Privacy Policy - BOS Fintech

Introduction
This Privacy Policy applies to the processing of your personal data whose administrator is a subsidiary under the company Incat Sp. z o.o. (Ltd.), with its registered offices located at ul. Braniborska 40, 53-680 Wroclaw. It is listed in the Register of Entrepreneurs, kept by the District Court of Wrocław-Fabryczna in Wroclaw, VI Commercial Department of the National Court Register under the KRS number: 0000599310, NIP: 8992782575, REGON: 363642190, share capital in the amount of PLN 100,000.00 (hereinafter referred to as: “Company” or “Administrator”) and contains information about web cookies for Users using the website.

If you have any questions or comments, please contact us via:

e-mail address: biuro@incat.com.pl or
mail correspondence addressed to: Incat Sp.z o.o., ul. Braniborska 40, 53-680 Wroclaw (additionally note with Personal Data Protection)

As part of this document, we would like to inform you in a transparent manner that the Company processes the User’s personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation, hereinafter referred to as “GDPR”).

Definitions
The following phrases, capitalized and used in the Privacy Policy are given the following individual definitions:

Administrator or Company – a subsidiary of the company Incat Sp. z o.o., located at ul. Braniborska 40, 53-680 Wroclaw, is listed in the Register of Entrepreneurs, kept by the District Court of Wroclaw-Fabryczna in Wroclaw, VI Commercial Department of the National Court Register under the KRS number: 0000599310, NIP: 8992782575, REGON: 363642190, share capital in the amount of PLN 100,000.00;

Personal Data – information about an identified or identifiable natural person (“data subject”); an identifiable natural person is a person

which can be directly or indirectly identified, in particular on the basis of an identifier such as name, identification number, location data, online identifier or one or several specific factors determining the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person;

Cookies – a small file saved on the User’s computer, in which settings and other information used on the website visited by him/her are stored;

Privacy Policy – this document which specifies how the Company will process User Personal Data;

Portal – the Company’s website, www.incat.com.pl;

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Regulation

on data protection) (Journal of Laws EU No. 2016, No. 119, p. 1), effective from 25 May 2018;

User – any person using the Portal.

TYPES OF PERSONAL DATA

I. DATA PROVIDED BY THE USER

Contact form:
Our Portal allows you to send a query to the Company via the contact form. If you choose this contact channel, the Company may collect the following Personal Data:

first name and last name;
e-mail address;
other information disclosed by you in the message, e.g., CV, if you express your willingness to participate in future recruitments conducted by the Company through the contact form.
Providing the data specified above is voluntary, but necessary to provide a response after receiving a User inquiry. The Company will process the data listed above in order to implement your instruction or provide information.

In a situation, where a response to a User inquiry requires telephone contact by the Company, the Company may require you to once again provide Personal Data previously provided in the contact form to confirm User identity.

Telephone calls and e-mails:
We have provided you with a telephone number and an e-mail address on our website.

If you choose any of the above contact channels, the Company will collect all information that you decide to provide to our employee or cooperating entity with the Company during a conversation or in an electronic message.

Providing the data specified above is voluntary, but necessary to provide a response after receiving a User inquiry. The Company will process the data listed above in order to implement your instruction or provide information.

II. DATA COLLECTED AUTOMATICALLY
When using the Portal, the Company may automatically collect your Personal Data in the following areas:

IP and device data:
The Company may collect User IP addresses. The IP address is the number assigned to the terminal equipment of the person visiting the website. In addition, the Administrator may collect information about the operating system and the type of web browser and its version.

Activity data on the Portal:
The Company may collect data based on your activity on the Portal, and above all, the date and duration of the visit and the sequence of activities on the Company’s website. In the event that you reach the Portal using links on other websites, the Administrator will also collect data from which page the User was redirected to the Portal and information about the advert from which such redirection took place.

Cookies:
The website uses files called Cookies. They are saved by the Administrator on the terminal device of the person visiting the Portal, if the web browser accepts cookies. Cookies usually contain the name of the domain from which they originated, their “expiration time” and an individual randomly selected number identifying these files. The information collected using this type of file allows for the development of general statistics regarding visits to the Portal.

The company uses two types of cookies:

– Session cookies: after the browser session ends or the end device is turned off, the saved information is deleted from the device’s memory. The mechanism of session cookies does not allow for the downloading of any Personal Data or any confidential information from the User’s end device
– Persistent cookies: they are stored in the memory of the User’s terminal device and remain there until they are deleted or expire. The mechanism of persistent cookies does not allow for the collection of any Personal Data or any confidential information from the User’s end device.

The Company uses cookies for analysis and research, as well as, in particular, audience audits to create anonymous statistics that help understand how Users interact with the Portal, which allows for the improvement of its structure.

The Cookies mechanism is safe for the terminal devices to use when browsing the Portal. This way it is not possible for viruses or other unwanted software or malware to affect the terminal equipment. However, web browsers have the option of limiting or disabling the access Cookies have to the terminal device.

If these options are used, some of our services or certain parts of our Portal may become unavailable or may malfunction.

Below are instructions on how to change the settings of the most commonly used web browsers regarding the use of cookies:

-Internet Explorer browser; <link: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies>;
– Mozilla Firefox browser; <link: https://support.mozilla.org/pl/kb/W%C5%82%C4%85czanie%20i%20wy%C5%82%C4%85czanie%20obs%C5%82uga%20ciaeczek>;
– Chrome browser; <link: https://support.google.com/chrome/answer/95647?hl=en>;
– Safari browser; <link: https://support.apple.com/kb/PH5042?locale=en_US>;
– Opera browser. <link: https://help.opera.com/pl/latest/web-preferences>.

Browser plugin
You can prevent these cookies from being saved by selecting the appropriate settings on your browser. However, we would like to point out that this may mean that you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by the cookie regarding your use of the website (including your IP address) from being sent to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage /gaoptout?hl=en.

Analysis and statistics
We use cookies to track website statistics, such as the number of visitors, type of operating system and web browser used to browse the website, time spent on the website, visited subpages, etc. We use Google Analytics in this regard. The information collected in this regard is completely anonymous and does not allow your identification. For this purpose, cookies are used by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, regarding the Google Analytics service. The use of Google Analytics services involves the implementation of the tracking code provided by Google in the code of our website (the so-called tracking code). This code is based on cookies, but may also use other tracking technologies. Google Analytics cookies are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both the website and the advertising.

Social features and marketing
We use marketing tools such as LinkedIn, Active Campaign and Albacross to target you with advertisements on these websites. For this purpose, we have implemented tools from these entities in the website code. We provide the ability to use social functions, such as sharing content on social networking sites and subscribing to a social profile. The use of these functions involves the use of cookies of social network administrators such as LinkedIn.

LinkedIn
Our website uses functions from the LinkedIn network. The service is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time one of our pages containing LinkedIn features is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our websites from your IP address. If you use the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn can associate your visit to our website with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the transmitted data or how it is used by LinkedIn. For more information, see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.

Active Campaign
We use the ActiveCampaign tool, provided by ActiveCampaign, LLC, 1 North Dearborn Street, 5th floor Chicago, IL 60602. With the help of ActiveCampaign, we analyze your behavior on our sites, such as time spent on individual pages, buttons you click, links from which you use, etc. We do this to optimize our websites for your user experience. We carry out activities in this area based on our legitimate interest in optimizing our websites.
ActiveCampaign uses cookies and other technologies to collect information about your behavior on the website and devices used to use the website, such as IP number (anonymized), screen size, information about the browser, location, language. ActiveCampaign stores this information in a pseudonymised profile. Neither ActiveCampaign nor we will ever use this information to identify you. More information can be found in the ActiveCampaign privacy policy: https://www.activecampaign.com/legal/privacy-policy.

Albacross
We use the Albacross marketing tool provided by Albacross Nordic AB. Albacross collects information about the IP address from which you visited our website and technical information that allows us to distinguish between different users accessing the website from the same IP address. This information is linked to the domain you use to identify potential customers and conduct marketing activities. Detailed rules regarding the Albacross privacy policy (including information on how to block data collection) can be found at: https://albacross.com/privacy-policy.

Server logs
Using the website involves sending queries to the server where the website is stored. Each query addressed to the server is saved in the server logs.
Logs include e.g. Your IP address, server date and time, information about the web browser and operating system you are using. Logs are saved and stored on the server.
The data stored in the server logs are not associated with specific people using the website and are not used by us to identify you.
Server logs are only auxiliary material used to administer the website and their content is not disclosed to anyone except persons authorized to administer the server.

Legal basis, purposes and periods of data processing
LEGAL GROUNDS FOR PROCESSING PERSONAL DATA
The company processes the User’s Personal Data:

1. on the basis of your expressed voluntary and prior consent (art.6 par.1 lit.a RODO). The consent is collected through the Portal by selecting the appropriate box under the contact form. Any consent given may be withdrawn at any time. Please note that withdrawal of consent is only effective in the future and does not affect the lawfulness of processing based on consent before its withdrawal.
2. when the processing is necessary for purposes of legitimate interest pursued by the Company (art.6 par.1 lit.f RODO) and does not unduly affect your interests or fundamental rights and freedoms. Please note that when processing Personal Data on this basis, we always try to balance our legitimate interest and your privacy. Such “legitimate interests” include:

– determining or pursuing civil law claims by the Company as part of its operations, as well as defence against such claims;
– answering a query received through any contact channel;
– conducting marketing analysis using the collected Cookies from the Portal.

MEASURES TO SECURE PERSONAL DATA

All persons accessing the User’s Personal Data must comply with internal policies and processes related to the processing of personal data to protect them and ensure confidentiality. Persons with access to your personal data are also required to comply with all technical data and organisational security measures introduced to protect personal data in the Company.

We have implemented appropriate technical and organisational measures to protect personal data against unauthorised, accidental or unlawful destruction, loss, alteration, misuse, disclosure or access, and against any other illegal forms of processing. These security measures have been implemented taking into account technical capabilities, implementation costs, processing risks and the nature of Personal Data.

TRANSFER OF PERSONAL DATA TO RECIPIENTS AND OTHER THIRD PARTIES

Personal Data may be transferred to recipients and other third parties for the purpose for which they are necessary for them to perform the tasks ordered by the Company. The recipients or other third parties may be considered:

1. Entities related to the Company in person or capital, subsidiaries of the Company and special purpose vehicles;
2. Entities processing personal data at the request of the Company, such as entities providing document archiving services, accounting services;

Processing entities do not decide for themselves how to process your Personal Data. The processing of Personal Data by them takes place only to the extent that it is necessary for the business of the Company. The company has control over the operations of such entities through appropriate contractual provisions protecting your privacy.

1. Any national public administration authorities (e.g., Police), authorities of other EU Member States (e.g., authorities established to protect personal data in other Member States) or courts, if required by applicable national or EU law or upon their request;
2. Legal or tax advisers;
3. Providers of IT systems and hosting services;
4. Courier or postal service providers.

DATA TRANSFER OUTSIDE OF THE EUROPEAN ECONOMIC AREA
Personal data will be transferred to countries outside the European Economic Area (“EEA”), which includes EU Member States, Iceland, Liechtenstein and Norway.

USER’S RIGHTS AND USE
RIGHTS

Each User has the right to access their Personal Data processed by the Company. If you believe that any information about you is incorrect or incomplete, please submit a request for correction. The company will immediately correct such information.

In addition, you have the right to:

1. withdraw your consent if the Company has obtained such consent to process Personal Data (provided that such withdrawal does not violate the lawfulness of data processing carried out prior to withdrawal);
2. obtain a copy of your Personal Data;
3. request removal of your Personal Data in cases specified by the provisions of the GDPR;
4. request to limit the processing of personal data, if such processing is carried out in order to implement the public interest or legitimate interests of the Company;
5. transferring data, i.e., receiving Personal Data provided to the Company in a structured, commonly used and machine-readable format, and to request that such Personal Data be sent to another personal data administrator, without hindrance by the Company and subject to its own confidentiality obligations. Providing your Personal Data in the cases specified in the provisions of the GDPR;

The company will verify your requests, requests or objections in accordance with applicable provisions on the protection of personal data and the GDPR. However, it should be remembered that these rights are not absolute; regulations provide for exceptions to their application.

In response to your request, the Company may ask you to verify your identity or provide information that will help the Company better understand the situation. The company will strive to explain its decision to you if your requests are not met.

EXERCISING YOUR RIGHTS
To exercise the above rights, please send an e-mail to biuro@incat.com.pl or contact the Company by mail correspondence at ul. Braniborska 40, 53-680 Wroclaw (additionally noted with Personal Data Protection).

If you are not satisfied with the way the Company processes your Personal Data, please notify us of the problem and we will investigate any irregularities. Please report your concerns using the contact details provided above.

If you have any objections to the Company’s feedback, it is also possible to make a complaint to a competent authority associated with the protection of personal data. In Poland, this authoritative body is the President of the Office for Personal Data Protection.

In order to ensure the timeliness and accuracy of Personal Data, we may periodically ask you to check and confirm the Personal Data we have about you or inform us of any changes regarding this Personal Data (such as changing your e-mail address). We encourage you to regularly check the correctness, timeliness and completeness of the processed Personal Data.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.