We make every effort to ensure the security and confidentiality of your data. We care about your privacy, both when you visit our Website, register an account with us and use our services, as well as when you contact us by phone, email or online chat, subscribe to our newsletter or visit our social media channels. We act in compliance with the rule of law, including provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46/EC (hereinafter the “GDPR”).
In this document, we would like to provide you with essential information about your personal data processing. For the sake of clarity, we have put them together in the form of questions and answers. All of this is to let you know why, on what basis and for how long we process your data, as well as who can access it and what rights you have.
HOW DO WE ACCESS YOUR PERSONAL DATA?
Using the website backona.com (hereinafter: “Website”), you may be asked to provide your personal data. The provision of data is voluntary, but in certain situations, it may be necessary. For instance, if you do not provide us with your email address, we will not send you our newsletter, register your account or answer by email your question asked through the contact form.
Some data is collected automatically through cookies during your visit to the Website (e.g. IP address, browser type, operating system type, etc.). They are used to administer the Website, provide hosting services and create relevant marketing content. However, you can freely block and restrict the installation of cookies using your browser settings or the other (free) solutions.
WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The administrator of your personal data is Moonjelly, the owner of BackonA brand with registered office in Poland, Krakow, ul. Kobierzynska 188B/1, NIP (tax id): 813-382-52-41, REGON: 384680394 KRS: 0000810117.
If you have any questions or concerns, you can contact us electronically at the following email address: firstname.lastname@example.org.
FOR WHAT PURPOSE, ON WHAT LEGAL BASIS AND FOR HOW LONG DO WE PROCESS YOUR DATA?
We process your personal data for a variety of purposes, each with its own legal basis and processing time frame. They include:
- Concluding and performing contracts for services.
- Complying with tax obligations.
- Complying with personal data protection legal requirements.
- Determining, pursuing, and defending possible claims.
- Ensuring the proper functioning of the Website and analyzing user activity.
- Running a fan page on Facebook and a group.
- Answering your questions addressed to us by telephone or email.
- Marketing purposes.
WHO MAY BE A RECIPIENT OF YOUR PERSONAL DATA?
In certain situations, we rely on the support and assistance of external entities. However, each time, prior to the transfer of personal data, we require the recipients to guarantee an adequate level of data protection and confidentiality. The recipients of your personal data may be various entities such as those involved in the performance of our contracts, state authorities, and others.
DO WE TRANSFER PERSONAL DATA TO THIRD COUNTRIES?
In general, we do not transfer personal data to countries outside the European Union and the European Economic Area (EEA). However, if such a need arises in connection with the provision of services, we will assess the circumstances and ensure that an appropriate level of data protection is in place so that the processing is carried out in accordance with applicable legal regulations.
Operating the Website, we use services and technologies offered by the entities such as Facebook, Microsoft, Google, which are based in the United States and may partially process personal data using servers located outside the European Economic Area (EEA).
In the light of the provisions of the GDPR, these are so-called entities located in third countries, in respect of which an assurance of an adequate level of protection or a note of the existence of appropriate safeguards must be demonstrated. We ensure that the aforementioned entities apply the compliance mechanisms provided for by the GDPR (e.g. certificates) or standard contractual clauses adopted by the European Commission (Article 46(2)(c) of the GDPR).
For more information on the data processing by the aforementioned entities, please visit the websites of the providers of these services.
DO WE PROFILE YOUR PERSONAL DATA?
As part of the Website and the technologies used, we may profile your data. This involves using your data (i.e. gender, age, interests, approximate location, your behaviour on the Website) to assess your activity and potential interest in the services.
The profiling makes it possible to personalise offer and advertisements addressed to the users; however it does not influence the terms and conditions of concluded contracts for the provision of the services. The information processed is anonymous and is not associated with the user ordering the services. Thus, we do not make any automated decisions that could have legal consequences for individuals or could affect them in a similarly significant manner.
WHAT PERSONAL DATA DO WE PROCESS AS A PROCESSOR AND HOW DO WE OBTAIN THEM?
Under the terms of service and any other separate agreements, we also act as a processor, processing personal data of our customers. These data are collected and subsequently recorded in the Backona system directly by the controller of these data, that is MailerLite Limited, an Irish registered company at Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland.
As a processor, we process data only on the documented instructions of the controller of such data (under a data entrustment agreement), committing ourselves to secure the data properly by applying appropriate technical and organisational measures and ensure an adequate level of protection corresponding to the risks involved in the processing of personal data (in accordance with the Article 32 of the GDPR). We also ensure that persons authorised by us to process the data have undertaken to keep it confidential. Upon completion of the services relating to the processing of personal data entrusted to us, we will return all such data to the controller of such data (the Customer) and delete existing copies unless applicable law obliges us to store personal data.
On the Website we use so-called cookies (“cookies”), which are short text information stored on your computer, phone, tablet or other user devices, which can be read by our system and also by the systems belonging to other entities whose services we use: Facebook, Google.
Thanks to cookies, we collect anonymous data about users’ visits to the Website, which we can use to improve the functionality of the Website, identify errors or for marketing purposes. Usually, web browsers allow the use of the cookies on the end device by default. However, users can block and restrict the installation of cookies at their own discretion, using their browser settings or by using other (free) solutions.