Poprostu NICE
Poprostu NICE
Select your country
Poprostu NICE
Poprostu NICE
Odkrywaj rozwiązania Nice:
    WYBIERZ MARKĘ
Poprostu NICE
Odkrywaj rozwiązania Nice:
  2. Privacy Policy

Privacy Policy

Dear Sirs,

We make every effort to protect the personal data we collect in accordance with national legislation and Regulation 2016/679 of the EU Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L 119 of 04.05.2016, p. 1, as amended by Official Journal of the EU L 127 of 23.05.2018, p. 2), (hereinafter: "GDPR").

We make this privacy policy available to you so that every person with whom we enter a relationship is aware:

  • who is the controller of its personal data,
  • to what extent, for what purposes and on what legal basis we process the data and to whom we make it available,
  • what rights you have in relation to the processing of your data,

in accordance with Articles 13 and 14 of the GDPR.

The privacy policy may be detailed in the information provided at the time of collection of personal data or within a reasonable period - one month at the latest - in case of collection of data from indirect sources, i.e. not from the data subjects.

§ 1

Controller

  1. The controller of your personal data is NICE - POLSKA sp. z o.o. with its registered office in Pruszków (05-800) at 2A Parzniewska St. (hereinafter: ‘Nice’, ‘controller’ or ‘we’).
  2. In certain cases, we may also process data as a recipient or processor.

§ 2

Data Protection Officer

To supervise data protection matters and provide you with detailed information, we have appointed a data protection officer. His duties are performed by Mr Damian Grodziński. You can contact the inspector by writing to the address of the controller's office or by e-mail: iod.pl@niceforyou.com.

§ 3

Data Processing

1. Clients and Contractors

If you are one of our clients/contractors, then:

a. We process your data to conclude or perform a contract (Art. 6(1)(b) of the GDPR), to fulfil our legal obligations under the law (Art. 6(1)(c) of the GDPR) and, in certain cases, for the purposes of legitimate interests (Art. 6(1)(f) of the GDPR). The cases of our legitimate interests are described in § 4.

b. The categories of personal data processed may include name, tel. no., e-mail address, company name, NIP, Regon, function/position, address of installation where Nice products are used, PESEL number, ID card number, date of birth and residential address.

c. Data recipients may be courier, postal, legal or IT service providers. In relation to the ownership structure, the recipient of the data may be Nice S.p.A., based in Italy: Nice Headquarters, Via Callalta, 1, 31046 Oderzo (TV), Italy, telephone number +39 0422 85 38 38.

d. The data will be stored for a period of min. 5 years from the end of the calendar year in which the deadline for payment of the tax in relation to the contract concluded has expired, however, the law may provide for a longer retention period, for the assertion or defence of claims. The cases of longer data processing periods are described in § 4.

e. In relation to processing, you have the right to access and rectify your data, the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on the individual rights can be found in § 5.

f. Your personal data may be processed in the form of analytical, sales and marketing profiling. Binding decisions are not automated, i.e., they are never made without human involvement.

g. The provision of data is a contractual requirement and the refusal to do so may prevent the conclusion or execution of the contract.

2. Partners

If you belong to our partners, business partners, are their employees, collaborators, contractors, then:

a. We process your data to conclude or perform a contract (Art. 6(1)(b) of the GDPR), to fulfil our legal obligations under the law (Art. 6(1)(c) of the GDPR) and, in certain cases, for the purposes of legitimate interests (Art. 6(1)(f) of the GDPR). The cases of our legitimate interests are described in § 4.

b. The categories of personal data processed may include your company name, registered office address, web address, contact details, telephone number, email address, name of the person appointed for contact purposes, home address. To establish the details of the cooperation, we may ask you for some information regarding your company, the number of its employees or their experience in the services provided by your company.

c. Data recipients may be courier, postal, legal or IT service providers. In relation to the ownership structure, the recipient of the data may be Nice S.p.A., based in Italy: Nice Headquarters, Via Callalta, 1, 31046 Oderzo (TV), Italy, telephone number +39 0422 85 38 38.

d. The data will be stored for a period of min. 5 years from the end of the calendar year in which the deadline for payment of the tax in relation to the contract concluded has expired, however, the law may provide for a longer retention period, for the assertion or defence of claims. The cases of longer data processing periods are described in § 4.

e. In relation to processing, you have the right to access and rectify your data, the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on the individual rights can be found in § 5.

f. Your personal data may be processed in the form of analytical, sales and marketing profiling. Binding decisions are not automated, i.e., they are never made without human involvement.

g. The provision of data is a contractual requirement and the refusal to do so may prevent the conclusion or execution of a contract.

3. Suppliers

If you provide goods or services to us, then:

a. We process your data for the conclusion or performance of a contract (Art. 6(1)(b) of the GDPR), the fulfilment of legal obligations incumbent on us, (Art. 6(1)(c) of the GDPR) and, in certain cases, for the purposes of legitimate interests (Art. 6(1)(f) of the GDPR). The cases of our legitimate interests are described in § 4.

b. The categories of personal data processed may include name, tel. no., e-mail address, company name, NIP, Regon, function/position.

c. Recipients of the data may be energy, courier, postal, legal or IT service providers. In relation to the ownership structure, the recipient of the data may be Nice S.p.A., based in Italy: Nice Headquarters, Via Callalta, 1, 31046 Oderzo (TV), Italy, telephone number +39 0422 85 38 38.

d. The data will be stored for a period of min. 5 years from the end of the calendar year in which the deadline for payment of the tax in relation to the contract concluded has expired, however, the law may provide for a longer retention period, for the assertion or defence of claims. The cases of longer data processing periods are described in § 4.

e. In relation to processing, you have the right to access and rectify your data, the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on the individual rights can be found in § 5.

f. The provision of data is a contractual requirement, and the refusal to provide such data may prevent the conclusion or execution of the contract.

4. Representatives and Contact Persons

If you are a representative or contact person, then:

a. We process your data for the purpose of entering into or performing a contract (Article 6(1)(b) of the GDPR), fulfilling legal obligations incumbent upon us arising from legal provisions (Article 6(1)(c) of the GDPR), and in specific cases to achieve objectives resulting from legally justified interests (Article 6(1)(f) of the GDPR). Cases of our justified interests are described in § 4.

b. The categories of personal data processed may include name and surname, the company with which you are associated, your position/function, business telephone number, business email address, history of contacts between us and you.

c. The recipients of the data may be entities providing courier, postal, legal, or IT services. Due to the ownership structure, the recipient of the data may be Nice S.p.A. based in Italy: Nice Headquarters, Via Callalta, 1, 31046 Oderzo (TV), Italy, telephone number +39 0422 85 38 38.

d. Data will be stored for the period necessary to meet the needs associated with maintaining contact between us and you.

e. In connection with the processing, you have the right to access your data and to rectify them, the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on individual rights can be found in § 5.

f. Providing data is voluntary, and refusal to provide them may prevent communication.

5. Candidates

If you are interested in our job or cooperation offers, then:

  1. a. We process your data for the purpose of entering an employment contract based on and within the scope specified in Art. 22(1) § 1 of the Labour Code (Article 6(1)(b) of the GDPR) or entering a civil law contract (Article 6(1)(b) of the GDPR). We also process your personal data for purposes resulting from legally justified interests (Article 6(1)(f) of the GDPR) in accordance with § 4.

    b. If you wish to participate in subsequent recruitments or include information in application documents that may be considered as sensitive data, they will be processed based on your voluntarily expressed consent (Article 6(1)(a) or Article 9(2)(a) of the GDPR).

    c. The categories of data processed include: first name(s) and surname, date of birth, contact details provided by you, education, professional qualifications, employment history, company (in the case of sole proprietors), and other data that you have provided in the application documents.
    d. The recipients of the data may be entities providing IT services.

    e. Data will be stored for the period of conducting a given recruitment unless you consent to their further storage for future recruitment purposes. Cases of longer data processing periods are described in § 4.

    f. In connection with the processing, you have the right to access your data and to rectify them, the right to restrict processing, the right to withdraw consent at any time (without affecting the legality of processing carried out before its withdrawal), the right to object to processing, the right to erase data, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw).

    g. Providing data results from the scope specified by the Labour Code or is a contractual requirement (in the case of employment based on a civil law contract) and refusal to provide them may prevent the establishment of an employment relationship or conclusion of a contract.

6. Training and Webinar Participants

If you are a participant in the trainings organized by us, including remote trainings and webinars we organize:

a. We process your data for the purposes of conducting the training and managing the licensing program based on a contract (Article 6(1)(b) of the GDPR).

b. The categories of personal data processed may include name and surname, company name, email address, contact phone number, image.

c. The recipients of the data may be entities providing IT, marketing services, and internet messenger service providers.

d. Data will be stored for a minimum period of 5 years from the end of the calendar year in which the tax payment deadline related to the contract has expired, however, legal provisions may provide for a longer data retention period, especially in terms of pursuing or defending claims. Cases of longer data processing periods are described in § 4.

e. Webinars and remote trainings organized by the controller may also be recorded. In such a case, your image, voice, and other data that you voluntarily provide during the webinar or remote training may be captured. The controller does not require providing other data than those necessary to register for a given webinar or remote training (company name, first name or nickname, email address). Any other data provided by you will be processed based on Article 6(1)(a) of the GDPR, i.e., based on voluntary consent. Consent can be withdrawn at any time – without affecting the legality of the processing carried out before its withdrawal. If you do not want to share your image with us, you can simply turn off your webcam. The use of a microphone is also not mandatory – you can direct any questions to the person conducting the webinar or training in written form through the chat.

f. In connection with the processing, you have the right to access your data and to rectify them, the right to withdraw consent at any time (without affecting the legality of processing carried out before its withdrawal), the right to erase data (including the right to be forgotten), the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on individual rights can be found in § 5.

g. Providing data is a contractual requirement, and refusal to provide them may prevent the conclusion or implementation of the contract.

7. Sponsees

If we are your sponsor, as part of our sponsorship activities:

a. We process your data based on the sponsorship agreement (Article 6(1)(b) of the GDPR).

b. The categories of personal data processed may include first name and surname.

c. The recipients of the data may be entities providing IT and marketing services.

d. Data will be stored for a minimum period of 5 years from the end of the calendar year in which the tax payment deadline related to the contract has expired. However, legal provisions may provide for a longer data retention period, especially in terms of pursuing or defending claims. Cases of longer data processing periods are described in § 4.

e. In connection with the processing, you have the right to access your data and to rectify them, the right to restrict processing, the right to object to processing, and the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on individual rights can be found in § 5.

f. Providing data is a contractual requirement, and refusal to provide them may prevent the conclusion or implementation of the contract.

8. Journalists and Media Representatives

If you are journalists or media representatives:

a. Your data is processed for the purpose of disseminating press information (Article 6(1)(f) of the GDPR).

b. The categories of personal data processed may include first and last name, email address, contact telephone number.

c. The recipients of the data may be entities providing IT, marketing services.

d. Data will be stored for a period of at least 5 years from the end of the calendar year in which the tax payment deadline expired in connection with the concluded contract, however, legal provisions may provide for a longer data retention period, particularly in pursuing or defending claims. Cases of longer data processing periods are described in § 4.

e. In connection with the processing, you have the right to access and rectify your data, the right to restrict processing, the right to object to processing, the right to lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw). Detailed information on individual rights can be found in § 5.

f. Providing data is a contractual requirement, and refusal to provide it may prevent the conclusion or implementation of the contract.

9. Individuals Communicating with Us via Our Website

If you contact us through our website, then:

a. Your data is processed to achieve the purpose arising from the legitimate interests, which is communication between us and you (Article 6(1)(f) of the GDPR).

b. The categories of personal data processed may include first and last name, company name, email address, contact phone number.

c. The recipients of the data may be entities providing IT and marketing services.

d. Data will be stored for the period necessary to respond to the inquiries sent or until you withdraw your consent. Cases of longer data processing periods are described in § 4.

e. In connection with the processing, you have the right to access your data and rectify them, the right to restrict processing, the right to object to processing, the right to withdraw consent at any time (without affecting the legality of the processing carried out before its withdrawal), the right to delete data, and the right to lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).

f. Providing data is voluntary.

g. We may also process information that enables us to remember your preferences in using the site - for collecting this type of data, we use “cookies.”

h. Data on the use of our website may be used for internal statistical purposes and website functionality, as well as to ensure information security. In this case, we use only aggregated data and do not use surnames, email addresses, or other information that allows your direct identification.

§ 4

Other Bases for Processing

  1. Besides the situations listed in § 3, we may in certain cases process your data for other purposes. This may involve extending the period of storing your data.
  2. For purposes necessary to fulfil our legal obligations (Article 6(1)(c) of the GDPR), your data will be processed:
  1. for the duration of performing the legal obligations imposed on us by the relevant regulations, including, among others, tax law, social insurance, etc.;
  2. for the period during which specific legal provisions require us to store data (these provisions may provide for different data storage periods).
  1. Furthermore, we may also process your data for other purposes arising from our legitimate interests (legal basis: Article 6(1)(f) of the GDPR):

a. conducting correspondence;
b. establishing, defending, and pursuing claims, which includes, among other things, selling our receivables to another entity;
c. promoting the company and our services;
d. creating compilations, analyses, and statistics;
e. establishing business or partnership cooperation;
f. archiving;
g. verifying licenses by the end-user;
h. distributing gadgets;
i. conducting training and for educational purposes;
j. conducting motivational programs.

  1. In the situation where you are on the premises of our headquarters, we may record your image using a video surveillance system for purposes related to ensuring the safety of persons and property protection. Data recorded using video surveillance will be stored no longer than 30 days from the date of recording.
  2. Your personal data will not be processed based on our legitimate interests if, in specific cases, your rights and freedoms prove to be superior.

§ 5

Rights

  1. Right of Access to Personal Data and Obtaining a Copy – Upon your request, we will provide information on whether we process your personal data. We are also obliged, upon a separate request, to provide more detailed information regarding: the purposes of processing, categories of personal data, recipients or categories of recipients of data, the period of storing personal data or criteria for determining this period, the source of data acquisition, about automated processing of personal data and its consequences for you. In the case of transferring personal data to a third country, we will also inform you about the safeguards used for the transfer upon your request. Upon your request, we will also create a copy of personal data. It will be provided to you in a popular computer file format. The first copy will be provided free of charge. However, we may charge a fee for each subsequent copy, which we will determine based on the provisions of the GDPR.
  2. Right to Rectification – If it turns out that your personal data is incorrect, we will remove the inaccuracies. We will do this on our initiative – or if you bring it to our attention – upon your request.
  3. Right to Erasure of Data, Including the 'Right to be Forgotten' – If you do not wish your personal data to be processed and we find no other legal grounds that allow us to process your data – we will delete it from our databases. However, it should be remembered that deleting some data may prevent us from providing services to you – this applies to those services for which the processing of personal data provided is necessary. For example, we will not be able to respond to your questions and present our offer if you request the deletion of the email address. Despite such a request, in certain cases, we will still be able to process some personal data under the terms defined in the GDPR.
  4. Right to Restrict Processing – In cases provided for by the GDPR, upon your request, we will limit the processing of your personal data. Simply put, restricting the processing of personal data prevents their use beyond storage. In such a case, any other actions on data subject to processing restriction can only be performed with your consent.
  5. Right to Data Portability – Under the terms provided for in the GDPR, you can request the transfer of personal data recorded in a standard machine-readable file format. If your goal is to transfer them to another controller, we will send a file containing your personal data directly to them.
  6. Right to Object – In some cases, even if we process personal data legally, without your consent, you can request us to stop processing personal data by raising an objection. It will be justified if you demonstrate that our lawful actions, nonetheless, violate your interests, rights, or freedoms.
  7. Right Not to be Subject to Automated Decisions in Individual Cases, Including Profiling – You have the right not to be subject to decisions based solely on automated processing, including profiling, if they would have legal effects on you or similarly significantly affect you.
  8. Right to Withdraw Consent at Any Time – In the situation where we have asked for your consent, you can withdraw this consent at any time. If we do not have a separate basis for processing, we will cease using personal data for the purpose for which consent was expressed. However, it should be remembered that withdrawing consent may sometimes prevent delivering you interesting content or information.
  9. Right to Lodge a Complaint with the Supervisory Authority – If you believe that our actions related to the processing of personal data have violated your rights, you can lodge a complaint with the President of the Personal Data Protection Office (2 Stawki St., 00-193 Warsaw).
  10. The rights listed above may be limited in some situations, e.g., when we can demonstrate that we are legally obliged to process your data.
  11. If you wish to exercise your rights, all you need to do is send an appropriate request using the contact details indicated in § 1 or § 2.

§ 6

Data Source

  1. As a rule, most of the data we process are information that you have provided to us voluntarily.
  2. In some rare cases, especially if you use our specific services, we may process personal data that we can infer about you based on other information you provide to us and which we acquire during our relations. These data will not be processed longer than is necessary for the purpose for which they were collected or will be promptly deleted.
  3. If we did not obtain personal data directly from you, we inform you that:

a. the data may have been obtained from a person or entity who indicated you as a person representing or designated for contact,
b. in the case of individuals participating in the recruitment process or those interested in establishing cooperation based on a civil law contract - personal data may have been obtained from recruitment agencies or personal consulting firms with which we cooperate, or our employees (in the case of referrals).

§ 7

Technical and Organisational Measures

  1. We commit to properly protect your personal data in accordance with our internal policies, orders, procedures, and standards so that personal data is protected against unauthorized use or access, unlawful modifications, loss, or destruction.
  2. We apply high-standard physical and logical security measures.
  3. Your personal data will not be stored longer than is necessary for the purpose for which it was collected, including the need to maintain compliance with legal obligations and for the resolution of disputes, pursuit, or defense of claims.
  4. In ensuring the security of the processed personal data, we commit to consider:

a. confidentiality – we will protect your data from accidental disclosure to third parties;
b. integrity – we will protect your data from unauthorized modification;
c. availability – we will ensure access to your data only to authorized persons, only if such a need arises.

  1. Third parties may process your personal data only if such entity commits to ensuring appropriate technical and organizational measures guaranteeing the security of personal data processing, as well as maintaining the confidentiality of this data.
  2. Every employee or collaborator of ours who has access to personal data possesses appropriate authorization and is obliged to maintain confidentiality.
  3. Personal data that you provide on our websites are encrypted and protected using an SSL certificate. It secures data transmission within the domain and confirms its authenticity.

§ 8

International Data Transfer

  1. Due to the ownership structure, the recipient of the data may be Nice S.p.A. based in Italy: Nice Headquarters, Via Callalta, 1, 31046 Oderzo (TV), Italy, phone number +39 0422 85 38 38.
  2. In principle, your personal data will not be transferred to countries outside the European Economic Area, where the law may not provide the same level of protection for your data.
  3. However, if in the course of processing your personal data are to be transferred to recipients in third countries (outside the EEA), such as the United States, such data transfer will take place exclusively based on standard contractual clauses in accordance with the decision of the European Commission or based on your explicit consent, which you will be directly asked for in relevant cases.

§ 9

Cookies

  1. Our website uses cookies.
  2. Cookies are information in the form of small text files saved on your computers by the server. They are important because they allow the server to read information each time it connects to a specific computer.
  3. Information collected using cookies does not constitute personal data but may be used to provide you with specific functions. Such data is encrypted in a way that prevents unauthorized persons from accessing it.
  4. The software used for browsing websites by default allows the placement of cookies on your computers – through the settings of the web browser, your consent has been expressed (Article 6(1)(a) of the GDPR).
  5. You can configure your browser to block the automatic acceptance of cookies or to receive information each time a file is sent to the device. More information on handling cookies and configurations can be obtained in your browser settings. The level of restrictions on the use of “cookies” can affect the availability and functionality of our websites, including the possibility of blocking their full operation.
  6. Our website uses cookies for the correct configuration, especially to:

a. adapt the content of the website pages to your preferences;
b. correctly configure selected functions of the website, enabling the verification of the authenticity of the browser session;
c. recognize the device and properly display the website, tailored to your individual needs;
d. remember your settings and personalize the interface, e.g., in terms of the selected language or region;
e. remember the history of visited pages on the site for content recommendations, font size, website appearance, etc.

  1. We may also use “cookies” that enable the display of advertisements and accounting for their effects (these may include, for example, Google Analytics, Google AdWords).
  2. The data we collect may be used to create so-called profiles, based on interests and activities on our websites.
  3. Based on the created profiles, we send more tailored marketing messages informing about our goods or services. The legal basis for processing this type of data is the legitimate interest of the controller (Article 6(1)(f) of the GDPR), particularly in conducting marketing activities.
  4. Within our websites, we may collect data on your activity. These data will be used for internal statistical purposes and for developing and improving our products, services, communication methods, and website functionalities, as well as for ensuring information security. In this case, we use only aggregated data and do not use surnames, email addresses, or other information that allows direct identification.
  5. The legal basis for processing this type of data is a justified interest (Article 6(1)(f) of the GDPR), particularly in improving our websites, to ensure the high quality of services and functionalities of our websites.
  6. The above-mentioned periods for storing personal data will occur most often. Due to the variety of situations, any questions regarding the periods of storing personal data in each situation should be directed to the contact details indicated in § 1 or § 2.

§ 10

Final Remarks

We reserve the right to amend this privacy policy, which may arise from the need to adapt to changes in legal regulations, prevailing privacy standards, or in connection with the expansion of our offer.

 

Data Protection Officer