PRIVACY POLICY

www.raiseyoursales.eu

§ 1 General provisions

1. The administrator of personal data of the users of the website located under the domain www.raiseyoursales.eu is RYS SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, with the registered office in Bielsko-Biała, at ul. Podwale 47, 43-300 Bielsko-Biała, entered in the National Business Register kept by the District Court in Bielsko-Biała, 8th Economic Division of the National Court Register under KRS number: 0001006923, NIP: 5472234742, REGON: 523865502, share capital PLN 5,000.00 fully paid up (hereinafter: “Administrator”).

2. Contact with the Administrator is possible:
(1) at the e-mail address: hello@raiseyoursales.eu
(2) in writing to the Administrator’s address: 47 Podwale Street, 43-300 Bielsko-Biała.

3. The purpose of this Policy is to specify the actions taken with regard to personal data collected via the Administrator’s website and related services and tools used by its users, as well as in the activity of concluding and performing contracts in contact outside the website.

4. If necessary, the provisions of this Policy may be amended. The change will be communicated to the users by announcing the new content of the Policy and, in the case of the base of persons who consented to the processing of data by e-mail or provided e-mail data in the performance of contracts, they will also be notified of the change by e-mail.

§ 2 Grounds for processing, purposes and storage of personal data

1. Users’ personal data shall be processed in accordance with the General Data Protection Regulation, the Data Protection Act of 10.05.2018 and the Act on the Provision of Electronic Services of 18.07.2002. Together with subsequent amendments of the above.

2. The Administrator may collect the following data for the following purposes:

Purpose of data processing Legal basis for processing and data retention period Data retention period Scope of data processing
Performing a contract with the customer or taking action at the request of the data subject prior to the conclusion of the aforementioned contracts
Article 6 Act 1 letter b) GDPR Regulations (performance of the contract).
  • for the duration of the aforementioned agreement until the expiration of the related legal obligation concerning accounting,
  • the data will be processed until the end of the period in which claims can be pursued
  • First name and last name;
  • Email address;
  • Phone number;
  • Address (street, house number,
  • apartment number,
  • zip code,
  • city, country),
  • company name,
  • Tax ID number

Direct marketing

Article 6 Act 1 letter f) GDPR Regulations (legitimate interest of the administrator).

The administrator may process data for direct marketing purposes only after obtaining the consent and in the absence of objections from the data subject.

  • until you withdraw your consent - remember, you can withdraw your consent at any time. Data processing remains lawful until you withdraw your consent.
  • the data will be processed until the expiry of the period during which claims can be pursued
  • e-mail address;
  • Phone number;

Marketing

Article 6 Act 1 letter a) GDPR Regulations (consent)

  • until you withdraw your consent - remember, you can withdraw your consent at any time.
  • Data processing remains lawful until you withdraw your consent.
    the data will be processed until the expiry of the period during which claims can be pursued
  • until you unsubscribe from the newsletter.
  • first name and last name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),

Expression of opinion by the Customer

Article 6 Act 1 letter a) GDPR Regulations

  • if you do not express your opinion for a period of 30 days from your purchase or until your objection is accepted. towards processing;
  • when expressing an opinion - until it is deleted or until the objection to processing is upheld
  • the data will be processed until the expiry of the period during which claims can be pursued
  • first name and last name;
  • e-mail address;
  • Phone number;

Bookkeeping

Article 6 Act 1 letter c) GDPR Regulations in connection with joke. 86 § 1 of the Tax Ordinance, i.e. of January 17, 2017 (Journal of Laws of 2017, item 201) or Art. 74 Act 2 of the Accounting Act, i.e. of January 30, 2018 (Journal of Laws of 2018, item 395).

  • the data will be processed until the expiry of the period during which claims can be pursued
  • the data is stored for the period required by law requiring the storage of tax books (until the expiry of the tax liability limitation period, unless tax laws provide otherwise) or accounting records (5 years from the beginning of the year following the financial year to which the data relates).
  • first name and last name;
  • e-mail address;
  • Phone number;
    address (street, house number, apartment number, postal code, city, country),
  • Tax Identification Number;
  • company name;

Making a refund

Execution of the Agreement or taking action at the request of the data subject before concluding the Agreement (Article 6, Act 1, point b) of the GDPR).

  • 5 years after the end of business relations with the Client
  • first name and last name;
  • e-mail address;
  • Phone number;
  • PESEL;
  • address (street, house number, apartment number, postal code, city, country),
  • data of the economic entity.

Determining, pursuing or defending claims that may be raised by the Administrator or that may be raised against the Administrator

Article 6 Act 1 letter f) GDPR Regulations

  • the data is stored for the period of existence of our legitimate interest, but no longer than the period of limitation of claims against the data subject in connection with the business activity conducted.
  • first name and last name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),
  • Tax Identification Number;
  • company name;

Conducting research and analyzes to improve the operation of available services

Article 6 Act 1 letter f) GDPR Regulations

  • the data will be processed until the expiry of the period during which claims can be pursued
  • until the cookies used for analytical purposes expire or are deleted
  • company name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),
  • computer components,
  • settings,
  • installed software.

Customer account registration

Performance of the Agreement or taking action at the request of the data subject before concluding the Agreement (Article 6, Act 1, letter b) of the GDPR

  • 5 years after the end of business relations with the Client
  • first name and last name;
  • e-mail address;
  • Phone number;
  • PESEL;
  • address (street, house number, apartment number, postal code, city, country),
  • data of the economic entity.

Sending notifications to the Customer

Execution of the Agreement or taking action at the request of the data subject before concluding the Agreement (Article 6, Act 1, letter b) of the GDPR)

Fulfillment of the legal obligation imposed on the Administrator (Article 6, Act 1, point c) of the GDPR)

  • 5 years after the end of business relations with the Client
  • first name and last name;
  • e-mail address;
  • Phone number;
  • PESEL;
  • address (street, house number, apartment number, postal code, city, country),
  • data of the economic entity.

Providing customer service

Execution of the Agreement or taking action at the request of the data subject before concluding the Agreement (Article 6, Act 1, letter b) of the GDPR)

  • 5 years after the end of business relations with the Client
  • 2 years after the last update of the customer's inquiry
  • first name and last name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),
  • data of the economic entity,

Correct functioning of the website

Maintaining the performance of the Website and improving it (Article 6, Act 1, letter f) of the GDPR)

  • 5 years after the end of business relations with the Client
  • As in the cell above,
  • Information about activities performed on the website (button clicks, visit times, read notifications, other information depending on a specific business case).

Tracking website visits for security reasons

Protection and security of the website, Customers' interests, securing the Customer's security (Article 6, Act 1, letter f) of the GDPR)

  • 3 years
  • User's ID,
  • IP address,
  • Browser,
  • Content and URLs to which the User connects,
  • Date and time of calls.

Protecting customers against using a disclosed password to log in

Protection and security of the website, Customers' interests, securing the Customer's security (Article 6, Act 1, letter f) of the GDPR)

  • The time required for the Administrator to check the password
  • User's ID,
  • Customer Password.

Allowing the Customer to reset their password

Protection and security of the website, Customers' interests, securing the Customer's security (Article 6, Act 1, letter f) of the GDPR)

  • 5 years after the end of business relations with the Client
  • first name and last name;
  • e-mail address;
  • data of the economic entity,
  • Customer's password,
  • User's ID.

Supervising compliance with regulations, contracts and privacy policies

Protection and security of the website, Customers' interests, securing the Customer's security (Article 6, Act 1, letter f) of the GDPR)

  • 5 years after the end of business relations with the Client
  • transaction data,
  • data of the economic entity.

Considering applications regarding personal data,

Article 6 Act 1 letter c) GDPR

  • The period of existence of the legally justified interest of the Administrator, but no longer than the period of limitation of claims against the data subject in connection with the business activity conducted.
  • first name and last name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),
  • Tax Identification Number;
  • company name.

Providing information to authorities responsible for law enforcement and other state institutions,

Article 6 Act 1 letter c) GDPR

  • The period of existence of the legally justified interest of the Administrator, but no longer than the period of limitation of claims against the data subject in connection with the business activity conducted.
  • first name and last name;
  • e-mail address;
  • Phone number;
  • address (street, house number, apartment number, postal code, city, country),
  • Tax Identification Number;
  • company name.

3. Users’ personal data are stored no longer than is necessary to achieve the purpose of processing, i.e. until the consent is withdrawn if the processing is based on such consent, until the claims of the Administrator and the other party regarding the implementation of concluded contracts expire (in the case of sales contracts/service contracts for 2 years, counting until the end of the year) and until the inquiry sent via e-mail is processed or until the complaint is processed.

4. The Administrator may use profiling for direct marketing purposes, but decisions made on its basis by the Administrator do not concern the conclusion or refusal to conclude a contract or the possibility of using electronic services.

5. To the extent necessary for the proper functioning of the website and its functionality, the website may, when the User uses it, collect other information, including, among others:
a) IP address;
b) device, hardware and software information such as hardware identifiers, mobile device identifiers (e.g. Apple Identifier for Advertising [“IDFA”] or Android advertising identifier [“AAID”]),
c) type of platform,
d) internet browser data, including browser type and preferred language;

6. Taking into account the nature, scope, context and purposes of processing as well as the risk of violating the rights and freedoms of natural persons with varying probability and severity of threat, the Administrator implements appropriate technical and organizational measures to ensure that processing takes place in accordance with the Regulation and to be able to demonstrate this. These measures are reviewed and updated as necessary. The Administrator uses technical measures to prevent unauthorized persons from obtaining and modifying personal data sent electronically.

§ 3 Sharing data

1. The Administrator ensures that all collected personal data is used to fulfill obligations towards users. This information will not be made available to third parties except when:
a) the express consent of the persons concerned to such action has been given in advance, or
b) if the obligation to transfer this data results or will result from applicable legal provisions, e.g. to law enforcement authorities.

2. Additionally, personal data of service recipients and customers may be transferred to the following recipients or categories of recipients:

  • service providers supplying the Administrator with technical, IT and organizational solutions enabling the Administrator to conduct business activities, including the website and electronic services provided via it (in particular computer software providers, marketing agencies, e-mail and hosting providers, company management software providers and providing technical assistance to the Administrator and the product delivery operator) – the Administrator provides the Customer’s collected personal data to a selected supplier acting on his behalf only in the case and to the extent necessary to achieve a given purpose of data processing in accordance with this privacy policy.
  • providers of accounting, legal and advisory services providing the Administrator with accounting, legal or advisory support (in particular an accounting office, law firm or debt collection company) – the Administrator provides the collected personal data of the Customer to a selected supplier acting on his behalf only in the case and to the extent necessary to complete a given the purpose of data processing in accordance with this privacy policy.
  • Albacross (registered office: Warszawska 20, 31-155 Kraków, Poland) for the purposes of analytical tools for analyzing website statistics and tracking actions performed by users on the website;
  • Fakturownia Sp. z o. o. (registered office: ul. Juliana Smulikowski 6/8, 00-389 Warszawa, KRS: 0000572426, NIP: 5213704420) in the field of assistance to the Administrator in handling invoices and financial documents;
  • Woodpecker.co S.A. (registered office: ul. Krakowska 29D, 50-424 Wrocław, KRS: 0000896179, NIP: PL 8992769178) for tools for sending and receiving mailings and e-mail;
  • Smarthost Sp. z o. o. (registered office: Partyzonów 1, 42-217 Częstochowa) for website hosting purposes.

3. The Administrator may share anonymized data (i.e. data that does not identify specific Users) with external service providers in order to better recognize the attractiveness of advertisements and services for users, and in this respect, due to the headquarters of software suppliers, data may be transferred – while maintaining the principles of their protection. – to third countries, however, ensuring standard contractual provisions approved by the European Commission in the field of personal data processing or having appropriate powers to do so on the basis of bilateral data processing agreements between the European Union and a given third country, which is not a member of the European Economic Area. These entities in the case of the Administrator are:

  • Google LLC. (headquarters: 1600 Amphitheater Parkway, Mountain View, CA 94043, USA) for Google Analytics tools used to analyze website statistics, Google Tag manager: used to manage scripts by easily adding code fragments to the website or application and tracking actions performed by users in website, Google Ads used to display sponsored links in the search results of the Google search engine and on websites cooperating under the Google AdSense program, Google Workspace allowing for comprehensive website editing and coordination of the work of people working on it (including Google Drive, Gmail, Google Sheets, Google Forms, Google Looker studio);
  • Meta Platforms, Inc. (registered office: 1601 Willow Road Menlo Park, CA 94025, USA) for Facebook pixel used to track conversions from Facebook ads, optimize them based on collected data and statistics, and build a list of recipients focused on future ads.
  • LinkedIn Ireland Unlimited Company (headquarters: Wilton Plaza, Wilton Place, Dublin 2, Ireland) for the purpose of tracking conversions from LinkedIn ads, optimizing them based on collected data and statistics, and building an audience list targeted for future advertising.
  • Todoist (Doist Inc.) (headquarters: 2100 Geng Road, Suite 210, Palo Alto, CA 94303, USA) for the purposes of workflow tools for people supervising the operation of the website and for technical support purposes.
  • PowerMyAnalitics (headquarters: 100 Candace Dr, Suite 100, Maitland, FL 32751, USA) for the purposes of analytical tools for analyzing website statistics and tracking actions performed by users on the website;
  • Hotjar Limited (registered office: Dragonara Business Center 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141 Malta) for the purposes of analytical tools for analyzing website statistics and tracking actions performed by users on the website;
  • Zapier Inc. (registered office: 548 Market St. #62411 San Francisco, CA 94104-5401, USA) in the scope of tools used by the Administrator to automate functions and perform tasks on the website;
  • Pipedrive Inc. (registered office: 530 5th Avenue, Suite 802, New York, NY 100361600, USA) in the scope of data related to the operation and delivery of the CRM system for the Administrator;
  • BitWarden Inc. (registered office: 1 North Calle Cesar Chavez, Suite 102, Santa Barbara, CA 93103, USA) for the purposes of protecting user passwords and ensuring the security of the connection between the website and the user;

4. The administrator always informs about the intention to transfer personal data outside the EEA at the stage of their collection.

5. The Administrator conducts risk analysis on an ongoing basis to ensure that personal data is processed in a safe manner – ensuring, above all, that only authorized persons have access to the data and only to the extent necessary due to the activities performed by the Administrator. not tasks. The administrator ensures that all operations on personal data are recorded and performed only by authorized employees and collaborators.

6. The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities guarantee the use of appropriate security measures whenever they process personal data on behalf of the Administrator.

7. The Administrator’s website may use the functionality of Google Analytics, a website traffic analysis service provided by Google, LLC. (“Google”). Google Analytics uses cookies to help website operators analyze how visitors use the website. The information generated by the cookie about visitors’ use of the website is generally transmitted to and stored by Google on servers in the United States. In accordance with current IT standards, the IP addresses of users visiting the Administrator’s website are shortened. Only in exceptional cases is the complete IP address transferred to a Google server in the United States and shortened there. On behalf of the Administrator, Google will use this information to evaluate the website for its users, prepare reports on website activity and provide other services related to website activity and Internet use to website operators. Google will not combine the IP address transmitted as part of Google Analytics with any other data in its possession. More information about how Google Analytics collects and uses data can be found on the official Google website at: www.google.com/policies/privacy/partners. In addition, each User can prevent Google from collecting and processing data relating to their use of the website by downloading and installing the browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout.

8. When disclosing data to third parties, the Administrator makes every effort to ensure that this is done only to entities that meet the criteria and requirements specified in Art. 46 or 49 GDPR. Where appropriate, the Controller will rely on EU standard contractual clauses and other safeguards to enable transfers outside the EEA. In accordance with the decision of the Court of Justice of the European Union of July 16, 2020, the Controller continues to assess the legal system of the countries to which data are transferred and, where necessary, updates measures to ensure appropriate levels of protection.
9. In the scope of data transferred to the United States, the Administrator, when making data available to third parties, makes every effort to ensure that this is done, in accordance with the decision of the European Commission of July 10, 2023, only to entities and organizations in the United States that ensure compliance with the new ” EU-US Data Privacy Framework. The list of these organizations has been published by the US Department of Commerce. The transfer of personal data from the EEA to organizations that have joined the EU-US Data Protection Framework and are on this list is possible without the need to obtain additional consents or apply legal instruments such as standard contractual clauses or binding corporate rules. However, if a given data importer in the USA has not joined the EU-US Data Protection Framework, the transfer of personal data to it is possible and will take place after meeting the conditions set out in Art. 46 or 49 GDPR. In such cases, the Controller will rely on EU standard contractual clauses and other safeguards to enable transfers outside the EEA.

§ 4 User's rights

1. The user whose personal data is processed has the right to:
a) access, rectification, restriction, deletion or transfer – the data subject has the right to request from the Administrator access to his or her personal data, rectification, deletion (“right to be forgotten”) or restriction of processing and has the right to object against processing, and also has the right to transfer his data. Detailed conditions for exercising the above-mentioned rights are indicated in Art. 15-21 of the GDPR Regulations.
b) withdrawal of consent at any time – the person whose data is processed by the Administrator on the basis of consent (pursuant to Article 6(1)(a) or Art. 9 section 2 letter a) of the GDPR), the data subject has the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.
c) submit a complaint to the supervisory authority – the person whose data is processed by the Administrator has the right to lodge a complaint with the supervisory authority in the manner and manner specified in the provisions of the GDPR and Polish law, in particular the Personal Data Protection Act. The supervisory authority in Poland is the President of the Personal Data Protection Office in Warsaw.
d) objection – the data subject has the right to object at any time – for reasons related to his or her particular situation – to the processing of his or her personal data based on Art. 6 section 1 letter e) (public interest or tasks) or f) (legitimate interest of the administrator), including profiling based on these provisions. In such a case, the Administrator is no longer allowed to process this personal data, unless he demonstrates the existence of valid legally justified grounds for processing, overriding the interests, rights and freedoms of the data subject, or grounds for establishing, pursuing or defending claims.
e) objection regarding direct marketing – if personal data are processed for direct marketing purposes (based on the legitimate interest of the Administrator, not on the basis of the consent of the data subject), the data subject has the right to object at any time to the processing regarding her personal data for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing.

2. The above rights are exercised based on the user’s request sent to the e-mail address hello@raiseyoursales.eu. Such a request should include the user’s name and surname.

3. The User ensures that the data provided or published on the website is correct.

§ 5 Cookies

1. “Cookies” should be understood as IT data, in particular text files, stored on users’ end devices (usually on the computer’s hard drive or in a mobile device) used to save specific settings and data by the user’s browser in order to use websites. These files allow you to recognize the user’s device and properly display the website, ensuring comfort during its use. Storing “cookies” files therefore enables appropriate preparation of the website and the offer in terms of user preferences – the server recognizes the user and remembers, among others: preferences such as: visits, clicks, previous activities.

2. “Cookies” contain in particular the name of the domain of the website from which they come, the time of their storage on the end device and a unique number used to identify the browser from which the connection to the website is made.

3. Cookies are used for the following purposes:
a. adapting the content of websites to user preferences and optimizing the use of websites,
b. creating anonymous statistics which, by helping to determine how the user uses websites, enable improving their structures and content,
c. providing website users with advertising content tailored to their interests.
Cookies do not serve to identify the user and their identity is not established on their basis.

4. The basic division of “cookie” files is their distinction into:
a) Necessary cookies – they are absolutely necessary for the proper functioning of the website or the functionality that the user wants to use, because without them we would not be able to provide many of the services we offer. Some of them also ensure the security of the services we provide electronically.
b) Functional cookies – they are important for the operation of the website due to the fact that:
– serve to enrich the functionality of websites; without them, the website will work properly, but it will not be adapted to the user’s preferences,
– serve to ensure a high level of functionality of websites; Without them, the level of functionality of the website may be reduced, but their absence should not prevent you from using it completely,
– serve most of the functionalities of websites; blocking them will prevent selected functions from working properly.
c) Business cookies – they enable the implementation of the business model based on which the website is made available; Blocking them will not result in the unavailability of all functionality, but may reduce the level of service provision due to the inability of the website owner to generate revenues to subsidize its operation. This category includes, for example, advertising cookies.
d) “Cookies” files for website configuration – enable the setting of functions and services on websites.
e) Cookies for the security and reliability of websites – they enable verification of authenticity and optimization of website performance.
f) Authentication cookies – enable notification when the user is logged in, so that the website can display appropriate information and functions.
g) “Cookies” files examining the session status – they enable saving information on how users use the website. These may concern the most frequently visited pages or possible error messages displayed on certain pages. “Cookies” files used to save the so-called “session state” help improve services and increase the comfort of browsing websites.
h) Cookies examining processes taking place on the website – enable the efficient operation of the website and the functions available on it.
i) Advertising cookies – enable the display of advertisements that are more interesting for users and at the same time more valuable for publishers and advertisers; Cookies can also be used to personalize advertising and to display advertisements outside websites.
j) “Cookies” files providing access to the location – they enable adapting the displayed information to the user’s location.
k) Cookies that conduct analyses, research or audience audits – enable the website owner to better understand the preferences of their users and improve and develop products and services through analysis. Typically, the website owner or research company collects information anonymously and processes trend data, without identifying the personal data of individual users.

5. The use of “cookies” to adapt the content of websites to user preferences does not, in principle, mean the collection of any information allowing the identification of the user, although this information may sometimes have the nature of personal data, i.e. data enabling the assignment of certain behaviors to a specific user. Personal data collected using cookies may be collected only to perform specific functions for the user. Such data is encrypted in a way that prevents access to it by unauthorized persons.

6. Cookies used by this website are not harmful to the user or the end device used by him, therefore, for the proper functioning of the website, it is recommended not to disable their support in browsers. In many cases, the software used to browse websites (web browser) allows the storage of information in the form of “cookies” and other similar technologies on the user’s end device by default. The user can change the way cookies are used by the browser at any time. To do this, you need to change your browser settings. The method of changing the settings varies depending on the software (web browser) used. You will find appropriate tips on the subpages, depending on the browser you are using.

7. As part of cookie technology, the Administrator may use tracking pixels or clear GIF files to collect information on how the user uses its services and his reaction to marketing messages sent by e-mail. A pixel is software code that allows an object to be embedded on a website, usually a pixel-sized image, which makes it possible to track user behavior on websites where it is placed. After giving the appropriate consent, the browser automatically establishes a direct connection to the server storing the pixel, therefore the processing of data collected by the pixel takes place under the data protection policy of the partner that the above-mentioned. administers the server.

8. The Administrator may use online log files (which contain technical data, such as the user’s IP address) to monitor traffic within its services, solve technical problems, detect and prevent fraud, and enforce the provisions of the User Agreement.

9. The Administrator informs that the website does not respond to DNT (Do Not Track) signals, but the user can disable certain forms of online tracking, including some analytical data and personalized advertising, by changing cookie settings in his browser or by using our cookie consent tools (if applicable).

10. Detailed information on changing cookie settings and deleting them yourself in the most popular web browsers is available in the web browser’s help section and on the following websites (just click on the link):
a) Google Chrome
b) Mozilla Firefox
c) Microsoft Edge
d) Opera
e) Safari macOS
f) Safari iOS/iPad OS

11. Detailed information about managing cookies on a mobile phone or other mobile device should be found in the user manual of the given mobile device.