Information

Privacy policy

This document concerns the processing of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: GDPR).

Data Administrator

The Administrator of your personal data is Queris Sp. z o.o., based in Piekary Śl., Ceramiki 37, Poland, REGON: 278252743, Tax ID: 4980183660, registered in the Register of Entrepreneurs of the National Court Register (KRS) under number 0000207108.

Contact with the Data Administrator

For data protection issues you can contact us via:
e-mail address: queris@queris.pl or marketing@queris.pl or postal address: 37 Ceramiki St., 41-945 Piekary Śląskie.

Scope of information

In this policy we provide information about the processing of personal data in relation to individuals who are:

customers and suppliers, including potential customers and suppliers of the Administrator (hereinafter Contractors)
employees, legal representatives, agents or representatives of the Contractors,
other persons who contact the Administrator (not applicable to the Administrator’s employees), including through the contact form on our website
users subscribing to the newsletter service
We obtain personal data mainly from the data subject as well as from the register of entrepreneurs CEIDG or KRS in order to verify the information provided by the contractor. The scope of the data processed is then limited to the data publicly available in these registers.

Personal data relating to employees or agents of our clients or contractors are also obtained from these entities. The scope of this data is then limited to that necessary for the conclusion and execution of contracts with the counterparty and includes: name, official position, company, contact details such as e-mail address, telephone or fax number.

If we obtain personal data not from the data subject, we immediately inform the data subject, indicating the purpose and basis of the processing, the categories of such personal data and the recipients or categories of recipients of the personal data.

Data processing purposes and legal basis

We only process personal data if:

a. The processing is necessary for the purpose of concluding and/or fulfilling a contract (also applies to the placing and execution of orders) in accordance with Article 6 point 1. b. of the GDPR, including:

to enable the performance of contracts and transactions as well as the placement and processing of orders,
ensure the handling of contracts and transactions,
contact in connection with the performance of the contract,
handling service requests concerning the products we support,
the provision of a service for testing a demo version of our products,

b. The processing is necessary in order to comply with our legal obligations as a Administrator (this includes providing access to data at the request of competent authorities or courts) in accordance with Article 6 point 1. c. of the GDPR, including:

fulfilment of tax and accounting obligations,
archiving documents, i.e. contracts and billing documents,
handling and processing customer complaints,

c. The processing is necessary for the purposes of the legitimate interests of the Administrator or a third party and will not unduly affect your interests or rights and freedoms in accordance with Article 6 point 1. f. of the GDPR, including;

the use of personal data of employees, legal representatives, agents or representatives of the Contractors in connection with the conclusion and/or performance of a contract with the Contractor,
enforcing contractual claims, including debt collection and conducting and defending against court, arbitration, mediation and subsequent enforcement proceedings,
verification of Contractors in public registers,
contacting Contractors and others on business related matters, including correspondence, collecting data during business meetings or by exchanging business cards,
direct marketing of its own products and services without the use of electronic means of communication, to existing Clients and Contractors,
for the Administrator’s statistical and analytical purposes, where the Administrator’s legitimate interest is to be able to make analyses and statistics of its activities.

d. The processing is carried out on the basis of the consent of that data subject in accordance with Article 6 point 1. a. of the GDPR, including:

to carry out direct marketing of its own products and services by means of electronic communication; however, due to other applicable regulations, in particular the Act on Electronic Provision of Services, these activities are only carried out on the basis of the relevant consents held,
respond to enquiries sent via the “Contact Us” section to persons who have sent such an enquiry via our website,
provide a newsletter service to those who have previously subscribed via our website.

Data recipients

We also share personal data with other parties, including:

to postal or courier companies, banks, if settlement is required,
to state authorities or other entities entitled under legal provisions to fulfil our obligations,
entities assisting us in the performance of our activities on our behalf, including service providers, IT system providers, insurance and debt collection companies, law firms,
entities belonging to the group to which the Administrator belongs, for internal administrative purposes.

Transfers of data outside the EEA

We transfer some of your data to countries outside the European Economic Area, however, applying the relevant data protection clauses adopted by the European Commission and data entrustment agreements for processing. Entities outside the EEA to whom we transfer certain data include:

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA,
The Rocket Science Group LLC, 1526 DeKalb Ave NE, Atlanta, GA 30307, USA,

These companies have a data protection privacy policy that complies with the requirements of the EU-US-Privacy Shield programme. Otherwise, we do not transfer your data outside the European Economic Area, unless you are a Contractor from outside the European Economic Area. In that case, your personal data may be transferred to a country outside the European Economic Area, only on your instruction or exclusively for the purpose of concluding or performing a contract, in particular to entities such as customs agencies and transport companies.

Data storage time

We only store data for the following periods of time:

contractual data and data related to the execution of contracts, including the placing and execution of orders – until the statute of limitations for claims arising from the contract,
settlement documents – until the expiry of the statute of limitations for tax liabilities, unless otherwise provided for in tax legislation,
data for marketing purposes – in the case of data processing based on consent, until the consent is withdrawn,
data collected on the basis of the legitimate interest of the Administrator, for a period enabling that interest to be fulfilled, or until such time as an effective objection is lodged,
data collected via the contact form on our website, until the matter is dealt with or the consent given is withdrawn.

Data processing rights

Every data subject has the right to access the content of their personal data, the right to rectification, erasure and restriction of processing, as well as the right to data portability and the right to object and the right to withdraw consent at any time without affecting the lawfulness of processing on the basis of consent before its withdrawal (as long as processing is based on consent).

In order to exercise the above rights, you can send an e-mail to queris@queris.pl or marketing@queris.pl or contact us by post at the following postal address: ul. Ceramiki 37, 41-945 Piekary Śląskie, Poland with the annotation “personal data protection”.

In addition, you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection, in relation to the Administrator’s processing of your personal data.

Voluntary data provision

The provision of personal data is necessary for the conclusion and performance of contracts (including the placing and execution of orders) and the settlement of business. Failure to provide personal data will prevent the conclusion and performance of the contract or service. Otherwise, the provision of data is voluntary.

Security of stored data

We make every effort to ensure that the data collected is stored securely. We store data in accordance with security procedures and the use of technologies such as SSL encryption and other system security.

Automated data processing

Your data may be processed by automated means, including profiling. Data profiling involves analysing your preferences, activities and interests in order to better tailor targeted content and offers to you as part of our marketing activities.

Cookies

We use cookies on our website. These are small text files placed on the user’s terminal device (e.g. phone, tablet, laptop) that help us understand the general behaviour of visitors to our website. They are used to identify the user, the device and to collect information about activity.

We use cookies for the following purposes:

optimising the use of our website (e.g. adjusting the display of the website according to the screen resolution of the end device),
compiling visitor statistics, including overall user activity, time spent on individual pages, visitor flows, number of page views, etc.
integration of the website with analytical and advertising systems (Google Analytics, Google AdWords),
to obtain information on Newsletter activity.

We use different types of cookies on our website:

session files – temporary files providing information about the current session, which are deleted when you leave the site,
permanent files – files which are stored on the terminal equipment for an extended period of time as specified in the file, or until they are deleted by the user,
third party files – files originating from companies cooperating with the owner of the website in question. The information contained in the third-party cookies is managed and set by the third party in accordance with its privacy policy.

You can manage cookies from your browser. You can also disable them completely, but then some functions of the websites (not only ours) may be inaccessible or may not work properly.