Privacy policy GENERAL PROVISIONS AND DEFINITIONS 1. The administrator of personal data collected via the website https://dtex.softsolutionstech.net/ is SOFTSOLUTIONS TECH SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, KRS: 0000992257. 2. Contact with the Administrator is possible via e-mail: [email protected]. 3. Definitions: • Cookies – means IT data, in particular small text files, saved and stored on devices through which the User uses the Website; • Personal data – information about an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, the economic, cultural or social identity of the individual; • Profiling - means any form of automated processing of personal data, which consists in using personal data to evaluate certain personal factors of a natural person, in particular to analyze or predict aspects regarding the effects of work of that natural person, his or her economic situation, health, personal preferences, interests, credibility, behavior, location or movement; • Processing – means an operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or otherwise making available, aligning or combining, restricting, deleting or destroying; • Website - https://dtex.softsolutionstech.net/; • Device - an electronic device that allows processing, receiving and sending data, such as a laptop, computer, smartphone, tablet, mobile phone; • User - means an entity to which services may be provided electronically in accordance with the provisions of law or with which an Agreement for the provision of electronic services may be concluded; • Regulations –means a document specifying the rules and conditions of using the Website; • Payment operator - an entity that processes Users' payments to the Service Provider in order to exchange them for virtual currencies; • Providers - external entities that provide content available in Website, in particular offers, surveys and advertisements. LEGAL BASIS AND PURPOSES OF PROCESSING USER DATA 1. Personal data collected by the Administrator are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing the directive 95/46/EC (hereinafter referred to as "GDPR"), the Act of May 10, 2018 on the protection of personal data (Journal of Laws of 2019, item 1781) and the Act of July 18, 2002 on the provision of electronic services (Journal of Laws of 2020, item 344). 2. The Administrator processes personal data provided or made available by the User in connection with the use of the Website for the purposes of: • concluding and performing a contract for the provision of electronic services and ensuring the functionality of the Website (scope of data: IP addresses, wallet address, payment card details, e-mail address, telephone number and other necessary data about the Device used by the User - pursuant to Art. 6(1)(b) of the GDPR, i.e. due to the fact that processing is necessary for the performance of a contract to which the data subject is a party; • informing Users about issues related to the functioning of the Website (data scope: e-mail address) email, data of the Device used by the User) - pursuant to Article 6(1)(b) and (f) of the GDPR, i.e. due to the fact that processing is necessary for the performance of a contract to which the data subject is a party, as well as for the implementation of purposes arising from legally justified interests pursued by the Administrator or a third party; • pursuing claims and protecting rights (scope of data: all data obtained from the User necessary to prove the existence of a claim or defend rights) - pursuant to Art. 6 section 1 letter f GDPR, i.e. due to the fact that processing is necessary for the purposes of legitimate interests pursued by the Administrator or a third party; • fulfillment of legal obligations incumbent on the Administrator in connection with running a business, in particular as an obligated institution within the meaning of the Act on Counteracting Money Laundering and Terrorist Financing (scope of data: all data obtained from the User) - pursuant to Art. 6 section 1 letter c GDPR, i.e. due to the fact that processing is necessary to fulfill the legal obligations of the Administrator; • conducting own marketing and promotional activities (scope of data: all data obtained from the User) - pursuant to Art. 6 section 1 letter f GDPR; • conducting marketing and promotional activities on the basis of a separate consent (Article 6(1)(a) of the GDPR); • sending commercial information electronically in accordance with Art. 10 section 2 Act on the provision of services by electronic means of July 18, 2002 (Journal of Laws of 2017, item 1219, as amended), including sending notifications (scope of data: all data obtained from the User) - on the basis of a separately granted consent (Article 6(1)(a) of the GDPR); DATA COLLECTED BY THE WEBSITE ADMINISTRATOR 1. The Website Administrator collects or may collect the following personal data via the Website or direct contact from the User: • identification and contact details (e-mail address, telephone number); • virtual currency wallet address; • data regarding the Device used by the User (including IP address, device type, device brand, device model, device name, device language); • data regarding the User's use of VPN software or a Device with a modified operating system; • other data voluntarily provided by the User during contact with the Administrator, including data regarding his Device, correspondence data and other data not listed above. 2. Browsing the content of the Website does not require providing personal data other than automatically obtained information about connection parameters (IP address). 3. As part of the services provided on the Website, the Administrator collects the following personal data: • e-mail adress; • cell phone number; • virtual currency wallet address; • payment card details; • IP address; • other necessary data about the Device used by the User. 4. The Administrator reserves that as part of using the Website's services, including the payment provider may also process the User's personal data based on their own privacy policies. COOKIES 1. The Administrator collects cookies related to the User's activity on the Website. 2. The administrator may use profiling of processed data based on Art. 6 section 1 letter c GDPR in connection with with the obligations arising from the Act of March 1, 2018 on counteracting money laundering and terrorism financing. 3. When using the Website, small files are saved on the User's device, in particular text files, which are used to remember the User's decisions, maintain the User's session, remember entered data, collect information about the User's device and his visit to ensure security, and also analysis of visits and adjustment of content. 4. Cookies do not contain data identifying the User, which means that it is not possible to determine his identity on their basis. The files used by the Website are in no way harmful to the User or the device and do not interfere with its software or settings. 5. A cookie file is assigned to the User after entering the main page of the Website or any of its subpages. 6. The cookie system does not interfere with the operation of the User's computer and can be turned off. 7. The user can set the browser to block specific types of cookies and other technologies by specifying the permissible scope of information collection. 8. Using the website without changing browser settings, i.e. accepting cookies and similar technologies by default, constitutes consent to their use for the purposes specified in this Privacy Policy. 9. The Administrator informs that if the files are necessary for the operation of the Website, limiting their use may prevent the use of the Website's services. 10. The browser settings of the User's device should allow the storage of cookies and should allow consent by clicking the "ok" option in the window that appears after entering the Website with the information: "This website uses cookies to ensure the correct provision of services. By continuing to use the website, you agree to their use - these files will be saved on your device. 11. Suppliers, including payment operators, may collect cookies based on the User's separately granted consent. PERSONAL DATA PROCESSING TIME 1. Personal data will be processed for the period: • necessary for the implementation of the contract for the provision of electronic services specified in the Regulations, concluded via the Website, including after its execution due to the possibility for the parties to exercise their rights under the contract, as well as due to the possible recovery of receivables -to the expiry of the limitation period for claims; • until the consent is withdrawn or an objection to data processing is submitted - in cases of processing of the User's personal data on the basis of a separate consent; 2. The Administrator stores Users' personal data also when it is necessary to fulfill its legal obligations, resolve disputes, enforce User's obligations, maintain security, and prevent fraud and abuse. USER PERMISSIONS 1. The Administrator ensures that Users exercise the rights referred to in section 2 below. In order to exercise the rights, please send an appropriate request (request) by e-mail to the following address: [email protected] or by traditional mail to the address of the Administrator's registered office. 2. The User has the right to: • access to data content – in accordance with Art. 15 GDPR; • rectification/updation of data – in accordance with Art. 16 GDPR; • deletion of data – in accordance with Art. 17 GDPR; • restrictions on data processing – in accordance with Art. 18 GDPR; • data transfer – in accordance with Art. 20 GDPR; • object to data processing – in accordance with Art. 21 GDPR; • withdrawal of consent at any time, however, withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal - in accordance with Art. 7 section 3 GDPR; • submit a complaint to the supervisory authority, i.e. the President of the Office for Personal Data Protection - in accordance with Art. 77 GDPR; 3. The Administrator will consider the submitted requests without undue delay, but no later than within one month from the date of their receipt. However, if - due to the complicated nature of the request or the number of requests - the Administrator will not be able to consider the User's request within the specified period, he will inform the User about the intended extension of the deadline and indicate the deadline for considering the request, but no longer than 2 months. 4. The Administrator informs each recipient to whom the personal data has been disclosed about rectification or deletion of personal data or restriction of processing, which he made in accordance with the User's request, unless it turns out to be impossible or requires a disproportionate effort. NECESSITY TO PROVIDE DATA 1. In order to perform the contract, the Administrator may make the data collected from Users available to entities including: employees, collaborators, entities providing legal services and IT services to the Administrator and suppliers, including payment providers. In addition, the Administrator makes the collected personal data available to the entity with which it concluded an agreement on entrusting the processing of personal data. 2. In such cases, the amount of data transferred is limited to the necessary minimum. In addition, the information provided by Users may be made available to competent public authorities, limited to situations where it is required by applicable law. 3. To recipients not indicated above, the processed personal data is not made available externally in a form that would allow for any identification of Users, unless the User has consented to specific disclosure of data. TECHNICAL MEASURES 1. The Administrator makes every effort to secure Users' data and protect them against the actions of third parties, and also supervises the security of data throughout the period of their possession in a way that ensures protection against unauthorized access, damage, distortion, destruction or loss of data. 2. The Administrator applies the necessary security measures to servers, connections and the Website. However, the actions taken by the Administrator may prove insufficient if Users do not comply with the security rules. TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA 1. Users' personal data are not transferred to countries outside the EEA. The administrator uses servers to store data located in EEA countries. 2. The Administrator reserves that suppliers, including payment operators, may process and transfer personal data outside the European Economic Area. ENTITIES PROCESSING DATA ON BEHALF OF THE ADMINISTRATOR 1. Users' personal data may be entrusted for processing on behalf of the Administrator to portals supporting the Administrator's marketing campaign. Each processing entity is obliged to ensure the security of processing and to comply with the principles of processing your personal data to an extent identical to that of the Administrator. CHANGE TO THE PRIVACY AND COOKIES POLICY 1. The Administrator has the right to change this document, of which the User will be notified in a way that allows the User to become familiar with the changes before they enter into force, e.g. by posting appropriate information on the Website. 2. If the User has any objections to the changes made, he may request the removal of personal data from the Website. Continued use of the Website after publication or sending of notification of changes to this document is considered consent to the collection, use and disclosure of the User's personal data in accordance with the updated content of the document. 3. This document does not limit any rights of the User in accordance with generally applicable laws.