We take the protection of your Personal Data very seriously and strictly adhere to all applicable laws and regulations on data protection, in particular the General Data Protection Regulation, the Polish Data Protection Act. The following explanations will give you an overview of how we ensure this protection and what data we process for what purpose.
Controller - means Graphql Editor Sp. z o.o. a Polish company having a principal place of business at Mlawska 4/U7 street, 15-411 Białystok, Poland, which determines the purposes and means of the processing of Personal Data
Personal Data - means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as in particular a name and surname, e-mail address, device IP, location data, Internet ID and information collected through cookies and other similar technology
Consent - means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her;
GDPR - REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Website - an online service run by the Controller at the address https://app.graphqleditor.com/.
The Controller of the Personal Data obtained from you is GraphQL Editor Sp. z o.o., a Polish company having a principal place of business at Mlawska 4/U7, 15-411 Białystok, Poland registered in the National Court Register with the number 0000778277.
If you wish to contact us about any and all matters related to the processing of Personal Data and the exercise of the rights attached to such processing, you can do so as follows:
The Controller uses the Personal Data collected from you for the following purposes: exchange of correspondence regarding business relations / contract concluded / between you and the Controller, including replying to your inquiries about products and services provided by the Controller including our live chat - basis in Article 6(1)(b) of the GDPR; in order to provide Services - then the legal basis for processing is the necessity of processing to perform the contract -- basis in Article 6 (1) (b) of the GDPR; internal administrative purposes of the Controller, including statistics and internal reporting, conducting analytics which constitute pursuit of our legitimate interests. We are always looking for ways to make our Services smarter, faster, secure, integrated and useful to you. We use collective learning about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services. We also test and analyze certain new features with some users before rolling the feature out to all users - basis in Article 6(1)(f) of the GDPR; archiving (evidential purpose) which constitutes pursuit of our legitimate interests of securing information in case a legal need for evidence arises - basis in Article 6(1)(f) of the GDPR; potential establishment of claims, exercise of claims or defence against claims, which constitutes pursuit of our legitimate interests - basis in Article 6(1)(f) of the GDPR;
Handling of complaints, when they are lodged, in respect of the quality of services provided by the Controller and the manner of service delivered by employees of the Controller under the performed contracts - basis in Article 6(1)(b) of the GDPR; direct marketing of the Controller's products and own Services. We use your contact Personal Data to send promotional messages, newsletters, marketing, advertising and other information that may be of specific interest to you, through other companies' websites and applications but only with your prior specific written consent to receive such marketing communications. We will ask you at the time of registration and/or opening an account with us if you want to receive such marketing communications. These marketing communications are aimed at driving engagement and maximizing what you get out of the Services and what we think may be of interest to you. You can opt-out of receiving marketing communications from us at any time by following the unsubscribe instructions included in our marketing communications. Please note that your consent to our marketing activities is voluntary and may be withdrawn by you at any time. - basis in Article 6(1)(f) of the GDPR; The Controller processes the Personal Data of users visiting the Controller's profiles in social media (Linkedin, Facebook). This data is processed only in connection with keeping the profile, including to inform users about the Controller's activity and to promote various types of events, services and products. - basis in Article 6(1)(f) of the GDPR;
The Personal Data processed by us may include: full name, position, company name, e-mail address, phone number, login, IP number, information collected via cookies or other similar technologies or other data necessary for the verification of a person.
Google Analytics cookies are used by Google to analyze how the user uses the Website as well as to compile statistics and reports about the operation of the Website. Google does not use the collected data to identify a user and neither does it combine any information items to make such an identification possible. Detailed information on the scope and rules of collecting data in connection with this service can be found at: https://policies.google.com/technologies/partner-sites?hl=en.
Google Ads is a tool which enables measuring the effectiveness of advertising campaigns executed by the Controller and allows to analyze such data as e.g. key words or the number of unique users. Google Ads Platform allows displaying our advertisements to the persons who visited the Website in the past. Information on the data processing by Google in the scope of the above service can be found at: https://policies.google.com/technologies/ads?hl=en.
Facebook pixels is a tool which enables measuring the effectiveness of advertising campaigns executed by the Controller on Facebook. The tool enables advanced data analytics in order to optimize the Controller's acts together with the use of other tools offered by Facebook. Detailed information on data processing by Facebook can be found at: https://www.facebook.com/help/443357099140264.
Google Tag Manager is a tool which enables the Controller to conduct activity analyses of the Users on the Website by enabling the management of other analytical or marketing tools used by the Controller.
We may share your Personal Data with the following entities:
We use administrative, technical, contractual, and physical safeguards designed to protect your Personal Data while it is under our control. We may store your Personal Data on a server located outside the country where you live. We store your Personal Data on secure servers. In justified situations, when the performance of the contract requires cooperation with technological partners from outside the European Economic Area ("EEA"), your Personal Data will be transferred to third countries. Due to the fact that the level of Personal Data protection outside the EEA differs from that provided by European law, the Controller undertakes to apply appropriate safeguards that, in accordance with EU law, legalize the transfer and provide adequate guarantees for the protection of your Personal Data. The Personal Data that you provide will be maintained in a safe and secure manner. GraphQL Editor databases and information are stored on secure servers with appropriate firewalls. GraphQL Editor uses industry standard physical, technical and administrative security measures to safeguard all Personal Data, keeping it confidential and secure. We conduct periodic reviews of our security measures pertaining to our Personal Data collection and storage, to guard against unauthorized access to our systems. When you enter Personal Data (such as login credentials) in respect to your User Account ("User Information") all communications between GraphQL Editor and the Users of GraphQL Editor Services are encrypted using Secure Socket Layer (SSL) Certificates. As a user of the Services, You should use the Services responsibly and not share your User Information including your username or password or account information with anyone.
In a situation where the Controller is not able to identify a natural person on the basis of the submitted request, the Controller will ask the applicant for additional information. Providing such data is not mandatory, but failure to provide them will result in refusal to fulfill the request.
The answer to the application will be given immediately, but not later than within a month from the date of receiving the request. In justified situations, the deadline for providing the answer may be extended, about which the Controller informs the applicant.
The Controller stores information about the request and the person who made the request, in order to ensure compliance and to establish, defend or pursue possible claims of data subjects. The register of data subjects' applications shall be kept in a manner that ensures the integrity and confidentiality of the data contained therein.
The period of data processing by the Collector depends on the type of Service provided and the purpose of processing. As a rule, the user's data is processed by using the Services or conducting correspondence with the user, while the data related to the sending of marketing information including newsletter - until the consent is withdrawn or an effective objection to data processing is submitted.
The data processing period may be extended if the processing is necessary to establish and assert any claims or defend against them and after that time only if and to the extent that it will be required by law. After the expiry of the processing period, the data is irreversibly deleted or anonymized. Services are not intended for Users under 18 years of age and we do not collect Personal Data from users under 18.