Website Privacy Policy
This privacy policy of the website (hereinafter the “Privacy Policy”) was prepared by a company operating under the name Match2Pay Ltd based in Providence Complex Building, Office A17.F, Providence, Mahé, Seychelles, company no. 8437251-1 (hereinafter referred to as “Data Controller”) as fulfillment of the obligation specified in Art. 13 Section 1 and 2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR “).
1. Who is responsible for your personal data?
The Data Controller of your personal data is a company operating under the name Match2Pay Ltd based in Providence Complex Building, Office A17.F, Providence, Mahé, Seychelles, company no. 8437251-1.
2. How to contact the Data Controller?
A Data Protection Officer (Mr. Krzysztof Teofilski) has been appointed by the Data Controller. In matters regarding the processing of personal data by the Data Controller, you can contact via the following e-mail address: kteofilski@match2pay.com.
3. Data security
In connection with the conducted business activity, the Data Controller collects and processes personal data in accordance with the relevant provisions, including in particular the GDPR and the principles of data processing contained therein.
The Data Controller ensures transparency of data processing, informs about data processing and ensures that data is collected only to the extent necessary for the purpose indicated and is processed only for the period in which it is necessary.
In order to ensure data integrity and confidentiality, the Data Controller has implemented procedures enabling access to personal data only to authorized persons and only to the extent that it is necessary for their tasks.
The Data Controller takes all necessary actions so that its subcontractors and other cooperating entities guarantee the use of appropriate security measures whenever they process personal data at the request of the Data Controller.
4. Use of the website
When you use the Data Controller website, standard information is downloaded, such as the IP address, type of search engine, language, access time and address of the page from which the User was redirected. These data can be collected by cookies and analytical tools.
In the event of contact from your site via the telephone numbers, e-mail addresses or complaint form, data related to the means of communication chosen by you and data provided during communication are also processed, if it is necessary to resolve the reported matter.
5. What are „cookies”?
Personalization and efficiency of services provided by the Data Controller requires saving and storing information on how you use the website. The Data Controller do this by using small text files called „cookies”. Cookies contain little information and are saved on the User’s computer or other terminal device by the server operating the website. Then the web browser sends them back to the website each time a given User uses it, thanks to which the server remembers your preferences.
The Data Controller informs that disabling cookies in the browser used by the User may cause difficulties or inaction of some functions of the website.
As part of the Data Controller website, two types of cookies are generally used:
a) session cookies – temporary files that are stored on the User’s end device until logging out, leaving the website or turning off the software (web browser);
b) permanent cookies – files stored on the User’s end device for the time specified in the cookie file parameters or until they are deleted by the User.
Due to functionality, the Data controller divides cookies into three following groups:
a) necessary – files of key importance enabling Users to navigate the website and use its functions, such as access to secure areas and to ensure security;
b) performance – files collecting information about how Users use the website, which parts of the website you visit most often, and whether you receive error messages from websites. The data collected by these cookies are anonymous and only serve to improve the functioning of the website;
c) functional – files recording the choices made by Users, these files can also be used to remember changes made by the User, e.g. changes in the size and font of the text.
6. Social media
Social media icons placed on the Data Controller website allow you to share its content (Facebook, LinkedIn, YouTube, Instagram, Twitter) with other Users. They allow connection with social websites of other entities that can record information on the User’s activities on the Internet, including activities performed on the website. The Data Controller has no knowledge how these entities use data. To learn about the way they use information they collect about Users and the possibility of opt-out or deletion of relevant cookies, please read the terms of use of these pages and privacy.
Overview of Facebook plugins – https://developers.facebook.com/docs/plugins/
Facebook privacy policy – https://www.facebook.com/policy.php
LinkedIn privacy policy – https://www.linkedin.com/legal/privacy-policy
Google (YouTube) privacy policy – https://policies.google.com/privacy?hl=pl-PL
Instagram privacy policy – https://help.instagram.com/155833707900388
Twitter privacy policy – https://twitter.com/en/privacy
The website occasionally uses third-party internet services to display certain content, such as images or videos. As in the case of social media icons, the Data Controller is not able to prevent these pages or domains from collecting information on how users use the content there.
The Data Controller also runs its fanpage on social media. All information contained on your profile and activities resulting from its use are directly administered by a third party.
7. Purposes and basis for data processing
Cookies are used to:
a) adapting the content of the Data Controller website to the User’s preferences and optimizing its use; in particular, these files allow to recognize the User’s device and properly display the website tailored to your individual needs;
b) creating statistics that help understand how Users use the website, which allows improving their structure and content;
c) maintaining the User’s session (after logging in), thanks to which you do not have to re-enter your login and password;
d) enabling interaction with social networks (e.g. publishing posts directly from the website).
The legal basis for processing in this case is the Data Controller’s legitimate interest (Article 6 Section 1 Letter f of the GDPR) consisting in ensuring a higher quality of services.
Contact via email addresses or traditional mail:
In the case of sending to the Data Controller via e-mail or traditional correspondence not related to the agreement concluded with Data Controller, personal data contained in this correspondence are processed solely for the purpose of communication and resolution of the matter to which the correspondence relates.
The legal basis for processing is the Data Controller’s legitimate interest (Art. 6 Section 1 Letter f of the GDPR) consisting in conducting correspondence addressed to the Data Controller in connection with business operations. The Data Controller processes only personal data relevant to the case to which correspondence relates. All correspondence is stored in a manner that ensures the security of personal data contained therein (and other information) and disclosed only to authorized persons.
Telephone contact:
In the event of contacting the Data Controller by phone, in matters not related to the concluded agreement, the Data Controller may request personal data only if it is necessary to
handle the case to which the contact relates. In such a case, the legal basis is the Data Controller’s legitimate interest (Art. 6 Section 1 :etter f of the GDPR) consisting in the need to resolve the reported case related to the business activity conducted by the Data Controller.
Social media:
The Data Controller has public profiles on social networks (Facebook, YouTube, LinkedIn, Instagram, Twitter). Therefore, the Data Controller processes the data that you leave when visiting these profiles (including comments, likes etc.). Personal data is processed: to enable you to take activity on the Data Controller’s profiles; for effective profile management; for statistical and analytical purposes; alternatively they may be processed for the purpose of pursuing claims and defending against claims. The legal basis for the processing of personal data is in this case the legitimate interest of the Data Controller (Article 6 Section 1 Letter f of the GDPR), consisting in: promoting business activity and improving the quality of services provided, if necessary – pursuing claims and defending against claims. This information does not apply to personal data administered by website operators (links to third party privacy policies are provided in section 6 above).
Organization of online events:
In connection with the organization of online events, the Data Controller obtains personal data from people signing up for events and participating in them. The scope of the data transferred is in any case limited to the extent necessary for the organization of the event and usually does not include information other than name and surname and e-mail address. Such personal data is processed in order to identify participants of the event, contact them and handle participation in the event. In this case, the basis for data processing is the legitimate interest of the Data Controller (Article 6 Section 1 Letter f of the GDPR), consisting in the organization of the event in connection with the submitted application for participation in the event. Personal data will also be processed for purposes related to the satisfaction survey with participation in the event and for statistical purposes. In this case, the basis for data processing is the legitimate interest of the Data Controller (Article 6 Section 1 Letter f of the GDPR), consisting in conducting analyzes to improve the quality of organized events. Online events may be recorded – in any case, the participant will be informed about this fact, in particular in the message displayed as part of the tool used by the Data controller to organize the online event. Recordings can be made available to event participants.
Data collection as part of business contacts:
In connection with the conducted activity, the Data Controller collects personal data also in other cases (e.g. during business meetings or by exchanging business cards) for purposes related to initiating and maintaining business contacts. The legal basis for processing in this case is the legitimate interest of the Data Controller (Article 6 Section 1 Letter f of the GDPR) consisting in creating a network of contacts in connection with the conducted activity.
Personal data collected in such cases are processed only for the purpose for which they were collected, and the Data Controller ensures their appropriate protection.
8. Providing data
The Data Controller’s website uses cookies in accordance with the User’s individual settings of the browser installed on the end device that you use. Using the Data Controller website without changing the browser cookie settings means confirming that you have read this Privacy Policy and accept cookies.
If you do not accept cookies, you can change your settings or disable cookies at any time in your browser.
The Data Controller informs that changing the configuration of the web browser, which prevents or limits the storage of cookies on the User’s end device may result in functional limitations of the services provided. Deleting cookies while providing the service may lead to similar effects.
The following links provide information on how to delete cookies in the most popular web browsers:
Firefox – https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
Opera – http://help.opera.com/Linux/9.60/en/cookies.html
Internet Explorer – http://support.microsoft.com/kb/278835/en
Chrome – http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
Safari – http://support.apple.com/kb/HT1677?viewlocale=en_US
Due to the many technological solutions, it is not possible to provide precise guidelines on how to specify the conditions for storing or accessing cookies using the settings of all available telecommunications terminal equipment and software installed on this device.
9. Analytical tools and third parties
The Data Controller’s website uses Google Analytics, a website analysis service provided by Google, Inc.
Google Analytics uses cookies, therefore information generated by cookies about the use of the website by the User is transmitted to Google.
Google will use this information to evaluate your use of the Data Controller website, to compile reports on website traffic and to provide other services related to website traffic.
Google may also transfer this information to third parties if it is required to do so on the basis of legal provisions or if such persons process such information on behalf of Google.
The user can disable Google Analytics by installing the Google Analytics blocking browser add-on – https://support.google.com/analytics/answer/181881?hl=en
Google Analytics cookies are stored based on art. 6 Section 1 Letter f of the GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both the website and the advertising process.
The Data Controller website provides links to websites operated by third parties. These links are provided for the convenience of the User, however the Data Controller does not review, control or monitor privacy practices on websites operated by third parties. This Privacy Policy does not apply to websites operated by third parties. The Data controller is not responsible for the activities of websites operated by third parties.
10. Users’ rights
The Data Controller informs that in connection with the processing of personal data you have the following rights:
a) the right to information about the processing of personal data – on this basis, the Data Controller provides you with a request for information on data processing, including primarily the purposes and legal grounds for processing, the scope of data held, entities to which it is disclosed, and the planned date of deletion data;
b) the right to obtain a copy of the data – on this basis, the Data Controller provides you with a copy of the data processed in the event of a request;
c) the right to rectification – the Data Controller is obliged to remove any incompatibilities or errors of personal data being processed and supplement them if they are incomplete;
d) the right to delete data – on this basis, you can request the deletion of data the processing of which is no longer necessary to achieve any of the purposes for which it was collected;
e) the right to limit processing – in the event of such a request, the Data Controller ceases to perform operations on personal data until the reasons for the restriction of data processing cease (e.g. a decision of the supervisory authority allowing further processing of data is issued);
f) the right to transfer data – on this basis – to the extent that the data is processed in an automated manner in connection with the concluded agreement or consent – the Data Controller issues the data provided by you in a format that allows data to be read by a computer. It is also possible to request that the data be sent to another entity, however, provided that there are technical possibilities in this respect both on the part of the Data Controller and the indicated entity;
g) the right to object to the processing of data for marketing purposes – you can object to the processing of personal data for marketing purposes, without giving any reason;
h) the right to object to other purposes of data processing – you can at any time oppose – for reasons related to your particular situation – the processing of personal data that is based on the legitimate interest of the Data Controller (e.g. for analytical or statistical purposes), objection in this respect it should contain a justification;
i) the right to withdraw consent – if the data are processed on the basis of consent, you have the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before its withdrawal;
j) the right to complain – if you find that the processing of personal data violates the provisions of the GDPR or other provisions regarding the protection of personal data, you can submit a complaint to the body supervising the processing of personal data competent for your habitual residence, place of work or place of committing alleged violation.
11. Data processing period
The period of data processing by the Data Controller depends on the type of service provided and the purpose of processing. The period of data processing may also result from provisions when they constitute the basis for processing. In the case of data processing on the basis of the Data Controller’s legitimate interest, the data is processed for a period enabling the implementation of this interest or to object effectively to data processing. If the processing is based on consent, the data is processed until its withdrawal. When the basis for processing is necessary to conclude and perform the agreement, the data is processed until its termination. The period of data processing may be extended if the processing is necessary to establish or assert claims or defend against claims, and after that period – only if and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.
12. Automated decision-making
The Data controller will not apply a decision that is based solely on automated processing, including profiling, and produces legal effects concerning you or similarly significantly affects you.