The terms written with initial capital letters shall be understood in a following way: Data Controller – A controller determines the purposes and means of processing personal data.
- Personal Data – is information that relates to an identified or identifiable individual,
- User – any person viewing the website;
- Website – https://satsback.com
The Data Controller respects personal data of the Users and fulfils conditions deriving from the law, especially from the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
The Data Controller ensures that its workers and subcontractors were given training in protection of personal data.
You can contact the Data Controller by:
- Telephone: +48 533 008 654
- Email: [email protected]
For what purpose does the Administrator process personal data?
Personal data provided during any contacts with Administrator are used only to:
- Provide requested services;
- Contact the User, at the request of the User;
- Send a newsletter
Who has access to the personal data of the User?
The Controller of personal data provided during registration or any kind of contact with the Data Controller is:
The rights of the User
The User has the right to request from the Data Controller access to personal data concerning him or her and to obtain information about the purposes of its processing, categories of data processed, recipients of data, storage period of data (if it is impossible to indicate the period, the User has the right to information about the criteria used to determine this period). The User has also the right to rectify personal data if they are incorrect and the right to request supplementing incomplete personal data.
The User has the right to request the erasure of personal data without undue delay if:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- a consent to the processing of personal data has been effectively withdrawn;
- the User objects to the processing of personal data for marketing purposes;
- the User objects to the processing (also by profiling) of personal data, based on the legally legitimate interest pursued by the Data Controller or by the third party, unless there are valid, legally justified grounds for processing of the User's personal data that override the interests, rights and freedoms of the User, or there are grounds for establishing, investigating or defending claims.
The User has the right to request restriction of processing of personal data when:
- the User contests the accuracy of the personal data - for a period enabling the Controller to verify the accuracy of the personal data;
- the processing is, according to the User, unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
- the Controller no longer needs the personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defense of legal claims;
- the User has objected to processing (pursuant to Article 21 paragraph 1 of GDPR) pending the verification whether the legitimate grounds of the controller override those of the User.
If the User requests restriction of processing of personal data, the Data Controller will refrain from processing them without the consent of the User, except for storing them or processing them in order to establish, exercise or defend claims, protect the rights of another natural or legal person, or due to important reasons of public interest of the European Union or a Member State. The User will be informed about this before the restriction of processing is lifted.
The User has the right to object in case of processing of the personal data for the purposes of direct marketing, including profiling, to the extent that it is related to such direct marketing. After submitting the objection, the Data Controller will refrain from processing the personal data of the User for direct marketing purposes (including profiling). The User has the right to submit objections by automated means using technical specifications.
The User has the right to receive in a structured, commonly used and machine-readable format, the personal data that the User has provided to the Data Controller, as well as the right to transfer his or her personal data to another Controller without interference on the Data Controller part, if:
- processing takes place on the basis of the User’s consent or a contract, which performance needs processing of data; and
- the processing is carried out by automated means.
The Data Controller is obliged to send the User's data directly to another Controller (if it is technically possible) at the User's request.
The User has the right to withdraw the consent to the processing of personal data at any time, but the withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. With regard to the processing of the personal data, the User has the right to lodge a complaint to the President of the office for the protection of personal data.
What personal data does the Data Controller collect?
In order to provide requested service and contact the User, at the request of the User, the following data are collected:
- email address,
- other data provided by the User.
In order to send newsletter, the following data are collected:
- email address.
How long are the personal data stored?
The Data Controller stores personal data from the moment when the User starts corresponding with the Data Controller. After sending an e-mail requesting to delete Users’ data or to cease providing services, the permanent removal of data from servers belonging to the Data Controller may last up to 14 business days.
Exceeding the time limit indicated in the previous sentence is permitted only for the purpose of the Data Controllers’ performance of obligations arising from the law, e.g. for accounting purposes in relation to Users who have used paid services and in order to defend the Data Controller’s interests related to, for example, complaints.
Who does the Data Controller transfer personal data to?
The Data Controller transfers the personal data of the Users to:
- Google LLC, 1600 Amphitheatre, Parkway Mountain View, CA 94043 USA,
- MailerLite: (UAB “MailerLite”, J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania): collects e-mail addresses provided by the Users during the registration for the newsletter.
The Data Controller informs that all of the entities listed above, which are based in the United States of America, are considered members of the EU-US Privacy Shield Framework. Learn more about Privacy Shield Framework here: https://www.privacyshield.gov/Program-Overview
Cookies and server logs
In order to facilitate the use of the Website and to monitor its use, the management mechanism uses a technology called Cookies – data saved by the website’s server, a hosting operator: Heroku / salesforce.com, Inc. a Delaware corporation with its principal place of business at 50 Fremont St, Suite 300, San Francisco, California 94105, USA.
The Platform uses three types of Cookies:
- Session cookies – temporary files, saved on the User’s device until he or she signs out, leaves the website or shut downs the browser;
- Permanent cookies – saved on the User’s device for the time specified in its parameters or until its deletion by the User;
- Local storage- stored on the User's device for a definite or indefinite period or until its deletion by the User.
The Cookies are not used to collect any personal data about the users visiting the website.
The User may at any time disable the option of accepting cookies in the settings of his web browser, however, that might cause malfunctions in the functioning of the website.
The links to guides concerning disabling the option of accepting cookies in the most popular browsers are presented below:
The cookies are used in order to:
- create statistics helping to understand the use of the website so as to improve its content;
- maintain the User’s session, thanks to which signing in every time is not required;
- personalize the commercials;
- generate statistics that help in administering the website and improve the quality of services offered. These summaries are consolidated and do not contain data identifying visitors of the website. These data are not disclosed to other persons and entities.
Collected server logs, containing, among others the User's IP address, time of arrival of the request, the first line of the http request, the http response code, number of bytes sent by the server, information about the user's browser, information about errors that occurred during the HTTP transaction, information about the type of devices are stored indefinitely.