Effective date: 25.05.2018
Last updated: 11.10.2019
If you happen to be left with even more questions after reading our policy – or already have some – do not hesitate to contact us.
“Applicable laws” means all the laws and regulations relevant to the collection, processing and storage of data, especially all the data protection laws and the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
“99NET” or “we” or “us” or „our” means 99NETspółka z ograniczoną odpowiedzialnością spółka komandytowa with a registered office at Ul. Nowogrodzka 42 lok. 19, 00-695 Warsaw, Poland
“Cookies” means small text files stored in a web browser by a website (here specifically: Site) or by an ad server. By storing certain information in a cookie, those web browsers, ad servers, and explicitly our Site are able to remember your preferences and recognize websites visited and/or web browsers used from one visit to another.
“Data Protection Officer” means a Data Protection Officer as defined in article 37 – 39 of GDPR appointed by 99NET to watch the security of your Data (as defined below).
“Legal Grounds” means the legal basis for the collection, processing and storage of your Personal Information.
“Log Data” means information that is automatically reported by your browser each time you access our Site or use our Services and which is sent by your web browser that our servers automatically record. Log Data may include information such as your IP address, browser type, web requests, domain names or pages viewed.
„Mobile App”, “App” means any app developed by 99NET and made available in any App Store or via Google Play for you to access, download and install on your device; access to full functionality of our Mobile Apps will only be available to you if you are a registered user of our Services.
“Personal Information” or “Information” or “Data” means any Information relating to an identified or identifiable person as defined in article 4.1 of GDPR.
“Site” means the 99NET website 99net.pl.
“You” means an individual that uses our Services via the Site or/and an individual who uses the Site but has no access to the areas of the Site and Services.
II. Personal Information we collect about you
We collect Information about you through:
- your use of our contact and registration forms
- your use of sign-in with different account option
- your use of our newsletter form
- your use of our forms to download our publications, like reports, ebooks, guides, presentations, case studies etc.
- your use of our Services
- your use of Site
The categories of your Data that we collect may include:
- Name and surname
- Company name
- Company address
- Company phone number
- Mobile telephone number
- Skype number
- Tax identification number
- E-mail address
- Payment and invoice details
When you register or log on through Google sign-in functionality and grant the “basic profile info”, Google provides us with its Google ID Token that includes your name and surname, email address, language settings and profile picture but we only retrieve your name, surname and email address to verify your identity for our needs while registering or logging you in.
III. Log Data, Cookies and similar technologies
When you interact with our Site, we may also automatically collect information from your Site activities through the usage of Cookies, Log Data and similar technologies on our Site.
By using those technologies we aim to personalize our Site to better meet your needs, as well as to provide you with customized Site content and to act within our advertising purposes. We may also use this information for the purposes of analytics and monitoring of the effectiveness of our performance, including the collection of the aggregate Site usage data (such as the overall number of Site visitors or pages viewed).
The information mentioned above may include:
- information about your interactions with the Site;
- technical information about your computer hardware and software that may include URL information, cookie data, your IP address, the types of devices you are using to access our Site and/or use the Services, device ID, device attributes, network connection type, browser type, language, internet service provider, clickstream data, access times, the files viewed on our Site;
- demographic information such as your ZIP code, age, gender and preferences by using Log Files; such information is not associated with your name or other Personal Information.
Please see our Cookies Policy for more details about our collecting and using of this Data.
IV. Additional information related to the processing of Personal Data while you use our Mobile Apps
When you access and log in to our Mobile App, we process your login information for the purposes of authentication process and ensuring the security of our Apps.
Google Firebase Analytics for Mobile Apps
99NET Mobile App uses Firebase Analytics to collect App usage statistics. Mobile analytics we use within Mobile Apps allows us to improve our understand their functionality on your mobile device by tracking the events that constitute your use of the App, such as when you scroll through the App, switch to another screen, push a button, or interact with the App in another way. We do not register what you see on your screen, text you type in on your device.
By default, Firebase collects identifiers for mobile devices (for example, Android Advertising ID and Advertising Identifier for iOS) and utilizes technologies similar to cookies.
Firebase also collect certain information automatically, including, but not limited to, the type of mobile device you use, your client ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the App as well as aggregate Mobile App usage data (such as the overall number of users, session, session duration).
If the App crashes during the time you are using it, Firebase also generates for us a report including information about the type of device used, history of the user’s activity within the app before the crash and stack trace. We use this information only for diagnostics purposes to improve the functionality of our Mobile Apps. For further information how Google’s Firebase collect your data please see: https://support.google.com/firebase/answer/6318039.
All Firebase services are certified by Google under the Privacy Shield Framework.
Google Firebase push notifications for Mobile App
You may also see push notifications when you use the App. Push notification is a message we send you from the level of our application, which later appears on your user interface and they are sent through Firebase services. While we provide you with push notification we use a device push token.
We use push technology only if you voluntarily agree to it by adjusting your mobile application settings. Additionally, If you wish to disable push notification you can deactivate them by changing the Mobile App and/or device settings at any time.
V. Purposes and Legal Grounds for Data processing
Your local law may require to set out the Legal Grounds on which we rely in order to process your Data. Below you will find an outline of the purposes for which we may process your Data accompanied by an indication of a relevant Legal Grounds for such processing pursuant to GDPR:
|entering into a contract with you (in particular registering your account and verifying your identity)||The legal basis on which we process your Data in these circumstances is entering into a contract with you (article 6.1. point b) of GDPR).|
|performing the contract, in particular performing the Services, ensuring ad security and ad fraud functionality, managing your account, providing you with customer support, processing transactions / issuing invoices, handling your requests, complaints and chargebacks||The legal basis on which we process your Data in these circumstances is performance of a contract concluded with you (article 6.1. point b) of GDPR).|
|pursuing claims or defending against claimsresponding to your inquiriesimproving Services, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringementmonitoring compliance with our Terms and Conditionsensuring accountability (demonstration of compliance with our obligations under the law)storing data for archiving or statistical purposes||The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to: pursue claims or defend against claims, responding your inquiries, improve the Services, detect, prevent, and respond to actual or potential fraud, illegal activities, or intellectual property infringement, monitor compliance with our Terms and Conditions. Our legitimate interest is also ensuring accountability (i.e. demonstration of compliance with our obligations under the law, in particular GDPR), as well as storing data for archiving and statistical purposes.For the purposes of advertising, market research as well as the research of behaviour and preferences of users, with the purpose of improving the quality of services by results of such research, the legal basis on which we process your Data in these circumstances is your voluntary consent according to the act on providing services by electronic means.|
|conducting necessary tax and accounting operations||The legal basis on which we process your Data in these circumstances are our legal obligations we are subject to (article 6.1 point c) of GDPR) to conduct relevant tax and accounting operations in the ordinary course of our business.|
|performing marketing of our products and Services (our direct marketing, customer satisfaction survey, analysis, enabling you to download the information or publication requested by you)||The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to promote our products and Services, conduct surveys, analysis or to provide you with the information or publication you requested.Sometimes we also ask you for your voluntary consent to the specific form of marketing, i.e. sending commercial information via e-mail (newsletter) or contacting with you by phone or skype for our commercial purposes in accordance with applicable law (telecommunication law, act on providing services by electronic means). For more information about our approach to sending marketing emails please see chapter VI.|
Additionally, when you give us your voluntary consent, we process your Personal Data by using Cookie technology in scope and for the purposes described in our Website’s cookies notification and Cookies Policy.
VI. Newsletter and electronic publications
In order to ensure that we are able to send you our newsletter or other publications, we will be processing your email address (which is necessary in order to providing you email newsletter) and – only if you wish to – your full name, surname, your companies name as well as information about your preferences (e.g. what type of newsletter(s) you wish to receive).
VII. Your rights
99NET, will respect your legal rights to your Data. You can manage and control your privacy by contacting our Data Protection Officer:email@example.com
Below you will find the description of your rights that you have under the law, and what 99NET, does to protect those rights:
|Legal right||What 99NET, does to protect your rights|
|The right of access||You have the right to access your Information. You have the right to request a copy of your Data that we hold about you by contacting us.|
|The right to rectification||We aim to keep your Personal Data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your Personal Data is not accurate or not complete, so that we can keep your Personal Data up-to-date.|
|The right to erasure||This is sometimes called ‘the right to be forgotten’. In some circumstances you have the right to the erasure of your Data without undue delay. Those circumstances include situations when: the Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the Data has been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.|
|The right to restriction processing||In some circumstances you have the right to restrict the processing of your Data. Those circumstances are the following: you contest the accuracy of the Data; processing is unlawful but you oppose erasure; we no longer need the Data for the purposes of our processing, but you require Data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your Data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.|
|The right to Data portability||99NET must allow you to obtain and reuse your Personal Data for your own purposes across Services in a safe and secure way without it affecting the usability of your Data. This right only applies to Personal Data that you have provided to us as the Data Controller. The Data must be held by us by consent or for the performance of a contract and the processing is carried out by automated means.|
|The right to object||In certain circumstances, you have the right to object to the processing of your Personal Data where, for example, your Personal Data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your Personal Data, or if your Data is being processed for direct marketing purposes.|
|The right to withdraw consent||If you have given us your consent to process your Data but changed your mind later, you have the right to withdraw your consent at any time, and 99NET has to stop processing your Data unless 99NET has other Legal Ground for processing of your Data. The withdrawal of consent does not affect the compliance of the processing which was made on its basis before the withdrawal of consent.|
|The right to complain to a Supervisory Authority||You have the right to lodge a complaint with the Supervisory Authority in particular if you feel that 99NET has not responded to your requests to solve a problem.|
VIII. How Data is protected
99NET uses various security technologies and procedures that help protect your Personal Information from unauthorized access, use, disclosure, alteration or destruction.
- Personnel. Only qualified and authorized employees are permitted to access Personal Information, and they may do so only for permitted business functions;
- Security Measures. We use encryption in the transmission of your Personal Information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your Personal Information;
- Payments. All supplied sensitive/credit Information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the Information confidential. After a transaction, your private Information (credit cards, social security numbers, financials, etc.) will not be stored on our servers;
- Additional Safeguards. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your Information. Our security procedures mean that we may request proof of your identity before we disclose Personal Information to you;
We want you to feel confident using our Site to conduct business. However, you should also take care of how you handle and disclose your Data and avoid sending Personal Information through insecure channels or networks. It is important for you to protect yourself against unauthorized access to your password and to your computer. Be sure to sign off when you finish using a shared computer and under no circumstances do not share your password with anyone, even with us – we will NEVER ask for it.
Please see more Information about security measures we use here.
IX. International transfer of Data
99NET may transfer Data to a country outside of the European Economic Area (EEA), i.e. to the territory of United States of America for which the European Commission has adopted an adequacy decision (Privacy Shield), in order to protect storage and processing of data using IT services, as well as operating the Site and providing the Services.
The EU-U.S. Privacy Shield framework is a “partial” adequacy decision, as, in the absence of a general data protection law in the U.S., only the companies committing to abiding by the binding Privacy Shield principles benefit from easier data transfers.
For the above reasons, in such cases your Personal Data will be transferred to the territory of USA in accordance with applicable laws, with appropriate safeguards in place, only to Privacy Shield certified vendors (according to the EU Commission Decision 2016/1250) or by using standard contractual clauses adopted by the European Commission (EU Commission Decision on standard contractual clauses for the transfer of Personal Data to processors established in third countries under Directive 95/46/EC (the “Model Contract Clauses”), or based on other applicable transborder data transfer mechanisms.
If you are located in the EEA, you may contact us if you require a copy of the safeguards which we have put in place to protect your Data transferred outside of the EEA and your privacy rights in these circumstances.
You may also learn more about:
- Privacy Shield Program here https://www.privacyshield.gov/Program-Overview and here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en.
- EU Commission Decision on standard contractual clauses for the transfer of personal data to processors established in third countries here https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087 and here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
X. Retention of your Information
99NET stores your Information for a period of time required for the purposes for which it was collected using generally accepted security standards and in compliance with applicable laws. 99NET will not retain your Personal Information for longer than required.
In particular, we store Information about you when you have an account on our Site and when you use our Services. Please note that even if you delete your account, 99NET may have the right to process your Data for the purpose of creating statistics, pursuing claims or defending against claims, handling your complaints and chargebacks as well as in order to meet the tax and accounting law requirements, where such processing will last only for the period of time necessary to achieve the intended purposes (e.g. for pursuing claims or defending against claims, the period of retention of your Data is no longer than limitation period for claims as defined in statutory law).
Please note, that for marketing purposes your Data will be processed until such time you object to it. Where you have consented to marketing communications via e-mail or other telecommunication means for our marketing purposes (e.g. you agree to receive our newsletter or contacting you by phone), you may withdraw your consent at any time by contacting as well as you may unsubscribe from newsletter at any time by clicking the unsubscribe link in an email from us. In these circumstances, your personal data will be processed until your withdrawn of the consent.
If you need more detailed Information about the retention of your Information, please contact our Data Protection Officer.
We may disclose your Personal Data only to the following trusted third parties:
- Authorized Third Parties. 99NET discloses the following Personal Data of the Clients for relevant payment service providers: a name and surname, an address, an IP number (Global Collect Services B.V.) and a name and surname as well as the Client’s identifier consisting of random numbers and letters (Braintree – PayPal Europe, S.A R.L Et Cie, S.C.A., Luxembourg).
- Safety, Legal Purposes and Law Enforcement. We may use and disclose the Data when we believe it is necessary: (i) under applicable law, and (ii) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.
- Service providers. We may also engage third parties that support the operation of our Services (acting on our behalf), such as analytics providers, IT services providers (e.g. cloud or host services providers) or advertising agencies.
XII. Payment Service Providers Notice
For these providers, we recommend that you read their privacy policies, so that you can understand the manner in which your Personal Information will be handled by these providers.
XIII. Children’s privacy
Protecting children’s privacy is very important to 99NET . Our Site is not intended for, designed to be used by, or targeted at children. We do not knowingly collect Data from any person who is an individual under the age of 13.
We are in compliance with the requirements of EU General Data Protection Regulation 2016/679 as well as COPPA (Children’s Online Privacy Protection Act) and we do not collect any Information from anyone under 13 years of age.
XIV. Notice to parents
We will promptly remove your child’s Personal Information or other Information from our system, cease the use of such Information and direct any third party with access to it to do the same.
XVI. Contacting us
99NET Sp. z o.o.
Ul. Nowogrodzka 42 lok. 19, 00-695 Warsaw, Poland