Privacy policy

This Privacy Policy constitutes an integral part of the Terms of Use of TrackTime24 Application and Website dated 2020-06-03 (Terms of Use). Definitions of the terms used in this Privacy Policy have been included in the Terms of Use. The provisions of the Terms of Use shall be applied accordingly. This Policy shall also apply to any other of our sites and websites which post this Policy. This Policy shall not apply to sites or websites posting other statements.

§ 1 PERSONAL DATA

  1. The controller of the personal data processed within the Application and Website, entered there under the Agreement, in particular Users' personal data, is the Service Recipient, i.e. the entity using the Application with reservation of points 2 and 3 below.
  2. Personal data of the Services Recipient (You) is processed by us - TrackTime24 (i.e. inEwi sp. z o.o. with its registered office in Bielsko-Biała (43-300), 10 Szarotki Street entered into the register of entrepreneurs of National Court Register under KRS number: 0000456957, NIP: 5472146245, REGON: 243231027 with a share capital of PLN 151,000.00), which is the personal data controller within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and legal acts in the scope of personal data protection created on its basis (hereinafter referred to as GDPR). You may contact us in particular via e-mail at the following e-mail address: office@tracktime24.com.
  3. If a given User has given consent, we can also be the controller of his personal data to the extent indicated herein.
  4. We appointed the Data Protection Officer. Contact to the Officer: dpo@tracktime24.com.
  5. The scope of the processed personal data shall be determined by the scope of data completed by You (Services Recipient) and sent to us by means of relevant form. Processing Your personal data may pertain to Your name, surname, e-mail address, username, computer IP address, cell phone number, address data, company data, geolocation, tax identification number.
  6. Under the given User's consent, we can process following categories of his personal data: name, surname, e-mail address.
  7. Your personal data of will be processed for the period of providing services by us and will be deleted upon the lapse of the said period unless their processing results from another legal basis.
  8. Personal data shall be processed for the following purposes:
    • creating the Account,
    • providing services by electronic means,
    • examining filed complaints and other actions as specified in the Terms of Use,
    • promotional and commercial actions of TrackTime24,
    • settling disputes and collecting fees,
    • evaluating interest in our services,
    • realization of tax and other legal obligations,
    • in the case of having the given Users’ express consent – for the purpose of informing the Users on services and updates, undertaking further actions to the benefit of the Users in accordance with information provided upon obtaining the data, linking information related to the User with information obtained from other entities and using them for the purpose of improving and customizing the Services,
    • preventing potentially prohibited or illegal actions and enforcing the Agreement.
  9. Providing the personal data by You shall be voluntary, but the lack of providing personal data marked as obligatory shall prevent performance of the services and agreements by TrackTime24.
  10. The legal basis for processing Your personal data shall be:
    • the statutory authorization to process data which are essential to act in accordance with the law (article 6(1)(c) GDPR),
    • the statutory authorization to process data which are necessary to perform an agreement if a person to whom the data refer is a party to such agreement, or if it is essential for undertaking certain actions prior to conclusion of an agreement upon request of the person to whom the data refer (article 6(1)(b) GDPR),
    • a voluntary consent of the User (article 6(1)(a) GDPR).
  11. Your personal data are transferred only for the purpose of performing agreements for provision of services by electronic means by TrackTime24 to a hosting company, a company providing accounting services to TrackTime24 and other entities indicated in point 12 below. Personal data collected by TrackTime24 may also be disclosed to competent state bodies upon their request on the basis of relevant provisions of law, or other persons and entities–in the cases prescribed in the provisions of law.
  12. Your personal Data may be transferred for processing to (recipients of personal data): TrackTime 24’s accounting firm, the provider of hosting for the Website, the company providing technical support for the Website, the payment provider, the company providing the CRM system. The personal data collected by TrackTime24 may also be disclosed to competent state authorities upon their request on the basis of relevant provisions of law or other persons and entities—in the cases prescribed in the provisions of law. The entity processing your personal data on the basis of the Processing Agreement will process your personal data through another entity only upon prior consent of TrackTime24.
  13. Disclosing Your personal data to unauthorized entities under this Privacy Policy may take place only upon Your prior consent.
  14. You shall have the right to control processing the data which pertain to You and which are included in databases, in particular the right to: (a) access Your personal data, complement and correct them by reporting such request to TrackTime24, (b) request temporary or permanent suspension of their processing or their removal if they are incomplete, invalid, inaccurate, or if they have been collected in violation of the law, or they have become unnecessary to realize the purpose for which they had been collected, (c) object processing Your personal data–in the cases prescribed in the legal provisions–and the right to request their deletion if they become unnecessary to realize the purpose for which they have been collected, a request to remove the collected personal data referring to the Services Receiver and the User shall comprise removal of personal data from both the system belonging to TrackTime24 and from bases of the entities which have co-operated with TrackTime24; further, the Service Receiver and the User shall have the right to restrict the processing of the personal data, the right to portability of the personal data collected by TrackTime24 and referring to him/her, in this to receive them in a structured form, to file a complaint to the supervising body if the User finds that his/her data are processed in violation of the law, and to lodge legal remedies before a court against the supervising body and the entity committing the violations.
  15. If TrackTime24 is advised that You use the service provided by electronic means in a manner violating the Terms of Use or applicable provisions of law (unauthorized use), then TrackTime24 may process Your personal data in the scope required for establishing Your liability. We may also disclose Your data for the purposes related to the law, protection, and security. For instance, we may disclose information for the purpose of ensuring compliance with legal provisions, in response to lawful applications and legal processes, in order to protect the rights and property of TrackTime24, our agents, clients and other entities (which shall include implementation of our agreements, policies and terms of use), or in an emergency (which shall include protection of our employees and agents, our clients or any other persons).
  16. Your personal data may be transferred to a third country, i.e. the United States of America, in order to use the services of entities providing solutions and functionalities necessary for the proper operation of the Services and their functionalities. In this case, the transfer of personal data takes place on the basis of the EU-US privacy shield and the terms of use of the solutions and functionalities provider.

§ 2 SERVICES RECIPIENT AS THE PERSONAL DATA CONTROLLER

  1. The Service Recipient will process, as part of the Application, personal data for which is the data controller, for purposes related to employment (both under an employment contract and under other civil law contracts) and conducting personnel matters, to the extent and for the period necessary for the employer's performance of obligations under the Labor Code or other legal acts related to the conclusion of other civil law contracts.
  2. The Service Recipient processes personal data in the Application within the Account, which has full right to process and which does not infringe the rights of third parties, as well as to which he can demonstrate the legal basis for processing in the scope specified in the Terms of Use and the Privacy Policy.
  3. The Service Recipient entrusted us with the processing of all personal data provided to us within the Account, in particular personal data of Users, to the extent specified in paragraph 1.1. above, for the duration of the Agreement, unless there is another legal basis for their further processing.
  4. Entrusting data processing will take place in order to properly implement the services provided by us to the Service Recipient related to the registration and management of the working time of persons employed by the Service Recipient, as well as the exercise of Users' rights and obligations indicated in the Terms of Use.
  5. Under the Service Recipient's consent, We further entrust the processing of personal data referred to in paragraph 1.1., to process them in the scope of storage, to entities that guarantee the level of security in the scope of personal data processing at the level required by the provisions of the GDPR.

§ 3 OTHER DATA

  1. The Website may store http enquiries, therefore the files containing web server logs may store certain data, including the IP address of the computer sending the enquiry, the name of User’s station–identification through http protocol, if possible, date and system time of registration on the Website and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the User before if the User has entered the Website through a link, information concerning User’s browser, information concerning errors which occurred while executing the http transaction. Web server logs may be collected for the purposes of proper administration of the Website. Only persons authorized to administer the IT system shall have access to the data. Files containing web server logs may be analyzed for the purposes of preparing statistics concerning traffic on the Website and occurring errors. Summary of such details shall not identify Users.
  2. The Application may store http enquiries, therefore the files containing web server logs may store certain data, including the IP address sending the enquiry, the name of User’s station–identification through http protocol, if possible, date and system time of registration and receipt of the enquiry, information concerning errors which occurred while executing the http transaction. Web server logs may be collected for the purpose of proper administration of the Application. Only persons authorized to administer the IT system shall have access to the data. Files containing web server logs may be analyzed for the purposes of preparing statistics concerning traffic in the Application and occurring errors. Summary of such details shall not identify a User.
  3. Transfer of personal data to third countries will proceed in accordance with GDPR.

§ 4 INFORMATION SECURITY

  1. Your personal data are stored and secured in accordance with the rules as prescribed by the applicable legal provisions. TrackTime24 shall apply technological and organizational, as required in Articles 25, 30, 32–34, 35–39 GDPR means in order to secure processing the personal data which are adequate to the threats and category of data to be secured, in particular, through technical and organizational means it shall secure data against being published to unauthorized persons, taken over by an unauthorized person, processed in violation of the law and changed, lost, damaged or destroyed. Users’ personal data shall be collected and stored on a secured server, moreover, the data shall be secured by TrackTime24’s internal procedures related to processing personal data and information security policy. We use the secure socket layer (SSL) technology, which is designed to encrypt the transmission of information exchanged between Your browser and our site.
  2. In order to log in to the Account, it shall be necessary to provide a relevant login and password. In order to ensure an appropriate level of security, the password for the Account shall exist only in an encrypted form.
  3. At the same time TrackTime24 states that using the Internet and services provided by electronic means poses a threat of malware breaking into User’s teleinformatic system and device, as well as of any other unauthorized access to User’s data, including personal details, by third parties. In order to minimize such threats, the User shall use appropriate technical security means, e.g. using updated antivirus programs or programs securing identification of the User in the Internet. In order to obtain detailed and professional information related to the security in the Internet, TrackTime24 recommends taking advice from entities specializing in such IT services.
  4. We use services of third-party payment processors. We encourage our partners processing payments to disclose their own privacy protection practices and to respect the privacy of other Users. TrackTime24 may not, however, guarantee You privacy protection or personal data security and therefore You should assess the rules of privacy protection and security of partners with whom the transactions are concluded already before concluding particular transaction and meeting the decision on providing information about Yourself.
  5. Transaction data, including personal data, can be transferred to STRIPE PAYMENTS EUROPE, LIMITED, C/O A&L GOODBODY, IFSC, NORTH WALL QUAY, DUBLIN 1, Ireland, company number: IE 513174, in order to process payments

§ 5 COOKIES

  1. The Website uses Cookies support technology in accordance with the requirements indicated in the wording of the Regulation concerning the respect for private life and the protection of personal data in electronic communications (e-Privacy Regulation). Cookie files are small packages of information stored on User’s device while he/she is browsing a website, which usually contain the address of the website, date of publishing, lifetime of the Cookie, unique number and additional information corresponding to the intended use of a particular file.
  2. TrackTime24 shall store and gain access to session and statistical cookies of a device, in the case of other Cookies the User shall express his/her consent to store or gain access to Cookies by means of appropriate settings of the browser installed on User’s device. The Users may individually change the Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The Users may also individually delete Cookies stored on their device at any time in accordance with the instructions of the browser producer. The User may consent to use the Third-Party Cookies of third parties by individually changing the Third-Party Cookies settings at any time, stating the conditions of their storage, by means of the Internet browser settings or configuration of the service.
  3. It is not possible to identify You on the basis of Cookie files.
  4. Cookie files generated directly by the Website may not be read by other websites.
  5. The Website uses Cookie files and data derived from them for the following purposes: (a) preserving User’s session, (b) adjusting the content of pages to User’s preferences, (c) ensuring security of data used within the frames of the Website, (d) preparing statistics (anonymous) for optimizing functionality of the Website, (e) linking functions of the website with other external services used by the User (e.g. social), (f) chat, (g) displaying advertising information according to User’s preferences and limiting the number of impressions.
  6. The Website shall use two basic types of Cookie files: session cookies, which are deleted upon closing User’s session; and permanent cookies, which are stored on his/her device for a longer time.
  7. You may remove Cookie files stored on Your device at any time in accordance with the instructions of the browser producer.
  8. Remember - You may enable the storing of Third-Party Cookies on your device at any time in line with the instructions of the browser producer. Failure to enable the Third-Party Cookies shall not cause lack of availability of the Website, in its entirety or in part, for you.