This Privacy and Cookies Policy (hereinafter: the “Policy”) constitutes the fulfillment of the obligations arising from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: “GDPR”), as well as Article 173 of the Act of 16 July 2004 – Telecommunications Law, in connection with the operation of the Selmo application (hereinafter: “Selmo”) and the website www.selmo.io (hereinafter: the “Service”).
The Data Controller of your personal data is Selmo spółka z ograniczoną odpowiedzialnością, with its registered office in Kraków (31-503), Lubicz 27/40, entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000942376, NIP: 6751756693, REGON: 520149870, whose registration files are kept by the District Court for Kraków-Śródmieście in Kraków, 11th Commercial Division of the National Court Register, share capital: PLN 5,150.
In addition to the address indicated above, you may contact the Data Controller via e-mail at: kontakt@selmo.io.
The Data Controller has appointed a Data Protection Officer (DPO), who may be contacted in all matters related to the processing of personal data and the exercise of rights related to such processing.
The Data Protection Officer may be contacted by e-mail at: iod@selmo.io, or by post at the Company’s registered office address with the note “DPO”.
We process your personal data for the following purposes:
If you are our customers (i.e. persons who have or have had an account in Selmo), your personal data will be processed for the purpose of concluding and performing the agreement for the use of Selmo (legal basis: Article 6(1)(b) GDPR), for the purpose of fulfilling our legal obligations, in particular under tax law (e.g. collecting documentation required by tax regulations and making settlements related to taxes and fees) (legal basis: Article 6(1)(c) GDPR), as well as for the purpose of pursuing our legitimate interests consisting in ensuring the possibility of asserting and defending mutual claims, conducting internal reporting and administration, and marketing our own services (legal basis: Article 6(1)(f) GDPR). These data will be processed until the end of the cooperation and thereafter for the period necessary for the limitation of any mutual civil-law claims and tax obligations (usually five years from the end of the year in which the agreement terminated).
If you are persons employed by our (also potential) customers (including their employees, subcontractors, attorneys-in-fact or representatives) and you perform tasks related to our cooperation with them, your personal data will be processed for the purpose of concluding and performing agreements with these entities, pursuing and defending against possible mutual claims, and marketing our own services. The legal basis is our legitimate interest within the meaning of Article 6(1)(f) GDPR. The data will be processed until the end of the cooperation and thereafter for the period necessary for the limitation of claims and tax obligations (usually five years from the end of the year in which the agreement terminated).
If you contact us by e-mail, and none of the above cases apply, your data will be processed on the basis of our legitimate interest consisting in responding to the inquiry (Article 6(1)(f) GDPR). These data will be stored at the latest until the end of the year following the year in which the correspondence ended.
When using the Service, users’ personal data are processed for the purpose of providing electronic services, including enabling the use of website functionalities such as contact forms, access to content, or account registration. The legal basis is Article 6(1)(b) GDPR, i.e. processing necessary for the performance of a contract for the provision of electronic services or for taking steps at the user’s request prior to entering into such a contract.
Personal data are also processed pursuant to Article 6(1)(f) GDPR, i.e. the legitimate interest of the Data Controller consisting in ensuring the proper functioning of the Service, its administration, ensuring security, detecting and preventing unauthorized access and abuse.
When using the Service, technical data are automatically collected, in particular the IP address of the device, information about visited subpages, date and time of access, browser type, operating system, transmission errors, and the address of the page from which access to the Service occurred. As a rule, these data are not used to directly identify the user; however, they may constitute personal data within the meaning of the GDPR. We operate the following social media profiles:
Facebook: https://www.facebook.com/selmo.polska/
LinkedIn: https://www.linkedin.com/company/selmo/
We process personal data of users of these platforms for the purpose of contacting them and presenting content prepared by Selmo on these platforms, promoting our own activities, as well as for analytical and statistical purposes, which constitutes the legitimate interest of the Company. We process personal data of users who visit our profiles or interact with them (likes, comments, messages). If you like or comment on our post, this will be visible to other users. Personal data are stored until an objection to further processing is raised (e.g. by unliking a post or deleting a comment), and thereafter for the period required by law and/or until the limitation period for potential claims expires. Social media platforms have their own privacy policies and rules governing data processing, which also apply to their users.
Your personal data may be disclosed to the following categories of recipients:
our employees and subcontractors,
entities providing hosting services for the Service and the Application,
providers of analytical, advertising and other tools supporting online marketing (in particular those described in § 9),
operators of social media platforms integrated with Selmo,
entities providing accounting, legal, IT support and advisory services,
tax authorities, courts and other public authorities,
banks and payment service providers.
Your personal data may be transferred outside the European Economic Area where necessary for the proper provision of services, due to technical conditions or legal obligations. Such transfers are always based on legal instruments ensuring an adequate level of protection, in particular standard contractual clauses approved by the European Commission.
You have the right to:
access your personal data (Article 15 GDPR), including obtaining a copy thereof,
rectify or complete incomplete personal data (Article 16 GDPR),
request the erasure of personal data in cases provided for by law (Article 17 GDPR),
request restriction of processing (Article 18 GDPR),
receive your data in a structured, commonly used format and transfer them where processing is based on consent and carried out by automated means (Article 20 GDPR),
object to the processing of your personal data where processing is based on the legitimate interest of the Company (Article 21 GDPR),
withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal. Consent may be withdrawn by sending a message to: Selmo Sp. z o.o., ul. Lubicz 27/40, 31-503 Kraków, or by e-mail to: kontakt@selmo.io,
lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (UODO) in Warsaw – if you believe that the processing of your personal data violates GDPR provisions.
Providing personal data is voluntary; however, failure to provide data may prevent the achievement of the processing purpose, in particular the conclusion or performance of a contract.
Cookies are small text files stored on your computer or mobile device and subsequently retrieved from such devices during subsequent visits to our Service and Application. Cookies usually contain the name of the website from which they originate, the period for which they are stored on the device, and a unique identifier. As a rule, the use of cookies does not allow us to identify you as a specific individual.
Cookies that are necessary for the proper functioning of the Service and the Application are stored automatically. In the case of other types of cookies, your consent is required. We use the following types of cookies:
essential cookies – cookies that enable the use of services available within Selmo and the Service, such as authentication cookies used for services requiring authentication, logging in, and using forms available on the website;
analytical cookies – cookies that allow us to collect statistical data regarding user behavior, including measuring the number of visits and collecting information about traffic sources, which enables us to improve the operation of the Service and the Application; their use is dependent on your consent (more information is provided below in § 9);
advertising cookies – cookies that enable us to display personalized advertisements on other websites, such as Facebook or Instagram; their use is dependent on your consent (more information is provided below in § 9).
Both session cookies, which are deleted after closing the web browser window, and persistent cookies, which are stored on users’ devices for a specified period of time, are used within the Service and the Application.
Cookie management is carried out via a tool made available on the website, which is displayed automatically during the first visit to the Service. Within this tool, you may give consent to the use of individual categories of cookies.
You may also manage cookie settings via your web browser settings. More information can be found on the websites of the respective browser providers:
Firefox – https://support.mozilla.org/kb/enable-and-disable-cookies
Google Chrome / Android – https://support.google.com/chrome/answer/95647
Safari – https://support.apple.com/kb/PH5042
Safari (iOS version) – https://support.apple.com/HT201265
Upon granting your consent, we may process your personal data using the following tools:
Facebook Custom Audiences, including the so-called Facebook Pixel, i.e. a tracking code installed on our website. This tool is provided by companies belonging to the Meta group (in particular Meta Platforms Inc., 1 Hacker Way, Menlo Park, California 94025, USA, and Meta Platforms Ireland Limited, Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). The tool automatically collects data regarding users’ use of the website in order to enable us to display personalized advertisements to them on Facebook and Instagram (i.e. advertisements based on the analysis of their behavior). Independently of us, Facebook may also use such data for its own purposes and may link it with other data previously collected about you.
Hotjar: This is a tool provided by Hotjar Ltd (Level 2, St Julian’s Business Centre, 3 Elia Zammit Street, St Julian’s STJ 1000, Malta), which enables the analysis of user behavior within the Service by creating heatmaps, recording user movements on the website, analyzing conversion paths, and conducting surveys and opinion research. Hotjar collects information through tracking codes and cookies and stores it on Hotjar’s servers. Cookies used by Hotjar are stored for a maximum period of one year. Opt-out information is available at: https://www.hotjar.com/opt-out.
Splitbee: A tool provided by Tobias Lins e.U. (Alserbachstraße 10, 1090 Vienna, Austria). It is an analytics tool that allows us to understand user behavior by generating statistics. It collects usage data (e.g. time spent on pages, clicked links) and technical data (e.g. language, location, operating system). More information is available at: https://splitbee.io/privacy.
Within your browser cookie settings, you may decide not to use the above tools in your case. It is also possible to manage privacy settings within your Facebook profile. Detailed information is available at: https://www.facebook.com/privacy/explanation and https://www.facebook.com/business/help/651294705016616.
You may manage your Facebook advertising preferences at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
If you are persons who make purchases from our customers using Selmo and there is no direct legal relationship between us, your data are processed on the basis of data processing entrustment agreements concluded with our customers.
In such cases, any requests related to your personal data will be forwarded to the entity that entrusted us with the data and acts as the Data Controller within the meaning of the GDPR.
If you have any questions regarding this Privacy Policy or wish to exercise your rights related to personal data protection, you may contact us by e-mail at: iod@selmo.io.