Blog

Quotiss GDPR Compliance Summary

The European Union’s General Data Protection Regulation (GDPR) protects European Union data subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.

Data Administration:

Quotiss sp. z o.o., Al. Niepodległości 9/11/67 02-653 Warszawa, NIP5213765108, KRS0000660173 (‘Quotiss’) is the Administrator of the personal information of the users who receive the initial login and password to access the software (‘Client’). Every Client signs a contract, accepting the Terms and Conditions, Privacy Policy or accepts the same terms by registering online via the self-registration form. All personal data added to the system by the Client is owned by the Client.

Data Processing:

Quotiss will act as Processor of the personal data inserted by the Client into the ‘Users’ and ‘Clients’ tabs of the Quotiss software, but will not use it for marketing purpose.

Data Ownership:

All the information which is added to the system by the Client is administrated by the Client. Client has to have the right to use any personal data entered into the system and be compliant with GDPR.

Data Maintenance:

In Quotiss, data records can be identified, exported, and deleted upon receiving a verified request to restrict processing from the Client.

Quotiss has security built into the platform. The infrastructure layer comes with replication and backup. Our application services implement identity, authentication, and user permissions.

All Clients data is automatically backed-up every day, for 30 consecutive days, at 2AM CET time.

Michał Polak has been appointed as Chief Information Security Officer to ensure the compliance.

How we use your information:

  • We use Amazon AWS servers to store all Clients’ data. All AWS Services are GDPR ready – Read More
  • We store Client contact information as long as it’s necessary. We will delete your information promptly after you request us to do so.
  • Client has the right to access, correct and delete the personal data about themselves
  • Client has the right to object to the processing of personal data and to exercise their rights of data portability. If a Client would like to have a copy of the personal data collected from them, please let us know.
  • Client has the right to file a complaint with the appropriate supervisory authority
  • In Quotiss, we use Hubspot, Inc. (Hubspot) as our Data Processor / CRM system to store personal contact information of Clients. Hubspot is situated in the US and the processing may take place in the US. HubSpot maintains a Privacy Shield certification which ensures that adequate safeguards are in place when transferring personal data outside the EU/EEA.

Read through the Quotiss Terms of Service and Privacy Policy to know in detail how we collect and utilize your information.