Privacy policy

Introduction

CrazyGroup.app (Kreatus sp. z o.o.) aims to inform you about how we process your personal data. This Privacy and Cookies Policy tells you what personal data we collect, use and disclose.

Personal data are any data relating to an identified or identifiable natural person whose identity can be directly or indirectly determined on their basis. Personal data can be information such as names, contact details, IDs (online), online identifiers or other characteristics of an individual.

This Privacy and Cookies Policy applies when you visit our sites and use our Services that link to this Policy or on which a link to this Policy is displayed. This Privacy Policy may be supplemented by additional privacy statements or terms that we will provide to you.

About Us

The administrator of your personal data is Kreatus sp. z o.o., 11 Listopada 60-62, 43-300 Bielsko-Biała.

We are committed to protecting the personal data of our customers, users, employees and other stakeholders.

Our contact details for questions related to your personal data can be found in the "Contact" section.

What personal data we collect

Depending on the ongoing relationship between you and us and the services provided to you, we may collect the following personal information:

● Personal information (e.g., name, email address, postal address and telephone number).

● Business information (e.g., job title and other employment or education information).

● Account credentials (e.g., passwords and other security information used for authentication and access purposes).

● Financial information (e.g., bank account number and credit and debit card for payment processing).

● Activity information (e.g., about your activities in navigating our Services and which elements of our Services you use most often).

● Other information shared through our websites, applications, online shops and other products.

● Information about your computer and other devices and connection information (e.g., IP address, browser type and version, location).

How we collect personal information

Personal information may be collected by us and our contractors from the following sources:

● Direct contact (e.g., when purchasing our Services).

● Information from third parties (e.g., from websites or data you have made available for public viewing).

● Automated tracking technologies (automatically collected information about your use of our Services using technologies such as cookies, web logs, web beacons and web tags).

How we use your personal data

The personal data collected is used for the purpose for which you have provided it. A wider use is only possible for legally defined purposes or with your consent. We process your data in accordance with the following legal bases:

● processing is necessary for the performance of a contract or to take appropriate steps prior to entering into a contract;

● processing is necessary for purposes relating to our legitimate interests - for example, to improve the quality of our products and services in order to assert our claims;

● processing is necessary for compliance with a legal obligation to which we are subject or which is otherwise lawful under applicable data protection law;

● on the basis of your consent.

Depending on what actions you take in relation to us and the Service, we may use your personal data for the following purposes:

● Developing our relationship with Clients (e.g. managing your access to the Services), which is necessary to perform the contract;

● Developing the Services and creating new products (e.g., surveying our Clients, personalising our approach to them), which is necessary for purposes related to the legitimate interests of the company;

● Marketing activities (e.g., obtaining consent to receive advertising information), which are carried out on the basis of your consent or our legitimate interests;

● Recruitment activities (e.g., assessing job applicants), which are for the purpose of taking appropriate pre-contractual steps based on your consent;

For other purposes in support of our commercial activities (e.g., order management, financial and tax management, risk and compliance management and reporting to external parties). This type of processing is necessary for the purpose of complying with a legal obligation to which we are subject or which is otherwise lawful under applicable data protection law or because of our legitimate interests.

Disclosure of your personal data

Certain information may be shared with recipients within the company or with certain third parties in order to improve the services provided to you. In addition, there may be a specific statutory obligation requiring us to disclose your personal information to external parties. We may share data with, among others:

● our service providers, e.g., for managing or hosting services and/or managing or hosting technology solutions in support of the Services we provide;

● our business partners, to the extent that you have purchased such business partner's product or service or expressed interest in such product or service, interacted with such business partner, or otherwise consented to us sharing your personal information with that business partner;

● organisations involved in the transfer of a business, e.g., to a buyer or successor entity in the event of a sale or any other commercial transaction relating to our business or part of it;

● other entities, e.g., for external audit, compliance, risk management, corporate development and/or corporate governance matters, where appropriate; or

● governmental authorities in accordance with applicable law.

Whenever we share personal data internally or to third parties in other countries, we apply appropriate security measures in accordance with applicable data protection laws, including applicable EU model clauses. As required by applicable law, entities are subject to adequate safeguards to ensure the protection of personal data and may only access personal data necessary to perform specific tasks.

How long we store your personal data

Your personal data will be processed to the extent necessary for us to fulfil our obligations and for the purposes for which the data was collected, in accordance with our data retention policy and applicable data protection legislation. Once we no longer need your information, we will take all reasonable steps to delete it from our systems and records or to anonymize it appropriately so that you cannot be identified by it.

How we ensure the protection of your personal data

We have implemented an internal framework including procedures and minimum standards to keep your data secure. In addition, our employees, business partners, service providers and third party service providers may only access your personal data to the extent that their duties require them to do so. More specifically and in accordance with the law, we take appropriate technical and organisational measures (policies and procedures, IT and other safeguards) to ensure the confidentiality and integrity of your personal data and the way we process it.

What are your rights

We are committed to complying with applicable laws. In accordance with local data protection laws, including European data protection laws, we respect your rights listed below:

● The right of access, which means "to obtain information about your personal data",

● The right to rectification, which means "to have your personal data corrected",

● The right to erasure, which means "the right to be forgotten". In some cases, your personal data is necessary for the provision of the Services and if you do not provide us with such information, then you may not be able to access the use of such Services or some of their features.

● The right to data portability, which means "the transfer of your personal data",

● The right to restrict processing. In certain circumstances it may not be possible for us to comply with your request, for example where the processing is necessary to comply with a legal obligation or where we can demonstrate another legitimate justification.

● The right to object to the processing of your personal data. The grounds for objection should relate to your individual situation and the processing based on the condition of a legitimate legal basis. In the aforementioned case, we will cease processing your personal data unless we demonstrate compelling reasons to justify further processing. In certain cases, you have an unconditional right to object, for example in the context of direct marketing.

Withdrawal of consent: the right to withdraw consent to the processing of your personal data at any time; for example, once you have given your consent to receive information about our Services, you have the right to withdraw it at any time.

Cookies policy

We use cookies to optimise our websites and to analyse web traffic. Occasionally, where we have your prior informed consent, we may use cookies from third parties, including from social media plug-ins, to enable you to immediately share your thoughts and information with us and for our own marketing purposes.

Cookies and similar technologies (collectively "Cookies") are small text files or pixels that may be stored on your computer or mobile device. Cookies may be necessary to make the website easier to browse and more user-friendly. Third party cookies may collect information to analyse individual search behaviour.

We may use cookies from one of the four categories shown below.

● The cookie banner on our website will make it easier for you to manage your preferences for optional cookie categories. In addition, the banner provides a summary of all cookies used within these categories.

● Necessary cookies - these mandatory cookies are needed to ensure the smooth functioning of our websites.

● Functional cookies - these cookies provide access to additional features on our websites.

● Performance cookies - these cookies support analytical services that help us improve the features of our website and your experience.

● Preference cookies - these cookies may be used to collect information and publish personalised content and advertising on our and other websites.

Contact

If you have any questions about how we process your personal data or if you wish to exercise your rights, you can contact us using the "Contact" form. You may also contact our Data Protection Inspector by sending e-mail to rodo@kreatus.eu.

If for any reason you believe that we are not responsive to your requests or you disagree with our data privacy practices, you may also file a complaint with your national data protection authority.

In response to your request, we may ask you to confirm your identity, if applicable, and to provide information that will help us better understand your request. If we do not comply with your request, we will provide a reason for our decision.

Privacy Policy Updates

We may update this Privacy and Cookies Policy and any other specific privacy statement. When we make changes to this Privacy and Cookies Policy, we will add a new date to this Privacy Statement. This version is effective as of December 14, 2020.

Help

If you have a question, please send it to us via the "Contact" section and we will get back to you promptly.