Privacy Policy for Applications

§1.  General Provisions

1. The data shall be administered by Sagra Technology limited liability company with its registered office in Szczecin, Poland, entered into the Register of Entrepreneurs under the KRS number: 0000122856, whose registration files are kept by the District Court Szczecin Centrum in Szczecin, 13th Commercial Department of the National Court Register, NIP: 8520604961, REGON: 008080085. Data shall be protected in accordance with the requirements of generally applicable law.

2. For the purposes of better reception of the Privacy Policy, the term “Personal Data Subject” has been replaced by “You”, “Administrator” – by “We”. “GDPR” shall mean Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;

3. We respect the right to privacy, take care of data security and act in accordance with the following Privacy Policy.
   
   

§2. Data Controller

1. Sagra Technology Sp. z o.o. in Szczecin, Poland, shall be the Administrator of Personal Data, which means an entity that independently or jointly with others sets the purposes and means of processing personal data.

2. We may collect information about you directly from you (You provide us your personal data in purchase agreement) or from Microsoft as telemetry data informing us how you use our product.

3. The Personal Data shall be processed:
   a) in accordance with the provisions on personal data protection,
   b) in accordance with the implemented Privacy Policy,
   c) to the extent and for the purpose necessary to provision of the service,to the extent and for the purpose necessary to fulfill legitimate interests (legally justified purposes) of the Data Controller,

4. Sagra Technology Sp. z o.o. may collect the following categories of personal data:
   1. Your first name, last name and contact details provided us in purchase form
   2. telemetry data need to charge you for use of our application.

5. The legal basis for data processing is our legitimate interest, indispensability to provide the service or your consent. You have the right to withdraw your consent at any time, provided that, this does not affect lawfulness of processing of your data prior to its withdrawal.

6. In the event of withdrawal of the consent, we shall cease all relevant processing, however we may still need to process some of your personal data if it is necessary to enforce our contractual rights and obligations, if we are bound by an agreement with you, comply with legal claims or protection against them.

7. Until you use our services, the legal basis for data processing shall be the need to process them in order to execute this agreement. If the above legal bases cease to be applicable, we may continue to process your personal data for an additional period to establish, enforce legal claims or protect against them or if it is required by law.

8. Providing personal data to Sagra Technology is voluntary. However, in some cases we shall require user information to give the user access to certain parts of our services like web/mobile application.
   
   

§3. Rights of data subjects

1. Every data subject (provided that we are the data administrator) has the right to access data, rectify, delete or limit processing, the right to object, the right to submit a complaint to the supervisory authority.

2. In order to exercise the indicated rights, you may report to our registered office or send an application to our address by mail or email. You may contact the person supervising processing of personal data in our organization by email at the following email address:  [email protected]

3. GDPR aims at providing every person with the opportunity to protect their rights and freedoms and to ensure control over processing of their data. To this end, you can exercise your rights
   
   a) the right to access the data– the data subject has the right to receive information, including which of their data we process, for what purposes they are processed, and obtain copies thereof. You may ask us whether we process your personal data.
   
   b) the right to delete the data(the right to be forgotten) – the data subject may indicate the scope and circumstances justifying requested deletion of the data, e.g. data are no longer necessary to achieve the purposes for which they were collected, and there are no legal grounds for further processing of the data, the data is processed unlawfully. The right to delete the data may be exercised if, being the Data Administrator, we have no legal basis for processing the data. Please note that if you have an active agreement with us, data processing is necessary for its implementation and your personal data may not be deleted.
   
   c) the right to transfer the data – the data subject has the right to receive their personal data in a structured, commonly used machine-readable format. A request for transfer of the data may be submitted by the data subject.
   
   d) the right to limit data processing – the data subject indicates that there are circumstances fulfilling conditions specified in art. 18 of GDPR for limiting processing of their data, e.g. we do not need certain data, there are no premises for further processing and the data subject requests to suspend data operations or not to delete data. Any request for limiting data processing shall require individual consideration in terms of existing grounds for data processing, the purpose and scope of their processing.
   
   e) the right to rectify the data – at any time, when the need arises, the data subject shall inform us about the change in their personal data. You can ask us to rectify incorrect or complete incomplete personal data.
   
   f) the right to object – at any time, you can object to data processing in an automated manner, as well as object to data processing for marketing purposes. Objection to data processing may be submitted, for example, at our registered office, by mail to our address, or by email: [email protected]
   
   g) the right to file a complaint regarding personal data processing with the supervisory body.

    

4. In the matter of exercising your rights, we shall provide information in writing, by email or it may be picked up at our registered office after prior appointment.

5. If we receive a request for exercising the personal data right, without undue delay, and in any case within one month from the date of receipt of the request, we shall provide any data subject with information about actions taken in connection with exercising the above-mentioned rights. If necessary, this period may be extended by another two months due to complexity of the request or a number of requests.
6. Within one month of receipt of the request, we shall inform the data subject about such extension, stating the reasons for the delay.
   
   

§4. Protection of personal data

1. Both during the period of validity of current provisions of the generally applicable law on personal data protection (Act on personal data protection and the implementing regulation) and in the light of European regulations, we shall process your data using all technical and organizational measures necessary to ensure data security.

2. Your personal data are the most valuable resources for our organization.

3. Sagra Technology has implemented and continues to implement appropriate technical and organizational measures to ensure protection of personal data processing, in particular to protect data against unauthorized access, unauthorized removal, loss and alteration, damage or destruction.

4. In addition, all our employees and co-operators are obliged to maintain confidentiality which includes all information regarding your Personal Data.

5. Our employees shall receive training on protected information security, including personal data protection. We have implemented data encryption and we have introduced access control, thanks to which we minimize the effects of possible data security breaches.

6. We do not share the personal data with entities other than those authorized under the applicable law.
   
   

§5. Data Protection Officer

1. At present, we have appointed the Data Protection Officer to coordinate the activities and supervise security of personal data and the You can contact the Data Protection Officer by mail, writing to the address of our registered office or to the e-mail address: [email protected]
   
   

§6. Sharing your personal data

1. Sagra Technology Sp. z o.o. may from time to time share your personal data with other entities in relation to the purpose for which your Personal Data are collected. In particular, we may share your personal data with:
   a) third parties that provide Sagra Technology with goods or services, such as legal advisers, lawyers, auditors and IT service providers including Microsoft,
   b) with other third parties pursuant to the court order, to protect the interests of Sagra Technology or in other situations where it is required by law or for the purposes of court proceedings.

2. Processing your personal data in the manner described above does not involve transferring them to other countries, including countries outside the European Union (EU) / European Economic Area (EEA).
   
   

§7. Storing your personal data

1. If processing of your data is based on your consent or our legitimate interest in maintaining a relationship with you, Sagra Technology stores your personal data only until you withdraw your consent or your express objection to data processing.

2. If data processing is necessary for the purpose of executing the agreement to which you or your employer is a party; Sagra Technology processes your personal data until execution or termination of the agreement or until all contractual claims become barred.
   
   

§8. The privacy policy applies to all applications owned by Sagra Technology, including those published to stores with applications like Apple AppStore, Google Play, Microsoft AppSource, AzureMarketplace and others.