Privacy policy

I. Introduction


The controller of the personal data especially collected by means of the website available at axabee.com (hereinafter referred to as the Website) is Axabee Sp. z o.o. with its registered office in Opole, ul. Reymonta 39, registered in the District Court in Opole, 8th Commercial Division of the National Court Register under KRS number 0000445964, NIP [Tax ID:] 7543069399, REGON [National Business Registry Number]161505318 (hereinafter referred to as Data Controller or Axabee Sp. z o.o.). Contact with the Data Controller is possible via e-mail address: info@axabee.com.

The Controller is responsible for the security of the personal data transferred and for processing them in accordance with the law.

  1. The Controller has appointed a Data Protection Officer (hereinafter: DPO), who can be contacted on matters related to the processing of personal data and the exercise of users' rights under data protection legislation: Paweł Makowski, e-mail: info@axabee.com.
  2. Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR) and other currently applicable data protection laws.
  3. During your visit to the Website, there is a collection of:
    • personal data provided by the user of the Website;
    • data received and recorded automatically.
  4. The purpose and scope of the personal data used by the Data Controller is detailed further in the Privacy Policy.

II. Data collected - basic information

 

  1. The following information applies to all uses of the personal data provided by you by the Data Controller as indicated in sections III and IV.
2. Your data will not be used to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 of the GDPR.


  1. With all guarantees of data security, personal data processed through the Website may be transferred - in addition to persons authorized by the Data Controller- to other entities, including:
    • entities entitled to receive them in accordance with legal regulations;
    • entities processing them on behalf of the Controller, e.g. technical service providers, hosting service providers, analytics service providers, consulting service providers;
    • other data controllers to the extent necessary for the performance of the contract, performance of services and legal requirements, e.g. notary or legal offices, companies providing postal and courier services, other contractors performing services for the Data Controller on the basis of concluded contracts.

  1. The Data Controller informs that in relation to the processing of personal data obtained through the Website, each data subject has the right to file a request to:
    • access to data (information on the processing of personal data or a copy of the data);
    • rectify data (if incorrect);
    • erase personal data (right to be forgotten);
    • restrict the processing of personal data;
    • transfer the data to another controller;
    • object to the processing of data, where the processing is based on the Data Controller's legitimate interests;
    • withdraw consent where the Data Controller will process personal data on the basis of consent, at any time and in any way, without affecting the  lawfulness of processing carried out on the basis of consent before its withdrawal

- under the terms of the GDPR.

 

  1. Every data subject has the right to lodge a complaint with a supervisory authority (the President of the Office for Personal Data Protection , https://uodo.gov.pl/pl/83/155) if he or she believes that the processing of personal data is being carried out in breach of the regulations.

  2. The data was obtained by the Data Controller directly from the user of the Website. The Data Controller may also process:
  • data of other persons provided by you when you use the services described in this privacy policy;
  • personal data obtained from entities with which the Data Controller cooperates on the basis of concluded contracts (e.g. business details of employees designated for contact in order to perform the contract);
  • personal data obtained from third parties that cooperate with AXABEE Sp. z o.o. whereby the data were made available to the Data Controller on the basis of your consent;
  • data obtained from publicly available sources, e.g. the National Court Register, the Central Register and Information on Business Activity, websites, social networking sites.

III. Personal data provided by the users

 

III. A. E-mail or telephone contact

 

  1. The Data Controller may process personal data, in particular your name, contact telephone number or email address and other information provided by you, to the extent necessary to handle requests and respond to your inquiry, including conducting communication and answering questions asked through the contact telephone number and email address provided on the Website (legal basis - Article 6(1)(f) GDPR) - "legitimate interest".

  2. The Data Controller is entitled to process personal data for the period necessary for the execution of the inquiry, including responding to the correspondence sent or the request/question provided during a telephone conversation.

  3. The provision of data is voluntary, but necessary in order to answer the submitted question or for the proper handling and implementation of the inquiry. Failure to provide personal data may result in the impossibility of replying to or processing the inquiry.

III. B. Forms (contact, offer)

 

  1. The Data Controller may collect personal data, in particular:
    • e-mail address,
    • IP address,
    • other information provided by the user through the forms available on the Website (e.g. name, surname, telephone number, company name).

  2. The Data Controller processes your personal data only to the extent necessary:
  • to receive and handle requests, including conducting communications and answering questions submitted via forms (legal basis - Article 6(1)(f) of the GDPR) - "legitimate interest";
  • to establish contact and to prepare and present an offer in response to your request submitted through the forms (legal basis - Article 6(1)(b) of the GDPR) - "to take action at the request of the data subject before entering into a contract".
  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
    • the time necessary to respond to the inquiry sent by the user through the form;
    • the time needed to prepare and communicate a dedicated offer.

  2. Providing personal data specified in the forms is voluntary, but necessary to respond to the sent inquiry, properly handle the application, prepare and present a dedicated offer. The consequence of failing to provide personal data may be impossibility of answering, completing the inquiry or presenting an offer.

III. C. Job offers

  1. The Data Controller may process personal data provided by you in the course of recruitment conducted through the axabee.com Website.
  2. The Data Controller may collect personal data of recruitment participants or applicants for employment, in particular:
    • name(s),
    • surname,
    • date of birth,
    • contact information provided by the recruitment participant
    • and, if necessary for the performance of the job in the specified position, information about education, professional qualifications and the course of previous employment (in the case of employment under a contract of employment).
  3. The Data Controller processes personal data for the purpose of:
  • fulfillment of the Data Controller's legal obligations related to recruitment and arising in particular from Article 22 [2] of the Labor Code or the provisions of the Civil Code (legal basis - Article 6(1)(c) of the GDPR) - "legal obligation";
  • conducting recruitment using data other than those necessary for the conclusion of the contract (e.g. photos, information on marital status, interests), voluntarily provided by the participant in the recruitment (legal basis - Article 6(1)(a) GDPR, Article 9(2)(a) GDPR) - "consent";
  • confirmation of the ability to perform work of a certain type or in a certain position (legal basis - Article 6(1)(b) of the GDPR) - "activities aimed at concluding a contract";
  • asserting or defending against possible claims related to recruitment or in connection with the need to prove certain facts that are material to the Data Controller in this regard (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; the time limits for asserting contractual claims are specified in detail in the Labor Code or Civil Code.
  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • the recruitment period (unless the candidate gives separate consent for his/her application to be taken into account in other recruitments conducted by the Data Controller);
  • statute of limitations on claims;
  • time until any withdrawal of consent to data processing.
  1. Consent may be withdrawn in particular by contacting the Data Controller or the Data Privacy Officer [DPO] (via the contact details indicated above). The withdrawal of consent does not affect the legality of the use of data during the period when the consent was in effect.
  2. The submission of data to the extent that it is necessary for the Data Controller to carry out the recruitment process is voluntary but necessary to participate in the in the recruitment process. The consequence of failing to provide personal data under the aforementioned regulations will be the inability to participate in the recruitment.

III. D. NEWSLETTER

  1. The Data Controller may process personal data, in particular the electronic mail address (e-mail) provided by you, for the purpose of providing marketing information (including information on products, services and promotional offers) via a newsletter (legal basis - Article 6(1)(a) GDPR) - "consent".
  2. Provision of data indicated above is voluntary but necessary to receive information. The consequence of not providing the required personal data will be the inability to send the newsletter to the user.
  3. The user using the newsletter may, at any time and without giving any reason, quit receiving it, in particular by clicking on the deactivation link located in the footer of each message sent via e-mail or by sending a relevant request to: info@axabee.com.

III. E. MARKETING COMMUNICATIONS

  1. The Data Controller processes your personal data in order to:
    • carry out marketing communication by means of electronic communication (in particular electronic mail, telephone calls, SMS messages) on the basis of a separate consent to the processing of data for this purpose (legal basis - Article 6(1)(a) GDPR) - "consent";
    • carry out direct marketing, including the sending of information about products and services of partners and other entities cooperating with the Data Controller, by means of electronic communication (in particular e-mail, telephone calls, SMS messages) (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";

taking into account the provisions of the Telecommunications Law and the provisions of the Act on providing services by electronic means.

  1. Providing data in order to receive marketing communication via the chosen communication channel (i.e. e-mail address, telephone number) is voluntary but necessary to receive information on the products and services of the Data Controller and its partners. The consequence of failing to provide personal data will be the impossibility of receiving marketing content.
  2. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • the time until the objection is submitted,
  • the time until the withdrawal of consent.
  1. Consent may be withdrawn in particular by contacting the Data Controller or the DPO (via the contact details indicated above). The withdrawal of consent shall not affect the lawfulness of the use of data during the period in which such consent was in force.
  2. The Data Controller may also make your personal data available to third parties (e.g. business partners) for the purpose of their own marketing activities. The disclosure of personal data will be possible only on the basis of your separate consent to the processing of data for such purposes. The entity indicated in the content of the consent shall then become an independent Data Controller of the personal data provided on this basis.

III. F. FACEBOOK

  1. Axabee Sp. z o.o. is the controller of the personal data of users who use the products and services offered by Meta Platforms Ireland Limited (formerly: Facebook Ireland Limited) who visit the Data Controller's website available at https://www.facebook.com/Axabeecom (hereinafter: Fanpage). As the Data Controller, it is responsible for the security of the personal data provided and its processing in accordance with the legal regulations.
  2. The Data Controller processes personal data of users who visit the Fanpage when using Meta's products and services. This data is processed:
    • in connection with the operation of the Fanpage, including the promotion of its own brand (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";
    • for the purpose of responding to inquiries made via Messenger or other services offered by Meta (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; if you provide specific categories of data (e.g., health information), you state that you consent to its use for the purpose of properly handling your request and fulfilling your inquiry, including conducting communications and responding (legal basis - Article 9(2)(a) GDPR) - "consent".
  3. The Data Controller has the right to process:
  • publicly available personal information (such as username, profile picture, activity status on Facebook or Messenger), content of comments and other information publicly shared by a user of Meta's products and services,
  • personal data that you provide when you visit our Fanpage, including the collection of information provided in your profile and other content, comments, messages and communications (e.g., photos, contact information, place of residence, information about your interests or beliefs, etc.),
  • other personal data provided by users in the content of messages via Messenger or other Meta services (including contact information, health data, etc.) in order to respond to the inquiry sent or in order to fulfill a contact request.
  1. The scope of processing of personal data, the specific purposes and the rights and obligations of the user of Meta's products and services arise directly from:
  • Facebook's regulations (the document is available at: https://www.facebook.com/legal/terms) and
  • "Data Processing Principles" (the document is available at: https://www.facebook.com/policy) or
  • legal regulations

- and are further clarified as a result of the user’s actions on the Facebook social network.

  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • the time until the objection is submitted (or Facebook user account is deleted),
  • the time until the withdrawal of consent (or deletion of Facebook user account). The withdrawal of consent does not affect the lawfulness of data processing during the period in which consent was in force;
  • the period of time necessary to handle an inquiry sent by you through Messenger or other Meta services.
  1. The catalogue of recipients of personal data processed by the Data Controller originates primarily from the range of products and services used by the Facebook user, but also from the user's consent or from legal regulations. With all guarantees of data security, the Data Controller may transfer personal data of the user visiting the Fanpage - in addition to persons authorized by the Data Controller - to other entities, including entities that process data on behalf of the Data Controller, e.g. technical service providers and entities providing consulting services (including law firms) and contractors providing services to the Data Controller on the basis of concluded contracts.
  2. The Data Controller will not transfer the personal data of users of Meta's products and services to countries outside the European Economic Area (countries other than those of the European Union and Iceland, Norway and Liechtenstein).
  3. The Data Controller may process personal data of users of Meta's products and services who visit the Fanpage in order to analyze the use of the Data Controller's website and related content (to conduct statistics) - in case users' use of the Fanpage and related content triggers the creation of an event for website statistics, with which the processing of personal data is connected (legal basis - Article 6(1)(f) of the GDPR) - "legitimate interest".
  4. In the case of personal data processed in order to keep statistics on the actions taken by the user on the Fanpage (including watching or stopping watching the page, recommending the page in a post or comment, liking the page or post, cancelling the liking), Axabee Sp. Z o.o. and Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) are joint controllers of users' personal data. The types of data and the scope of their processing, as well as the principles of privacy protection and the rights of users, are indicated in detail:
  • in this document,
  • in the document "Data Processing Principles," published at: https://www.facebook.com/policy,
  • in the document "Information on site statistics", published at: https://www.facebook.com/legal/terms/page_controller_addendum.
  1. It is Meta's responsibility to notify users of Meta's products and services of the processing of data for site statistics and to enable them to exercise their rights under the GDPR (information about the data used to create site statistics is available on the site:

https://www.facebook.com/legal/terms/information_about_page_insights_data.

  1. Meta's Data Protection Officer can be contacted via the form provided at: https://www.facebook.com/help/contact/540977946302970.

III. G. INSTAGRAM

  1. Axabee Sp. z o.o. is the controller of the personal data of users who use the products and services offered by Meta Platforms Ireland Limited (formerly: Facebook Ireland Limited), within the Instagram service, who visit the Data Controller's website, available at: https://www.instagram.com/axabeecom/ (hereinafter: Company Profile). As the Data Controller, it is responsible for the security of the personal data provided and its processing in accordance with the legal regulations.
  2. The Data Controller processes personal data of users who, using the products and services of the Meta company, visit the Company Profile. This data is processed:
  • in connection with the maintenance of the Company Profile, including for the purpose of promoting one's own brand (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";
  • for the purpose of responding to inquiries made via Instagram or other services offered by Meta (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; if you provide specific categories of data (e.g., health information), you state that you consent to its use for the purpose of properly handling your request and fulfilling your inquiry, including conducting communications and providing responses (legal basis - Article 9(2)(a) GDPR) - "consent".
  1. The Data Controller has the right to process:
  • publicly available personal data (such as username, profile picture, activity status on Instagram), content of comments and other information publicly shared by a user of products and services as part of Instagram,
  • personal data provided by the user visiting the Company Profile, including the collection of information shared in the user's profile and other content, comments, messages and communications (e.g. photos, contact information, place of residence, information on interests or worldview beliefs, etc.),
  • other personal information provided by users in the content of messages via Instagram or other Meta services (including contact information, health information, etc.) in order to respond to the inquiry sent or in order to fulfill a contact request.
  1. The scope of the processing of personal data, the specific purposes, and the rights and obligations of the user of Instagram products and services arise directly from:
  • Instagram's rules and regulations (the document is available on Instagram's website at: https://help.instagram.com/581066165581870) and
  • "Data Policy on Instagram" (the document is available on Instagram's website at: https://help.instagram.com/519522125107875) or
  • legislation - and are further clarified as a result of the user's actions on the Instagram social network.
  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • time until you object (or delete your Instagram user account),
  • time until you withdraw your consent (or delete your Instagram user account). The withdrawal of consent does not affect the lawfulness of data processing during the period in which consent was in force;
  • the period of time necessary to handle the request sent by the user via Instagram or other Meta services.
  1. The catalog of recipients of personal data processed by the Data Controller is primarily based on the range of products and services used by the Instagram user, but also on the user's consent or by law. With all guarantees of data security, the Data Controller may transfer personal data of the user visiting the Company Account - in addition to persons authorized by the Data Controller - to other entities, including entities processing data on behalf of the Data Controller, e.g. technical service providers and consulting service providers (including law firms) and contractors performing services for the Data Controller on the basis of concluded contracts.
  2. The Data Controller will not transfer the personal data of users of Meta's products and services to countries outside the European Economic Area (countries other than those of the European Union and Iceland, Norway and Liechtenstein).
  3. The Data Controller may process personal data of users who use products and services of Meta, who visit the Company Account, for the purpose of analyzing users' use of the Data Controller's website and related content (keeping statistics) - in case the use of the Company Account and related content triggers the creation of an event for website statistics, with which the processing of personal data is connected (legal basis - Article 6(1)(f) GDPR) - "legitimate interest".
  4. In the case of personal data processed for the purpose of keeping statistics on actions taken by the user on the Company Account (including watching or stopping watching the Company Account, recommending the Company Account in a post or comment, liking the Company Account or a post, cancelling the liking), Axabee Z o.o. and Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) are joint controllers of users' personal data. The types of data and the scope of their processing, as well as the principles of privacy protection and the rights of users, are indicated in detail:
  • in this document,
  • in the document "Data Policy," published on Facebook's website at: https://www.facebook.com/policy,
  • in the document "Information about page statistics", published on the Facebook page at: https://www.facebook.com/legal/terms/page_controller_addendum.
  1. It is Meta's responsibility to notify users who use Instagram products and services of the processing of data for the site's statistics and to allow them to exercise their rights under the GDPR (information about the data used to create the site's statistics has been made available on the Facebook page:

https://www.facebook.com/legal/terms/information_about_page_insights_data).

  1. Meta's Data Protection Officer can be contacted via the form provided at: https://www.facebook.com/help/contact/540977946302970.

III. H. LINKEDIN

  1. Axabee Sp. z o.o. is the controller of the personal data of users of products and services offered by LinkedIn who visit the Data Controllers' website available at: https://www.linkedin.com/company/axabee-sp--z-o-o- (hereinafter: Company Website). As the Data Controller, it is responsible for the security of the personal data provided and its processing in accordance with the legal regulations.
  2. The Data Controller processes personal data of users who, using LinkedIn products and services, visit the Company Website. This data is processed:
  • in connection with the operation of the Company Website, including the promotion of its own brand (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";
  • for the purpose of answering enquiries made through the services offered by LinkedIn (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; if the user provides specific categories of data (e.g. health information), they declare that they consent to their use for the proper handling of your request and the processing of their inquiry, including communication and response (legal basis - Article 9(2)(a) GDPR) - "consent".
    1. The Data Controller has the right to process:
  • publicly available personal information (such as username, profile picture, activity status on LinkedIn), the content of comments and other information made publicly available by the user of LinkedIn products and services,
  • personal data provided by the user visiting the Company Website, including the collection of information provided in the user's profile and other content, comments, messages and communications (e.g., photos, contact information, place of work, place of residence, information on education, interests or worldview beliefs),
  • other personal data provided by users in the content of messages through LinkedIn services (including contact and health data) for the purpose of responding to a submitted inquiry or for the purpose of fulfilling a request for contact.
    1. The scope of the processing of personal data, the specific purposes and the rights and obligations of the user of LinkedIn's products and services arise directly from:
  • LinkedIn's rules and regulations (the document is available on the LinkedIn website at: https://pl.linkedin.com/legal/user-agreement) and
  • "Privacy Policy" (the document is available on LinkedIn at: https://pl.linkedin.com/legal/privacy-policy) or
  • legal regulations - and are further clarified as a result of your actions on the LinkedIn social network.
    1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • the time until the objection is submitted (or the deletion of LinkedIn user account),
  • the time until the withdrawal of consent (or the deletion of LinkedIn user account). The withdrawal of consent does not affect the lawfulness of data processing during the period in which consent was in force;
  • the period of time necessary to handle the request sent by the user through the LinkedIn services.
    1. The catalogue of recipients of the personal data processed by the Data Controller derives primarily from the range of products and services used by the LinkedIn user, but also from the user's consent or by law. With all guarantees of data security, the Data Controller may transfer personal data of a user visiting the Company Website - in addition to persons authorized by the Data Controller - to other entities, including entities that process data on behalf of the Data Controller, e.g. technical service providers and consulting service providers (including law firms) and contractors that perform services for the Data Controller on the basis of concluded contracts.
    2. The Data Controller will not transfer your personal data when you use LinkedIn's products and services to countries outside the European Economic Area (countries other than the countries of the European Union and Iceland, Norway and Liechtenstein).
    3. The Data Controller may process personal data of users who use LinkedIn products and LinkedIn services who visit the Company Website in order to analyze users' use of the Data Controller's website and related content (to keep statistics) - in case the use of the Company Website and related content triggers the creation of an event for website statistics, with which the processing of personal data is associated (legal basis - Article 6(1)(f) GDPR) - "legitimate interest".
    4. In the case of personal data processed for the purpose of keeping statistics on your activities on the Company Website (including watching or stopping watching the Company Website, recommending the Company Website in a post or comment), Axabee Sp. z o.o. and LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland) are joint controllers of your personal data. The types of data and the scope of their processing, as well as the principles of privacy protection and users' rights, are indicated in detail:
  • in this document,
  • in the document "Privacy Policy", published on LinkedIn at: https://pl.linkedin.com/legal/privacy-policy,
  • in the document "Page Insights Joint Controller Addendum", published on LinkedIn at: https://legal.linkedin.com/pages-joint-controller-addendum.
    1. It is LinkedIn's responsibility to notify users who use LinkedIn's products and services of the processing of data for the purposes of site statistics and to enable them to enforce their rights under the GDPR(information about the data used to create site statistics has been made available on LinkedIn's website at: https://pl.linkedin.com/legal/privacy-policy).
    2. The LinkedIn Data Protection Officer can be contacted via the form provided on the LinkedIn website at: https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

III. I. YOUTUBE

  1. Axabee Sp. z o.o. is the controller of the personal data of users of the Google's YouTube products and services who visit the Data Controller's Company Website available at: https://www.youtube.com/channel/UChJ7xxYhQxgaxnghDfgi2aw (hereinafter: Company Channel). As the Data Controller, it is responsible for the security of the personal data provided and its processing in accordance with the legal regulations.
  2. The Data Controller processes personal data of users who, using products and services within YouTube, visit the Company Channel. This data is processed:
  • in connection with the operation of the Company Channel, including the promotion of its own brand (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";
  • for the purpose of answering questions asked via YouTube or other services offered by Google (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; if the user provides special categories of data (e.g. health information), they declare that they consent to their use for the purpose of properly handling their request and processing their inquiry, including communication and response (legal basis - Article 9(2)(a) GDPR) - "consent".
  1. The Data Controller has the right to process:
  • publicly available personal data (such as user name, profile picture, activity status on YouTube), comment content and other information publicly available by the user when using the products and services on YouTube,
  • personal data provided by the user visiting the Company Channel, including the collection of information provided in the user profile and other content, comments, messages and communications (e.g., photos, contact information, place of residence, information on interests or beliefs, etc.),
  • other personal data provided by users in the content of messages via YouTube or other Google services (including contact information, data about your health, etc.) in order to respond to your inquiry or to fulfill your request for contact.
  1. The scope of the processing of personal data, the specific purposes and the rights and obligations of the user when using YouTube's products and services arise directly from:
  • YouTube regulations (the document is available on the YouTube website at: https://www.youtube.com/intl/pl/about/policies/#community-guidelines) and
  • "Privacy Policy - Privacy and Terms" (the document is available on Google's website at: https://policies.google.com/privacy) or
  • legislation - and are further clarified as a result of user actions on YouTube.
  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • the time until the objection is submitted (or deletion of YouTube user account),
  • the time until the withdrawal of consent (or deletion of YouTube user account). The withdrawal of consent does not affect the lawfulness of data processing during the period in which consent was in force;
  • the period of time necessary to handle the request sent by the user via YouTube or other Google services.
  1. The catalogue of recipients of personal data processed by the Data Controller results mainly from the range of products and services used by the YouTube user, but also from the user's consent or from the provisions of law. With all guarantees of data security, the Data Controller may transfer the personal data of a user visiting the Company Channel - in addition to persons authorized by the Data Controller - to other entities, including entities processing data on behalf of the Data Controller, e.g. technical service providers and entities providing consulting services (including law firms) and contractors performing services for the Data Controller on the basis of concluded contracts.
  2. The Data Controller will not transfer the user’s personal data using YouTube products and services to countries outside the European Economic Area (countries other than the countries of the European Union and Iceland, Norway and Liechtenstein).
  3. The Data Controller may process personal data of users who use YouTube products and services who visit the Company Channel, for the purpose of analyzing how users use the Data Controller's website and related content (keeping statistics) - in the event that the use of the Company Channel and related content triggers the creation of an event for website statistics, with which the processing of personal data is associated (legal basis - Article 6(1)(f) GDPR) - "legitimate interest".
  4. In the case of personal data processed for the purpose of keeping statistics on the actions taken by the user on the Company Channel (including watching or stopping watching the Company Channel, recommending the Company Channel in a post or comment, liking a video, cancelling the liking), Axabee Sp. z o.o. and Google Ireland Limited (Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin, Ireland) are separate controllers of users' personal data. The types of data and the scope of their processing, as well as the principles of privacy protection and the rights of users, are indicated in detail:
  • in this document,
  • in the document "Privacy Policy - Privacy and Terms and Conditions", published on the Google website at: https://policies.google.com/privacy,
  1. It is Google's responsibility to notify users who use YouTube products and services of the processing of data for the purposes of site statistics and to enable them to exercise their rights under the GDPR (information about the data used to create site statistics has been made available on Google's website at: https://policies.google.com/privacy).
  2. Google's Data Protection Officer can be contacted via the following address e-mail: data-protection-office@google.com.

III. J. TIKTOK

  1. Axabee Sp. z o.o. is the controller of personal data of users of products and services offered by TikTok Technology Limited (TikTok Ireland) and TikTok Information Technologies UK Limited (TikTok UK) as part of TikTok who visit the Data Controller's website, available at https://www.tiktok.com/@axabee.com (hereinafter: TikTok Channel). As the Data Controller, it is responsible for the security of the personal data provided and its processing in accordance with the legal regulations.
  2. The Data Controller processes personal data of users who visit the TikTok Channel when using TikTok products and services. This data is processed:
  • in connection with the operation of the TikTok Channel, including for the purpose of promoting its own brand (legal basis - Article 6(1)(f) GDPR) - "legitimate interest";
  • for the purpose of responding to inquiries made through TikTok (legal basis - Article 6(1)(f) GDPR) - "legitimate interest"; if you provide specific categories of data (e.g., health information), you declare that you consent to their use for the purpose of properly handling your request and fulfilling your inquiry, including conducting communication and responding (legal basis - Article 9(2)(a) GDPR) - "consent".
  1. The Data Controller has the right to process:
  • publicly available personal information (such as username, profile picture), content of comments and other information publicly shared by a user of TikTok products and services,
  • personal data provided by a user visiting the TikTok Channel, including the collection of information shared in the user's profile and other content, comments, messages and communications (e.g. photos, contact information, etc.),
  • other personal data provided by users in the content of messages via TikTok (including contact information, health data, etc.) in order to respond to the inquiry sent or to fulfill the contact request.
  1. The scope of personal data processing, the specific purposes, and the rights and obligations of the user of TikTok products and services arise directly from:
  • TikTok regulations (the document is available on the TikTok website at: https://www.tiktok.com/legal/terms-of-service-eea?lang=pl) and
  • privacy policy (the document is available on the TikTok website at: https://www.tiktok.com/legal/privacy-policy-eea?lang=pl) or
  • legal regulations

- and are refined as a result of actions taken by the user on TikTok.

  1. The Data Controller is entitled to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
  • time until you object (or delete your TikTok user account),
  • time until you withdraw your consent (or delete your TikTok user account). The withdrawal of consent does not affect the lawfulness of data processing during the period in which consent was in force;
  • The period of time necessary to handle the inquiry sent by the user via TikTok.
  1. The catalog of recipients of personal data processed by the Data Controller results primarily from the range of products and services used by the TikTok user, but also from the user's consent or the law. With all guarantees of data security, the Data Controller may transfer personal data of a user visiting the TikTok Channel - in addition to persons authorized by the Data Controller - to other entities, including entities processing data on behalf of the Data Controller, e.g. providers of technical services and entities providing consulting services (including law firms) and contractors performing services for the Data Controller on the basis of concluded contracts.
  2. The Data Controller will not transfer the personal data of a user of TikTok products and services to countries outside the European Economic Area (countries other than those of the European Union and Iceland, Norway and Liechtenstein).
  3. The Data Controller may process personal data of users of TikTok products and services who visit the TikTok Channel in order to analyze users' use of the Data Controller's website and related content (conduct statistics) - in case the use of the TikTok Channel and related content triggers the creation of an event for website statistics, with which the processing of personal data is connected (legal basis - Article 6(1)(f) GDPR) - "legitimate interest".
  4. In the case of personal data processed for the purpose of keeping statistics on user actions taken on the TikTok Channel (including watching or stopping watching the TikTok Channel, recommending TikTok in a post or comment, liking a video, cancelling the liking), TikTok Ireland and TikTok UK (acting as joint controllers) and Axabee Sp. z o.o. are separate controllers of users' personal data. The types of data and the scope of their processing, as well as the principles of privacy protection and the rights of users, are indicated in detail:
  • in this document,
  • in TikTok's privacy policy, available on the TikTok website at: https://www.tiktok.com/legal/privacy-policy-eea?lang=pl,
  1. Responsibility for notifying users who use TikTok products and services of the processing of data for the purposes of site statistics and to enable them to exercise their rights under GDPR is borne by TikTok (information about the data used to create site statistics is made available on TikTok's website at https://www.tiktok.com/legal/privacy-policy-eea?lang=pl).
  2. TikTok's Data Protection Officer can be contacted via https://www.tiktok.com/legal/report/DPO.

DATA COLLECTED AUTOMATICALLY

  1. Using the Website involves sending requests to the server, which are automatically recorded in event logs.
  2. The event logs record user session data. IP address, device type and name, date and time of visiting our service, information about the web browser and operating system.
  3. Data recorded in event logs are not associated with specific individuals.
  4. Access to the content of event logs is available to persons authorized by the Data Controller to manage the Website.
  5. A chronological record of events is only auxiliary material used for administrative purposes. In particular, the analysis of event logs makes it possible to detect threats, ensure adequate security of the Website and perform statistics to better understand the use of the Website by its users.
  6. User session data is used to diagnose problems with the functioning of the Website and to analyze possible security violations, to manage the Website, and to perform statistics (legal basis - Article 6 (1) (f) GDPR) - "legitimate interest".
  7. The Website uses cookies and similar technologies for its operation. For more information, see the "Cookie Policy" available at https://axabee.com/cookie-policy/.

Final provisions

 

  1. This privacy policy is for informational purposes and applies specifically to the website operating at axabee.com.

  2. The Website may contain third-party tools and plug-ins, including links to the websites of the Data Controller's service providers and partners, and links to social media sites (e.g. Facebook, LinkedIn, Instagram, YouTube, TikTok). The Data Controller recommends that each user, after navigating to other sites, read the privacy policies in effect there.

  1. The Data Controller reserves the right to make changes to the current privacy policy in particular in the event of:
  • technological developments,
  • changes in generally applicable laws, including those concerning personal data protection or information security,
  • development of the Website, including implementation of new services and functionalities.
  1. The Data Controller will notify users of relevant changes in the content of the privacy policy, in particular by posting a notice on the Website.
  2. This privacy policy is applicable as of __.__. 2022 r.