Privacy policy

Last updated 16/01/2024
Introduction

The document you are currently reading is the privacy policy of Dataedo sp. z o. o. with its registered office in Gdańsk (address: Al. Grunwaldzka 472, 80-309 Gdańsk, Poland; EU VAT ID: PL 5833163875; registration: District Court Gdańsk-Północ in Gdańsk, KRS no.: 491619; share capital: PLN 20,000.00), from now on referred to as “We”.

This policy applies to our websites, content (such as newsletters, webinars, and e-books), and products (applications and programs), collectively referred to as our “Services”.

We are committed to protecting your privacy, and we want you to feel comfortable while using our Services. Below you will find the key facts on principles regarding, among else, the processing of your personal data, your privacy, and cookies used by our websites.

Data Collection

We collect your Personal Data (meaning, information relating to an identified or identifiable natural person, such as your name or identification number; “Personal Data”) when you are visiting our websites, using our products, subscribing to our newsletter, getting access to our content, participating in our online forums, or contacting us.

We collect various information about people interacting with us and our Services, such as:

  1. Your profile information: your names, email addresses, phone numbers, job titles, company/organization name, URL and address, your location (country and city), and links to some of your public social media profiles;
  2. Messages and emails you send to us, comments you leave on our websites, your support tickets, information about participation in online and offline events, feedback and survey results you send to us, and bug reports you send to us over various channels (email, chat, online forms, forums, social media, etc.);
  3. Information that you provide in forms on our websites with timestamps, IP addresses, referring/entry pages;
  4. Documents you generate on our websites, such as quotes and orders;
  5. Website traffic information and cookies;
  6. Notes from our online meetings;
  7. Information about your trials, licenses, subscriptions, and free licenses;
  8. Data about usage of our products and other Services.

Provision of your Personal Data is voluntary. Sometimes it can be necessary for you to provide certain information to make use of our Services.

Usage Data

We collect the following usage data from our products:

  1. Events:
    • Installation (specific steps);
    • Product launching; Sign up and license check;
    • Connection to the metadata repository;
    • Use of one of the Product’s key functions;
    • Uninstallation of our products.
  2. Data collected:
      Date and time of the event;
    • Product, edition, and its version;
    • Metadata repository type;
    • License key ID;
    • User ID/email;
    • public IP address.

We do not store, share, or otherwise process any data you import or enter into our products that is hosted in your environment (i.e., outside the cloud environment provided by us), such as connection details to your databases, data structures and code, or comments or descriptions entered by the user.

Additionally, each time you access our websites, our system will automatically collect client-side data and information, including:

  1. information about the type and version of your internet browser;
  2. the operating system of your computer or smartphone;
  3. your internet service provider;
  4. your IP address;
  5. date and time of your access;
  6. geographic location;
  7. websites from which you came to us;
  8. websites that you visit from our websites.

We collect such technical information in the so-called “log files”, so that you can display our websites correctly and so that we can identify the causes of any technical problems, optimize our websites, and keep our computer systems and networks safe and secure. Long story short, such collection, storage, and other processing of data is essential to the operation of our websites. The data will be deleted as soon as it is no longer necessary for said purpose; typically, within seven days.

Personal Data Processing

We collect and otherwise process your Personal Data mainly for the following purposes:

  1. to provide you with our Services, in particular to unlock access to our products and their functionality;
  2. to educate you on the use and benefits of our products and other Services;
  3. to improve our Services based on usage data and your feedback;
  4. to provide you with support;
  5. to promote our Services and brand;
  6. to protect us from unlawful or fraudulent use of our Services;
  7. to inform you about new versions of our products, their new functions and capabilities;
  8. to enforce our rights or defend ourselves in case of disputes.

The processing of your Personal Data is either based on your consent, or its necessity for conclusion or performance of a contract to which you are a party, or our legitimate interests. If the processing is based on your consent, you may at any time withdraw your consent by contacting us at gdpr@dataedo.com.

In principle, we only store your Personal Data for as long as it is necessary to fulfill contractual or legal obligations for which we collected the data. Once they have been fulfilled, we delete the data immediately, unless we still need the data until the expiry of the statutory limitation period for evidence purposes for claims under civil law or due to statutory retention obligations.

Newsletter

Your Personal Data entered into the newsletter subscription form will be processed to provide you with some interesting stuff, such as our weekly data cartoons. The legal basis for this processing is your consent which you may withdraw anytime you like at gdpr@dataedo.com.

Your email address, time of subscription, and the IP address used for subscribing will be retained as long as you are a subscriber to our newsletter. You can unsubscribe by opting out via the link provided in each newsletter at any time.

If you subscribe to our newsletter, we will keep you posted (emailed) on our Services, such as updates concerning our products, data webinars, and blog posts. Optionally, your first and last name will be processed to provide you with personalized newsletters.

Profiling

We use both automatic and manual profiling based on the collected data. Depending on the results, you may receive personalized messages from us.

Data Security

We keep your personal data safe in our databases. Access is restricted to the authorized personnel only and is protected with passwords. Whenever practicable, we anonymize your Personal Data. Some of the data may be accessed in a secure manner by external providers (see below).

All transmission to and from our websites are encrypted with the use of SSL certificate.

We are the controller of your Personal Data within the meaning of the General Data Protection Regulation (the “GDPR”). We use organizational and technical measures which comply with Polish provisions and EU law to properly protect your Personal Data.

You may lodge a complaint with a supervisory authority regarding our processing of your Personal Data. In Poland, you can lodge a complaint with the President of the Personal Data Protection Office.

Your Rights

Right of access
You have the right to get access to your Personal Data that we are processing.

Right to withdraw consent
Remember that you may object to further processing of your personal based on your consent.

Right to be forgotten
You have the right to ask us to erase your Personal Data and we will comply without undue delay, unless there’s a good reason for us not to do so.

Right to rectification
You have the right to rectify your Personal Data.

Right to data portability
You have the right to order a complete data copy, which you may transmit to another controller of your Personal Data. Your Personal Data will be delivered within 10 business days in Microsoft Excel format. Logical relations between datasets will be preserved in the form of unique identifiers. You are required to pay a certain fee and any applicable taxes on delivery for each data copy order.

Right to restrict or object to processing activities
You have the right to demand that our processing activities are restricted or abandoned altogether. To exercise the above rights contact us at gdpr@dataedo.com.

Cookies

Our websites, just like most Internet sites, use the so-called cookies. See our Cookie Declaration at https://dataedo.com/cookie-declaration for information on the cookies we use. To learn how to manage cookies and disable them in your browser, you can use help files of the browser. You can get more information about this topic by pressing F1 while using the browser. Additionally, you can find relevant information on the following subpages, depending on the browser you use: Firefox, Chrome, Safari, Internet Explorer / Microsoft Edge.

External Services

Occasionally we may include or offer third-party products or services on our websites. Third-party providers are independent of us and have their separate privacy policies. We cannot be held accountable for the content and activities of such providers or their websites.

However, we would welcome any feedback about them to protect goodwill of our Services. You can find the current list of tools we use and their privacy policies here.

To ensure the best functioning of our websites, they have been integrated with a service which analyses your movement on our websites. We use the service for statistical purposes, which allows us to adapt it to your needs. You can get information about the privacy policy of Google Analytics at: https://www.google.com/intl/pl/policies/privacy/

We also use Google Ads Remarketing to show you relevant ads of our products on websites across the internet, in particular on the Google Display Network. Google Ads Remarketing will serve you various ads based on the parts of our websites you have visited, status of your trial or subscription, or actions you have taken on our websites (e.g., filled out the form) or in our products (e.g., uninstalled any of them). This will be achieved by placing a cookie on your web browser. If you do not wish to see ads from us, you can opt-out at https://adssettings.google.com/authenticated.

Transfer of personal data to countries outside European Economic Area

Please be informed that your personal data (to the extent necessary) may be transferred to countries outside the European Economic Area in the following cases:

1. when we use services whose providers are located or process personal data in the countries outside the European Economic Area;

2. when our Services are available through resellers located in countries outside the European Economic Area, with whom we agreed that he will have the exclusive right to resell our Services without our direct sale. For the avoidance of doubts only personal data of data subject who are based in or are resident of the territory subject to reseller’s exclusivity are transferred to such reseller. You can find a list of our resellers below.

Reseller Region
Digital Shadow Information Technology LLC United Arab Emirates, Algeria, Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Morocco, Oman, Qatar, Saudi Arabia, Tunisia, Palestine, Yemen, Sudan

Where any of the above case happens and the European Commission has not issued an adequacy decision under Article 45 GDPR for those countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.

Protection Under CCPA

The California Consumer Privacy Act (the “CCPA”) provide users who reside in California with specific rights regarding their Personal Information (meaning, information that identifies, relates to, or could reasonably be linked with you or your household; “Personal Information”), including:

Right to know.
You can request that we disclose to you: (1) the categories and/or specific pieces of Personal Information we have collected about you, (2) the categories of sources for that Personal Information, (3) the purposes for which we use that information, (4) the categories of third parties with whom we disclose the information, and (5) the categories of information that we sell or disclose to third parties. You can make a request to know up to twice a year, free of charge.

Right to delete.
You can request that we delete Personal Information we collected from you and tell our service providers to do the same, subject to certain exceptions (such as if we are legally required to keep the information).

Right to opt-out of sale or sharing.
You may request that we stop selling or sharing your Personal Information (“opt-out”), including via a user-enabled global privacy control. We cannot sell or share your Personal Information after we receive your opt-out request unless you later authorize us to do so again.

Right to correct.
You may ask us to correct inaccurate information that we have about you.

Right to limit use and disclosure of sensitive Personal Information.
You can direct us to only use your sensitive Personal Information (for example, your social security number, financial account information, your precise geolocation data, or your genetic data) for limited purposes, such as providing you with the services you requested.

We do not use sensitive Personal Information in any manner that requires offering a right to limit its use.

You may submit your request at gdpr@dataedo.com. We will compare the information you submit to us with the information we have in our records to ensure your request meets the definition of “verifiable consumer request” under the CCPA. We will then respond to your request in accordance with the requirements.

We will do our best to respond to your request within 45 days of its receipt. If we need more time (up to 90 days), you will be informed of the reason and extension period in writing. Any disclosures provided will only cover the 12-month period preceding the receipt of the verifiable request. If applicable, the response will also explain the reasons for which we cannot comply with a request. For data portability requests, we will select a format to provide the Personal Information that is readily usable and should allow transmission of the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to the verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will justify our determination and provide you with a cost estimate before completing the request.

We do not knowingly collect or disclose the Personal Information of children under the age of 16. We do not sell or share Personal Information, including Personal Information of children under the age of 16.

Changes to this Policy

We may change this policy at any time. This policy was last updated on a date set forth at the top of this page. If we make any changes to this policy that materially change the way we process Personal Data we will highlight this information on our home website.

Contacting the Controller

If you would like to make use of your rights regarding your Personal Data or make an inquiry with regard to this policy, please contact us at: gdpr@dataedo.com or at our mailing address below.

Our mailing address:
Dataedo sp. z o.o.
Olivia Gate building – 1st Floor
Al. Grunwaldzka 472
80-309 Gdańsk
Poland, EU

© 2024 Dataedo Sp. z o.o.

Privacy Policy License Agreement