Effective date: June 01, 2017
I. PERSONAL DATA
The purpose and scope of the processed personal data of the Customer are determined by the scope of the Customer’s consents and personal data delivered by him/her to QUOTISS through QUOTISS software or by other means, in particular by email. Processing personal data of the Customer pertains particularly to his/her and their employees, subcontractors, customers first names, surnames, e-mail addresses, phone numbers, computer IP addresses, physical addresses, Account information and other data necessary for the provision of services in accordance with the Terms of Service and the Agreement. Due to the nature of Services provided through QUOTISS software, they cannot be provided anonymously. Processing the personal data of the Customer for marketing purposes requires his/her separate consent.
QUOTISS processed the Customer’s personal data particularly to create the Account, provide the Services to the Customer through QUOTISS software, identify the Customer on QUOTISS software and to communicate with the Customer.
Only authorized persons shall have the access to data collected by QUOTISS in the records. Personal data processed by QUOTISS shall not be disclosed on the initiative of QUOTISS to other persons, subject to the cases prescribed by the legal provisions or if such disclosure is necessary for QUOTISS for the purpose of rendering Services or with the Customer’s permission or if such action was signalled clearly in Terms of Service, Agreement or in QUOTISS software interface or it is necessary to protect QUOTISS’ rights. Also, if QUOTISS decides to sell, buy, merge or reorganize its business, it may also need to disclose the Customer’s personal data for such business reasons, but will pursue relevant and proper protection of the above-mentioned data in such an event.
The Customer may choose to give other persons access to personal data of the Customer processed by QUOTISS within QUOTISS software. Their use of the Customer’s personal data will be governed by third parties’ privacy policies and terms. The Customer is fully responsible for controlling activities of his/her employees, subcontractors, customers and other persons who have the ability to access or control the Customer’s personal data processed by QUOTISS software as well as introducing internal privacy policies and terms regarding the collection and use of personal data.
The Customer has the right to control processing the personal data which pertains to him/her and are included in QUOTISS’ databases, in particular the right to: access his/her personal data, alter and correct them by filing such request with QUOTISS, request temporary or permanent suspension of their processing or their removal if they are incomplete, invalid, inaccurate or if they have been collected in violation of the law or they have become unnecessary to realize the purpose, for which they have been collected, object processing his/her personal data – in the cases prescribed in the legal provisions – and the right to request their removal if they become unnecessary to realize the purpose, for which they have been collected.
The Internet Service may automatically store HTTP enquiries, therefore the files containing web server logs may store data concerning the User, including the IP address of the computer sending the enquiry, the name of User’s station, if possible, date and system time of registration in the service and receipt of the enquiry, number of bytes sent by the server, information concerning User’s browser or information concerning errors which occurred by realization of the HTTP transaction.
Files containing web server logs may be analyzed for the purposes of preparing statistics concerning traffic on the website and occurring errors. The information shall be anonymous and summary of such details shall not identify particular Visitors. Web server logs may be collected for the purposes of proper administration of QUOTISS website. Only the persons authorized to administer the IT system shall have access to the data.
QUOTISS may collect geolocation data pertaining to Visitors and Customers. Such data, apart from locations provided by the Visitor and Customers individually, shall be collected automatically and shall prevent identification of the Visitor. QUOTISS shall use geolocation data for analytical and systemic purposes and shall not be shared with third parties.
II. INFORMATION SECURITY
QUOTISS applies technological and organizational means in order to secure the processed personal data corresponding to the threats and category of data to be secured, in particular, QUOTISS secures data against sharing with unauthorized persons, taking over by an unauthorized person, processing in violation of the law and change, loss, damage or destruction, through technical and organizational means, among others the SSL certificates shall be applied .The Users’ personal data are collected and stored on a secured server, moreover, they are secured by QUOTISS internal procedures related to processing personal data and information security policy.
In order to log in to the Account, it shall be necessary to provide relevant username and password. In order to ensure an appropriate level of security, the password for the Account shall exist on QUOTISS software only in a coded form. Furthermore, the operation of QUOTISS software shall proceed within secure https connection. Communication between the User’s device and the servers shall be encoded using the SSL (Secure Socket Layer) protocol.
At the same time, QUOTISS states that using the Internet and services provided by electronic means may pose a threat of malware breaking into User’s teleinformatic system and device, as well as any other unauthorized access to the User’s data, including personal details, by third parties. In order to minimize such threats, the User may use appropriate technical security means, e.g. using updated antivirus programs or programs securing identification of the User on the Internet. In order to obtain detailed and professional information related to the security in the Internet QUOTISS recommends taking advice from entities specializing in relevant IT services.
Usually, Cookies contain the address of the Internet service, date of publishing, a lifetime of the Cookie, unique number and additional information corresponding to the intended use of the particular file.
QUOTISS uses two types of Cookies: session cookies, which are permanently deleted upon closing the session of the User’s browser and permanent cookies, which remain on the User’s device after closing the session until they are deleted. It is not possible to identify the User on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collecting any personal data.
Files generated directly by QUOTISS cannot be read by other Internet services. Third-Party Cookies (i.e. Cookies provided by QUOTISS associates) may be read by an external server.
The Visitor / Customer may disable storing Cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire functionality of QUOTISS software.
QUOTISS shall use own Cookies for the following purposes: authenticating the User at QUOTISS Services and preserving the Visitor/Customer session; configuration of QUOTISS software and adjusting the content of pages to the user’s preferences, such as: recognizing the User’s device, remembering settings selected by the User; Cookies ensuring security of data and use of QUOTISS software; analyses and researches of views;
QUOTISS shall use third-party Cookies for the following purposes: preparing statistics (anonymous) for the purposes of optimizing the functionality of QUOTISS software, by means of analytic tools, among others: Google Analytics (Cookies administrator: Google Inc. with its registered office in the USA).
The User may individually change Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The User may also individually delete Cookies stored on his/her device at any time in accordance with the instructions of the browser producer. Detailed information concerning Cookies support are available in the browser settings.
IV. COMPLAINTS AND REQUESTS
At the complaint or request of the person whom the personal data processed by QUOTISS concern, such a person may contact QUOTISS by email directly at firstname.lastname@example.org. QUOTISS will respond within 30 days at the latest.