Privacy Policy Oct 2016

Date of publishing the Privacy Policy: October 1, 2016

 

PRIVACY POLICY

 

This Privacy Policy shall constitute an integral part of the Terms of Service provided by QUOTISS sp. z o.o. (QUOTISS) with its registered office in Warsaw postal code 02-653 Poland, at Al. Niepodległości street 9/11/67, registered by the District Court of Warsaw, filing number KRS 0000660173; issued capital 50.000 PLN,  NIP (VAT) number PL5213765108; REGON (statistical) number 366409659, e-mail contact@quotiss.com. The provisions of the Terms of Service shall be applied accordingly. The legal basis for the Privacy Policy shall be in particular the Personal Data Protection Act of August 29, 1997 (consolidated text, Journal of Laws of 2002 No. 101, item 926, as amended).

QUOTISS is committed to protecting the privacy of individuals who visit the Company’s web site (Visitors) and individuals who register to use the Services (Customers). This Privacy Statement describes QUOTISS privacy practices in relation to the use of the Company’s web site and the related application QUOTISS software (the Services).

Definitions of the terms used in Terms of Service have been included in the Privacy Policy. QUOTISS shall act only with respect for the right of any person and legal entity to protect his/her privacy. If the User does not agree with this Privacy Policy, he/she shall be asked to refrain from using QUOTISS software.

I. PERSONAL DATA

QUOTISS shall be the administrator of the personal data of QUOTISS website and QUOTISS software.

The purpose and scope of the processed personal data shall be determined by the scope of consents and provided data sent by means of relevant form. Processing personal data of Customers shall pertain to e-mail address, computer IP address and other data necessary for provision of services in accordance with the Terms of Service. Due to the nature of services provided through QUOTISS software, they cannot be provided anonymously. Processing the personal data of the Customer for marketing purposes shall require his/her separate consent.

Only authorized persons shall have the access to data collected in the records. Personal data collected by QUOTISS shall not be disclosed to other persons, subject to the cases prescribed by the legal provisions or if such disclosure is necessary and indispensable for QUOTISS for the purpose of rendering Services. Disclosing the personal data to unauthorized entities under the Terms of Service may take place only upon prior consent of the Customer to whom such data pertain.

The Customer shall have the right to control processing the data which pertains to him/her and are included in databases, in particular the right to: access his/her personal data, complement and correct them by filing such request with QUOTISS, request temporary or permanent suspension of their processing or their removal if they are incomplete, invalid, inaccurate or if they have been collected in violation of the law or they have become unnecessary to realize the purpose, for which they have been collected, object processing his/her personal data – in the cases prescribed in the legal provisions – and the right to request their removal if they become unnecessary to realize the purpose, for which they have been collected.

The provided personal data shall be stored and secured in accordance with the rules prescribed in, among others, the Ordinance of the Minister of Interior and Administration of April 29, 2004 on the documentation of personal data processing and technological and organizational conditions which shall be met by devices and IT systems used for personal data processing (Journal of Laws No. 100, item 1024).

The Internet Service may automatically store http enquiries, therefore the files containing web server logs may store data concerning the User, including the IP address of the computer sending the enquiry, the name of User’s station, if possible, date and system time of registration in the service and receipt of the enquiry, number of bytes sent by the server, information concerning User’s browser or information concerning errors which occurred by realization of the http transaction.

Files containing web server logs may be analysed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Information shall be anonymous and summary of such details shall not identify particular Visitors. Web server logs may be collected for the purposes of proper administration of QUOTISS website. Only the persons authorized to administer the IT system shall have access to the data.

QUOTISS may collect geolocation data pertaining to Visitors and Customers. Such data, apart from locations provided by the Visitor and Customers individually, shall be collected automatically and shall prevent identification of the Visitor. QUOTISS shall use geolocation data for analytical and systemic purposes and shall not be shared with third parties.

II. INFORMATION SECURITY

QUOTISS shall apply technological and organizational means in order to secure the processed personal data corresponding to the threats and category of data to be secured, in particular, QUOTISS shall secure data against sharing with unauthorized persons, taking over by an unauthorized person, processing in violation of the law and change, loss, damage or destruction, through technical and organizational means, among others the SSL certificates shall be applied .The Users’ personal data shall be collected and stored on a secured server, moreover, they shall be secured by QUOTISS internal procedures related to processing personal data and information security policy.

In order to log in to the Account it shall be necessary to provide relevant username and password. In order to ensure appropriate level of security, the password for the Account shall exist on QUOTISS software only in a coded form. Furthermore, the operation on QUOTISS software shall proceed within secure https connection. Communication between the User’s device and the servers, shall be encoded using the SSL (Secure Socket Layer) protocol.

At the same time, QUOTISS states that using the Internet and services provided by electronic means may pose a threat of malware breaking into User’s teleinformatic system and device, as well as any other unauthorized access to the User’s data, including personal details, by third parties. In order to minimize such threats, the User shall use appropriate technical security means, e.g. using updated antivirus programs or programs securing identification of the User in the Internet. In order to obtain detailed and professional information related to the security in the Internet QUOTISS recommends taking advice from entities specializing in relevant IT services.

III. COOKIE

For the purposes of correct operation of QUOTISS Services, QUOTISS uses Cookies support technology. Cookies are packages of information stored on the Visitor device through QUOTISS webpage /software, usually containing information corresponding to the intended use of particular file, by means of which the Visitor uses QUOTISS software.

Usually, Cookies contain the address of the Internet service, date of publishing, lifetime of the Cookie, unique number and additional information corresponding to the intended use of particular file.

QUOTISS shall use two types of Cookies: session cookies, which are permanently deleted upon closing the session of the User’s browser and permanent cookies, which remain on the User’s device after closing the session until they are deleted. It is not possible to identify the User on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collecting any personal data.

Cookies used on QUOTISS software are safe for the Visitor / Customer device, in particular they prevent viruses or other software break into to the device.

Files generated directly by QUOTISS cannot be read by other Internet services. Third-Party Cookies (i.e. Cookies provided by QUOTISS associates) may be read by an external server.

The Visitor / Customer may disable storing Cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire functionality of QUOTISS software.

QUOTISS shall use own Cookies for the following purposes: authenticating the User at QUOTISS Services and preserving the Visitor/Customer session; configuration of QUOTISS software and adjusting the content of pages to the user’s preferences, such as: recognizing the user’s device, remembering settings selected by the User; Cookies ensuring security of data and use of QUOTISS software; analyses and researches of views;

QUOTISS shall use third-party Cookies for the following purposes: preparing statistics (anonymous) for the purposes of optimizing functionality of QUOTISS software, by means of analytic tools, among others: Google Analytics (Cookies administrator: Google Inc. with its registered office in the USA).

The User may individually change Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The User may also individually delete Cookies stored on his/her device at any time in accordance with the instructions of the browser producer. Detailed information concerning Cookies support are available in the browser settings.

IV. HOW QUOTISS COLLECTS AND USES SERVICES DATA

Below are the conditions under which QUTISS may access, collect and/or use services data.

  • To Provide Services and to Fix Issues. Services data may be accessed and used to perform services under Customer order for support, consulting, Cloud or other services and to confirm your compliance with the terms of your order. This may include testing and applying new product or system versions, patches, updates and upgrades; monitoring and testing system use and performance; and resolving bugs and other issues you have reported to QUOTISS. Any copies of services data created for these purposes are only maintained for time periods relevant to those purposes.
  • As a Result of Legal Requirements. QUOTISS may be required to retain or provide access to services data to comply with legally mandated reporting, disclosure or other legal process requirements.

QUOTISS may transfer and access services data globally as required for the purposes specified above. If QUOTISS hires subcontractors to assist in providing services, their access to services data will be consistent with the terms of your order for services and this services privacy policy. QUOTISS is responsible for its subcontractors’ compliance with the terms of this policy and your order.

QUOTISS does not use services data except as stated above or in your order. QUOTISS may process services data, but does not control collection or use practices for services data.

V. SERVICES DATA SECURITY

QUOTISS is committed to the security of your services data and has in place administrative and technical measures designed to prevent unauthorized access to that information. QUOTISS security policies cover the management of security for both its internal operations as well as the services.

QUOTISS is also committed to reducing risks of human error, theft, fraud, and misuse of QUOTISS software. QUOTISS efforts include making personnel aware of security policies and training employees & subcontractors to implement security policies. QUOTISS employees/subcontractors are required to maintain the confidentiality of services data. Employees’/subcontractor obligations include written confidentiality agreements and compliance with company policies concerning protection of confidential information.