044

Privacy Policy

1. General information

  1. This Privacy Policy describes how 044 SOUL SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (the “Controller”, “we”) processes personal data of users of the website https://044soul.com and related online services, including the S5 CRM service.
  2. This Policy has been prepared in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Polish data protection regulations.

2. Data Controller

  1. The Controller of personal data is:
    044 SOUL SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
    address: ul. Złota 75A lok. 7, 00-819 Warszawa
    NIP: 5273161414, NIP EU: PL5273161414
    KRS: 0001169108, REGON: 541522343
  2. Contact for data protection matters:
    e-mail: info@044soul.com
    postal address: as above, with the note “Personal data”.

3. Categories of data processed

We may process the following categories of data:

  1. Account and profile data
    First name, surname, e-mail address, and, where necessary, phone number or other contact details provided by the User during registration or when using the Service.
  2. Billing and identification data
    Address, invoice details, tax data (if required).
  3. Website and Service usage data
    IP address, device and browser type, operating system, dates and times of access, visited pages, actions within the interface, log files.
  4. Data entered by the User into the Service
    Data of clients, contractors, deals and any other information processed within the S5 CRM functionality. In relation to such data, the User may act as an independent controller vis-à-vis their own clients, while we typically act as a processor under a separate agreement or data processing arrangement.
  5. Communication data
    Content of communication with us (e-mails, support tickets, messages submitted via contact forms and similar channels).

4. Purposes and legal bases for processing

We process personal data for the following purposes and on the following legal bases:

  1. Conclusion and performance of the Agreement (Article 6(1)(b) GDPR):
    • creation and maintenance of the User’s Account;
    • provision of access to the functionality of the Service;
    • processing of orders and payments;
    • communication with the User regarding the Service.
  2. Compliance with legal obligations (Article 6(1)© GDPR):
    • bookkeeping and tax obligations;
    • archiving of documents for the periods required by law.
  3. Legitimate interests of the Controller (Article 6(1)(f) GDPR):
    • ensuring security and integrity of the Service (logging, preventing abuse, defending against attacks);
    • protecting our rights and interests in the event of claims or disputes;
    • analysing and improving the website and the Service, including their functionality and performance.
  4. User consent (Article 6(1)(a) GDPR):
    • sending marketing communications (newsletters, offers, information about new features), where the User has given consent;
    • using certain cookies and similar technologies for analytical or marketing purposes, where such consent is required and given.
  5. If we intend to process personal data for purposes other than those listed above, we will provide information about such purposes and legal bases before starting such processing.

5. Recipients of data

Personal data may be disclosed to the following categories of recipients:

  1. providers of IT infrastructure, hosting, servers and cloud solutions;
  2. payment providers and banks involved in processing payments;
  3. accounting, legal and consulting service providers;
  4. providers of analytics tools and e-mail communication systems (if used);
  5. public authorities and other entities, where such disclosure is required by law or necessary to protect our legitimate interests.

Each recipient processes personal data either as an independent controller or as a processor acting on our behalf under an appropriate data processing agreement.

6. Transfer of data outside the European Economic Area

  1. If, in the course of using certain services, personal data are transferred outside the European Economic Area, we ensure that appropriate safeguards are implemented, such as:
    • standard contractual clauses (Standard Contractual Clauses),
    • or other mechanisms provided for in the GDPR.
  2. Information on the specific mechanisms of cross-border data transfers may be provided upon the User’s request.

7. Data retention periods

  1. Data related to the Account and the Agreement are stored for the duration of the Agreement and subsequently:
    • for the limitation periods for claims, for the purposes of defending against such claims;
    • for the periods required for tax and accounting purposes.
  2. Data processed on the basis of consent are stored until the consent is withdrawn or until the purpose of the processing has been achieved.
  3. Log files and technical information may be stored for a technically justified period.

8. Data subject rights

The User has the following rights regarding their personal data:

  1. Right of access
    To obtain confirmation as to whether their data are being processed and, where this is the case, access to those data and related information.
  2. Right to rectification
    To request correction of inaccurate data or completion of incomplete data.
  3. Right to erasure (“right to be forgotten”)
    To request deletion of data in cases provided for by the GDPR (e.g. where the data are no longer necessary for the purposes for which they were collected).
  4. Right to restriction of processing
    To request restriction of processing in situations specified by the GDPR.
  5. Right to data portability
    To receive the data provided to the Controller in a structured, commonly used and machine-readable format and/or to have those data transmitted to another controller, where legally permissible.
  6. Right to object
    To object, on grounds relating to their particular situation, to processing based on the Controller’s legitimate interests, including profiling and direct marketing.
  7. Right to withdraw consent
    Where processing is based on consent, the User may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.
  8. Right to lodge a complaint
    The User has the right to lodge a complaint with the competent supervisory authority for data protection, in particular in the EU Member State of their habitual residence, place of work or of an alleged infringement.

To exercise these rights, the User may contact us at info@044soul.com.

9. Requirement to provide data

  1. Providing certain data (e.g. e-mail address, name, address for invoicing) may be necessary to conclude the Agreement and use the Service. Failure to provide such data may prevent conclusion of the Agreement or use of specific functionalities.
  2. Data processed on the basis of consent (e.g. for marketing communications) are provided voluntarily; failure to provide them limits only the ability to receive such communications or participate in specific activities.

10. Cookies and similar technologies

  1. The website https://044soul.com uses cookies that are necessary for the technically correct operation of the website and the Service.
  2. We use only strictly necessary (technical) cookies, which are required to:
    • maintain sessions and authentication;
    • ensure security;
    • correctly display pages and operate the main functionalities of the Service.
  3. We do not use cookies for:
    • analytics or statistics (e.g. Google Analytics);
    • marketing, advertising or profiling;
    • sharing data with third parties for advertising or tracking purposes.
  4. Processing of data related to such technical cookies is based on the Controller’s legitimate interest in ensuring the stable and secure operation of the website and the Service.
  5. The User can manage cookies through their browser settings (deleting, blocking or restricting cookies). However, completely blocking cookies may result in some functions of the website and the Service not functioning correctly.
  6. Additional information on cookies and their use is provided in a separate Cookie Policy available on the website https://044soul.com.

11. Changes to this Privacy Policy

  1. We may update this Privacy Policy in particular in the event of:
    • changes in applicable law;
    • changes in the purposes or methods of data processing;
    • development of the Service or changes in the technologies we use.
  2. The current version of this Privacy Policy is published on the website https://044soul.com and replaces all previous versions. In the event of material changes, we may additionally inform Users via the Service or by e-mail.