Privacy policy

  1. DEFINITIONS
    1. Administrator – 9 BITS sp. z o.o. based in Warsaw, under address: ul. Solec 81 B /A-51 (00-382) Warsaw, entered into the register of entrepreneurs of the National Court Register under the KRS number 0000323228, with the tax identification number NIP 7010174828 and the statistical number REGON 14173329400000.
    2. Personal data – all information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, online identifier and information collected via cookies and other similar technology.
    3. Policy - this document defining the principles of personal data processing.
    4. Cookie Policy - a document specifying the rules for the use of cookies and similar technologies on the Website and the use of information obtained thanks to cookies and similar technologies, available at: https://9bits.com/cookie-policy
    5. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
    6. Website - website run by the Administrator, available at https://www.9bits.com/en
    7. User - a natural person using the Website.
  2. CONTACT WITH THE PERSONAL DATA ADMINISTRATOR
    1. In matters relating to the processing of personal data, including the exercise of rights, you can contact the Administrator via the e-mail address: contact@9bits.com or by sending correspondence to the following address: 9 BITS sp. z o.o., ul. Jasna 14/16A (00-041) Warszawa, with the note: "personal data".
    2. The Administrator has appointed a Data Protection Inspector who can be contacted via e-mail: contact@9bits.com in any matter regarding the processing of personal data.
  3. DATA PROCESSING
    1. The Administrator processes and collects the User's Personal Data in connection with the User's use of the Website and social media.
    2. The Administrator may process the following Personal Data: activity data, geolocation data, identification data, contact details (correspondence address, e-mail address, telephone number), data regarding the User's device, User preferences, data regarding the use of the Website, IP address , identifiers, information collected thanks to cookies and similar technologies.
    3. For information on the principles of using cookies and similar technologies, please read the Cookie Policy available at: https://9bits.com/cookie-policy
    4. The Administrator does not direct marketing content to persons under 18 years of age, nor does it consciously process the data of such persons.
    5. The Administrator may obtain the User's Personal Data directly from the User or via a social networking site.
  4. PURPOSES AND BASES AND PERIOD OF PROCESSING PERSONAL DATA
    1. Personal data is processed by the Administrator:
      1. for analytical and statistical purposes, i.e. in order to analyze Users' activity, as well as their preferences, improve the functionalities of the Website - which constitutes the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), for this purpose data will be stored for a period not longer than 3 months;
      2. to ensure the security of using the Website, which is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), for this purpose the data will be stored for a period not longer than 3 months;
      3. to handle inquiries and complaints - which constitutes the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), for the period necessary to complete the process of handling the received inquiry or complaint;
      4. for the purpose of conducting direct marketing - which constitutes the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) - until the contract is terminated or an objection is raised.
    2. The Administrator may process Personal Data based on the User's consent (Article 6(1)(a) of the GDPR).
    3. In each case, the User will be asked to consent to the processing of his Personal Data and informed about the purpose of processing.
    4. Personal data obtained on the basis of consent will be processed until the consent is withdrawn or until the purpose for which it was collected ceases.
    5. Providing personal data is voluntary.
  5. SOCIAL MEDIA
    1. The Administrator processes Personal Data of Users visiting profiles run by the Administrator on social media (Facebook). This data is processed solely for the purpose of informing Users about the Administrator's activity and promoting various types of services and products, which constitutes a legitimate interest (Article 6paragraph 1 letter f GDPR).
    2. The joint controller of Personal Data processed on profiles (fanpages), in the scope of statistics (including profiling and the use of cookies), is Meta Platforms Ireland Limited based in Dublin (formerly operating under the company Facebook Ireland Limited), address: 4 Grand Canal Square Grand Canal Harbor Dublin 2 Ireland. The joint controller has appointed a data protection officer who can be contacted via the form available at: https://www.facebook.com/help/contact/540977946302970
    3. In the case of joint administration, the management of Personal Data takes place on the terms set out in the agreement concluded with Meta Platforms Ireland Limited based in Dublin (formerly operating under the company Facebook Ireland Limited), the terms of which can be found here https://www.facebook.com/legal/terms/page_controller_addendum
  6. RECIPIENTS OF PERSONAL DATA
    1. In connection with the use of the Website, the User's Personal Data will be disclosed to external entities, including IT service providers.
    2. Based on the User's consent, his Personal Data may be made available to other entities for their own purposes.
    3. The User's personal data may be transferred to appropriate institutions pursuant to regulations (e.g. police authorities, courts) - in the event of proceedings, pursuant to legal provisions.
  7. USER RIGHTS
    1. In connection with the processing of Personal Data, the User has the following rights:
      1. access to Personal Data, receiving a copy thereof;
      2. request rectification of your Personal Data;
      3. request deletion of Personal Data;
      4. request restriction of processing;
      5. the right to transfer data.
    2. The User has the right to object to the processing of Data if the processing is carried out in connection with the legitimate interest of the Administrator.
    3. If the User's data is processed on the basis of consent, the User has the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
    4. The User has the right to lodge a complaint with the supervisory authority responsible for the protection of personal data - the President of the Personal Data Protection Office.
  8. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES AND INTERNATIONAL ORGANIZATIONS
    1. The Administrator does not transfer Personal Data to international organizations.
    2. The Administrator may transfer Personal Data to third countries, i.e. those not belonging to the European Economic Area. In such a case, the transfer takes place if necessary and with an adequate level of protection:
      1. cooperation with entities processing personal data in countries for which an appropriate decision of the European Commission has been issued;
      2. application of standard contractual clauses issued by the European Commission;
      3. application of binding corporate rules approved by the relevant supervisory authority.
    3. In some cases, Personal Data may be transferred to recipients from third countries, i.e. from countries outside the European Economic Area, e.g. if it is necessary for the provision of services or if it is conditioned by another valid legal basis.
    4. Before transferring Personal Data, the Administrator verifies whether an adequate level of protection of Personal Data is ensured in third countries, i.e. countries outside the European Economic Area. However, in certain situations, the transfer of Personal Data to third countries may involve risks due to the lack of an adequacy decision outside the European Economic Area and the lack of safeguards and effective legal remedies in third countries.
  9. CHANGES TO THE PRIVACY POLICY
    1. The policy is verified on an ongoing basis and updated, if necessary.
    2. If the Policy is updated, the User will be notified by displaying information on the Website.
    3. The fact of using the Website will constitute acceptance of the updated version of the Policy.
    4. The current version of the Policy is valid from April 8, 2022.
9bits sp. z o.o.
Last update: April 8, 2022.