Get a Quote
Case Studies
Careers
Get a Quote

PRIVACY POLICY

The Policy is for information purposes and serves satisfaction of information obligations imposed on the data controller under the GDPR, i.e. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Anyone who uses the website available at www.blazity.com (“Website”), uses the contact form (“Contact Form”), joining to newsletter (“Newsletter”) or sending careers applications (“Careers”) should become acquainted with the Privacy Policy. The Privacy Policy determines the rules for processing personal data of persons using the Website and using Cookie files and other tracking technologies used in connection with operation of the Website.

Personal data controller

  1. The controller of users’ personal data is Blazity sp. z o.o. with its registered office in Warsaw (02-672), ul. Domaniewska 44, entered in the register of entrepreneurs of the National Court Register (KRS) under number KRS: 0000743458, Tax Identification Number NIP: 9512467349, National Business Registry Number REGON: 38093625300000, share capital in the amount of PLN 5,000.00 (“Blazity”).
  2. Each data subject may contact Blazity as the personal data controller by sending a message to the e-mail address: contact@blazity.com.

Data processing method

  1. The purpose and scope of processed personal data are determined by the scope of consents and data provided by the data subject in the appropriate forms. The processing of personal data by Blazity may concern in particular: first and last name, e-mail address, social media identifiers, phone number, work place, past work experience, language skills, IP address, as well as any other data voluntarily provided by the data subject, in particular by means of the appropriate forms.
  2. In every case providing personal data is voluntary, but failure to provide the personal data marked in appropriate forms as obligatory will prevent sending mails within the Newsletter, phone contact on the part of Blazity or will make it impossible to process the recruitment application within the Careers. Due to the nature of actions taken up by Blazity, they cannot be provided anonymously.
  3. Providing data is necessary to conclude an agreement to receive the Newsletter. If User doesn’t provide personal data, User will not receive the Newsletter.
  4. Providing data is necessary also to process the recruitment application. If User doesn’t provide personal data marked as obligatory, User will not be considered as part of the recruitment process.
  5. Personal data of users will be processed for the following purposes:

Purpose

Scope of data

Legal ground

Processing period

providing access to the website

IP address

Article 6.1(b) of the GDPR – statutory authorisation to process data necessary to perform an agreement 

until lapse of the period of limitation of claims connected with access to the website

analysing traffic on the website

IP address, Cookie files of the following type:

- _utma;

- _utmb;

- _utmc;

- _utmz;

- PHPSESSID

Article 6(1)(a) of the GDPR – consent given by the data subject

until data cease to be useful or the data subject withdraws the consent

phone calls (after the data subject uses the contact form)

phone number, e-mail address, first name, other personal data voluntarily provided by the data subject

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in responding to queries and correspondence provided directly by data subjects

until a call ends or the data subject objects

correspondence in electronic form (after the data subject uses the contact form)

e-mail address, first and last name, organisation name, other personal data voluntarily provided by the data subject

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in responding to queries and correspondence provided directly by data subjects

until correspondence ends or the data subject objects

marketing activities (after the data subject uses the contact form)

e-mail address

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in informing about its activity

until data cease to be useful or the data subject objects

providing Newsletter

e-mail address, position

Article 6.1(b) of the GDPR – statutory authorisation to process data necessary to perform an agreement

throughout the duration of the agreement

conducting the recruitment process for positions offered by Blazity sp. z o.o., (under B2B contracts or civil law agreements)

first and last name, e-mail address, social media identifiers, phone number, work place, past work experience, language skills, as well as any other data voluntarily provided by the data subject

Article 6(1)(b) of the GDPR – processing necessary for the performance of a contract or to take steps prior to entering into a contract

and, for data not required, the legal basis for processing is consent (Article 6(1)(a) RODO).

For the duration of the recruitment process, and after its conclusion, for the period necessary to defend against potential claims, but no longer than 3 years from the end of the recruitment process

conducting future recruitment processes, provided you have given your consent in appropriate form

first and last name, e-mail address, social media identifiers, phone number, work place, past work experience, language skills, as well as any other data voluntarily provided by the data subject

Article 6(1)(a) of the GDPR – consent of the data subject)

until the data subject withdraws consent

protection against claims, raising claims

e-mail address, first and last name, other data voluntarily provided by the data subject in the course of co-operation

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in protecting against claims and raising claims

until lapse of the period of limitation applicable to claims connected with access to the Website and users actions within the website, calculated from the time of the user’s last visit on the website

  1. If Blazity is advised that the person uses the services provided by Blazity or the Website functionalities in violation of applicable legal provisions, then Blazity may process user’s personal data in a scope required for establishing his/her liability.
  2. Blazity will not make automated decisions against data subjects. Blazity will carry out profiling of data subjects in a scope necessary to present them personalised content of marketing nature adjusted to needs, preferences and conduct of particular Users

Transfer of personal data

  1. Blazity transfers data outside the European Economic Area (“EEA”) only when it is necessary for the performance of services. Should it become necessary, Blazity will immediately inform each data subject.
  2. Transferring users’ personal data to third parties will be governed by model contractual clauses, where both Blazity and its counterparties undertake to ensure appropriate level of security of users’ personal data. Prior to signing model contractual clauses, Blazity verifies each of its counterparties which would have access to users’ personal data and assesses whether the country to which users’ personal data would be transferred enables enforcement of rights and provides the users with effective legal remedies.
  3. If the European Commission issues a decision in which it determines whether the relevant third country ensures the appropriate level of protection of personal data, then transferring users’ personal data to such country may also proceed on the basis of such decision.
  4. Newsletter

    1. Blazity transfers personal data outside the EEA for the purpose of delivering the Newsletter to the Rocket Science Group LLC with its registered office in Atlanta, USA – the provider of the tool for sending e-mail message (Mailchimp), based on model contractual clauses.
    2. The provider of Mailchimp declares that it complies with the conditions for compliance of data processing with the GDPR. For more information https://mailchimp.com/gdpr/.
    3. The United States is not part of the European Economic Area, and therefore the provisions of the General Data Protection Regulation (GDPR) do not apply to its territory. Nor has the United States been subject to a decision by the European Commission finding an adequate level of protection for personal data. This may result in increased risks in connection with the processing of User’s personal data by these entities, particularly due to the lack of a supervisory authority in the United States. You may file any complaints related to compliance with data protection regulations with the national supervisory authority for Blazity, i.e. the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, Poland.
    4. The transfer of User’s personal data to recipients in the United States is based on standard data protection clauses (model contractual clauses), which have been approved and adopted by the European Commission. Users may obtain a copy of the standard contractual clauses at address: https://mailchimp.com/legal/data-processing-addendum/.


Recipients of data

  1. Blazity may transfer users’ personal data to third parties for the purpose of performance of the activities stated in the Terms of Service. The recipients of User’s data are: hosting provider, e-mail operator, software development company, provider of the CRM software, provider of the service connected with sending e-mails, accounting firm, law firm, entities providing cloud and other solutions used by Blazity in its current operations which involve personal data processing.
  2. Personal data collected by Blazity may also be disclosed to competent state bodies or institutions (law enforcement authorities, courts, security service) authorised to gain access to them on the basis of the respective generally applicable legal provisions, or other persons and entities – in the cases prescribed by the generally applicable legal provisions.
  3. Each entity to which Blazity transfers personal data for processing on the basis of a personal data transfer agreement (“Data Transfer Agreement”) guarantees an adequate level of security and confidentiality of the processing of personal data. An entity processing personal data on the basis of the Transfer Agreement may process personal data through another entity only upon prior written consent of Blazity.
  4. Disclosure of Users’ personal data to unauthorised entities under the Privacy Policy may take place only upon prior written consent of the data subject.

Rights of data subjects

  1. With regard to the data that Blazity processes on the basis of your consent, you have the right to access your data, as well as the right to rectify, delete, or restrict its processing, the right to data portability, and the right to withdraw your consent for data processing at any time. Withdrawal of consent does not affect the lawfulness of processing carried out based on consent before its withdrawal.
  2. With respect to data that Blazity processes on a basis other than the consent you have given, you have the right to access your data, as well as the right to rectify, delete, or restrict its processing, the right to data portability, and the right to object to the processing of data based on legal grounds other than consent, in cases provided for by law. Exercising these rights does not affect the lawfulness of processing carried out before the rights were exercised.
  3. Users have the right to object at any time to the processing of your personal data on grounds relating to User’s particular situation in cases where the legal basis for the processing is the legitimate interest of the Blazity. If Blazity concludes that there are compelling legitimate grounds for processing overriding User’s interests, rights and freedoms, or grounds for establishing, asserting or defending claims, Blazity will continue to process your objected data.
  4. If personal data is processed for direct marketing purposes, the data subject has the right to object at any time.
  5. To exercise your rights, please contact us at contact@blazity.com or in writing at our registered office address.

Other data

  1. Blazity may store http enquiries, therefore the files containing web server logs may store certain data related to users, including the IP address of the computer sending the enquiry, the name of user’s station – identification through http protocol, date and system time of registration on the website and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the user before (if the user has entered the website through a link), information concerning user’s browser, information concerning errors occurred by realization of the http transaction. Web server logs may be collected for the purposes of proper administration by Blazity. Only persons authorised to administer the IT system have access to the data referred to above. Files containing web server logs may be analysed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Summary of such details does not identify the user.
  2. Blazity may use analytics and marketing tools, in particular ActiveCampaign, Hotjar, Google Analytics and Facebook Pixel, Google Tag Manager, as part of which it has access to anonymised information on users, including: information on the operating system and Internet browser used by the user, time spent on the website, user’s age range, gender, approximate location, interests determined on the basis of his/her activity in the Internet. The details referred to in the preceding sentence are not combined with users’ personal data and do not enable their identification and are not personal data within the meaning of the GDPR.

Security

  1. Blazity takes care of security of users’ personal data. For this purpose Blazity has implemented appropriate safeguards and means of protection of personal data taking into account risks connected with the process of personal data processing. In particular, Blazity applies technological and organisational means in order to secure personal data against being disclosed to unauthorised persons, taken over by an unauthorised person, changed, lost, damaged or destroyed, as well as processed in violation of the GDPR by using, among other things, SSL certificates. The compilation of personal data collected by Blazity is stored on secured servers, moreover, personal data are also secured by internal procedures of Blazity related to the processing of personal data and information security policy.
  2. Irrespective of the foregoing, Blazity states that using the Internet and services provided by electronic means may pose a threat of malware breaking into the teleinformatic system and device of the relevant person, as well as a third party gaining access to data, including personal data. In order to minimise such threats, each person should use appropriate technical safeguards (antivirus programs) or programs securing identification in the Internet.

Cookies

  1. For the purposes of the correct operation of the website, Blazity uses a cookie support technology. Cookies are packages of information stored on the device of a relevant user through Blazity, usually containing information corresponding to the intended use of a particular file, by means of which the user uses the Blazity website – these are usually: website address, date of publishing, lifetime of a cookie, unique number, and additional information corresponding to the intended use of a particular file.
  2. Blazity uses two types of Cookies: (a) session cookies, which are permanently deleted upon closing the session of the user's browser; (b) permanent cookies, which remain on the user's device after closing the session until they are deleted.
  3. It is not possible to identify the user on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collection of any personal data.
  4. Cookies used by Blazity are safe for the user's device, in particular they prevent viruses or other software from breaking into the device.
  5. Files generated directly by Blazity may not be read by other websites. Third-Party Cookies (i.e. Cookies provided by entities co-operating with Blazity) may be read by an external server.
  6. The user may individually change the cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service.
  7. First of all, the user may disable storing cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the Blazity website.
  8. The user may also individually remove Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.
  9. Blazity uses own Cookies for the following purposes: configuration of the website and adjustment of the page content to the preferences or conduct of the user; analysis and research of views, click number and path taken on the website to improve the appearance and organisation of content on the website, time spent and number and frequency of visits on the Blazity’s website, as well as determination of Website user’s needs.
  10. Details concerning Cookie support are available in the settings of the browser used by the data subject.