Cookies Policy

The privacy policy complies with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. The GDPR regulates the principles of personal data processing and will apply to the same extent in all EU countries.

1. Definitions

Administrator – CONREGO Limited Liability Company, Plac Jana Pawła II 108a/2, 66-400 Gorzów Wielkopolski, District Court in Zielona Góra, VIII Commercial Division of the National Court Register, KRS: 0000716221, NIP: PL5993215285, REGON: 369351080, tel. +48 95 725 3677 from 9:00 to 17:00, e-mail: support@conrego.com

Personal Data – any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Policy – this document available at: https://conrego.pl/regulations/privacy-policy-conrego containing information indicating to the User of the Website the scope and manner of processing their personal data in connection with the activity of the Website, the manner of storing, securing and using the data, possibilities and scope of the User's use of the data, information and materials presented in the Website.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Website – the online service run by the Administrator at the address: https://conrego.pl/, https://conrego.com, https://de.conrego.com, https://brief.conrego.app

User – any natural person visiting the Website or using one or more services or functionalities described in the privacy policy.

2. Data Protection Officer (DPO)

The Administrator has appointed a Data Protection Officer (DPO). Data subjects can contact the DPO in all matters relating to the processing of their personal data and the exercise of their rights under data protection regulations. The Data Protection Officer (DPO) is Anna Jezierska, e-mail: dpo@conrego.com.

3. Scope of Data Processing

In connection with the User's use of the Administrator's Website, data is collected to the extent necessary to provide the offered services, as well as information about the User's activity in the Website. Your personal data is collected and used only with your consent. Exceptions to this rule are situations where it is not possible to obtain prior consent, and data processing is legally permissible.

4. Purposes of Processing Your Personal Data

We collect, process, and use your personal data for the following purposes:

• Entering and performing contracts
• Customer service
• Registration of the service in the test version
• Delivery of the shipment

The provision of broadcasting services, e.g., for processing orders for services offered by us over the Internet, your personal data will be processed based on the principles derived from the law:

• Art. 6, par. 1 lit. a – the data subject has given consent to the processing of their personal data for one or more specific purposes (e.g., access to the test platform);
• Art. 6, par. 1 lit. b – processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract;
• Art. 6, par. 1 lit. c – processing is necessary for compliance with a legal obligation to which the controller is subject;
• Art. 6, par. 1 lit. d – processing is necessary to protect the vital interests of the data subject or another natural person;
• Art. 6, par. 1 lit. f – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

5. Processing of Customer Personal Data

1. Establishing Contact
   Information provided to us by you when contacting us by phone or email will be stored by us under Art. 6 par. 1, lit. b or Art. 6 par. 1, lit. f GDPR, to respond to your inquiries and provide after-sales service. If we have obtained your consent to receive commercial content when filling out the contact form, your data will be processed under Art. 6 par. 1, lit. a GDPR. Each contact will be recorded in the register to prove that the contact took place in accordance with legal requirements.
2. Entering into a Contract
   This data is entered into the data form and sent to us and stored by us. Providing data is necessary for the performance of the contract or conducting activities leading to entering into the contract, and therefore the basis for them is Art. 6, par. 1, lit. b GDPR. To enter and perform contracts, we require contact details depending on the specific case, such as name and surname, delivery address, billing address, email address, and information about the selected payment method. We also use your data to maintain our customer data, where only the most relevant data is stored.
3. Registration of a Test Account for the Participant Registration System
   On our website, we allow the Ordering Party to register, via a dedicated form provided as part of one of the Websites, a User account used to activate and gain access to a free test instance of the System. Registration is carried out to perform the contract or conduct activities leading to entering into the contract, and therefore the basis for them is Art. 6, par. 1, lit. b GDPR.
4. Miscellaneous Provisions
   Under Art. 6, par. 1, lit. c and f GDPR, we use and store your personal data and – where necessary – technical information to prevent misuse of data or other illegal behavior on our website or to conduct investigations in such cases, e.g., to ensure data security in the event of attacks on our IT systems. This may be carried out based on orders from public authorities or common courts, as required by law, as well as to protect our rights and interests and to enable us to defend ourselves in court.

6. Marketing

The Administrator processes the personal data of Users to carry out marketing activities, which may include:

• displaying marketing content to the User that is not tailored to their preferences (contextual advertising);
• displaying marketing content to the User that matches their interests (behavioral advertising);
• sending email and SMS/MMS notifications, which in some cases contain commercial information;
• conducting other activities related to direct marketing of goods and services (sending commercial information electronically and telemarketing activities);

Contextual Advertising
The Administrator processes the personal data of Users for marketing purposes in connection with directing contextual advertising to Users (i.e., advertising that is not tailored to the User's preferences). The processing of personal data takes place in this case in connection with the legitimate interest of the Administrator (Art. 6 par. 1 lit. f GDPR).

Legal Bases for Processing Personal Data:

• for analytical and statistical purposes – the legal basis for processing is the user's consent (Art. 6 par. 1 lit. a GDPR) – consisting of conducting analyses of Users' activity in the Website to improve the functionalities used;
• for the possible determination and pursuit of claims or defense against them – the legal basis for processing is the legitimate interest of the Administrator (Art. 6 par. 1 lit. f GDPR).

7. Social Media

The Administrator processes the personal data of Users visiting the Administrator's profiles maintained on social media (Facebook.com, X.com, YouTube.com, ). These data are processed solely in connection with maintaining the profile, including informing Users about the Administrator's activity and promoting various events, services, and products, as well as communicating with users through the functionalities available on social media. The legal basis for processing personal data by the Administrator for this purpose is the user's consent (Art. 6 par. 1 lit. a GDPR), which the user expresses by clicking on the brand logo on the Website. The user of the Website must be aware that each of these portals is a separate data controller and has its own privacy policy, which the User should read before clicking on the portal logo at the following addresses:

Facebook, https://www.facebook.com/privacy/explanation/

YouTube, https://www.youtube.com/intl/ALL_pl/howyoutubeworks/user-settings/privacy/

X, https://x.com/pl/privacy

8. Cookies and Similar Technologies

The Administrator has prepared a separate cookie policy, which can be found at: https://conrego.pl/regulations/cookie-policy

9. Duration of Personal Data Processing

The duration of data processing by the Administrator depends on the type of service provided and the purpose of processing. Generally, data are processed for the time of providing the service or executing the order, until:

• in the case of a contract, until the expiration of the 5-year period from its termination or
• 3 years in accordance with Art. 118 of the Civil Code in the case of claims or
• withdrawal of the consent given when the legal basis for data processing is the User's consent or the submission of an effective objection to data processing in cases where the legal basis for data processing is the legitimate interest of the Administrator.

The processing period may be extended each time if processing is necessary to establish and pursue any claims or defend against them, and after that time only in the case and to the extent required by law. After the processing period expires, the data are irreversibly deleted or anonymized.

10. User Rights

Under the GDPR, the User has the following rights:

• The right to access personal data – according to Article 15 GDPR
• The right to request rectification of personal data – according to Article 16 GDPR
• The right to deletion of data – according to Article 17 GDPR
• The right to restrict processing – according to Article 18 GDPR
• The right to data portability – according to Article 20 GDPR
• The right to object to data processing – according to Article 21 GDPR
• The right to lodge a complaint with the supervisory authority responsible for personal data protection, i.e., the President of the UODO email: kancelaria@uodo.gov.pl

To the extent that User data is processed based on consent, it can be withdrawn at any time.

To exercise the rights granted, the user can contact the Administrator:

• by email: support@conrego.com
• by mail: Plac Jana Pawła II 108a/2, 66-400 Gorzów Wielkopolski

For your safety, we reserve the right to obtain further information when responding to an existing inquiry to confirm your identity. If identification proves impossible, we also reserve the right to refuse to respond to your inquiry.

11. Data Recipients

In connection with the provision of services, personal data will be disclosed to external entities, including in particular entities such as banks and payment operators, entities providing hosting services related to the maintenance of IT infrastructure, legal and audit services. The Administrator reserves the right to disclose selected information about the User to competent authorities or third parties who request the provision of such information based on the appropriate legal basis and in accordance with the applicable law.

12. Data Transfer Outside the EEA

The Administrator does not transfer personal data outside the EEA.

13. Personal Data Security

The Administrator ensures the security of personal data through appropriate technical and organizational measures aimed at preventing illegal data processing and accidental loss, destruction, or damage. In addition, the Administrator takes special care to ensure that personal information is:

• accurate and processed lawfully,
• obtained only for specified purposes and not processed further in a manner incompatible with those purposes,
• adequate, relevant, and not excessive concerning the purposes for which it is processed,
• accurate and up-to-date,
• not kept longer than necessary,
• securely stored,

CONREGO Sp. z o.o. uses the SSL protocol to protect the personal data of Customers. The SSL certificate is a tool that encrypts data transmitted electronically between the server and the user to prevent interception of confidential data. SSL certificates guarantee the reliability of the websites they protect, and users who connect to a site secured with an SSL certificate have absolute certainty that they connect securely to the correct service.

In matters not regulated by this policy, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, shall apply.

Full List of Used Cookies