Privacy Policy
DEFINITIONS
Policy: this Privacy Policy of the BINNAVI mobile application.
Administrator: ELTE SMART Sp. z o.o. with registered office in Medyczna 15, 30-688 Kraków, TIN 6792585194, REGON 35707577700000 (hereinafter referred to as “Administrator”).
Personal data: any information about an identified or identifiable natural person (data subject). An identifiable natural person is a person who can be identified directly or indirectly, in particular on the basis of an identifier such as name, location data, internet identifier, TIN, email, telephone number, business address.
RODO: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
Application: mobile application BINNAVI by Elte Smart sp. z o. o.
User: any natural person using the BINNAVI.
Trusted partner: an entity from the marketing industry cooperating with the Administrator that offers technologies enabling the display of profiled advertising on websites not belonging to the Administrator.
PROCESSING OF PERSONAL DATA IN CONNECTION WITH THE USE OF THE SERVICE
In connection with the User’s use of the Application, the Administrator collects personal data to the extent necessary to provide the various services offered on the Application, as well as information about the User’s activity on the Application. The detailed rules and purposes of the processing of personal data collected during the User’s use of the Application or other Administrator services covered by this Policy are described below.
PURPOSES AND LEGAL BASES FOR THE PROCESSING OF PERSONAL DATA ON THE APPLICATION OR OTHER SERVICES OF THE CONTROLLER
Use of the Application
The personal data of all persons using the Application (including IP address or other identifiers) and who are not registered Users (i.e. persons who do not have a profile in the Application) are processed by the Administrator:
1) for the purpose of providing electronic services with regard to making the content collected in the Application available to Users – in which case the legal basis for processing is the necessity of processing for the performance of the agreement (Article 6(1)(b) RODO),
2) for analytical and statistical purposes – then the legal basis for processing is the Administrator’s legitimate interest (Article 6(1)(f) RODO), consisting of conducting analyses of the Users’ activities, as well as their preferences, in order to improve the applied functionalities and services provided,
3) for marketing purposes of the Administrator and other entities – the principles of processing personal data for marketing purposes are described in the MARKETING section.
Marketing
The Administrator processes Users’ personal data in order to carry out marketing activities, which may consist in:
1) Sending e-mail notifications of interesting offers or content, which in some cases contain commercial information (newsletter service),
2) Conducting other activities related to direct marketing of goods and services (sending commercial information by e-mail and telemarketing activities),
3) Displaying marketing content to the User which is not adapted to his/her preferences (contextual advertising),
Newsletter
The Administrator provides a newsletter service to persons who have provided their e-mail address for this purpose. The provision of personal data is required in order to provide the newsletter service, and failure to do so will result in the newsletter not being sent.
Personal data are processed:
1) In order to provide the newsletter service – the legal basis for the processing is the necessity of the processing for the performance of the contract (Art. 6(1)(b) RODO),
2) In the case of directing marketing content to the User as part of the newsletter – the legal basis for processing is the Administrator’s legitimate interest (Article 6(1)(f) RODO), in connection with the expressed consent to receive the newsletter, and to the extent that marketing concerns entities other than the Administrator – on the basis of a separately expressed consent in this regard (Article 6(1)(a) RODO),
3) For analytical and statistical purposes – the legal basis of the processing is the Administrator’s legitimate interest (Article 6(1)(f) RODO), consisting of conducting analyses of User activity on the Website in order to improve the applied functionalities,
4) For the purpose of possible establishment, investigation or defence against claims – the legal basis of the processing is the Administrator’s legitimate interest (Article 6(1)(f) RODO), consisting in the protection of its rights.
Direct marketing
The User’s personal data may also be used by the Administrator to direct marketing content to the User through various channels, i.e. by e-mail, by MMS/SMS or by telephone – e.g. in the form of a newsletter or promotional e-mailing or informing about a new product or service. Such actions are only taken by the Administrator if the User has given his or her consent in this respect, which can be withdrawn at any time.
If the User has given the appropriate consent, the Administrator may send marketing content concerning Elte Smart sp. z o. o. via the above communication channels, as well as by post.
Contextual advertising
The Administrator displays marketing content on the Website in the form of contextual advertising, i.e. advertising that is not tailored to the User’s preferences. The processing of Personal Data is then carried out in connection with the Administrator’s legitimate interest (Article 6(1)(f) RODO) in carrying out marketing activities by the Administrator.
Location information
When you run the BINNAVI mobile app in your device, we collect location data through GPS, wifi, or cellular triangulation.
We use this information to pinpoint the exact location of the activities performed. Collected location data are not linked to the user, but only to the device or vehicle in which the device is used.
We maintain this data only so long as is reasonable to provide our service.
PERIOD OF PROCESSING OF PERSONAL DATA
The period of processing of personal data by the Administrator depends on the type of service provided and the purpose of the processing. As a general rule, personal data shall be processed for the duration of the service provision until the withdrawal of the consent given or the filing of an effective objection to the processing of personal data in cases where the legal basis for the processing of personal data is the legitimate interest of the Administrator.
The period of processing of personal data may be extended where the processing is necessary for the establishment, investigation or defence against possible claims, and after this period, only if and to the extent that the provisions of applicable law require it. After the expiry of the processing period, the personal data shall be irreversibly deleted or anonymised.
YOUR RIGHTS
The User has the right to access the content of his/her personal data and to request its rectification, erasure, restriction of processing, the right to personal data portability and the right to object to the processing of personal data, as well as the right to lodge a complaint with the supervisory authority in charge of personal data protection.
To the extent that the User’s personal data is processed on the basis of consent, you may withdraw this consent at any time by contacting the Administrator or using the functionalities provided in the Application.
The User has the right to object to the processing of personal data for marketing purposes if the processing is carried out in connection with the Administrator’s legitimate interest, and also – for reasons related to the User’s particular situation – in other cases where the legal basis for the processing of personal data is the Administrator’s legitimate interest (e.g. in connection with the realization of analytical and statistical purposes).
For more information on the User’s rights under applicable legislation, please see the Personal Data Processing Policy.
RECIPIENTS OF PERSONAL DATA
The Administrator does not make personal data collected through the Application available to unauthorised persons or third parties, with the exception of entities providing services to the Administrator under separate agreements.
In connection with the above, personal data may be disclosed to external entities, in particular to entities providing payment intermediation services, , to the Product and Packaging and Waste Management Database, to suppliers responsible for the operation of IT systems, to entities providing courier services (in connection with paper correspondence) and to entities related to the Administrator.
If the User’s consent is obtained, his/her personal data may also be made available to other entities for their own purposes, including marketing.
The Administrator reserves the right to disclose selected information concerning the User to the competent authorities, or to third parties who make a request for such information, on an appropriate legal basis and in accordance with the provisions of the applicable law.
SECURITY OF PERSONAL DATA
The Administrator shall make every effort to respect the rights and ensure a sense of security of the Users using its Application, in particular ensuring that only authorised persons have access to the Users’ personal data and only to the extent necessary for their efficient and satisfactory service.
The Administrator shall take all necessary measures to ensure that also its subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process personal data on behalf of the Administrator.
The Administrator reserves the right to make changes to the content of its Services at any time and to any extent, without the need to notify Users.
CHANGES TO THE PRIVACY POLICY
The Policy is reviewed on an ongoing basis and updated as necessary.
This version of the Policy is effective as of 01.05.2023