Personal data and SoftwareMill
At SoftwareMill we place a large emphasis on the security of your personal information. There is nothing more important to us than our relationship with our customers thus we care about securing any personal data that we process.
It is important for us to be compliant with the privacy requirements of GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - the "GDPR") and as required by the Polish Personal Data Protection Act (Ustawa z dnia 10 maja 2018 roku o ochronie danych osobowych Dz. U. 2018 poz. 1000). We make sure that our related Companies and subcontractors are compliant, as well. Stated below is the summary of our practices related to processing personal data. Should you have any questions regarding this subject please feel free to contact us and we will be happy to help you out with your inquiries.
Controller of your personal data
SoftwareMill in view of the GDPR is the controller (Polish: administrator) of your data. Here is our full registered name:
SoftwareMill Spółka z ograniczoną odpowiedzialnością Spółka komandytowa, registered with the District Court for the City of Warsaw, XII Economic Division of the National Court Register (Sąd Rejonowy dla m. st. Warszawy w Warszawie, XII Wydział Gospodarczy Krajowego Rejestru Sądowego), KRS number 537126, address ul. Na Uboczu 8/87, 02-791 Warsaw, Poland.
What data we collect
SoftwareMill collects your personal data through various means. Some data is collected automatically when you visit out page at www.softwaremill.com and its subpages, other you can choose to share with us via email, land mail, phone or other means of communication.
Data you share with us
When you contact us, you share some personal information with us. For instance, when you choose to use our online contact form you have to provide your name and email address. Depending on the context in which you interact with us, such as business venture or recruitment you may have to provide other information about yourself. Whenever we collect your data in this way you will be informed of it and asked for consent. You do not have to agree and provide us with this data, but we may not be able to interact with you if you choose so.
You may also provide us with your email address by subscribing to our newsletter. It is a voluntary option and you are free to cancel your subscription at any time.
Data collected automatically
Same as many other webpages our site uses special type of small files stored on your device called cookies. They are used to provide you a personalized experience by tailoring some of the websites features like advertisements to your preferences as well as remembering some of your choices on our website for future visits. They also necessary for some features of the websites to run properly.
Cookies are used to help us improve our services as well. They help us to collect anonymised information about your activity on the website, for instance which parts of the screen are most often "visited" by your mouse pointer so that we can structure our website in a more optimal and user-friendly way.
We also collect information about your hardware and software. When you visit our webpage we automatically log information such as your operating system, web browser, how much time you spent on our webpage, your activity there and your IP address.
What do we use your data for
We use your personal information in many different ways depending on the type of information. We use your information for the following reasons:
- to run, maintain and improve our sites, products and services;
- to interact with our customers by replying to comments and questions as well as by providing customer support;
- to provide and deliver products and services our customers request;
- to interact with you in other ways such as during the recruitment.
Sharing your data
We respect your privacy, so we keep the sharing of your information to the minimum. However, there are certain situations in which it is necessary.
We may share your personal data upon your consent. In the cases where your consent is required, we will ask you if you agree to share your personal data and/or provide you with additional information, commercial offers or cooperation opportunities. You are always free to disagree in those cases.
We may share your personal information when our company is subject to a business transaction involving sale or a transfer of all or part of our shares or assents assets such as during merger, financing, acquisition or bankruptcy transaction or proceedings.
We may also share your information to comply with binding provisions of the law or to pursue a valid legal reason. These include responding to lawful requests and legal processes, protection of rights and property of SoftwareMill, our agents, customers and others.
We may share your personal data in an emergency to protect vital interests of our employees, subcontractors, agents, customers or any persons.
We may also share your personal information with those who work with us, including in particular our IT subcontractors, administration staff, accountants, lawyers and/or tax advisors. Please note that whenever you are contacting us via our website www.softwaremill.com or via our emails address firstname.lastname@example.org and email@example.com - the information included in such correspondence may be accessed by any of our Team members (incl. the IT developers who are our subcontractors/ subprocessors as well as by our administration staff).
Further, please note that our company uses cloud-based services such as in particular G Suite (information management service including amongst others e-mails and virtual drive, operated by the Google group), Trello (operated by Atlassian group) and Slack. The companies operating these services are listed in the Privacy Shield register (which is an information platform operated by the government of the United States of America, listing the companies which are considered as compliant with the GDPR based on the European Council's adequacy decision). By contacting us via email or our website you agree that the information you share with us (in particular, the personal data) will be processed in these services.
Further, please note that if you contact us to join our Team as one of our subcontractors (i.e. our Team members who cooperate with us on the business-to-business basis, as registered entrepreneurs) - your personal data will be processed subject to our Recruitment Policy which you may request from us for your review before submitting your application.
Whenever we share your personal data we make sure that the party we share it with provides sufficient guarantees of its safety. We also sign a DPA (Data Processing Agreement) when such an option is possible.
Furthermore, we are applying internal standards of the personal data processing which is set out in our Personal Data Protection Policy.
We are happy to inform you of your rights and make sure that you can use them whenever you desire.
You have a right to withdraw your consent. Whenever we process your personal data based on your consent we do it only for as long as you permit us. All our marketing emails have an informative section describing to you haw you can opt-out of them. If you choose to do so we will no longer send you the newsletter, however we may still contact you regarding non-marketing stuff such as your accounts matters or our business dealings with you. Remember that when we ask you for your consent you can say no, or withdraw it at any moment you please, however this may mean we will no longer be able to provide you with some or all our services.
You have a right to information on your data processing. If you so choose you can ask us to provide you with a summary of the whole scope of your data being processed by us.
You have a right to a copy of your data. You can ask us to provide you with a copy of all your data processed by us. We will do so in a convenient and easily readable format. First time is free; however, any subsequent requests may be subject to a fee covering our expenses.
You have a right to transfer your data. You can ask us to transfer all your data we process to another entity chosen by you.
You have a right to update your data. If at any point you find that information we process about you are outdated or simply wrong, you have a right to have them corrected.
You have a right to object to processing of your data based on public or our interests as well as to processing for direct marketing purposes.
You have a right to be forgotten. You can ask us to delete all your personal information. We may not be able to fully comply with your request however, if there are other lawful reasons for us to process your data such as a legal obligation.
You can directly influence the processing of your data by contacting us or by changing your devices settings.
You can disable cookies in your browser settings. Please note that this may cause some parts of our website to not load properly and otherwise change how the website works for you.
Security of your personal data
We take multiple steps to protect the safety of your personal information. We encrypt all our hard discs where your personal data is being stored as well as all the mobile devices that might be used to access services that we use to process your data (like a workplace communicator for instance). We also use top of the line anti-virus software on our computers to ensure maximum security of your data. All our employees use access passwords generated at random by a secure application and we strictly enforce that those passwords are not to be saved or noted in a place where potential third party can gain access to them. We also use two-factor-authentication with all apps and services that provide this option. Any physical copies of your data are also safely locked away in our main facility.
Apart from those technical measures we also employ organizational provisions aimed at increasing your data security as much as possible. We make sure that only those among us who absolutely have to gain access to your personal data do. By minimalizing the scope of our personnel with access to the data we aim at minimizing the possibility of human error threatening the safety of your data.
Please note however, that no system is impenetrable and there are many factors beyond our control that can compromise the safety of your data. In such a case we are prepared to fully cooperate with proper authorities to ensure swift termination of the risk and to minimalize potential damages.
In an event that you feel that your rights are violated, or the security of your data is being infringed you have a right to report your concerns to the proper authorities. We strongly suggest that you contact us first with any concerns whatsoever, should you choose to go straight to the authorities however, this is how you should do it.
The proper authority in the field of data protection in Poland is Prezes Urzędu Ochrony Danych Osobowych (PUODO) or President of the Office of Personal Data Protection. There is a multitude of ways to contact PUODO, both traditional and electronical.
You can visit PUODO's office in Warsaw, Stawki 2, 00-193 Warsaw every business day, from 8AM to 4PM CET. You can also send your complaint by post, to the same address.
You can also call the INFO-LINE 606-950-000 from 10AM to 1PM CET on business days, phone the regular line +48 22 531 03 00 or send a fax at +48 22 531 03 01.
Should you choose so you can file your complaint via the electronic platforms at ePUAP and business.gov.pl or send it via e-mail at firstname.lastname@example.org
Please note that to be able to use electronic platforms you need to have the trusted profile. For further information on filing a complaint with PUODO please visit https://uodo.gov.pl/en/484