I. General Provisions

​

The purpose of this Privacy Policy is to provide Users of the Service with information regarding the processing of their personal data by the Administrator in connection with their use of the functionalities available on the Service. For this reason, we encourage every User of the Service to read the content of this document.

The personal data Administrator is: Solution4Labs spółka z ograniczoną odpowiedzialnością with its registered office in Białystok, at Sienkiewicza 110, 15-005 Białystok, entered into the Register of Entrepreneurs of the National Court Register maintained by the District Court in Białystok, 12th Commercial Division of the National Court Register, under number: 0000533329, NIP: 5272725493, REGON: 360310865, hereinafter referred to as “Solution4Labs”.

When processing Users’ personal data, the Administrator complies with personal data protection regulations, including the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).

The Administrator makes every effort to protect the Service and the data processed within it, including protection against unauthorized access by third parties. For this purpose, the Administrator uses physical security measures, security systems protecting access to servers and the Service, and cryptographic solutions. Personal data is made available only to those employees and entities for whom it is necessary to perform tasks, and it is processed solely for the purposes described in this Privacy Policy. Additionally, the Administrator is a Certified Entity. Details of the certification can be found in the ISO section.

By using the Service, the User accepts this Privacy Policy.

II. Personal Data

The personal data of Users of the Service may be collected and processed by the Administrator for the following purposes:

• Data provided by the User:

​

1. Handling contact forms. By completing a contact form, the User provides the Administrator with personal data that may include: first name, last name, e-mail address, contact number, and the User’s company name. This data is processed based on the legitimate interest of the Administrator and the User, consisting of handling the inquiry, i.e., responding to the question(s), communicating with the User, or presenting an offer of products or services offered by the Administrator that the User is interested in. Providing the data is voluntary, but failure to provide it will prevent the achievement of the purposes mentioned above. Inquiries may also be handled through tools available on the Service, such as a chatbot or functionality enabling the User to send the Administrator a voice recording, which may contain personal data;

2. Conclusion of an NDA. The Service allows the User to request an NDA (non-disclosure agreement). If the User expresses the desire to conclude such an agreement, their personal data will be processed to take steps prior to its conclusion, e.g., preparing the appropriate document template. In such a case, providing the data is a condition for concluding the agreement;

3. Receiving commercial information about the Administrator’s products and services. The User’s data may be processed for marketing purposes carried out by the Administrator involving the sending of commercial information about the Administrator’s products and services. The basis for processing data for this purpose is the Administrator’s legitimate interest. The User will receive such information only if they consent to receive it at the given e-mail address. The User may withdraw consent at any time.

​

• Data collected automatically while using the Service, including:

1. information automatically stored in server logs and the Service, such as IP address, page request sent by the User, date and time of the request, browser type, browser language, device data, and operating system type;

2. information contained in “cookies.” More details about cookies can be found in Section VI. Cookies and other technologies.

III. Data Processing Period

The period for which the User’s data is processed depends on the purpose for which the data was obtained.

​

1. For data processed for the purposes specified in Section II point a) above, data will be processed until the purpose is achieved or an objection to its processing is submitted;

2. For data processed for the purpose specified in Section II point b) above, data will be processed for the duration of the agreement for which it was collected, and after its termination for the period required by applicable regulations.

3. For data processed for the purpose specified in Section II point c) above, data will be processed until the User withdraws consent to receive information about the Administrator’s products or services at the provided e-mail address, or until an objection to processing for marketing purposes is submitted.

IV. Rights Related to Data Processing

In connection with the processing of their data by the Administrator, Users have the following rights:

a) the right to access their personal data,
b) the right to request data rectification,
c) the right to request data deletion,
d) the right to request restriction of processing,
e) the right to object to processing based on the legitimate interest of the Administrator, i.e., the purposes mentioned in Section II points a) and c).

The User also has the right to lodge a complaint with the President of the Personal Data Protection Office if they believe that the processing of their data violates GDPR.

V. Data Recipients

Users’ personal data may be shared with recipients who provide services to the Administrator (including subcontractors, entities cooperating with the Administrator in IT system maintenance ensuring the proper functioning of the Service, or recipients through whom the Administrator conducts marketing or informational activities).

Users’ personal data may also be provided to entities offering accounting or legal services to the Administrator.

As a rule, Users’ personal data will not be transferred to recipients based outside the European Economic Area unless necessary to perform specific tasks or activities on behalf of the User.

VI. Cookies and Other Technologies

Cookies are IT data, in particular small text files, that are stored on the User’s end device (computer, smartphone, tablet) during the User’s use of the Service and later retained there for the following purposes:

• ensuring the proper functioning of the Service in the User’s browser,

• facilitating the User’s use of the Service and adapting it to the User’s needs,

• remembering the User’s individual settings and preferences,

• creating Service statistics to better understand User expectations and develop the Service so that it is easier to access the most frequently searched information (e.g., by analyzing search queries),

• administering servers and the Service,

• ensuring the security and protection of data and the Service,

• providing the User with specific services,

• tailoring the Service to the Users’ needs.

Web browsers typically allow cookies to be stored on the User’s device by default.

Examples of cookies and their use in the Service:

Cookies used to define statistics on page popularity, number of visits, and distribution of visits over time (Google Analytics: __utma, __utmc, __utmz);

Cookies set by the application server during the User’s first visit to the Service, deleted after a certain period of inactivity or upon completion of a specific action on the Service, such as leaving the page, closing the browser, or logging out (JSESSIONID, LFR_SESSION_STATE).

The User can configure their web browser to fully or partially disable the storage of cookies on their device. Disabling cookies may cause some functions of the Service to not function properly.

The types of cookies that may be used by the Service and detailed information regarding their storage and purposes are presented in the table below.