Privacy Policy
The following Privacy Policy defines the rules for storing and accessing data on Users' Devices using the Service for the purpose of providing electronic services by the Administrator and the rules for collecting and processing personal data of Users that have been provided by them voluntarily through the tools available in the Service.
The following Privacy Policy is an integral part of the Service Regulations, which define the rules, rights, and obligations of Users using the Service.
§1 Definitions
Service – the website "www.autooomate.com" operating at the address https://autooomate.com
External Service – websites of partners, service providers, or service recipients cooperating with the Administrator
Administrator of the Service / Data – The Administrator of the Service and Data (hereinafter Administrator) is the company "Autooomate sp. z o.o.", operating at the address: Aleja Jana Pawła II 22, 00-133 Warsaw, with the given tax identification number (NIP): 5253057180, with the given KRS number: 0001188805, providing electronic services through the Service
User – a natural person for whom the Administrator provides electronic services through the Service.
Device – an electronic device along with software, through which the User accesses the Service
Cookies – text data collected in the form of files placed on the User's Device
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
Personal Data – means information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, identification number, location data, online identifier, or multiple factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person
Processing – means any operation or set of operations performed on personal data or sets of personal data, whether automated or manual, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Restriction of processing – means marking stored personal data with the aim of limiting their processing in the future
Profiling – means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal factors of a natural person, in particular to analyze or predict aspects concerning the performance of that natural person, their economic situation, health, personal preferences, interests, reliability, behavior, location or movements
Consent – the consent of the data subject means a voluntary, specific, informed, and unambiguous indication of the data subject's wishes, by which they, by a statement or clear affirmative action, consent to the processing of personal data concerning them
Data breach – means a security breach that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to personal data transmitted, stored or otherwise processed
Pseudonymization – means processing personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and subject to technical and organizational measures that prevent its attribution to an identified or identifiable natural person
Anonymization – Anonymization of data is an irreversible process of operations on data, which destroys/overwrites "personal data" preventing identification or linking a given record to a specific user or natural person.
§2 Data Protection Officer
Based on Art. 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.
In matters related to data processing, including personal data, please contact the Administrator directly.
§3 Types of Cookies
Internal Cookies – cookies placed and read from the User's Device by the Service's IT system
External Cookies – cookies placed and read from the User's Device by the IT systems of external services. Scripts of external services that may place Cookies on Users' Devices have been knowingly placed on the Service through scripts and services provided and installed in the Service
Session Cookies – cookies placed and read from the User's Device by the Service during one session of the given Device. After the session ends, the cookies are deleted from the User's Device.
Persistent Cookies – cookies placed and read from the User's Device by the Service until they are manually deleted. The cookies are not automatically deleted after the Device's session ends unless the configuration of the User's Device is set to delete cookies after the session ends.
§4 Data Storage Security
Mechanisms for storing and reading Cookies – The mechanisms for storing, reading, and exchanging data between Cookies stored on the User's Device and the Service are carried out through built-in mechanisms of web browsers and do not allow the retrieval of other data from the User's Device or data from other websites visited by the User, including personal data or confidential information. Transferring viruses, trojans, and other worms to the User's Device is also practically impossible.
Internal Cookies – the Cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content, or information that could threaten the security of personal data or the security of the Device used by the User.
External Cookies – the Administrator takes all reasonable steps to verify and select partners of the service regarding the security of Users. The Administrator chooses well-known, large partners with global social trust for cooperation. However, it does not have full control over the content of Cookies originating from external partners. The Administrator is not responsible for the security of cookies, their content, and licensed use by scripts installed in the service originating from external Services to the extent permitted by law. A list of partners is provided later in this Privacy Policy.
Cookie Control
The User may change the settings regarding the saving, deletion, and access to the data of saved Cookies by any website at any time.
Information on how to disable cookies in the most popular computer browsers is available at the site: how to disable cookies or from one of the specified providers:
Managing cookies in the Chrome browser
Managing cookies in the Opera browser
Managing cookies in the FireFox browser
Managing cookies in the Edge browser
Managing cookies in the Safari browser
Managing cookies in the Internet Explorer 11 browser
The User may delete any cookies saved so far at any time using the tools of the User's Device through which the User accesses the services of the Service.
User-side threats – the Administrator implements all possible technical means to ensure the security of data placed in Cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User's actions. The Administrator is not responsible for the interception of this data, impersonation of the User's session, or their deletion, resulting from the conscious or unconscious actions of the User, viruses, trojans, and other spyware that may have infected the User's Device. Users should take care of their Cybersecurity while using the internet.
Storage of personal data – The Administrator ensures that all efforts are made to keep the processed personal data voluntarily entered by Users safe, that access to them is limited, and that processing is conducted in accordance with their intended purpose and processing goals. The Administrator also ensures that all efforts are made to secure the data held from being lost, through appropriate physical and organizational safeguards.
§5 Purposes for which Cookies are used
Streamlining and facilitating access to the Service
Personalization of the Service for Users
Marketing, Remarketing on external services
Advertising services
Affiliate services
Conducting statistics (users, number of visits, types of devices, links, etc.)
Serving multimedia services
Providing social services
§6 Purposes of processing personal data
Personal data voluntarily provided by Users are processed for one of the following purposes:
Providing electronic services:
Newsletter services (including sending advertising content with consent)
Providing information about the content placed in the Service on social media or other websites.
Communication from the Administrator with Users regarding the Service and data protection
Ensuring a legally justified interest of the Administrator
Data about Users collected anonymously and automatically are processed for one of the following purposes:
Conducting statistics
Remarketing
Serving advertisements tailored to Users' preferences
Supporting affiliate programs
Ensuring a legally justified interest of the Administrator
§7 Cookies of external services
The Administrator uses JavaScript scripts and web components of partners in the Service, who may place their own cookies on the User's Device. Remember that in the settings of your browser, you can decide about the allowed cookies that can be used by individual websites. Below is a list of partners or their services implemented in the Service that may place cookies:
Content sharing services:
Newsletter services:
GetResponse
Advertising and affiliate network services:
Google Adsense
Conducting statistics:
Google Analytics
Services provided by third parties are beyond the control of the Administrator. These entities may change their service delivery terms, privacy policies, purposes of data processing, and cookie usage methods at any time.
§8 Types of collected data
The Service collects data about Users. Some data is collected automatically and anonymously, while some data are personal data voluntarily provided by Users during registration for specific services offered by the Service.
Automatically collected anonymous data:
IP address
Browser type
Screen resolution
Approximate location
Opened subpages of the service
Time spent on the relevant subpage of the service
Operating system type
Address of the previous subpage
Referring page address
Browser language
Internet connection speed
Internet service provider
Demographic data (age, gender)
Data collected during registration:
First name / last name / nickname
Email address
IP address (collected automatically)
Data collected during newsletter sign-up:
First name / last name / nickname
Email address
IP address (collected automatically)
Some data (without identifying data) may be stored in cookies. Some data (without identifying data) may be passed to the statistical service provider.
§9 Access to personal data by third parties
As a rule, the only recipient of personal data provided by Users is the Administrator. Data collected within the services provided are not disclosed or sold to third parties.
Access to data (most often based on a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary to run the service, such as:
Hosting companies providing hosting or related services for the Administrator
Companies through which the newsletter service is provided
Data processing entrustment – Newsletter
To provide the newsletter service, the Administrator uses the services of a third-party provider – the service GetResponse. Data entered in the newsletter registration form is forwarded, stored, and processed in the external service of this provider.
Please note that the indicated partner may modify the indicated privacy policy without the Administrator's consent.
Data processing entrustment – Hosting, VPS, or Dedicated Servers
To operate the service, the Administrator uses the services of an external hosting, VPS, or Dedicated Server provider – cyberfolks.pl . All data collected and processed in the service are stored and processed in the provider's infrastructure located in Poland. Access to the data may occur as a result of maintenance work performed by the provider's staff. Access to this data is regulated by a contract between the Administrator and the Provider.
§10 Method of processing personal data
Personal data voluntarily provided by Users:
Personal data is transferred outside the European Union. The transfer of data outside the EU is caused by the use of services from entities located outside the EU or as a result of an individual action by the User (e.g., posting a comment or entry), which will make the data available to anyone visiting the service. In the case of transferring or entrusting the processing of personal data outside the EU, such data is processed based on an agreement between the Administrator and the Provider.
Personal data will be used for automated decision-making (profiling). Profiling of personal data does not produce legal effects or significantly affect the person whose data is subject to automated decision-making.
Personal data will not be sold to third parties.
Anonymous data (without personal data) collected automatically:
Anonymized data (without personal data) will be transferred outside the European Union.
Anonymized data (without personal data) may be used for automated decision-making (profiling). Profiling of anonymous data (without personal data) does not produce legal effects or significantly affect the person whose data is subject to automated decision-making.
Anonymized data (without personal data) may be sold to third parties (e.g., paid sharing of Service statistics).
§11 Legal basis for processing personal data
The Service collects and processes data of Users based on:
Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
Art. 6(1)(a) The data subject has given consent to the processing of their personal data for one or more specific purposes.
Art. 6(1)(b) Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
Art. 6(1)(d) Processing is necessary to protect the vital interests of the data subject or another natural person.
Art. 6(1)(f) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
Act of May 10, 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
Act of July 16, 2004 Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
Act of February 4, 1994 on copyright and related rights (Journal of Laws 1994 No. 24 item 83)
§12 Duration of processing personal data
Personal data voluntarily provided by Users:
As a rule, the indicated personal data is stored solely for the duration of the services provided by the Administrator within the Service. They are deleted or anonymized within 30 days from the moment of termination of the services (e.g., deletion of the registered user account, unsubscribing from the Newsletter list, etc.)
The exception is a situation that requires securing legally justified purposes for further processing of this data by the Administrator. In such a case, the Administrator will retain the indicated data, from the time the User requests its deletion, for no longer than 3 years in case of violation or suspicion of violation of the provisions of the service regulations by the User.
Automatically collected anonymous data:
Anonymous statistical data, which does not constitute personal data, is stored by the Administrator for the purpose of conducting service statistics for an indefinite period.
§13 User rights related to the processing of personal data
The Service collects and processes data of Users based on:
The right of access to personal data Users have the right to obtain access to their personal data, implemented upon request submitted to the Administrator.
The right to rectification of personal data Users have the right to request the Administrator to promptly rectify inaccurate personal data or to complete incomplete personal data, implemented upon request submitted to the Administrator.
The right to erasure of personal data Users have the right to request the Administrator to promptly erase their personal data, implemented upon request submitted to the Administrator. In the case of user accounts, data erasure involves anonymizing data that can identify the User. The Administrator reserves the right to suspend the execution of the request for deletion of data in order to protect the legally justified interest of the Administrator (e.g., in cases where the User has violated the Regulations or the data has been obtained as a result of conducted correspondence). In the case of the Newsletter service, the User has the option to delete their personal data independently using the link placed in every email sent.
The right to restrict the processing of personal data Users have the right to restrict the processing of their personal data in cases specified in Art. 18 of the GDPR, including questioning the accuracy of the personal data, implemented upon request submitted to the Administrator.
The right to data portability Users have the right to receive from the Administrator personal data concerning the User in a structured, commonly used, machine-readable format, implemented upon request submitted to the Administrator.
The right to object to the processing of personal data Users have the right to object to the processing of their personal data in cases specified in Art. 21 of the GDPR, implemented upon request submitted to the Administrator.
The right to lodge a complaint Users have the right to lodge a complaint with a supervisory authority competent for the protection of personal data.
§14 Contact with the Administrator
The Administrator can be contacted in one of the following ways:
Postal address – Autooomate sp. z o.o. Aleja Jana Pawła II 22, 00-133 Warsaw
Email address – hello@autooomate.com
Phone call – +48 883 599 988
Contact form – available at the address: www.autooomate.com
§15 Service Requirements
Restricting the saving and accessing of Cookies on the User's Device may result in the improper functioning of some features of the Service.
The Administrator is not responsible for incorrectly functioning features of the Service in the event that the User restricts in any way the ability to save and read Cookies.
§16 External Links
The Service – in articles, posts, entries, or comments by Users may contain links to external websites with which the Owner of the service does not cooperate. These links and the sites or files linked to them can be dangerous for your Device or pose a risk to the security of your data. The Administrator is not responsible for the content found outside of the Service.
§17 Changes to the Privacy Policy
The Administrator reserves the right to change this Privacy Policy at any time without the obligation to inform Users regarding the application and use of anonymous data or the application of Cookies.
The Administrator reserves the right to change this Privacy Policy regarding the processing of Personal Data, of which he will inform Users with accounts or those who have signed up for the newsletter, via email within 7 days of the changes in the provisions. Continued use of the services means acknowledgment and acceptance of the changes in the Privacy Policy. In the event that a User does not agree with the introduced changes, they are obliged to delete their account from the Service or unsubscribe from the Newsletter service.
The changes made to the Privacy Policy will be published on this subpage of the Service.
The changes take effect upon publication.
