This Privacy Policy (hereinafter referred to as “the Policy”) contains information concerning processing your personal data in connection with your use of DeployNow Website at https://deploynow.io dereinafter referred to as “the Website”).
All capitalized terms not otherwise defined in the Policy have the meaning defined in the Terms and Conditions available at https://deploynow.io/terms-and-conditions/
Personal Data Controller
The controller of your personal data is DevOpsi spółka z ograniczoną seated in Warsaw (address: ul. Leona Berensona 12E/106, 03-287 Warsaw, Poland), entered into the commercial register kept by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division, under the KRS number: 0000852755, having tax identity number (NIP): 5242904541, REGON number: 386672022and share capital: PLN 5,000.00 (hereinafter referred to as “the Controller”).
Contact with the Controller
In all matters related to the processing of personal data you can contact the Controller via email: [email protected]
Measures for personal data protection
The Controller uses modern organizational and technical safety measures to ensure the best possible protection of your personal data and ensures that they are processed in accordance with the provisions of Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “the GDPR”), the Act of 10 May 2018 on the Protection of Personal Data and other personal data protection legislation.
Information on personal data being processed
Using the Website and our Services requires processing of your personal data. In the table below, you will find detailed information about the purposes and legal basis of the processing, the period of the processing as well as information whether the provision of your personal data is obligatory or voluntary.
| Purpose of processing | Personal data processed | Legal basis |
| Conclusion and performance of Services | 1) company or first and second name, 2) email address, 3) NIP (Taxpayer Identification Number) – if the Customer is an entrepreneur or an entrepreneur with consumer rights. | Art. 6(1)(b) of the GDPR (The processing is necessary to perform the Agreement concluded with the data subject or to take steps to conclude this Agreement) |
Providing the personal data is a condition for the conclusion and performance of the Account Services Agreement, Software Services Agreement, Data Processing Agreement (the provision of such data is voluntary, but should you fail to provide your personal data, you will be unable to conclude and performed the above Agreement or Agreements, including the creation of an Account).
The Controller will process the above personal data until statute of limitation on the claims arising from the above Agreement or Agreements expires.
| Purpose of processing | Personal data processed | Legal basis |
| Handling a complaint | 1) company or first and second name, 2) email address, 3) phone number, 4) correspondence address (street, house number, apartment number, city/town, postal code, country); | Art. 6(1)(c) of the GDPR (Processing is necessary for compliance with a legal obligation to which the Controller is subject. In this case, the obligations include responding to a complaint – Art. 7(a) of Consumer Rights Act. |
Providing the above personal data is a condition for receiving a response to the complaint or exercising the Customer’s rights under warranty (the provision of such data is voluntary but if you fail to provide your personal data, you will not receive a response to your complaint and you will be unable to exercise your rights).
The Controller will process the above personal data for the period of complaint procedure (but no longer than for 30 days).
| Purpose of processing | Personal data processed | Legal basis |
| Sending a newsletter | 1) email address. | Art. 6(1)(f) of the GDPR (Processing is necessary to pursue the Controller’s legitimate interest, which, in this case, consists in informing users about novelties and discounts) |
Providing your email address is voluntary, but necessary if you wish to receive the newsletter (if you fail to provide your email address you will not receive the newsletter).
The Controller will process your email address until an effective objection is lodged or the purpose of the processing is achieved.
| Purpose of processing | Personal data processed | Legal basis |
| Sending email notifications (e.g., informing about the Services, the status of the tasks) | company or first and second name, email address | Art. 6(1)(f) of the GDPR (Processing is necessary to pursue the Controller’s legitimate interest, which, in this case, consists in informing Customers about the actions taken in relation to the provision of services) |
Providing the above personal data is voluntary but necessary to receive information about the activities related to the provision of Services (if you fail to provide the personal data you will not receive this information).
The Controller will process the personal data until an effective objection is lodged or the purpose of the processing is achieved.
| Purpose of processing | Personal data processed | Legal basis |
| Fulfilling tax obligations (e.g., issuing VAT invoices, keeping accounting records) | 1) full name/company; 2) correspondence address (street, house number, apartment number, city/town, postal code, country); 3) order number | Art. 6(1)(c) of the GDPR (Processing is necessary for compliance with a legal obligation to which the Controller is subject. In this case, this applies to the obligations under tax law) |
Providing the above personal data is voluntary, but it is necessary for the Controller to meet their tax obligations (if you fail to provide these personal data, the Controller will be unable to fulfil the above obligations).
The Controller will process the above personal data for a period of 5 years from the end of the year in which the deadline for the payment of tax for the previous year expired.
| Purpose of processing | Personal data processed | Legal basis |
| Compliance with personal data protection obligations | 1) company or first and second name, 2) the contact details you provided (email address; mailing address; telephone number). | Art. 6(1)(c) of the GDPR (Processing is necessary for compliance with a legal obligation to which the Controller is subject. In this case, this applies to the obligations under personal data protection provisions) |
Providing the above personal data is voluntary, but it is necessary for the Controller to properly fulfil their obligations under the provisions on personal data protection, including exercising your rights under the GDPR (if you fail to provide the above data it will be impossible to exercise your rights properly).
The Controller will process the above personal data until the expiry of the limitation periods of any claims for the infringement of personal data protection provisions.
| Purpose of processing | Personal data processed | Legal basis |
| Establishing, pursuing, or defending against claims | 1) first name, 2) second name, 3) company, 4) email address, 5) address of residence/seat, 6) PESEL (Polish Resident Identification Number) / KRS (National Court Register Number), 7) NIP (Tax Identification Number). | Art. 6(1)(f) of the GDPR (Processing is necessary in order to pursue the Controller’s legitimate interest, which, in this case, consists in establishing, pursuing or defending against claims that might arise in connection with the performance of the Agreements concluded with the Controller) |
Providing the above data is voluntary, but it is necessary to establish, pursue or defend against claims that might arise in connection with the performance of the Agreements concluded with the Controller (if you fail to provide the above data the Controller will not be able to undertake the aforementioned actions)
The Controller will process the above personal data until the expiry of the limitation periods of any claims that might arise in connection with the performance of the Agreements concluded with the Controller.
Personal data recipients
The recipients of personal data are the following external entities cooperating with the Controller, e.g.:
- a hosting company,
- providers of online payment systems,
- a newsletter service provider,
- companies providing tools to analyse activity in the Website (e.g. Google Analytics),
- an accounting services company.
Moreover, the data may be transferred to public or private entities if such an obligation arises from generally applicable law, a final and binding sentence or final and biding administrative decision.
Transfer of personal data to a third country
In connection with the Controller’s use of tools such as Google Analytics and Stripe, your personal data may be transferred outside the European Economic Area and Switzerland to the following third countries: USA, Chile, Singapore, and Taiwan (Republic of China).
The Controller may provide you with a copy of your data transferred to a third country
Rights
You have certain rights in connection with the processing of personal data:
- you have the right to be informed about what personal data concerning you are processed by the Controller and to receive a copy of such data (the right of access). The first copy of the data is free of charge; the Controller may charge a fee for the subsequent copies,
- if the data processed become outdated or incomplete (or otherwise incorrect), you have the right to request a rectification,
- in certain situations, you may ask the Controller to delete your personal data, e.g., when:
- the Controller does not longer need your personal data for the purposes you were informed about,
- you have effectively withdrawn your consent to the processing of your personal data (unless the Controller has the right to process the data on another legal basis),
- the processing is unlawful,
- the Controller must remove the data under the Controller’s legal obligation,
- in case the Controller processes your personal data based on a given consent to the processing or in order to perform an Agreement concluded with the Controller, you have the right to transfer your data to another controller,
- when personal data are processed by the Controller on the basis of your consent to the processing, you have the right to withdraw that consent at any time (withdrawal of consent does not affect the lawfulness of processing carried in accordance with the consent before its withdrawal),
- if you believe that the personal data processed are incorrect, the processing is unlawful or that the Controller no longer needs specific data, you may request that the Controller only store the data and cease to carry out any operations on the data, for a specified, required period (e.g., necessary to verify the correctness of the data or pursuing claims),
- you have the right to object to the processing of your personal data based on the Controller’s legitimate interests. If your objection is successfully raised, the Controller will cease to process the personal data for the above purpose,
- you have the right to lodge a complaint with the Head of the Office for Personal Data Protection if you believe that the personal data processing violates the provisions of the GDPR.
Cookies
- The Controller informs that the Website uses “cookies” installed on your end device. They are small text files which can be read by the Controller’s system and the systems belonging to other entities whose services are used by the Controller (e.g. Google).
- The Controller uses cookies for the following purposes:
- ensuring proper functioning of the Website – cookies allow the Website to operate smoothly and make it possible for its users to use its functions and navigate comfortably through individual subpages,
- increasing the comfort of browsing the Website – cookies make it is possible to detect errors on some subpages and constantly improve the subpages,
- creation of statistics – cookies are used to analyse the way users use the Website. It allows us to improve the Website and adjusts its functioning to the users’ preferences,
- marketing activities – cookies allow the Controller to present the users with ads adjusted to their preferences.
- The Controller may place both permanent and temporary (session) cookies on your device. Session cookies as usually removed once you close the browser. However, closing the browser does not remove permanent cookies.
- The information about the cookies used by the Controller is displayed in the panel at the bottom of the Website. You can decide whether you want to enable or disable cookies of different categories (except for necessary cookies) and change these settings at any time.
- Data collected by cookies do not allow the Controller to identify you.
- The Controller uses the following cookies or tools that use cookies:
| TOOL | SUPPLIER | FUNCTIONS AND SCOPE OF DATA COLLECTION | DURATION |
| Necessary cookies | The Controller | These files need to be enabled for the Webiste to function properly, therefore you cannot disable them. The files (which collect, among others, your device’s IP number) allow us to inform you about the cookies used on the Website. | Most of the necessary cookies are session cookies, but some remain on your end device for 14 months or until they are deleted. |
| Google Analytics | This tool makes it possible to collect statistical data on how the Website is used by Customers, including the number of visits, the duration of the visit, the search engine used, and the location. The collected data help us improve the Website and make it more customer-friendly. | Up to 14 months or until their removal (whichever occurs first). | |
| Google Optimize | This tool allows us to make changes to the website and see if they improved website funcionality compared to the old versions. | Up to 14 months or until their removal (whichever occurs first). | |
| Hotjar | Hotjar | This tool allows us to track anonymous behavior (eg. Fast-paced consecutive clicks) and determine proper funcioning and interactiveness of the website. | Up to 12 months or until their removal (whichever occurs first). |
| SignalZen | SignalZen | ZignalZen is the chat widget on our website. It allows us to remember and continue our conversations where they left off. | Up to 10 years or until their removal (whichever occurs first). |
- By using most of the commonly used browsers, you can check whether cookies have been installed on your device. You can also delete the installed cookies and block their installation by a website or different websites in the future. However, disabling or restricting the use of cookies may cause serious difficulties in using the Website, e.g., the necessity to log in to each subpage, longer time needed for the Website to load, limitations in the use of certain functionalities.
Final Provisions
To all matters not settled herein generally applicable provisions on the protection of personal data shall apply.
This Policy is effective from 23.11.2022.