Privacy Policy

General information

This privacy  policy (hereinafter referred to as the Privacy policy) contains  information regarding the processing of the personal data of people visiting  this website (hereinafter referred to as the Users). This website (hereinafter  referred to as the Website) is provided by 2Simple Sp. z o. o.  with its registered office in Piotrków Trybunalski (Poland), entered in the  Register of Entrepreneurs of the National Court Register under number 0001054625,  address ul. Henryka Sienkewicza nr 13 lok. 13A, Piotrków Trybunalski 97-300,  email address office@2simple.it,  (hereinafter referred to as the Company).

Principles

The Company respects privacy of the Users. Privacy policy main role is to provide to the Users information on how data that can be used to identify or contact Users (hereinafterreferred to as the Personal data) are processed in connection with Website visiting.

Privacy policy is a part of implementation in the Company of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 - General Data Protection Regulation, (hereinafter referred to as GDPR).

 The Personal data controller

The Company is Personal data controller.

Type of processing Personal data

Using the Website may involve the need to provide the Company with certain Personal data, for example Personal data left in contact form provided on the Website. Personal data may include:

  1. email address;
  2. first and last name;
  3. phone number;
  4. company name;

  5. other Personal data, also collected automatically such as:

    1. IP addresses;
    2. browser type and version
    3. device type and ID;
    4. operating system;
    5. details about the Website visit (dates, duration, visited subpages, diagnostic data).

Providing Personal data is voluntary, however it may be necessary for the proper use ofthe Website (the functionalities it offers).

Personal data processing purposes

The Company is processing Personal data for the following purposes:

  1. use of the Website (the functionalities it offers) - the legal basis pointed in art. 6.1.a GDPR (the necessity to conclude and perform a contract) and in some cases art. 6.1.b GDPR (User’s consent to process User Personal data);
  2. marketing and PR of the Company, in particular its products and services - the legal basis pointed in art. 6.1.f GDPR (legitimate interest of the Company) and in some cases art. 6.1.b GDPR (User’s consent to process his/her personal data);
  3. conducting statistical and analytical activities regarding the use of the Website (the functionalities it offers) and ensuring security of the Website - the legal basis pointed in art. 6.1.f GDPR (legitimate interest of the Company);
  4. establishing, asserting and defending against claims, including claims related to the use of the Website - the legal basis pointed in art. 6.1.f GDPR (legitimate interest of the Company);
  5. performance of legal obligations (e.g. accounting or tax) - the legal basis pointed in art. 6.1.c GDPR (the need to fulfill legal obligations incumbent on the Company).

Personal data maybe processed using profiling mechanism - to achieve the purposes for which itwas collected. However, the Personal data processed in this way is not used bythe Company for the purposes of automatic decision-making processes.

Protectionof Personal data

The Company:

  1. takes appropriate actions (technical and organizational measures) to protect Personal data against:

    1. unauthorized or inappropriate access or use;
    2. accidental destruction;
    3. loss;
    4. violation of integrity.

  2. has implemented the following safety standards:

    1. access control;
    2. backup policy;
    3. monitoring;
    4. review and maintenance procedures;
    5. security incidents management procedure;

  3. always is taking into account:

    1. confidentiality of the Personal data - protecting Personal data from accidental disclosure to unauthorized entities;
    2. integrity of the Personal data - protecting Personal data against unauthorized modification;
    3. monitoring;
    4. availability of the Personal data - ensuring access to Personal Data to the extent necessary and only to appropriately authorized persons.

Personal data maybe entrusted for processing to third parties only if such entities that guarantee compliance with the conditions or standards mentioned above - to ensure the security and confidentiality of Personal data.

Each employed bythe Company person with access to Personal data:

  1. has the appropriate authorization;
  2. is bound by the proper confidentiality provisions.

Period of Personal data processing

The Company makes appropriate efforts to ensure that the processing of Personal data lasts onlyas long as necessary to achieve the purposes for which the Personal data wascollected.

Personal data collectedin connection with the use of the Website will be processed:

  1. for the duration of such use;

  2. after the above-mentioned duration:

    1. to the extent required by law (e.g. for tax purposes) or until the statute of limitations for claims;
    2. to the extent required by the legitimate interest of the Company or the consent expressed by the User – unless the User exercises his or her rights to raise an effective objection or withdraw previously granted consent.  

Personal data recipents

The Company can make Personal data available to entities that are providing specific services to the Company, such as:

  1. IT tools providers;
  2. Infrastructure providers;
  3. Legal and accounting services providers.

erPsonal data maybe transferred outside the European Economic Area – when the Company uses the services provided by the entities based or operating outside the European Economic Area. If such a transfer takes place to a country that is not covered by the European Commission's decision to ensure an adequate level of data protection, the Company will ensure an adequate level of protection of Personal Data, in particular through the so-called standard contractual clauses issued by the European Commission.

The Company maybe obliged – due to applicable law - to share Personal data with public authorities.

Rights of the subjects of Personal data

The Company strives to protect Users' rights as much as possible. The company enables Users to exercise their rights - in particular, it set out in Articles 15-21 of the GDPR - which includes:

  1. right of access to the Personal data User have theright to obtain from the Company confirmation as to whether or not User Personal data are being processed, and - where that is the case - access to the User Personal data and to the information related to User Personal data processing;

  2. right to rectification of the Personal data – User canrequest the Company to make appropriate changes in User Personal data if it is inaccurate or incomplete;

  3. right to erasure of the Personal data (also known as “the right to be forgotten”) – User can request the Company to erasure User Personal data and the Company is obliged to do so without undue delay - where certain grounds applies;

  4. right to restriction of processing of the Personal data – User can request the Company to limit the scope of processed User Personal data in cases specified by the law;

  5. right to the Personal data portability – User can request the Company - within the limits of the law - to return User Personal data or to transfer it to another controller;

  6. right to object to the processing of the Personal data – User can object - on grounds relating to User particular situation – to processing User Personal data, but in case of direct marketing purposes above-mentioned right may be exercised at any time;

  7. right to withdraw the consent on Personal data processing – User can withdraw the consent on User Personal data processing at any time - the above-mentioned withdrawal will not affect the lawfulness ofthe User Personal data processing based on consent, before its withdrawal;

  8. right to file the compliant – User have theright to lodge a complaint on User Personal data processing by the Company with the relevant supervisory authority, which in Poland is the President of the Office for Personal Data Protection (ul. Stawki 2, 00-193 Warsaw).

Contact

The Company provides a dedicated e-mail address for contact purposes for any case related to privacy, in particular Personal data: privacy@2simple.it

The above does not exclude the possibility of contacting the Company using the address details provided in the Privacy policy.