Higher effectiveness standard
Privacy
Privacy Policy
Privacy Policy of Sunrise System sp. z o.o. sp. k. as a Service Provider
as of 23rd May 2018
§1. General information
  1. Privacy Policy lays down rules of personal data processing and protection with regard to the use of Controller's contact forms by the User.
  2. Within the meaning of this Privacy Policy, User is a natural person submitting an inquiry and / or an order concerning services provided by Controller.
  3. Within the meaning of regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC („GDPR”) L 119/40 PL Official Journal of the European Union 4.5.2016., Personal Data Controller is Sunrise System sp. z o.o. sp. k., NIP: 7831707183, REGON: 302598908, KRS 0000489705, with headquarters in 61-894 Poznań, Plac Andersa 3, tel: 61 655 95 55, e-mail: biuro@sunrisesystem.pl
  4. Contact in matters concerning processing of data by the Controller: iod@sunrisesystem.pl
  5. Scope, purpose and period of data processing is specified in the following parts of this Privacy Policy.
§2. Purpose of data processing by the Controller
  1. User entrusts the Controller with processing of personal data in order to complete the inquiry and / or order made via contact form, including sending to the User a personalized commercial message ordered by the User.
  2. Submitting by the User a phone number constitutes a consent for contact by phone for purposes defined in point 1 above.
  3. Submitting by the User an email address constitutes a consent for contact by email for purposes defined in point 1 above.
  4. Giving consent by submitting contact data is voluntary, although in some cases might make the processing of inquiry / order, submitted via contact form, impossible.
  5. User's personal data might be shared with the following recipients: processor from within the Controller's capital group and Controller's partners, with whom the Controller cooperates, combining products or services. In a situation when the cooperation is established, the data might also be available to subcontractors (processors), such as: bookkeeping companies.
  6. Controller reserves the right to submit an inquiry to the User – during processing of inquiry / order – via phone and / or email concerning further consent for processing of personal data with the purpose of direct marketing and use of telecommunications devices. Without User’s consent the data will not be processed for this purpose.
§3. Scope of data processing by the Controller
  1. Users' personal data, gathered on the basis of this Privacy Policy, include part or all of the following data:
    1. User's data:
      • name and surname,
      • contact phone number,
      • contact email address,
    2. IP addresses,
    3. www address of the domain, which the User wants to promote via the Controller's services.
  2. Scope of processing of data described above also includes making backup copies.
  3. An automated system, which allows to monitor user’s behavior and adjusting content to user's preferences, works on the website. This system is integrated with our website and every user might object to it at any time.
  4. Controller uses cookie files in order to ensure correct operation of the website, especially to adjust the content of pages to user preferences and to optimize the use of pages. These files especially allow to recognize basic parameters of user's device (such as: device type, resolution, country of visit) and, as a result, appropriately display the website adjusted to user's needs.
  5. Controller also uses cookies in order to gather general and anonymous statistical data via Google Analytics analytical tools (cookies controller: Google Inc with headquarters in USA).
  6. User can independently and at any time change cookie files’ settings, defining conditions of their storage and conditions of gaining access by cookie files to user's device. User can change these settings in web browser settings. These settings can be changed especially to block automatic cookie files support in web browser's settings or inform each time cookies are put on user's device. Detailed information on possibilities and methods of cookie files support are available in software’s (web browser’s) settings.
  7. User can remove cookie files by using functions available within the web browser used.
  8. Limiting cookie files support might influence some of the functions available on the website.
  9. More about cookie files: Cookie policy
  10. Controller will register the filing system of Users’ personal data with regard and under the terms referred to in GDPR or other regulations in force.
§4. Rights of the User, whose data are processed
  1. User has right to:
    1. access personal data,
    2. correct personal data,
    3. remove personal data,
    4. limit processing of personal data,
    5. transfer personal data,
    6. object to processing of personal data.
  2. To exercise these rights, the User should send an email to: iod@sunrisesystem.pl
  3. Controller processes User's request immediately, with the reservation that removal, limitation, transfer or objection to data processing might influence the possibility or scope of correct processing of the inquiry / order placed, including sending personalized marketing message.
§5. Period of personal data processing by the Controller
Controller stores Users’ personal data for a period no longer than it is necessary to process inquiry / order placed, including preparation of personalized commercial offer and allowing the Controller to fulfill their obligations. After this time the data are stored only for the purpose of securing legal claims. Please remember, that Users can request to remove data at any time.
    §6. Controller's obligations
    Personal Data Controller undertakes measures to secure processing of personal data with regard to the Regulation, especially to:
    1. protect data from being shared with unauthorized persons, from being appropriated by an unauthorized person, changed, damaged or destroyed,
    2. allow to process personal data only by persons with authorization submitted by the Controller,
    3. ensure control over correct personal data processing,
    4. maintain a record of persons authorized to process personal data, take special care that persons authorized to process personal data keep it secret, also after processing by the Controller ended, including but not limited to informing them about legal consequences of breaching data confidentiality and collecting statements on the obligation of keeping this data confidential,
    5. maintain, required by the letter of the law, documentation describing the methods of processing of the entrusted personal data and technical and organizational resources ensuring protection of processing of that data, including especially: Register of Data Processing Processes, Personal Data Privacy Policy and Management Instruction of IT System used for Personal Data Processing,
    6. ensure that devices and IT and telecommunications systems used to process personal data comply with the requirements of the Regulation of 29 April 2004 by the Minister of Internal Affairs and Administration as regards personal data processing documentation and technical and organizational conditions which should be fulfilled by devices and computer systems used for the personal data processing.