Your privacy matters to us and we are committed to protect your privacy and your personal information.
Last modified: August 29th, 2020
We are not the Controller of the data entered by our Clients in the Calamari Services. In this area Calamari is Processor at the request of the Client on the basis of the Data Processing Agreement (available here). Client is fully responsible for fulfilling legal obligations in their own company.
The Controller of the personal data is Calamari spółka z ograniczoną odpowiedzialnością spółka komandytowa ul. Chmielna 2/31, 00-020 Warszawa, KRS 0000720781, NIP PL 5252741247, REGON 369568795 . You can contact us: using our contact form on our website
Your personal data shall be processed in order to perform a contract or provide a service according to Article 6(1)(b) of the GDPR, in the context of the fulfilment of a legal obligation pursuant to Article 6(1)(c) of the GDPR. Personal data may be processed on the basis of the opt-in consent referred to in Article 6(1)(a) of the GDPR.
Your personal data may be processed for necessary purposes resulting from Data Controller’s business interests according to Article 6 (1)(f) GDPR, i.e. marketing, settlement of claims, cooperation, maintaining the security of our services and preventing fraud, supporting and improving our services, data analysis, processing credit card payments, supporting and improving our services through trend analysis, better understanding of the functionality of our service on a mobile device, collecting demographic information about the user base as a whole. We are also processing navigation data in connection with your use of our website. By contacting us, filling out web forms or registering to use our services, we will receive personal data and process them in accordance with the stated purposes.
We use mobile analytics software to allow us to better understand the functionality of our service on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. When you use our mobile apps we may also collect your city location, device model and version, device identifier (or “UDID”), OS version.
We may store information about your computer hardware and software that is automatically collected by our infrastructure mechanisms and service providers. This information can include: your IP address, browser type, domain names, internet service provider (ISP), length of visits, the files viewed on our site (e.g., HTML pages, graphics, etc.), clickstream data, access times and referring website addresses, operating system, device screen size, page views. We process this information on the basis of our legitimate interest (Article 6(1)(f) GDPR) in order to provide you with high quality services. Log files provide us with general statistical information about the use of services, in addition, it is important to maintain security and prevent fraud.
Personal data will be shared only if necessary. The recipient of your personal data may be companies and individuals providing services to users of our services and our customers, vendors and service providers, entities involved in the delivery of correspondence and parcels, entities providing the Administrator with IT services and computer hardware or software, entities providing accounting services or legal assistance to the Data Controller. The designated entities process data only on the basis of a contract and only in accordance with the instructions.
Personal data may be made available to entities authorized to obtain data on the basis of the applicable law, including in particular: state institutions, offices, public administration bodies, courts and law enforcement agencies. Personal data may be made available to companies cooperating with the personal data Controller in order to properly perform the concluded contracts.
We may process your personal data on the territory of the Republic of Poland and other countries outside the EEA in which we or any of our Processors of personal data have facilities for the purpose of providing services to you. As a Controller, we transfer personal data outside the EEA only if it is necessary. We are choosing Processors that are fully compliant with GDPR and provide technical and organizational security standards aligned with legal obligations.
The personal data you provide us with will be stored and processed for as long as it is based on reasonable business needs (for example, as long as it is necessary to contact you with respect to your Subscription or other our services) or as long as it is necessary to comply with legal obligations, resolve disputes and perform our contracts.
In the case of not having requirements to process your personal data, it will be anonymized or deleted from our systems and backups as soon as possible and within a maximum of 90 days. If for technical or other reasons, we are unable to delete your data, we will take measures to ensure that your personal data further processing is blocked. Consequently, your personal data will be processed until the expiry of the statute of limitations under generally applicable law or for the time required by law.
The data processing period may be extended each time if the processing is necessary for the purpose of defending against claims of the opposing party, which constitutes a legally justified interest of the Controller.
You can exercise rights to access your personal data, as well as the right to rectify, erase or restrict the processing and the right to data portability if possible. You have the right to object to the processing. In order to exercise any of these rights, please contact us by e-mail at: email@example.com We will respond to your request within a reasonable period of time, but not later than 30 days, and we will notify you of the actions we have taken.
In addition, you have the right to submit a complaint to the supervisory authority – President of the Office for Personal Data Protection ul. Stawki 2, 00-193 Warsaw.
The provision of data is a condition for the conclusion of a contract or is a statutory requirement for the fulfillment of legal obligations. Failure to provide personal data will result in the inability to provide services or fulfill legal obligations. In the case of processing personal data based on consent, this consent may be revoked at any time in the form of a statement sent to the Controller. Withdrawal of consent does not affect the lawfulness of processing performed on the basis of consent prior to its withdrawal.
Cookies are used to:
To find out more about cookies, including information about what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org. Can choose to decline cookies. You will find instructions in the following places:
Blocking all cookies will have a negative impact on the usability of many websites, including ours. You can also delete cookies already stored on your computer, but deleting cookies will have a negative impact on the usability of our websites.
We use tools to collect information about website users. You may opt out of having Hotjar collect your information at any time by using a ‘Do Not Track’ header. You can read more on how to do that on Hotjar’s website [https://www.hotjar.com/legal/compliance/opt-out]
We use Google Analytics to collect and process information about website users. You may prevent Google Analytics from collecting and processing the data generated by the cookie relating to your use of our website (incl. your IP address) by downloading and installing the browser plugin available at [http://tools.google.com/dlpage/gaoptout?hl=en]
We take reasonable technical and organizational security measures to prevent the loss, misuse or modification of your personal data.
We have appointed a Data Protection Officer, you can contact him by: