PRIVACY POLICY

This privacy policy (“Privacy Policy”) sets out the rules for the collection, processing and use of personal data obtained from you in connection with the use of the Website and the Contact Form. The privacy policy also contains information about your rights in relation to data processing.

  1. Definitions

Whenever the following capitalized terms are used in the further part of the Privacy Policy, they should be understood in the meaning given below:

  1. “Administrator” – Triggo S.A. with its registered office in Łomianki, Poland, address: ul. Kolejowa 53, 05-092 Łomianki, entered in the register of entrepreneurs of the National Court Register kept by the District Court for Warsaw, XIV Commercial Department, under the number 0000586444, telephone numbers: +48 22 391 52 96, +48 502 156 667, e-mail address: triggo@triggo.city;
  2. “Contact Form” – a service provided electronically, available on the Website (in the “Contact” tab), the subject of which is to enable the User to send a message to the Administrator;
  3. “GDPR” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (general regulation on data protection);
  4. “User” – any person using the Website and / or the Contact Form;
  5. “Website” – the internet domain https://www.triggo.city.
  • Purpose and legal basis for the processing of personal data

The User’s personal data is processed by the Administrator in order to provide the Contact Form service (to answer the question asked). Providing data is voluntary, but necessary to use the above service. The User’s personal data is processed in accordance with art. 6 sec. 1 lit. f) GDPR, i.e., to implement the Administrator’s legitimate interests and in cases where the law authorizes the administrator to process personal data.

  • The period of personal data processing

The User’s personal data will be processed for the period necessary to achieve the indicated processing purposes, including correspondence in connection with the question asked by the User; however, no longer than until you object to their processing.

  • Recipients of data

In the process of achieving the purpose of processing, the User’s personal data may be made available to other recipients or categories of recipients of personal data, in particular to entities involved in the technical operation of the Website. The recipients of the above data may be entities performing processing activities on behalf of the Administrator on the basis of a contract for entrusting the processing of personal data (in accordance with Article 28 of the GDPR).

  • Rights of data subjects

The Administrator limits the collection and use of information about Users to the minimum necessary to provide them with services at the desired level. The Administrator uses technical and organizational measures to ensure respect for privacy and protection of Users’ personal data. The data subject has the right to:

  1. request the Administrator to provide information on the processing of their personal data, i.e., to confirm whether the personal data of the data subject is being processed. If data about a person is processed, he or she is entitled to access them, obtain a copy of them and obtain the following information: about the purposes of processing, categories of personal data, information about recipients or categories of recipients to whom the data has been or will be disclosed, about the storage period data or the criteria for determining them, about the rights of a person related to the processing of his or her personal data, about the possibility of lodging a complaint to the supervisory authority, about the source of obtaining personal data, if they were not obtained directly from the data subject, and about profiling and automated processing of decisions (the so-called right of access, Article 15 of the GDPR);
  2. rectify personal data concerning that person. If a person receives information that his personal data processed by the Administrator is incorrect, out of date or incomplete, he has the right to request immediate rectification or supplementation (the so-called right to rectification, Article 16 of the GDPR);
  3. request the deletion of their personal data, and if the person has consented to the processing of personal data, the request for deletion will have the same effect as the withdrawal of consent (the so-called right to be forgotten, Article 17 of the GDPR);
  4. request the restriction of the processing of personal data (the so-called right to limit processing, Article 18 of the GDPR), i.e., request the cessation of their processing, except for their storage, in situations where:
  5. the data subject questions the correctness of personal data – for the period in which the Administrator will verify their correctness;
  6. the data subject questions the lawfulness of the processing of personal data by the Administrator;
  7. the administrator no longer needs these data, but they are needed by the data subject to establish, assert or defend his claims;
  8. the data subject has objected to processing – until the Administrator makes a decision on the legitimacy of the objection;
  9. object to the processing of their personal data for the Controller’s legitimate purposes;
  10. transfer your personal data, receive in a structured, commonly used, machine-readable format, personal data provided to the Administrator, if their processing is based on consent, or request that this data be sent to another administrator indicated by the data subject (so-called data portability, art. 20 GDPR).

To use the above-mentioned rights, the data subject should send a message to the address provided in section 1 of the Privacy Policy (by electronic or traditional means) with an indication of which right they want to use, to what extent and how. The administrator asks for contact details in the content of this message, enabling quick contact at the stage of exercising the right of the applicant, in particular when there is a need to ascertain the identity of the applicant or ascertain which right or to what extent the person wants to use (preferred, but optional, is a telephone number).

  • Data processing outside the territory of the EU

The Administrator declares that it will not transfer the entrusted personal data outside the territory of the European Union, unless it obtains the written consent of the data subject in advance and ensures that all obligations arising from the GDPR in the scope of personal data transfer to third countries are fulfilled.

  • The right to lodge a complaint with the supervisory authority

If the data are processed by the Administrator in violation of applicable law, the User has the option to lodge a complaint with the President of the Personal Data Protection Office based in Warsaw, ul. Stawki 2, which can be contacted in the following way: 1) by mail: ul. Stawki 2, 00-193 Warsaw, 2) via the electronic inbox available at: https://www.uodo.gov.pl/pl/p/kontakt, 3) by phone: (22) 531 03 00.

  • Cookies policy

Cookies are files saved on a device (computer, smartphone, tablet) on which an Internet browser is installed, through which the User browses the Website. In order to improve the functionality of the Website, create audience statistics, determine the User’s location and remember the selected language version, the Administrator declares that it uses several types of cookies:

  1. cookies necessary for the operation of Google Analytics;
  2. User’s session cookies (without sensitive data);
  3. language plug-in cookies.

The Administrator declares that in order to create audience statistics, it uses the analytical tool Google Analytics. Cookies used by the Administrator do not store any personal data of the User. The identity of the User is not revealed by means of cookies. The information collected by the Administrator will not be made available to entities or persons other than those authorized under the provisions of generally applicable law and authorized to administer the Website. In any case, the User may block the installation of cookies or delete permanent cookies using the appropriate options of the web browser. In case of problems, it is recommended to consult the browser’s help file or contact the browser manufacturer. Each User who does not consent to the use of cookies is obliged to modify the web browser settings. The configuration of the User’s system enabling the use of cookies means consent to the Administrator storing the information referred to in art. 173 section 2 of the Act of July 16, 2004 – Telecommunications Law. The User’s device may also store cookies from third party websites, in particular: Facebook, Google, Twitter. Information on cookies from these websites can be found on the websites of these entities.

  • Contact Form

There is a Contact Form on the Website that allows each User to send a message to the Administrator. In order to use the Contact Form, you must:

  1. fill in the “Message” field, indicating the content of the message addressed to the Administrator;
  2. fill in the “E-mail address”, and “Name and surname” fields, providing the e-mail address via which the Administrator will contact the User and the name and surname in order to verify the identity of the person sending the message.
  1. Data collected when using the Contact Form

Each time, when using the Contact Form service, the e-mail address and the User’s first and last name are collected. Providing an e-mail address will enable the Administrator to reply to the User’s message. In turn, providing the name and surname will allow to verify the identity of the person who wants to contact the Administrator. The User may also provide additional information in the Contact Form, such as: telephone number, by including them in the content of the message sent. Providing the above data is voluntary and depends on the will of the User.

  1. Profiling

The Administrator declares that he does not use the profiling mechanism. The Administrator performs the functions of obtaining information about Users and their behaviour in the following way:

  1. by information entered voluntarily in the form (using the Contact Form service);
  2. by collecting cookies.
  1. Third Party Tracking Technology

The Website incorporates the API service “Google Maps” in order to be able to depict geographical information. The use of Google Maps makes it possible for Google to collect, process and use data on the User’s use of the service.  By using Google Maps, information about the use of this website including the User’s IP address and the (start) address entered in the route planner function can be transmitted to Google in the USA.  The map content is transmitted by Google directly to the User’s browser and integrated by it into the Website. The Administrator has no influence on the scope of the data collected by Google in this way. The Administrator also has no influence on the further processing and use of the data by Google. The Administrator has no influence and therefore cannot accept any responsibility for this. The User can find further information on the processing of the User’s data by Google at the Google data privacy information.

The following data is collected and processed:

  1. IP addresses;
  2. Location information;
  3. Usage data;
  4. Date and time of visit;
  5. URLs.

The legal basis for this data processing is the User’s consent according to Art. 6 (1)(a) GDPR.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

  1. Google LLC;
  2. Alphabet Inc.

Data may be transferred to the USA as part of processing by Google Maps. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, the Administrator will obtain the User’s consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.