This document applies to websites at the following URL addresses: www.smay.pl; www.smay.eu; serwis.smay.pl; www.b2b.smay.eu, www.buildvent.pl; www.archivent.pl; www.smay-lueftung.de; www.bezpiecznaewakuacja.pl; www.licencje.smay.pl; www.tlumiki.smay.org.
This document sets forth the terms of processing of personal data (sections I–XI of this document) and cookies (sections XII–XVI of this document). It also sets forth the terms of use for other tools used for data processing (sections XVII–XIX of this document).
I. HOW TO CONTACT THE DATA CONTROLLER
The personal data controller is SMAY Sp. z o.o., member of the Group (in which PHP Smay Marek Maj and Smay Serwis Michał Maj are co-controllers), with its registered office in Podłęże 678, 32-003 Podłęże. To contact us, send an e-mail to:
odo@smay.eu
II. WHAT IS THE BASIS OF PERSONAL DATA PROCESSING?
When collecting personal data, we always advise of the legal basis of their processing. The basis follows from the requirements of GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). When we refer to:
- Article 6(1)(a) GDPR – it means that we process personal data on the basis of your consent
- Article 6(1)(b) GDPR – it means that we process personal data to perform a contract or to take steps prior to such contract, at the request of the data subject
- Article 6(1)(c) GDPR – it means that we process personal data for legal compliance purposes
- Article 6(1)(f) GDPR – it means that we process personal data for the purposes of our legitimate interests
- Article 9(2)(a) GDPR – it means that we process personal data on the basis of your consent
- Article 9(2)(b) GDPR – it means that we process personal data for the purposes of carrying out obligations and exercising specific rights in the area of labour law.
III. INFORMATION ABOUT PERSONAL DATA PROCESSING TO CONTACT, EXECUTE AND PERFORM CONTRACTS, PURSUE AND DEFEND CLAIMS (IF ANY)
- We may process personal data necessary to perform the contract with you. However, even prior to its execution, we may process personal data necessary to take steps at your request. This type of processing is performed on the basis of Article 6(1)(b) of the GDPR.
- In the case of a contract for non-gratuitous services, we may process your data to comply with accounting and tax duties. This type of processing is performed on the basis of Article 6(1)(c) of the GDPR.
- In the course of performance of the contract and after its completion, we process personal data of a party to the contract to examine or pursue claims, if any. Our legitimate interest is for example the capacity to respond to a complaint, which we are bound to do under separate civil-law provisions. It may also happen that we do not receive a payment under the contract we perform. In that case, we will process personal data on the basis of our legitimate interest, that is the pursuit of claims. This type of processing is performed on the basis of Article 6(1)(f) of the GDPR.
- We will retain such data for the period necessary to achieve set purposes, but not beyond the period of limitation for claims resulting from separate laws.
- You have the right, at any time, to access your data, correct and delete them, restrict their processing, the right to data portability and the right to lodge a complaint with the supervisory authority. When we process your personal data for the purpose specified in section 3, you also have the right to object to their processing.
- You provide your data on a voluntary basis, but your failure to do so will prevent us from executing or performing the contract.
- Recipients of the data are companies with which we cooperate to perform services, in particular companies providing system tools, such as the hosting services provider, business party database management system provider, e-mail service provider, telecom services provider, invoice processing software provider, banking and electronic payment services provider, legal, consulting and debt enforcement services provider, e-mail platform, webinar, marketing automation and other service providers we use for the stated purpose.
IV. INFORMATION ABOUT DATA PROCESSING FOR RECRUITMENT
- To join our company, you may register at www.smay.pl if you respond to a specific vacancy indicated in the application form, or you may submit your application for future reference. If you used that functionality, we process your personal data for an ongoing recruitment process, or for future recruitment processes.
- The processing of your personal data to the extent specified in labour laws or other specific acts of Parliament takes place on the basis of Article 6(1)(b) of the GDPR and Article 9(2)(b) of the GDPR, whereas other data provided for that purpose or to join future recruitment processes will be processed on the basis of the consent given by you, according to Article 6(1)(a) or Article 9(2)(a) of the GDPR. Your voluntary provision of data has no impact on eligibility to join the recruitment procedure.
- We may process your personal data included in your application form also to determine, pursue or defend claims, if the claims are related to our recruitment processes. To that end, we will process your personal data on the basis of our legitimate interest, under Article 6(1)(f) of the GDPR, being determination, pursuit or defence of claims in proceedings before courts or government authorities.
- You may withdraw your consent at any time. However, your withdrawal of the consent does not affect the legitimacy of prior data processing.
- We will retain your data for 3 months from the end of the recruitment (execution of the target contract) or, if the relevant consent is given, until it is withdrawn, but not longer than 2 years.
- Please note that you have the right, at any time, to access your data, correct and delete them, restrict their processing, the right to data portability, and the right to lodge a complaint with the supervisory authority.
- The provision of data to the extent referred to in Article 221 of the Labour Code is necessary to enter recruitment. The provision of other data is voluntary.
- Recipients of those data are: electronic mail hosting provider.
V. INFORMATION ABOUT DATA PROCESSING FOR NEWSLETTER
- We offer the option of subscribing to our newsletter. If you use that functionality, we process your personal data to send you the newsletter. The newsletter may contain advertising, educational, commercial or marketing content.
- This type of processing is performed on the basis of your consent, that is under 6(1)(a) of the GDPR.
- You may withdraw your consent at any time. However, your withdrawal of the consent does not affect the legitimacy of prior data processing.
- We will retain your data until you withdraw your consent. If you never withdraw it, we will process your personal data for as long as we send the newsletter.
- You have the right to access your data, correct and delete them, restrict their processing, the right to data portability, and the right to lodge a complaint with the supervisory authority.
- You provide your data on a voluntary basis, but your failure to do so will prevent us from sending you the newsletter.
- Recipients of such data are our hosting provider, electronic mail provider, and the newsletter sending service provider, the provider of SAS systems used for webinars, of the marketing automation system and of other systems used for marketing activities.
- Subject to your consent, we may also share your data with external partners for the purposes of marketing and commercial cooperation. Your consent is always voluntary and may be withdrawn at any time.
VI. INFORMATION ABOUT DATA PROCESSING FOR DIRECT MARKETING AND PROFILING
- We may process your personal data for direct marketing purposes. This happens, for example, when we respond to your message, providing you with details of our offering.
- For direct marketing purposes, we may us profiling, which involves automatic decision-making about displaying ads for you, or about sending you dedicated content in e-mail messages. That decision is taken on the basis of your activities on the Websites, in forms, and in particular on the basis of executed contracts or viewed pages. In practical terms, profiling improves the usability of our Websites and newsletters, allowing us to provide you with content that is potentially more likely to be of interest to you.
- This type of processing is performed on the basis of Article 6(1)(f) of the GDPR.
- We will process your data for the period necessary for the purpose of the processing.
- You have the right to access your data, correct and delete them, restrict their processing, the right to data portability, the right to object to the processing, and the right to lodge a complaint with the supervisory authority.
- You have the right not to be subject to profiling, unless you have given your consent. Then, however, the basis of our processing of your data will be your consent [Article 6(1)(a) of the GDPR] that you may withdraw at any time. In that case, your data will be processed until you withdraw your consent.
- You provide your data on a voluntary basis, but your failure to do so will prevent us from performing direct marketing activities.
- Recipients of such data are our hosting provider, electronic mail provider, mailing systems, CRM and marketing automation provider, advertising system provider, conferencing and ticketing system provider, provider of messengers available on the Websites, advertising services provider and telecom services provider.
VII. INFORMATION ABOUT DATA PROCESSING FOR SECURITY
- From the moment you launch our website, to ensure service security, we may process such data as:
- public IP address of the querying device
- type and language of the web browser
- login location, i.e. country, province and town
- type of device: desktop computer, mobile
- date and time of query
- number of bytes sent by the server
- number of sessions and pages viewed
- URL address of the previously viewed page, if the visit is made by using a link
- information about errors with the processing of the query.
- Our legitimate interest in this type of processing is maintaining server event logs and securing the Websites against potential hackers and other fraudsters. That includes the option of determining the IP of the person performing an illegitimate activity on the Website, such as an attempt to hack security, or publish prohibited content, or with the use of our servers.
- This type of processing is performed on the basis of Article 6(1)(f) of the GDPR.
- We will retain such data for the period necessary to achieve set purposes, but not beyond the period of limitation for claims resulting from separate laws.
- You have the right to access your data, correct and delete them, restrict their processing, the right to object to their processing, and the right to lodge a complaint with the supervisory authority.
- Your provision of such data is a precondition for your use of the Websites. Your failure to provide such data will prevent you from using the Websites.
- The recipient of such data is our hosting provider and B2B telecom services provider.
- The website www.smay.pl allows the use of the B2B system; the website is available over https://b2b.smay.eu and can be accessed by registered customers of SMAY Sp. z o.o.
- The provision of services electronically takes place in compliance with the regulations, which define in particular the types and range of services provided electronically, the terms and conditions of providing these services, including technical specifications and prohibitions on providing unlawful content, the terms of executing and terminating contracts for electronic services, the terms of sending commercial information, and the complaint procedure.
- The processing of personal data takes place according to section II, III and VII of this privacy policy.
VIII. INFORMATION ABOUT DATA RECIPIENTS
In processing personal data, we rely on external services. Therefore, third parties may be the recipients of your personal data. When collecting personal data, we always advise you of those recipients, but for clarity, we do it in a brief form. Therefore, we hereby explain that when we refer the respective recipient categories, these are the following entities:
- Hosting provider: cyber_Folks, https://cyberfolks.pl/polityka-prywatnosci/
- Email services provider: Microsoft Corporation, https://privacy.microsoft.com/pl-PL/privacystatement/
- IT services provider: DataConsult https://dataconsult.pl/polityka-prywatnosci/
- IT services provider: Editel, https://www.editel.pl/kontakt/polityka-prywatnosci/
- Legal / advisory / debt collection services provider – these service providers are appointed individually in case of each specific need.
- Newsletter services provider: User.com, https://www.user.com/en/security/privacy-policy/
- Webinars services provider: Clickmeeting, https://legal.clickmeeting.com/pl/privacy-security-pl/privacy-policy-pl/
IX. INFORMATION ABOUT DATA TRANSFER TO THIRD COUNTRIES
- Because we use other providers, your personal data may be transferred outside the European Economic Area. Having a server at different locations enables us to enhance security against attacks and failures, and enables the connection between the user and the server closest to the user’s location. This may be performed for purposes specified in section III, V and VI of this privacy and cookies policy.
- The European Commission has determined that certain countries outside the European Economic Area duly protect personal data.
- Since the country to which we transfer personal data has not been considered a safe country, the data transfer takes place on the basis of a contract with standard contractual clauses adopted by the European Commission.
X. ABSOLUTE RIGHTS OF DATA SUBJECTS
When we mention rights relating to the processing of your personal data, we refer to the rights mentioned below. The option to use the rights below is independent of the legal basis for personal data processing, however the Controller may deny the exercise of the right if there are important, legitimate bases for the processing.
Right to access data
You have the right to obtain confirmation from us whether we process your personal data. If so, you have the right to access those data, and to receive additional information about:
- purposes of the processing,
- relevant data categories,
- recipients or categories of recipients to which such data were or are disclosed, in particular recipients in third countries or international organisations,
- where possible, planned retention period of such data, and where not possible, the criteria for the setting of the period,
- the right to demand that we correct, delete or restrict the processing of the data, to object to the processing, and the right to lodge a complaint with the supervisory authority.
- source of the data, if the data are not collected from you,
- automated decision-making, including profiling and the terms of such decision-making, and about the significance and expected consequences of such processing for you.
After receiving that request, we are required to provide a copy of personal data subject to the processing. If we receive that request electronically and do not receive another reservation, we provide the information electronically as well.
Right to correct data
You have the right to demand that we promptly correct your personal data, if incorrect. Considering the purposes of the processing, you have the right to demand rectification of incomplete personal data, including by submitting a new declaration.
Right to delete data (be forgotten)
You have the right to demand that we promptly delete your personal data. We have the duty to delete, without undue delay, the personal data, if any of the following circumstances occur:
- you have withdrawn your consent to the processing of your personal data, and we have no other basis for the processing,
- you filed an effective objection to the processing of your personal data,
- your personal data were processed against the law,
- your personal data must be removed to comply with a legal obligation,
- your personal data were collected in conjunction with the offering of information society services.
Right to restrict processing
You have the right to demand that we restrict the processing in the following cases:
- when you contest the correctness of the data – for the period allowing us to verify them,
- the processing violates the law, and you object to the deletion of the data, demanding that their processing be restricted instead,
- we do not need your personal data anymore for the purposes of the processing, but you need the data to determine, pursue or defend claims,
- you objected to the processing of your personal data – until we determine that legitimate bases on our side override your basis for the objection.
Automated decision-making, including profiling
You have the right not to be subject to a decision that is solely based on automated processing, including profiling, and produces legal effects towards you or otherwise materially affects you. The right does not apply if that decision:
- is necessary for the performance or execution of a contract between you and us,
- is permitted by the EU law or the law of the Republic of Poland, and provides for appropriate measures for the protection of your rights, freedoms and legitimate interests, and
- is based on your express consent.
Right to complain
You have the right to lodge a complaint in connection with the processing of your personal data with the supervisory authority: Personal Data Protection Office, at ul. Stawki 2, 00-193 Warsaw, phone 22 531 03 00, fax. 22 531 03 01, e-mail: kancelaria@uodo.gov.pl.
XI. RELATIVE RIGHTS OF DATA SUBJECTS
When we mention rights relating to the processing of your personal data, we refer to the rights mentioned below. The option to exercise them is each time dependent on the legal basis for personal data processing, however the Controller may deny the exercise of the right if there are important, legitimate bases for the processing.
Right to withdraw consent to the processing
If we process your personal data on the basis of your consent, you have the right to withdraw that consent at any time. Naturally, however, your withdrawal of the consent does not affect the legitimacy of prior data processing.
Right to data portability
You have the right to obtain personal data you provided to us. You also have the right to send those data to another controller without us intervening, if the processing:
- is based on your consent or under a contract, and
- is automated.
In exercising the right to data portability, you have the right to demand that the personal data be sent by us directly to another controller, if technically feasible. That right may not adversely affect the rights and freedoms of others.
Right to object
If we process your personal data on the basis of Article 6(1)(f) of the GDPR, you have the right to object to their processing for reasons resulting from your particular situation.
Then, we are not authorised anymore to process those personal data, unless we demonstrate the existence of:
- important, legitimate bases for the processing, provided that such bases override your interests, rights and freedoms, or
- the bases for determination, pursuit or defence of claims.
Also, if you object to the processing of your personal data for direct marketing purposes, we will not be able to process them for those purposes.
XII. COOKIES – INTRODUCTION
Websites use cookie files. They are common, small files with a sequence of characters, sent and saved on end-user devices (e.g. desktop computer, notebook, tablet, smartphone) used to visit websites. Such information is sent to the memory of the web browser being used, which sends it back at subsequent visits to the websites. Cookies may be categorised according to three methods: In terms of their use, cookie files are classified into three categories:
- necessary cookies – these enable proper operation of websites and their functionalities, e.g. authenticating or security cookies. Without saving them on your computer, using the website is not possible.
- functional cookies – files that enable the saving of your settings and customisation of websites according to your needs and preferences, e.g. in terms of language, font size, website layout. They improve the functionalities and efficiency of websites. Without saving them on your computer, using certain functionalities of websites is limited.
- business cookies – these include e.g. advertising cookies. They enable the customisation of ads displayed on websites or outside according to your preferences. Without saving them on your computer, using certain functionalities of websites may be limited.
In terms of their validity, there are two categories of cookies:
- session cookies – existing until the end of a given session,
- permanent cookies – existing after the end of the session.
In terms of the cookies administrator, we distinguish between:
- our cookies,
- third-party cookies,
XIII. DATA ADMINISTRATOR’S COOKIES
Cookies we administer enable:
- access authentication,
- session maintenance after logon,
- Website protection against hackers,
- “remembering” of the contents of boxes in forms (optional) by the browser,
- customisation of the website content according to your preferences. That makes the experience of using websites simpler and more user-friendly.
XIV. THIRD-PARTY COOKIES
We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States, as part of the following services:
- Google Ads – they enable the running and quality assessment of advertising campaigns carried out using the Google Ads service,
- Google Analytics – they enable quality assessment of advertising campaigns carried out using the Google Ads service, and the measurement of behaviour and traffic of users, and preparation of traffic statistics,
- You Tube – they enable the storage of user information that enables the use of the YouTube service functionality. Google Inc. may track the playback of films by the User.
Google uses the information shared by sites and apps to deliver services, maintain and improve them, develop new services, measure the effectiveness of advertising, protect against fraud and abuse, and personalize content and ads you see on Google and on our partners’ sites and apps.
Google uses data in accordance with the rules described on the website: https://policies.google.com/technologies/partner-sites
Data collected by Google Inc. are anonymous and aggregated. In particular, they do not contain any identifying features (understood as personal data) of website users. By using the above service, we collect such data as the source of acquisition of users visiting websites and how they behave on websites, information about devices and browsers they use, IP address, domain, demographic data (age, sex), interests and geographical data, number of sessions and pages visited on the website.
We use cookies administered in Facebook service by Meta Platforms Inc. 1 Hacker Way, Menlo Park, CA 94025, United States. Those files may be used for processing on the Facebook website of your activities performed with the use of “Share” or “Like” buttons. The processing of those activities may be public. In addition, the cookies shared by Facebook allow us to measure the behaviour and traffic of users to adapt marketing content displayed to your interests.
Cookies help Facebook provide, protect and improve the Meta Products, such as by personalising content, tailoring and measuring ads, and providing a safer experience.
Facebook uses data in accordance with the rules described on the website: https://www.facebook.com/policies/cookies/
We use cookies administered by LinkedIn Ireland Unlimited Company. Those files may be used for processing on the LinkedIn website of your activities performed with the use of “Share” or “Like” buttons. The processing of those activities may be public. In addition, the cookies shared by LinkedIn allow us to measure the behaviour and traffic of users to adapt marketing content displayed to your interests.
Cookies help LinkedIn provide, protect and improve products, such as by personalising content, tailoring and measuring ads, and providing a safer experience.
LinkedIn uses data in accordance with the rules described on the website: https://pl.linkedin.com/legal/cookie-policy
XV. CONSENT TO THE USE OF COOKIES AND THEIR MANAGEMENT
The consent to the use of cookies is voluntary and may be withdrawn at any time. However, it should be noted that no consent to the use of certain cookies may limit the use of websites and their functionalities, or even prevent it entirely.
The consent to the use of cookies includes both data administrator’s cookies and third party cookies.
The consent to the processing of cookies may be given:
- with the settings of the software installed in the end-user telecom device used by the User,
- by using the button containing the declaration of consent to the processing of cookies, or acknowledgement of reading its terms.
Typically, web browser settings allow the placement of cookies and other information on the end-user device. If you don’t agree to the saving of those files, it is necessary to change the web browser settings accordingly. It is possible to turn off their saving for all connections from a given browser, or for a specific website, and to delete them. The file management method depends on the software used.
XVI. CACHE MEMORY
When you browse websites, we may automatically use the cache memory installed in your device. It is possible to store intersession data in local memory, i.e. data between subsequent website visits. The purpose of using cache memory is to speed up the browsing of websites by eliminating cases of multiple downloading of the same data from the website, which has an effect on the User’s Internet connection. Cache memory can also be used to store such data as password for logging if the user gives their consent.
XVII. PIXEL TAGS
We use the pixel tag technology used by Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, United States. These are items published in digital content, which enable the recording of information, e.g. about activities on the website, and assessment of the effectiveness of advertising used in the profile. The management of the Facebook Inc. pixel tag is possible over the Facebook website, in its user panel.
We use the pixel tag technology used by LinkedIn Ireland Unlimited Company. These are items published in digital content, which enable the recording of information, e.g. about activities on the website, and assessment of the effectiveness of advertising used in the profile. The management of the LinkedIn pixel tag is possible over the LinkedIn website, in its user panel.
XVIII. LINKS TO OTHER WEBSITES OR SOFTWARE
Our websites may contain links to other websites or software. We assume no responsibility for the rules of privacy and cookies policies applicable to those websites or to that software. We recommend that you read the privacy and cookies policies of those websites or software before entering or installing them.
XIX. IDENTIFICATION KEY AND WEBPUSH NOTIFICATIONS
SMAY websites may use such solutions as webpush notifications at the web browser level. The user may voluntarily agree to receiving such notifications and turn them off at any time in the settings of the browser where the consent to those notifications was given. To provide such services, data in the form of dedicated user identification keys are collected and administered by the webpush solution providers with which SMAY may cooperate.
XX. CHANGES TO THE PRIVACY AND COOKIES POLICY
- This privacy and cookies policy takes effect as of the date of publication on the website.
- Changes to the privacy and cookies policy may only take place by publication of new content on the websites.
- The service provider publishes a notice on changes to the privacy and cookies policy on the websites not later than 3 days prior to the effective date of its revised version. The publication of that notice takes place by publishing the consolidated version of the privacy and cookies policy on the websites.
REGULATIONS ON THE ELECTRONIC PROVISION OF SERVICES AT SMAY SP. Z O.O.
INTRODUCTION
In accordance with the Act of 18 July, 2002 on electronic provision of services (Dz. U. [Journal of Laws] 2002, No. 144, item 1204, as amended), and the Act on personal data protection of 10 May 2018, SMAY Sp. z o.o. hereby adopts these Regulations defining in particular the types and range of services provided by electrical means, terms and conditions of providing these services, including technical specifications and prohibitions on providing unlawful content, privacy policy, terms of concluding and terminating agreements for provision of services by electronic means, terms and conditions of sending commercial information, and complaint procedure.
Chapter 1
General provisions
Definitions of the terms used in the Regulations:
- Act – the Act of 18 July, 2002 on electronic provision of services (Dz. U. [Journal of Laws] 2002, No. 144, item 1204),
- ICT system – a group of cooperating IT devices and software which process, store, send and receive data via telecom networks by means of a terminal appropriate for the given type of network, within the meaning of the Telecommunications Law,
- Services provided electronically – services whose provision requires sending and receiving data by means of ICT systems, at the request of the User, without the concurrent presence of the parties, the data being transmitted by means of public networks, within the meaning of the Telecommunications Law,
- Means of electronic communication – technical solutions, including ICT devices and cooperating software tools, which allow individual remote communication by means of data transmission between ICT systems, especially through electronic mail,
- Service Provider – SMAY Sp. z o.o.
- User – recipient of the services rendered by the Service Provider, who is a party to a service agreement, and a natural person, an legal entity or organisational unit without legal personality, and who undertakes to abide by these Regulations. The above definition also applies to an entity that orders rendering of specific services provided by electronic means in line with the rules determined below.
- Technical specification – a set of information on the Service Provider’s ICT system and the technical requirements necessary for cooperation with that system.
By agreeing to comply with these Regulations, upon initiating the service by means of a website or placing an order by electronic mail, the User fully accepts the terms without the need to draw up a separate agreement.
Chapter 2
Types and range of services provided electronically
- The Service Provider shall render services provided by electronic means, in particular:
- Business-to-Business, accessible via https://b2b.smay.eu, available only to registered customers of SMAY Sp. z o.o.
Chapter 3
Terms of providing electronic services.
-
- The Service Provider shall provide services to the User within the scope and in line with the terms and conditions specified in these Regulations.
- The User undertakes to comply with these Regulations.
- The Service Provider shall comply with the prohibition on the abuse of the means of electronic communication and shall not send the following content via or to the Service Provider’s ICT systems:
- Content that destabilises or overloads ICT systems of the Service Provider or other entities directly or indirectly involved in rendering electronic services,
- Content that violates moral rights of third parties or commonly accepted social norms, as well as content that is in conflict with applicable laws.
- The Service Provider shall reserve the right to conduct maintenance works on the ICT system, which may cause obstructions or prevent Users from using the services. The dates and estimated times of these works shall be published on b2b.smay.eu prior to the commencement of these works.
- Under special circumstances, where the safety or stability of the ICT system can be compromised, the Service Provider has the right to temporarily cease to render or limit the services without prior notice and to conduct maintenance works aimed at restoring the safety and stability of the ICT system.
- The Service Provider shall guarantee communication confidentiality, hereinafter referred to as “telecommunications confidentiality,” which applies to information provided on the Internet, the data concerning and entered by Users within the Service Provider’s ICT system, only in cases where such information covered by telecommunications confidentiality is non-public by default or its disclosure is not necessary to properly render the service to which it pertains. The information covered by telecommunications confidentiality may be disclosed only in cases laid down in the agreement or determined by the law.
- The information covered by telecommunications confidentiality may only be processed by the Service Provider if such processing is the subject of the service provided to Users, if it is necessary to properly render the service, or if it is crucial to ensure proper supervision of the operation of the Service Provider’s ICT system.
- The information on the change of the manner and range of the services provided by the Service Provider and the information which is required to be disclosed to the User according to Art. 6 of the Act on Providing Services Electronically shall be made available by the Service Provider on https://b2b.smay.eu.
- Particular technical requirements necessary for the cooperation with the Service Provider’s ICT system are given in Appendix No. 1.
Chapter 4
Consent to personal data processing
- The personal data of the User is entered to the system based on user consent included in Smay b2b application form, which constitutes Appendix No. 2.
- Personal data processing will be carried out following the terms set forth in the privacy policy.
Chapter 5
Terms of executing and terminating contracts
- The Service Provider shall commence service provision within 5 business days from receiving a properly completed Smay b2b application form, which constitutes Appendix No. 2.
- The Service Provider shall cease to provide services for an account registered in Smay b2b system within 5 days from receiving written resignation.
- The Service Provider reserves the right to establish an account on the B2B platform of Smay for selected customers.
- The Service Provider reserves the right to disable an account and cease to provide services in Smay b2b system without stating any reason.
Chapter 6
Transitional and miscellaneous provisions
- Any matters not regulated by these Regulations shall be governed by the provisions of the Civil Code (Dz. U. [Journal of Laws] 1964, No. 16, item 93 as amended), the Act on Providing Services by Electronic Means (Dz. U. [Journal of Laws] 2002, No. 144, item 1204 as amended), and other provisions of law.
- Any disputes arising hereunder shall be resolved by the common court having territorial jurisdiction over the registered office of the Service Provider.