Privacy Policy

Andea Solutions Sp. z o.o.
Privacy Policy of https://www.andea.com

Andea Solutions Sp. z o.o. (“us”, “we”, or “our”) operates the https://www.andea.com website and its sub-domains, such as https://www.apriso.andea.com (together the “Website”).

This ‘Privacy Policy’ informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Website and when you contact us, including by contact forms available at: https://www.andea.com, personally, by traditional mail or using e-mail.

1. Controller of your personal data

The controller of your personal data collected by the Website or in any other way described in this Privacy Policy is Andea Solutions Spółka z ograniczoną odpowiedzialnością based in Krakow, ul. Kapelanka 26, 30-347 Kraków, Poland (“Andea”, “We”, “Our” or “Us”).

2. Contact Us

In all matters regarding your personal data, you can contact Us:

by mail: ul. Kapelanka 26, 30-347 Kraków, Poland;

by phone: +48 12 259 35 20;

by e-mail: rodo@andea.com;

by contact form: https://www.andea.com/contact/.

3. Purpose and legal basis of processing of personal data

We will process your personal data that we obtain in situations covered by this Privacy Policy for the following purposes:

  • to respond to inquiries sent to us via contact forms, or to messages sent to our contact details – based on our legitimate interest as a personal data controller,

In the event that you decide to contact us using any contact form available on our website, or using our email addresses, phone numbers, or traditionally by mail, or in person, as well as in situations where we have the right to contact you (e.g. for marketing purposes), we will process personal data that you provide to us or are necessary to respond to your inquiry (including identification and contact details, as well as the IP address when using the contact form on our website). We process these data to pursue the legitimate interests of Andea, i.e.: in order to reply to a message sent to us and further contact with you, for direct marketing of own and third party products and services, for archiving and backing up data in connection with the obligation imposed on us as a data controller to properly protect data. In particular, contacting you for marketing purposes does not always require your express consent to process your personal data – we may also contact you using the data that we have, when we have established a relationship with you and you can reasonably expect that you obtain such contact (e.g. when you agree to receive marketing materials).

  • to analyze the use of the Website, as well as to improve its functioning and security – based on our legitimate interest as a personal data controller,

When you use the Website, we save data such as: IP address, type and version of the device and browser you use, language, region, web browser settings, choices made in the area of cookies, and how you use the website, the time and date of your visit, and other diagnostic data. In most cases, we will not be able to identify you as a user and this data will be anonymous to us. However, in a situation where we are able to connect them with you, which may occur when we have additional data from another source (e.g. we will save such data when you contact us using the contact form on our Website), they become your personal data for us.

We process this data due to the fact that they are necessary for purposes resulting from legitimate interests pursued by us, that is in particular: adjusting the way the Website is displayed and personalizing it, saving data from forms to preserve the session and facilitate the use of the Website, analyzing the Website’s behavior to improve its functioning and protect against abuse We may also process this data based on your consent – if this data is additionally used for marketing purposes and we do not have an existing business relationship with you that could form legitimate interest for processing the data, or when it is collected to provide it to third parties.

  • for direct marketing of products or services – based on our legitimate interest if we have an existing business relationship with you, and if we are just going to establish such a relationship based on your consent,
  • to pursue and defend against claims, before courts and administrative authorities and outside them – based on our legitimate interest as a personal data controller,
  • for archiving and backup purposes – based on our legitimate interest which is to fulfill the obligations to keep personal data safe by maintaining appropriate safeguards.

4. How long we process personal data

Your personal data will be processed:

  • to contact you – from the day they were collected and as long as we are holding the conversation in the matter in which you made contact,
  • for marketing purposes – (i) in case of marketing based on our legitimate interest – for the duration of our legitimate interest, i.e. the duration of the relationship that connects us or until you object, (ii) in cases that marketing is based on your consent – until consent is withdrawn,
  • for the purpose of improving the functioning and security of the Website – for the time for which these data are necessary to achieve this purpose, but no longer than until you express an effective objection to their processing,
  • for the purposes of pursuing and defending against claims – for a period not exceeding the limitation period for claims,
  • for archiving and backup purposes – for the period determined in accordance with the backup and archiving policy at Andea.

 

5. Data recipients and transfer of personal data

Your personal data may only be disclosed:

  • to third parties providing services to us that are needed to achieve the purposes in relation to which we process your data (e.g. IT services, recruitment, electronic communication, hosting, marketing),
  • to entities from the Andea group (entities associated with Andea), in particular when they provide each other with services, or as part of the internal administrative purposes of the Andea group (e.g. when this results from the organization of tasks within the group),
  • to recipients to whom the disclosure is required by applicable law or order of a court or other authority,
  • to other recipients, if you give us your consent to disclose data to them or if the transfer of data to them is necessary to protect your vital interests or vital interests of other individuals or for the common good.

Andea will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Your personal data may be transferred to entities outside the European Economic Area (EEA), including the USA, with whom we cooperate, such as the providers of services listed below. Whenever your personal data is transferred outside the European Economic Area (EEA) or to countries that do not provide the same or an adequate level of protection for personal data, we will ensure that this is done on the basis of a valid legal basis and using the safeguards required by law.

6. Links to third-party websites and service providers

Our Service may contain links to other websites that are not operated by us including to our profiles in social media (such as YouTube, LinkedIn and Facebook). If you click on a third party link, you will be directed to that third party’s site. When you visit these websites different rules apply than those described here in the field of personal data processing, as well as someone else is the data controller of data processed there. We recommend that you read the rules applicable to the processing of personal data published by the administrators of these websites.

We also use third party service providers delivering the following services:

  • Google Analytics, Google ReCaptcha and Google Ads – to record and collect data on how you use our Website. This information helps us improve the functioning of our Website.
  • Senuto and Semstorm – to analyze how our Website is adjusted to the standards of search engines.
  • Facebook cookies – for re-targeting, optimisation, reporting and attribution of online adverts.

7. Data subject rights

You have the right to:

  • The right to obtain information, access to data and to receive a copy of the data. You have the right at any time to request information about your personal data that we store or to which we have access. At your request, a copy of your personal data that is subject to processing will be presented to you free of charge. For sending each subsequent copy of data we have the right to request a fee that will cover the reasonable costs of handling such a request.
  • Right to withdraw consent. Each time your data is processed based on your consent given, you have the right to withdraw this consent at any time, whereas withdrawal of consent will not affect the lawfulness of data processing that happened before you withdraw your consent.
  • The right to rectify personal data. We take reasonable steps to ensure that your personal data is correct, complete and up to date. If it is necessary to change these data, please let us know.
  • Right to data portability. You have the right to request the transfer of your personal data in a structured, commonly used machine-readable format, as well as to request the transfer of data to another data controller, when your consent is the legal basis for the processing of your personal data.
  • The right to delete data and to limit processing. In the cases indicated in the provisions of law on the protection of personal data, you have the right to request the deletion of your personal data. However, this right is not absolute – there may be occasions when we are still entitled to process your personal data. You can also request a restriction on the further processing of your data.
  • Right to object to processing. In the cases indicated in the provisions of law, you have the right to object to the further processing of your data when the legal basis for the processing of personal data is our legitimate interest.
  • The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with the supervisory body dealing with the protection of personal data – in principle, it will be the President of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych).

For each of the rights mentioned above, you can contact us in particular using the contact details provided in section 2 of the Privacy Policy.

8. Rights of California residents

While you are using our Website we may collect and further process information that may be treated as personal information under the provisions of California Consumer Privacy Act of 2018. This part relates to you, if you are a California resident.

Due to this fact you have the right to notice (to know about how we use and disclose your data), to access, to opt-out (stop the sale of your data), request deletion, and get equal services (if you do exercise any of these rights, we will not treat you any differently.

Categories of data collected and disclosed, purpose of collecting data, categories and sources of data, recipients of data – these are described in other parts of this Privacy Policy. Below you can find information about sales of personal data.

We shared device identifiers and internet and electronic network activity to facilitate online advertising. This means that a unique, resettable number that identifies your device was linked to online activity and shared with others who use that data for advertising and analytics purposes (like advertising networks, data analytics providers, and social media platforms). If you opt out by using the “Do Not Sell My Personal Data” button or by contacting us using other means, your data will no longer be transferred for the abovementioned purposes.

In particular we use:

– Google Analytics for aggregated, anonymized website traffic analysis and Google Ads for remarketing. In order to track your session usage, Google drops cookies (_ga, _gat, _gid) with a randomly-generated ClientID in your browser. In case you use an interactive form on our website this ID can be connected to the information provided in such a form. We also send Google your IP Address. We use Google Analytic to track aggregated website behavior, such as what pages you looked at and for how long. This information is important to us for improving the user experience and determining site effectiveness.

– Facebook Advertising. Facebook drops cookies (c_user, xs, sb, dpr, datr) with a Facebook user ID generated. This ID may be connected especially to information about what pages you have visited and “like” buttons you have pushed on various websites. This information are used for re-targeting, optimisation, reporting and attribution of online adverts. A Facebook cookie may be also used to monitor your Facebook account for suspicious behaviour such as failed login attempts or attempts to create spam accounts.

If you would like to access what browsing information we have – or ask us to delete any data collected about you – please delete your  cookies, reach out to us via this form, or install the Google Analytics Opt-Out Browser Add-On.

If you are a California resident in all matters regarding your personal data, you can contact Us:

by mail: Andea Corp., 3 Pointe Dr, Suite 317, Brea, CA 92821,USA;

by phone: +1 562 247 9679;

by e-mail: rodo@andea.com;

by contact form: https://www.andea.com/contact/.

9. How do we protect your personal data

We take precautions including organizational, technical and physical measures to help safeguard data against accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, your personal data we process. These safeguards include:

Personnel. Only qualified and authorized employees or subcontractors are permitted to access personal data, and they may do so only on specific instructions from Us.

Security Measures. We use encryption in the transmission of your personal data and we use various mechanisms to help prevent unauthorized persons from gaining access to your personal data. We also maintain physical, electronic and organisational safeguards in connection with the processing of your personal data.

More detailed description of our security measures is available upon request.

We want you to feel confident using our Website. However, you should also take care of how you handle and disclose your personal data, e.g. by not sending the data through insecure channels or networks and by not sharing your passwords and other credentials. You are solely responsible for protecting your passwords, limiting access to your devices and signing out of websites.