Last updated: 28.11.2024
Sygeon sp. z o.o. is committed to protecting your privacy and ensuring transparency in how we handle your personal data. This privacy policy outlines our practices for collecting, using, and safeguarding your data in compliance with the General Data Protection Regulation (GDPR).
By using our services or visiting our website, you agree to the terms outlined in this policy.
Who we are
Company name: Sygeon sp. z o.o.
Address: Roosevelta 18, 60-829 Poznań, Poland
Data Protection Officer: Radosław Ruciński
Contact email: dpo@sygeon.com
Contact phone: +48 450 064 128
If you have any questions or concerns about this Privacy Policy, feel free to contact us.
What data we collect
We collect and process the following types of personal data:
- Contact details: Names, email addresses, phone numbers, and company details necessary for providing our services.
- Website data: Information such as IP addresses and browsing activity collected through cookies for analytics and security purposes (e.g., Google Analytics 4).
- Marketing data: Names, email addresses, and company information to communicate updates, offers, and services.
Why we collect data
We process personal data for the following purposes and in compliance with GDPR requirements:
- Service delivery: To manage and fulfill our obligations in providing services (Legal basis: Contractual necessity)
- Marketing and communication: To inform you about updates, offers, and services (with your consent) (Legal basis: Consent)
- Website analytics and security: To improve our website and ensure its security using tools like Google Analytics 4 (Legal basis: Legitimate interests)
If the purpose of data processing changes, we will notify you and obtain additional consent if necessary.
Your rights
Under the General Data Protection Regulation (GDPR), you have the following rights concerning your personal data:
- Right to access and information: You can request information about whether we process your personal data and obtain a copy of it.
- Right to rectification or erasure: You can request corrections if your data is inaccurate or incomplete. You may also request the deletion of your data under certain circumstances.
- Right to restrict processing: You may request a temporary halt to processing if you contest the accuracy of your data, object to processing, or require the data for legal claims.
- Right to object to processing: You may object to the processing of your data for specific purposes, such as direct marketing or profiling based on legitimate interests.
- Right to data portability: You can receive your data in a structured, commonly used, machine-readable format and have it transferred to another controller without hindrance.
- Right to withdraw consent: If processing is based on your consent, you can withdraw this consent at any time without affecting the lawfulness of prior processing.
- Right to lodge a complaint: If you believe your rights under GDPR have been violated, you have the right to lodge a complaint with the relevant supervisory authority.
To exercise your rights, please contact our Data Protection Officer (DPO):
- Email: dpo@sygeon.com
If you believe your rights have been violated, you also have the right to file a complaint with the relevant supervisory authority in Poland:
- Office for Personal Data Protection (UODO)
- Website: https://uodo.gov.pl
- Phone: +48 22 531 03 00
Automated decision-making and profiling
We do not use your personal data for automated decision-making, including profiling, that would have significant legal or similar effects.
Data sharing
We may share your personal data with trusted third parties to facilitate our operations and comply with legal obligations. These include:
- Service providers: Partners who support us in areas such as IT services, hosting, and business operations.
- International transfers: If your data is transferred outside the European Economic Area (EEA), we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
Safeguards in place:
- All data sharing is conducted under GDPR-compliant agreements to ensure the security and confidentiality of your data.
- We do not sell or trade your personal data.
Data retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy or to comply with legal and regulatory obligations. Retention periods are as follows:
- Service-related data: Retained for the duration of the contract and for 6 years thereafter, as required for legal or auditing purposes.
- Marketing data: Retained until you withdraw consent or the data is no longer relevant for the intended purpose.
- Website data: Retained for analytics and security purposes for a limited period, typically 6 months.
When personal data is no longer needed, we securely delete or anonymize it to prevent unauthorized access.
Data security
We take the security of your personal data seriously and implement robust measures to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include:
- Encryption: Sensitive data is encrypted to ensure it remains protected during storage and transmission.
- Multi-factor authentication (MFA): Access to our systems requires additional authentication steps beyond a password.
- Restricted access: Personal data is accessible only to authorized personnel who require it to perform their duties.
Policy updates
We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or other operational reasons.
When we make significant changes, we will notify you by posting the updated policy on this page with a new effective date.
We encourage you to review this privacy policy periodically to stay informed about how we are protecting your personal data.
Effective date: This policy was last updated on 28.11.2024