondence to settle the matter, based on your consent and the legitimate interest of the Administrator, which is the implementation of user requests, as well as establishing, investigating or defending against claims, in accordance with Article 6(1)(a & f) of the GDPR,
- creating own user bases and servicing Apptorium accounts on Facebook, Twitter, Instagram and YouTube channel as well as related interactions with users of these portals visiting Apptorium accounts, based on the legitimate interest of the Administrator in accordance with Article 6(1)(f) of the GDPR.
Providing data that is not mandatory or excess data that the Administrator does not need to process, is based on your decision and then the processing takes place on the basis of the premise contained in Article 6(1)(a) of the GDPR. By providing data, you consent to the processing of such data and to anonymize the data that the Administrator does not require and does not intend to process although it may have been forwarded to the Administrator.
The Right to Withdraw Consent
You can withdraw your consent to the processing of contact details at any time by contacting the Administrator. Withdrawal of consent may impede or prevent further contact with you. However, withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.
Providing personal data is voluntary, but failure to provide data marked as necessary to provide the service to you will prevent its provision. In particular, providing your data for purposes related to query handling or software purchase is necessary to answer or finalize the purchase and provide a license. Failure to provide a valid email address will prevent the abovementioned matters. Providing the data necessary for statistical analysis of Website users is voluntary. You can use the so-called incognito mode (private viewing) to use the Website without leaving the Administrator information about your visit to the Website after it has ended. The use of the private mode does not affect the possibility of using the Website. Rights Arising from the GDPR in the Scope of Processed Data
You have the right to:
- request the Administrator to access your data and receive a copy of it (in accordance with Article 15 of the GDPR);
- require the Administrator to rectify or correct data (in accordance with Article 16 of the GDPR) - in relation to a request to rectify data, if you notice that the data is incorrect or incomplete;
- request the Administrator to delete data (pursuant to Article 17 of the GDPR);
- request the Administrator to limit processing (pursuant to Article 18 of the GDPR) - e.g. when you notice that the data is incorrect - you can request the restriction of processing your data for a period enabling us to check the correctness of this data;
- receive in the structured, commonly used machine-readable format, personal data that you provided to the Administrator or request that the Administrator send it to another administrator (in accordance with Article 20 of the GDPR);
- object to the processing of your data (pursuant to Article 21 of the GDPR);
- lodge a complaint in connection with the processing of your personal data by the Administrator to the supervisory body, which in Poland is the President of the Personal Data Protection Office, or to the body competent for your place of residence.
All your requests should be sent to the e-mail address: firstname.lastname@example.org or by post to the address of the Administrator's office provided at the beginning of this document. The Administrator is obliged to comply with the request and provide a reply no later than 30 days from the date of receipt of the request and its justification, on the terms set out in the provisions of the GDPR.
Recipients of Your Personal Data
The recipients of your personal data can only be entities that are entitled to receive them under the law. In addition, your data may be made available to the host provider and mail server, as well as to companies providing intermediary services, in particular to Paddle.com Market Limited, which supports the process of selling applications offered on the Website, and in case of communication with Apptorium via the contact form provided on the Website to Zendesk Inc., which offers a platform to contact with users of the Website. However, when you subscribe to our Newsletter, the data in the form (your email address) will be forwarded to The Rocket Science Group providing the Mailchimp platform for sending messages prepared by the Administrator.
Transfer of Data to a Third Country or International Organization
Your data provided on the Website may be transferred to recipients from a third country, i.e. from a country outside the European Economic Area. This applies only to data transfer to third parties providing dedicated services to the Data Controller. Under applicable law, these entities may be separate controllers of your personal data as part of the services they offer.
In the process of selling our applications, we use the platform of our online distributor Paddle.com, which carries out all orders placed, also providing customer service and possible returns. Paddle.com processes personal data in the United Kingdom and in the United States of America. Data stored and processed by the Paddle platform can be transferred between these countries in a secure manner. All countries where Paddle.com processes data provide an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of this data. The entire infrastructure of the platform on which the processing takes place complies with the Safe Harbor privacy principles agreed by the US, the European Union and Switzerland, as well as with the European Union model clauses approved by the EU data protection authorities (referred to as Article 29 Working Party). Detailed privacy policies of Paddle.com can be found at: https://paddle.com/privacy and https://paddle.com/privacy-buyers
Data administrator may process e-mail address and activation number (license number) of applications bought by our users in order to provide activation number recovering and migration to the new number if the license system is changed.
Links to Other Sites