We process our clients’ information as they direct and in accordance with our agreements with our clients, and we store it on our service providers' servers, but we do not have control over our clients collect or manage this data. Our agreements with our clients prohibit us from using that information, except as necessary to provide and improve our service and as required by law. Our clients control and are responsible for all data subject requests regarding the information they have collected. We are not responsible for our clients’ use of information they collected.
When you visit our website, you are free to explore it without providing any personal information about yourself, we will only collect navigational information. When you contact us, use our web forms, or register for our service, we receive your personal information and process it as described below.
This refers to any information that you submit to us through our service or via different communication channels, including web forms, chat, email correspondence and any other information publicly available on the Internet that identifies you, including:
Your personal information will be processed for the purpose of providing you with the service, including:
Personal information that you provide to us will be processed for as long as we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about our services), or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
This refers to contact information that you submit to us so that we can send you marketing materials:
Your newsletter data will be processed in order to send you messages to support our marketing efforts.
Personal information that you provide to us will be processed for as long as we have an ongoing legitimate business need to do so (for example, as long as it is required in order to contact you about our services), or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
We collect and process payment information from you when you subscribe to our service, including credit cards numbers and billing information, using third party PCI-compliant payment service providers. Payment information is a sensitive information.
Your payment information will be processed for the purpose of providing you with the service, including:
Payment information that you provide to us will be processed as long you will be using our paid service or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
Our service are not intended for or targeted at children under 18, and we do not knowingly or intentionally collect information about children under 18. If you believe that we have collected information about a child under 18, please contact us at email@example.com, so that we may delete the information.
We use mobile analytics software to allow us to better understand the functionality of our service on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. When you use our mobile apps we may also collect your city location, device model and version, device identifier (or “UDID”), OS version.
Mobile application data can be used to:
We use navigational information to operate and improve the websites and service as described in detail below. We reserve the right to examine this navigational information a posteriori if there is any evidence of illegal use. We may link this collected data to personal information such as name, email address, and phone number.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and then stored by the browser. Usually the identifier is sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" cookies or "session" cookies:
Cookies are used to:
We may store information about your computer hardware and software that is automatically collected by our infrastructure mechanisms and service providers. This information can include: your IP address, browser type, domain names, internet service provider (ISP), length of visits, the files viewed on our site (e.g., HTML pages, graphics, etc.), clickstream data, access times and referring website addresses, operating system, device screen size, page views.
This information is used by Calamari:
You can log in to our site using a Single Sign-on (SSO) service like your Google, Slack, Office 365 and other accounts. This service will authenticate your identity and provide you with the option to share certain personal information with us such as your name and email address to pre-populate our sign up form.
We allow you to exercise your rights with respect to personal information, including the right to access, rectification, restriction, deletion or portability. You have the following data protection rights:
To exercise any of these rights, please contact us at firstname.lastname@example.org. We will respond to your request to change, correct, or delete your information within a reasonable timeframe but no longer than within 30 days and we will notify you of the action we have taken.
If the request is made to Calamari but refers to the data controlled by our client, we will inform your data controller and advise you where to submit your data subject request. The controller is solely responsible for responding to any data subjects requests.
We provide you with the option to opt out of receiving information about our products. If you do not want to receive this information please inform us by email at email@example.com.
Most browsers allow you to choose whether to accept cookies or not, for example:
Blocking all cookies will have a negative impact on the usability of many websites, including ours. You can also delete cookies already stored on your computer, but deleting cookies will have a negative impact on the usability of our websites.
You may opt out of having Hotjar collect your information when visiting a Calamari website at any time by using a ‘Do Not Track’ header. You can read more on how to do that on Hotjar’s website [https://www.hotjar.com/legal/compliance/opt-out]
You may prevent Google from collecting and processing the data generated by the cookie relating to your use of the website (incl. your IP address) by downloading and installing the browser plugin available at [http://tools.google.com/dlpage/gaoptout?hl=en]
Optimizely also offers a way to opt out. We have prepared a link which will set a cookie on your browser, from the client domain, that prevents you from being placed in any future Optimizely experiments on that domain. Importantly, if you reset your cookies, you will clear the opt out cookie as well. [https://calamari.io/?optimizely_opt_out=true]
If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the data protection authority. In our home country it is The President of the Office for the Protection of Personal Data, address: Prezes Urzędu Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warsaw.
The data controller for the purpose of data protection law is: CHROBRUS Hubert Lisek ul. Stanisława Tońskiego 31; 18-414 Nowogród, Poland Tax ID: PL 7182035805
We will not, without your explicit consent, supply your data to any third party. We will never sell your personal information to any third party. We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
We will retain your personal information that you provide us will be processed for as long as we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about the Subscription Service or our other services), or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
When we have no ongoing legitimate business need to process your personal information, it will be anonymized or deleted from our systems and backups as soon as reasonably practicable within a maximum period of 90 days of data retention. If we are unable to delete the data for technical or other reasons, we will apply measures to ensure that your personal information is blocked from any further processing.
We will take reasonable technical and organizational security measures to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure cloud infrastructure. We implement measures of data security to ensure a level of security appropriate to the risk concerning the confidentiality, integrity, availability and resilience of the systems within the meaning of Article 32 Paragraph 1 of GDPR.
Calamari may store and process your information in the Republic of Poland and any other country in which Calamari or any of its sub-processors maintains facilities outside of the EEA for the purposes of providing you with the service. Such countries may not have laws offering the same level of protection for personal data as those inside the EEA; however where such transfers of data occur, Calamari will take steps to prevent the transfer of personal data without adequate safeguards being put in place and will ensure that your data collected in the EEA and transferred internationally is afforded the same level of protection as it would be inside the EEA (according to the Article 46 of GDPR).