Website Privacy Policy

Last modified: July 21, 2023

 

Onely (spółka z ograniczoną odpowiedzialnością (Ltd) with seat in Wrocław) is responsible for the administration of your personal data and has full processing and regulatory control  (“Onely”). Full details of our Privacy Policy (“PP”) are available at https://www.onely.com/eu-website-privacy-policy/. The purpose of this PP is to clarify how we process your personal data in accordance with the current Data Protection Legislation. 

We are committed to safeguarding your privacy. Our aim is to ensure your data is processed in conformity with regulations on personal data protection, including the General Data Protection Regulation 2016/679, dated 27.04.2016 (“GDPR”). With this in mind, we want to make you aware of the legal basis for data processing, its collection, and use, as well as the rights of those who have their personal data processed.

Should you have any concerns or questions regarding the use of your personal data, please contact us at [email protected], or Onely sp. z o.o., ul. Ojca Beyzyma 5, 53-204 Wrocław, Poland.

We’ve divided this PP into sections answering the most important questions.

You can navigate to the part that interests you the most.

Table of contents:

1. What is personal data, and what does data processing mean?

2. When is the Privacy Policy applicable?

3. How, on what legal basis, and what type of personal data do we process?

a) Data of people visiting Onely’s website

• Cookies
• Newsletter
• Comment 
• E-mail tracking
• Automated personal data procession 
• Legal basis for processing

b) Data of people contacting Onely

c) Data of Onely’s clients

4. How long do we process personal data?

5. Do we share personal data with third parties? Do we transfer data to third-party states?

6. How is personal data protected?

7. Your rights

8. Questions, requests, and complaints

1. What is personal data, and what does data processing mean? 

Personal data is information about an identified or identifiable natural person. It may be, e.g., your e-mail, name and surname, and different internet ID numbers.

Processing personal data is, in essence, when any action is taken on personal data, regardless of whether this is an automatic or manual process, i.e., for the purposes of: collection, storage, organizing, modification, reviewing, use, and sharing access.  

2. When is this Privacy Policy applicable? 

This PP is applicable to all cases where Onely administrates and/or processes personal data. It applies to cases where Onely acquired data directly from the person owning the data, as well as when personal data is acquired from other sources. 

We state this PP to fulfill our informative duties stated in the GDPR,  Articles 13 and 14. Please find below full information about Onely as the personal data Administrator: 

Onely’s registered office is:

Wrocław, ul. Ojca Beyzyma 5, 53-204, Wrocław, Poland, NIP: 8971863274, KRS: 0000846525.

The person responsible for Onely’s data protection is:

Katarzyna Berbas, [email protected]. 

3. How, on what legal basis, and what type of personal data is processed by Onely?

It is important to us that Onely is transparent as to why we collect personal data and the legal basis for our data processing. We take great care to provide all necessary information regarding personal data to anyone whose data we process as the Administrator. Towards our aim to provide clear information, this document provides a full explanation of how Onely processes your personal data.

Additionally, we want to point out that when processing personal data on the basis of the Administrator’s legally justifiable interest, any process analyses are aimed at balancing our interests and possible influence (both positive and negative influences) on the person who provided the data (the “data subject”), with respect to the rights of this person. We do not process personal data solely on the basis of our justified interest in case we conclude that the impact on the data subject would prevail over our interests. (However, we can process personal data in cases where we have consent, legal requirement, or another legal basis.) 

a) Processing personal data of people visiting Onely’s website

Cookies

To a limited extent, we collect personal data automatically by using the cookies’ files. Cookies are small text files saved on the user’s computer or mobile device whilst using the Internet. These files are used to get information about how people use our site.

Without your additional consent, we only use cookie files that are absolutely required for Onely’s website to operate. These cookies are used to ensure the following: 

• The user’s session is maintained

Onely also uses third-party services (a list of which is constantly updated) that use cookie files to: 

• Monitor website traffic,
• Do marketing,
• Measure marketing effectiveness. 

At the date of creation of this document, the following third parties provide services on the aforementioned basis: 

• Google Analytics, Google Adwords, Google DoubleClick, YouTube – more information can be found at https://policies.google.com/privacy,
• Facebook (including Instagram) – more information can be found at facebook.com/about/privacy/,
• Twitter – more information can be found at twitter.com/en/privacy,
• LinkedIn – more information can be found at linkedin.com/legal/privacy-policy,
• Matomo – more information can be found at https://matomo.org/privacy-policy/,
• Microsoft – more information can be found at https://privacy.microsoft.com/en-us/privacystatement,
• Reddit – more information can be found at https://www.reddit.com/policies/privacy-policy,
• Mailchimp – more information can be found at https://mailchimp.com/legal/,
• Active Campaign – more information can be found at https://www.activecampaign.com/dpa.php,
• YouTube – more information can be found at https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/.

You can manage your cookie consent here. Please remember you can remove all cookies from your browser at any time or use the private browsing mode. To find out how to do this, please visit your browser’s ‘Help’ section. 

Newsletter

We may also process your personal data if we send you the Newsletter – provided that you have previously given your consent. 

E-mail tracking

We may also process your personal data by e-mail tracking if we send you the marketing and commercial information– provided that you have previously given your consent for marketing communication.

Automated personal data procession 

Information that we collect from our website may be automatically processed (including using profiling). However, this will not result in any legal consequences for any natural persons or affect their legal situation in any way. We state that with regard to profiling: 

• We do not process any sensitive data,
• We only use the data we have collected,
• Data obtained through profiling does not always have to be pseudonymized, 
• We do this for analysis or a prognosis of personal preferences and/or interests of anyone using our website in order to match our content to their preferences, 
• We also do this for marketing reasons, i.e., to match the marketing offer with the said user’s preferences.

Legal basis for processing

When processing personal data in relation to using Onely’s website, we may have different legal foundations and reasons for processing categories of personal data. These are as follows: 

• The personal data of people visiting our website is processed on the basis of legally justifiable administrator’s interest, i.e., to match informative and marketing content, or on a consensual basis where the user provided such consent (especially for cookies), 
• The personal data of people subscribing to the Newsletter is processed on the basis of consent, 
• Sometimes, the law requires us to process some personal data for tax and financial reasons. 

b) Processing personal data of people contacting Onely

When you contact Onely by “Contact” form or by other way, e.g., to get information on an offer or to share information on Onely ’s services or products, or if you intend to enter into a contract with Onely, we collect the following your data:

• Name and surname,
• Company,
• E-mail address,
• Phone number,
• Content of your messages. 

We respectfully ask our visitors not to provide any sensitive personal information via the website, such as race and ethnicity, political views, religious or philosophical views, trade union membership, physical and mental health details, genetic data, biometric data, sexuality, and criminal record. If such data is provided for whatever reason, it would be seen as direct consent to collect and use such personal data.

Legal basis for processing data

We collect the aforementioned data when the user has requested Onely so (by contacting us) – on the basis of the justified legal interest of the administrator. If we conclude a contract with you – such a contract will constitute a legal basis for processing your data. 

c) Processing the data of Onely’s clients 

Onely processes the personal data of their clients and prospective clients (“Clients”) and/or their representatives (i.e., contact people). This personal data includes name and surname, company name, position at the company, phone number, e-mail, and other service contact data. Moreover, in the case where clients have entered into paid contracts with Onely, some financial information is processed, including credit card and bank account details. Business contacts’ personal data may also be processed to share with Onely’s representatives in order to expand Onely’s commercial activity. 

We would also like to highlight that the above information about cookies and entry logs also applies when processing data of natural people using our online Services. 

Client service-related surveys

We may also process our client’s personal data to ask them for feedback (to complete surveys after they have received a service). We use this information to improve our services.

The third party that provides us with a survey tool is SurveySparrow Inc., – https://surveysparrow.com/legal/privacy-policy/. Regarding the above, our clients’ personal data may be transferred to the United States and/or to other third countries where SurveySparrow Inc., or its processors operate, including outside the European Economic Area “EEA.”

Automated processing of personal data

Information that we collect from the use of our products online may be automatically processed (including by profiling, but also by monitoring the user experience of a product or service); this would neither cause any legal consequences to the natural person nor anyhow impact their legal situation. We state that with regard to profiling:

• We do not process any sensitive data,
• We only use the data we have collected,
• Data obtained through profiling does not always have to be pseudonymized,
• We profile in order to make an analysis or a prognosis of personal preferences and/or interests of people using our services and to match our content to such preferences, 
• We profile for marketing reasons, i.e., to match the marketing offer with the said preferences of users.

Legal basis for processing

Processing the personal data of natural people who are our clients (or their representatives) is based on the following: 

• A justified interest of Onely as the data Administrator (i.e., regarding database creation, analytical actions, profiling, product-use analysis, marketing reasons, and securing documentation for possible legal actions),
• Consent – for direct marketing and telemarketing purposes,
• A contract – in order to execute it,
• Legally binding obligations (i.e., tax and financial laws).

Processing the personal data of natural people who are prospective customers is based on the following:

• A justified interest of Onely as the data Administrator (i.e., regarding database creation, analytical actions, profiling, product-use analysis, and marketing reasons),
• Consent – for direct marketing and telemarketing purposes.

4. How long do we process personal data?

The term by which we can process personal data is dependent on the legal basis for data collection. Onely’s policies strongly state that we do not process data for a period longer than the said legal basis allows. In effect, we state that: 

1. if Onely processes personal data on the basis of consent, the processing period lasts until the consent is withdrawn,
2. if Onely processes personal data on the basis of a justified interest, the processing period lasts only until such interests exist (i.e., the statute of limitation for civil claims) or until a data subject opposes such processing – in cases where it is applicable by law, 
3. if Onely processes personal data because it is required by law, the terms for data processing are usually legally defined (i.e., the reason for the claim or the reasons for defending the claim). Onely will retain the data until the end of the applicable term or until the end of proceedings. 
4. if there is a lack of any specific legal or contractual requirements, the basic term of data retention regarding saved documentary evidence shall be no longer than ten years. 

5. How and when do we share personal data with third parties? Do we transfer data to third-party states? 

We transfer personal data to third parties only when the law enables us to do so. In such cases, a contract (a data processing agreement) is entered with a third party, and we include terms and safety mechanisms into it to uphold our standards in data protection, confidentiality, and security. Onely retains control over the method and scope of processing by the party vested in the data processing. As a result, the recipients of personal data on behalf of Onely may include the following: 

• The aforementioned bodies who process the data on the basis of the data processing agreement (the ‘processors’), esp. anyone providing hosting services for Onely, marketing or sales representatives acting on behalf of Onely, other Onely’s subcontractors who provide software, maintenance or hardware services for Onely, as well as our suppliers, anyone providing survey reporting services (i.e., customer satisfaction). 
• Debt collection companies (this data is transferred only within the scope required to achieve specific aims),
• Accountants, auditors, legal consultants, and tax advisors,
• Public bodies controlling legal compliance, regulatory, and other public authorities. 

With regards to the last two examples, the data is transferred only after and when it is actually necessary; the legal requirements are based on the binding provisions of the law and within its limitations.

Our Partners are based mainly in Poland and in the other countries of the European Economic Area (EEA). Some of our Partners are based outside of the EEA. Referring to the eventual transfer of your data outside the EEA, we have made sure that our Partners guarantee a high level of personal data protection. Onely minimizes the range of personal data transferred outside the EEA. We guarantee a high level of personal data protection as a result of the obligation to use standard contractual clauses (SCC) adopted by the EU Commission. When SCC is used, Onely verifies the risk of any personal data protection breach. For example, we will check what personal data protection measures are used and whether any disclosed data may be the subject of third-country interest.

6. How is personal data protected? 

Onely makes all possible efforts to ensure all physical, technical, and organizational measures for personal data protection are in place to safeguard against accidental or deliberate destruction, accidental loss, alteration, and unauthorized disclosure; also to ensure that use or access is in accordance with all applicable regulations. 

7. Your rights as a data subject 

Natural people have specific rights regarding their personal data. Onely, the data administrator, is responsible for the execution of these said rights within the provisions of the law.

In the case of any questions and requests regarding the scope and execution of these rights, we respectfully ask you to e-mail: [email protected]. We reserve the right to act on the said rights’ execution after positive verification of the identity of the person making the request. 

Access to your data

You have a right to access your personal data that is collected and processed by Onely. Please direct requests in this issue by emailing [email protected].

Modification of personal data

To request sight of, or modification of your personal data that is processed by Onely, please email [email protected].

Withdrawing consent

When data processing is performed on the basis of consent, you have the right to withdraw your consent at any moment. We provide information about this right at the point of collecting consent and enable the withdrawal of consent as easily as it is to express consent. In any instance where a lack of contact detail such as address or telephone number prevents you from withdrawing your consent, please email [email protected].

The right to limit or to file objections against the processing of personal data 

You have the right to limit or file objections against data processing at any time due to personal preferences unless the processing is required by law. 

You may file an objection against the processing of your data when processing was performed on the basis of a legally justified interest or for statistical reasons, and your objection is justified by the individual’s personal preference, also if your personal data was processed to support direct marketing and was profiled for that reason. 

A claim to limit the scope of processed data is applicable if a person notices that their data is incorrect. Then, you can request limiting your data processing until the details are corrected. 

Remaining rights. The right to be forgotten and the right to transfer personal data 

The right to be forgotten may be exercised when personal data is no longer required because either it had been previously collected by Onely or because the person withdraws their consent for Onely to process their data. This right also applies if a person files an objection against their data processing or if their data is processed without any legal basis. Data will also be deleted as a result of fulfilling the legal obligation.

The right to transfer data is applicable when the processing is performed on the basis of consent or a contract and in cases when the processing is automated. 

8. Any other questions, requests, and complaints 

If you have any questions, objections, or requests regarding this PP or about the way we process personal data, as well as to raise any complaints (although we hope there will be no necessity for this!), we kindly ask you to e-mail us. Any, and all, received questions, requests, and complaints will be respected and answered. 

Anyone whose personal data is processed by Onely has the right to file a complaint to the controlling authority: Generalny Inspektor Ochrony Danych Osobowych (General Inspector of Personal Data Protection). (The address: Generalny Inspektor Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warszawa.)