Cookies

1. Data of the Personal Data Administrator

We kindly inform you that the administrator of your personal data is Polinvesta Ltd C220D Trident Business Center, 89 Bickersteth Road London SW 17 9SH United Kingdom, Registry Number 10958133. In case of queries related to the personal data protection, you are requested to contact via e-mail: support@gaininvestors.com

 

2. The purposes and grounds for the processing of personal data

In order to provide services in accordance with the business profile, the Company processes your personal data for various purposes, but always in accordance with the law. Below you will find the listed purposes of the processing of your personal data together with the legal basis.

In order to provide the service – publication of announcement, we process personal data such as:

  • name and surname, company name of the entrepreneur,
  • e-mail address,
  • address of the registered office/residence,
  • phone number,
  • NIP (tax ID number)

 

The legal basis for such data processing is Article 6(1)(b) of GDPR, which allows personal data to be processed if they are essential to perform a contract or to take steps in order to conclude a contract; if you choose to provide also a telephone number, we consider that you have given your consent to the processing of your telephone number as well – then the legal basis for such processing is Article 6(1)(b) of GDPR, which allows personal data to be processed on the basis of a voluntary consent;

 

In order to deal with complaints, we process the following personal data:

  • name and surname/company name,
  • le-mail address

 

The legal basis for such data processing is Article 6(1)(b) of GDPR, which allows personal data to be processed if they are essential to perform a contract or to take steps in order to conclude a contract;

For the purpose of sending notification e-mails containing commercial information, we process the following personal data:

  • e-mail address

 

The legal basis for such data processing is Article 6(1)(f) of GDPR, which allows personal data to be processed if the Personal Data Administrator pursues their legitimate interest in this way (in this case the Company’s interest is to inform the customer about activities related to the implementation of the service in order to increase the comfort of using the service);

 

In order to issue an invoice and meet other obligations under tax law, such as keeping accounting records for 5 years, we process personal data such as:

  • name and surname,
  • the company,
  • address of residence or registered office,
  • NIP (tax ID number),
  • order number.
  •  

The legal basis for such data processing is Article 6(1)(c) of GDPR, which allows personal data to be processed if such processing is needed to fulfil the obligations of Personal Data Administrator;

For the purpose of establishing, investigating or defending against claims, we process personal data such as:

  • name and surname (if applicable) or company name (if applicable),
  • address of residence (if provided),
  • PESEL (personal identification number) or NIP (tax ID number) (if provided),
  • e-mail address,
  • IP

 

The legal basis for such data processing is Article 6(1)(f) of GDPR, which allows personal data to be processed if the Administrator of Personal Data pursues their legitimate interest (in this case, the interest of the Company is the possession of personal data that will allow to establish, investigate or defend against claims, including those of customers and third parties);

 

For archival and evidential purposes, we process the following personal data:

  • name and surname,
  • e-mail address,
  • IP

– for the purpose of safeguarding information that may be used to establish facts of legal significance. The legal basis for such data processing is Article 6(1)(f) of GDPR, which allows personal data to be processed if the Administrator of Personal Data pursues their legitimate interest in this way (in this case, the interest of the Company is to have personal data that will allow to prove certain facts related to the provision of services, e.g. if a state authority requests that);

 

For analytical purposes, i.e. research and analysis of the activity on the website belonging to the Company, we process such personal data as:

  • the date and time of your visit to the website,
  • type of operating system,
  • approximate location,
  • type of web browser used to browse the website,
  • time spent on the website,
  • the subpages visited,
  • a subpage where the contact form has been filled in.

 

The legal basis for such data processing is Article 6(1)(f) of GDPR, which allows personal data to be processed if the Administrator of Personal Data pursues their legitimate interest in this way (in this case, the Company’s interest is to know the activity of customers on the website);

 

In order to use cookies on our website, we process such text information (cookies will be described in a separate section). The legal basis for such processing is Article 6(1)(a) of GDPR, which allows personal data to be processed on the basis of voluntary consent (while visiting the website for the first time, the person is asked for permission to use cookies);

 

For the purpose of website administration, we process the following personal data:

  • IP address,
  • date and time of the server,
  • information about web browser
  • information about the operating system

 

– these data are automatically saved in the so-called server logs, each time a website belonging to the Company is used. Website administration without the use of the server and without this automatic recording would not be possible. The legal basis for such data processing is Article 6(1)(f) of GDPR, which allows personal data to be processed if the Administrator of Personal Data pursues his legitimate interest in this way (in this case, the Company’s interest is website administration);

 

 

Cookies

1.         The Company on its website, similarly to other entities, uses the so-called cookies, i.e. short text information stored on a computer, telephone, tablet or other user’s device. They may be read by our system, as well as by systems belonging to other entities whose services we use (e.g. Facebook, Google).

2.         Cookies perform a lot of functions on the website, most often useful, which we will try to describe below (if the information is insufficient, please contact us):

  • ensuring security – cookies are used to authenticate users and prevent unauthorized use of the customer panel. They are therefore used to protect the user’s personal data against unauthorized access;
  • influence on the processes and efficiency of the use of the website – cookies are used to make the website work smoothly and to enable the use of the functions available on it, which is possible, among others, thanks to remembering settings between subsequent visits to the website. It ensures efficient navigation on the website and individual subpages;
  • session status – cookies often store information about how visitors use the website, e.g. which subpages they display most often. They also make it possible to identify errors displayed on some subpages. Cookies used to record the so-called “session status” help to improve services and increase the comfort of browsing;
  • maintaining the status of the session – if the customers log in to their panel, the cookies allow them to maintain the session. This means that after switching to a different subpage, one does not have to re-enter the login and password each time, which enhances the comfort of using the website;
  • creation of statistics – cookies are used to analyze how users use the website (how many people open the website, how long they stay, which content is of most interest, etc.). This allows to constantly improve the website and adapt its operation to users’ preferences. We use Google tools, such as Google Analytics, to track activity and compile statistics; in addition to reporting on website usage statistics, Google Pixel Analytics can also be used, along with some of the cookies described above, to help the user view more relevant content on Google services (e.g. Google search engine) and across the web;
  • use of social functions – on the website we have a Facebook pixel, which enables the user to like our fanpage in this service while using the website. However, for this to happen, we must use cookies provided by Facebook.

 

1.         Your Internet browser by default allows the use of cookies in your device, so on your first visit we ask you to consent to the use of cookies. However, if you do not wish to use cookies when browsing the website, you can change the settings in your web browser – completely block automatic handling of cookies or require notification each time cookies are placed in the device. The settings can be changed at any time.

2.         As we respect the autonomy of all persons using the website, we feel obliged to give prior notice that disabling or limiting the use of cookies may cause quite serious difficulties in using the website, such as the need to log in to each subpage, a longer period of loading the page, limitations in using the functionality, limitations in liking the page on Facebook, etc.

 

1.         The right to withdraw consent

 

1.         If the processing of personal data is based on consent, you may withdraw this consent at any time at your own discretion.

2.         If you would like to withdraw your consent to the processing of personal data, it is sufficient to:

 

If your personal data have been processed on the basis of consent, the withdrawal of consent does not make the processing of personal data illegal until that moment. In other words, until such time as your consent is withdrawn, we have the right to process your personal data and its withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. 

 

  1. 2.       Requirement to provide personal data

 

1.         The provision of any personal data is voluntary and is at your discretion. However, in some cases, the provision of certain personal data is necessary to meet your expectations regarding the use of the services.

2.         In order to commission a service, it is necessary to provide your name and e-mail address. Without it we are unable to conclude and perform the contract.

3.         In order for you to receive an invoice for services, it is necessary to provide all the data required by tax law, namely your name and surname or company name, address of residence or registered office, NIP (tax ID number). Without this we are unable to issue an invoice properly.

4.         In order to be able to contact you by phone in matters related to the implementation of the service, it is necessary to provide a telephone number. Without this we are unable to contact you by phone.

 

  1. 1.       Automated decision making and profiling

Please be informed that we do not make automated decisions, including those based on profiling. The content of the inquiry, which is sent via the contact form, is not subject to evaluation by the IT system. The proposed price of the service is in no way the result of an assessment made by any IT system.

 

  1. 2.      Recipients of personal data

1.         Like most entrepreneurs, in our business we use the assistance of other entities, which often involves the need to transfer personal data. Therefore, if necessary, we pass on your personal data to lawyers cooperating with us, who provide services, companies servicing quick payments, accounting firm, hosting firm.

2.         Apart from that, it may happen that, e.g. on the basis of a relevant provision of law or a decision of a competent authority, we will also have to pass on your personal data to other entities, whether public or private. Therefore, it is extremely difficult for us to predict who can request the provision of personal data. However, for our part, we assure you that we analyze all requests for personal data very carefully and very thoroughly, so as not to inadvertently pass on the information to an unauthorized person.

3.         Personal data, to a strictly defined extent and with your prior consent, may also be transferred to other entities – including business partners.

 

1.         Transfer of personal data to third countries

1.         Like most entrepreneurs, we use various popular services and technologies offered by entities such as Facebook, Microsoft, Google. These companies are established outside the European Union and are therefore treated as third countries under the terms of the GDPR regulations.

2.         GDPR imposes certain restrictions on the transfer of personal data to third countries because, since European rules do not apply there in principle, the protection of personal data of European Union citizens may unfortunately be insufficient. Therefore, every administrator of personal data is obliged to determine the legal basis for such a transfer.

3.         For our part, we assure you that when using our services and technology, we transfer personal data only to U.S. entities and only to those that have joined the Privacy Shield program, pursuant to the European Commission’s Implementing Decision of 12 July 2016. – Further information can be found on the European Commission’s website at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en. Entities that have joined the Privacy Shield program guarantee that they will comply with the high standards of personal data protection in the European Union, and that the use of their services and technologies to process personal information is lawful.

4.         We will provide you at any time with further clarification regarding the transfer of your personal data, in particular if you are concerned about this issue.

5.         You have the right at any time to obtain a copy of the personal data transferred to a third country.

 

  1. 1.       Period of personal data processing

1.         According to the applicable legal regulations, we do not process your personal data “indefinitely”, but for the time necessary to achieve the set goal. After this period, your personal data will be irretrievably deleted or destroyed.

2.         In the event that we do not need to carry out operations on your personal data other than storage (e.g. if we store the contents of the order for the purpose of defending against claims), we additionally secure these data by pseudonymisation until they are permanently deleted or destroyed. Pseudonymisation consists in the encryption of personal data or the collection of personal data in such a way that they cannot be read without an additional key and therefore such information becomes completely useless to an unauthorized person.

3.         With regard to the individual periods of processing personal data, we kindly inform you that we process your personal data for a period of:

  • duration of the contract – with regard to the personal data processed for the purpose of concluding and executing the contract;
  • 3 years or 6 years + 1 year – with regard to personal data processed for the purpose of establishment, investigation or defense against legal claims (the length of the period depends on whether both parties are entrepreneurs or not);
  • 6 months – in relation to personal data collected during the valuation of the service, and at the same time there was no immediate conclusion of the contract;
  • 5 years – in relation to personal data related to the fulfillment of tax law obligations;
  • until the withdrawal of consent or achievement of the purpose of processing, but not longer than for 5 years – in relation to personal data processed on the basis of consent;
  • until an effective objection is raised or the purpose of the processing is achieved, but no longer than for 5 years – with regard to personal data processed on the basis of a legitimate interest of the Personal Data Administrator or for marketing purposes;
  • until they are obsolete or have expired, but not longer than for 3 years – with regard to personal data processed mainly for analytical purposes, the use of cookies and website administration;

 4.         We count periods in years from the end of the year in which we began processing personal data to improve the process of deletion or destruction of personal data. Separate counting of the deadline for each concluded contract would involve significant organizational and technical difficulties, as well as significant financial outlays, therefore, setting a single date for deleting or destroying personal data allows us to manage this process more efficiently. Of course, if you exercise your right to forget, such situations are considered individually.

5.         An additional year related to the processing of personal data collected for the purposes of contract performance is dictated by the fact that you may hypothetically submit a claim just before the expiry of limitation period, the claim may be delivered with a significant delay or you may wrongly identify limitation period of your claim.

 

1.         Authority of data subjects

1. We kindly inform you that you have the right to:

  • access to your personal data;
  • correct your personal data;
  • delete your personal data;
  • limit the processing of your personal data;
  • object to the processing of your personal data;
  • transfer your personal data.

2. We respect your rights under data protection laws and we try to facilitate their implementation as much as possible.

3. We would like to point out that these rights are not absolute and therefore, in some situations, we may legally deny you the right to exercise them. However, if we refuse to grant the request, it is only after careful analysis and only if the refusal to grant the request is necessary.

4. With regard to the right to object, we explain that you have the right at any time to object to the processing of personal data on the basis of the legitimate interest of the Personal Data Administrator (listed in point III) in relation to your particular situation. However, you must remember that in accordance with the law we may refuse to accept the opposition if we prove that:

  • there are legitimate grounds for processing which take precedence over your interests, rights and freedoms, or
  • there are grounds for establishing, investigating or defending claims.

 

In addition, you may object at any time to the processing of your personal data for marketing purposes. In such a case, we will cease processing for this purpose once we have received your objection.

5. You can exercise your powers by:

l  sending an e-mail directly to the Company at support@gaininvestors.com

 

The right to lodge a complaint

If you believe that your personal data is being processed in violation of the applicable law, you may lodge a complaint with the President of the Office for the Protection of Personal Data.

 

3.         Final provisions

1.         Within the scope not regulated by this Privacy Policy, personal data protection regulations shall apply.

2.         You will be notified by e-mail of any changes to this Privacy Policy.

3.         This Privacy Policy is binding from 01.05.2019.