Privacy Policy

 

DISTINCT respects the right to privacy of its Users and guarantees to them the right of choice within sharing information concerning themselves. DISTINCT makes the best effort to process the Users' data in accordance with the

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

 

Please read the following Privacy Policy on the personal data processed within the services provided by  DISTINCT in the Application.

 

  1. Definitions.

 

Administrator - Distinct sp. z o.o. registered in Krakow, (31-039) Kraków, ul. Józefa Dietla 50/12, entered into the Register of Companies of the (Polish) National Court Register run by  the District Court for Kraków Śródmieście, XI Commercial Division, under KRS number 0000789708, NIP: 6762567033, REGON: 38358171500000;

 

Personal data - any data about a natural person identified or identifiable by one or more distinctive factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including – if they allow such identification of the User – IP of the device, an Internet ID and data collected through the cookie files and any similar technologies;

 

Personal data processing – any operation performed on personal data in an automated or non-automated  way, such as collecting, saving, organising, arranging, storing, adapting or modifying, downloading, searching, using, revealing through sending, sharing or any other way of sharing, adjusting, combining, removing or destroying.

 

Application  – the Distinct software, available in the form of a mobile application, the rights to which are granted to the Administrator, and through which the Administrator provides the User  with the Services laid down in the Regulations;

 

Regulations – the terms of providing services by the Administrator, in the up-to-date version available in the Application;

 

User – any natural person using the services provided by the Administrator within the Application under the Regulations;

 

  1. What personal data does the Administrator process?

 

Once the User starts using the Application, the  Administrator collects and processes their data within the range necessary for providing particular services offered:

  • the information provided by the User while registering an account in the Application, such as name, email address, birth date, image, gender,
  • the information provided by the User while registering an account in the Application through another portal like Facebook or Google+ such as name and surname, email address, password, data from the User's public profile on those websites,
  • the information provided by the User while using the Application, especially the information provided by the User in the process of creating their own questions (“Wish questions”, listed in the Regulations, which may contain sensitive data voluntarily provided by the User such as: special categories of personal data concerning sexuality, sexual orientation, health condition, addictions, religious beliefs, world view),
  • data changed by the User in the process of editing the account in the Application,
  • data shared by the User in the correspondence with the Administrator or while using the Feedback option, mentioned in the Regulations,
  • data shared by the User with the Administrator in the complaint processes, exercising the right to withdrawal from the contract, pursuing the claims under the contract,
  • statistics concerning the usage of the services, including the data on session ID, IP number of the device used by the User, information contained in the Cookie files or other similar technologies, information about the time spent on particular sites and sub-sites, usage of particular functionalities of the services, information on the device,
  • information provided by an unregistered user in the process of downloading and installation of the application.

 

  1. IP Address.

 

IP Address is the number assigned to a mobile device of the person visiting an Internet service by the ISP (Internet Service Provider), enabling to identify the device. IP Number allows to access the Internet. IP Address is used by the Administrator to create statistical analyses, as the data useful for administering and improving the Application, as well as for security and potential identification of automated malicious software searching the contents of the Application, overloading the server.

 

  1. Cookie files (Cookies) or other similar technologies.

 

Cookies are digital data saved in files and stored on the User's end device, which the browser sends to the server each time the particular end device connects – while the User uses various Internet sites.

 

Other similar technologies are the other tools used in applications, e.g. localStorage, AdID, IDFA, which serve similar purposes, i.e. collecting, saving and storing information on the Users' activities.

 

Detailed information on Cookies is provided the appendix to this Privacy Policy, i.e. in the Cookies Policy.

 

  1. On what basis and with what purpose are the User's Personal data processed?

 

The Administrator processes the Personal Data on the grounds of one (or more) bases stipulated in the GDPR. It may be one of the following bases of processing:

  • realisation of the contract under which the User uses the service provided by the Administrator in the Application, or taking actions requested by the User  before concluding the Contract (Art. 6 section 1 pt. b of the GDPR) – in order to exercise the contract, answer the question asked by the User, contacting the User,  
  • legitimate interest of the Administrator (Art. 6 section 1 pt. f  of the GDPR) – in order to guarantee the service security, improvement and their adjustment to the needs and convenience of the Users, for statistical purposes, as well as for direct marketing (also ordered by advertisers and Trusted Partners) or promoting own services,
  • voluntary consent of the User to process particular (sensitive) personal data (concerning i.e. sexuality, sexual orientation, health condition, religious beliefs, world view), voluntarily provided by the User, in order to perform a service in the Application (Art. 9 section 2 pt. a  of the Polish GDPR),
  • obligation to process under the law (e.g. for tax and accounting purposes - Art. 6 section 1 pt. c  of the GDPR)
  • voluntary consent of the User for the Administrator and its Trusted Partners  to process the data for marketing purposes (covering automated analysis of the User's activity in applications in order to determine their potential interests so as to personalise the advertisement), including setting web markers (cookies etc.) on their Devices and reading such markers; the above data may be shared with our Trusted Partners. The above consent concerns processing the User's personal data for marketing purposes of the Trusted Partners. Trusted Partners are as follows: Facebook, Google, Apple.

 

  1. What are the User's rights related with their Personal Data processing?

 

The GDPR afresh defines the User's rights concerning personal data processing:

 

The right to access personal data.

Upon the User's request, the Administrator provides information whether he processes the User's Personal Data. Upon an independent request, the Administrator is obliged to share more detailed information within the following range: purposes of processing, categories of personal data, data recipients or their  categories, time of storing personal data or criteria of its setting, source of the data, about automated personal data processing and consequences of such data processing for the User.

The right to request a copy of the processed personal data.

Upon the User's request, the Administrator creates a copy of personal data, which may be made available to the User in a popular format of a digital file. The first copy will be made available for free.

The right to update or delete personal data.

If it turns out that the User's Personal Data are incorrect, the Administrator removes  irregularities. If the User does not agree for their Personal Data to be processed,  the Administrator shall remove them from his data bases. Despite the User's demand to remove their data, the Administrator may, however, process some of the personal data  on the terms stipulated by the GDPR.

The right to limit personal data processing.

In the cases determined by the GDPR, upon the User's request, the Administrator shall limit the extent of personal data processing. The limitation of personal data processing makes it impossible to use them beyond storing. In this case, any other actions on the data subjected to the limitation of processing shall only be performed upon the User's consent.

The right to request sharing of the personal data.

On the terms stipulated by the GDPR, the User may request sharing of the personal data saved in a standard file format suitable for machine reading. If the User's aim is to share the data with another administrator, the Administrator shall send a file containing the personal data directly to them.

The right to object.

In particular cases, even if the Administrator processes the personal data under the law without the User's consent,  the User may request the Administrator to stop personal data processing by sending an objection. It will be justified if the User points out that, under the law, the Administrator's actions still violate overriding interests, rights or freedoms of the person concerned by the data.

The right to file a complaint  with a supervisory body.

If the User thinks that through the  Administrator's actions related to the personal data processing their rights have been violated, there is a possibility of filing a complaint to the Chairman of the Personal Data Protection Office.

 

  1. Who does the Administrator share the Personal Data with?

 

The Personal Data shared by the User shall be subjected to sharing with entities entitled to receive them under the legal regulations (e.g. prosecution), business entities maintaining our IT resources, providing legal, audit, advisory, accounting and hosting services for us, as well as our cooperators.

 

  1. Transfer of data beyond the European  Economic Area (EEA).

 

If the User decides to connect their account with other Internet services such as Facebook or Google, the Administrator shall transfer the User's Personal Data beyond the territory of the EEA.

After downloading the Application from  Google Play or App Store, Trusted Partners of the Administrator use other similar technologies, like e.g.  localStorage, AdID, IDFA, which may then be transferred beyond the EEA.

Due to the transfer of Personal Data outside the EEA, the Administrator verifies whether  Trusted Partners of the Administrator based themselves or their servers outside of the EEA will guarantee a high level of personal data protection. these guarantees result from, in particular, the obligation to use standard contractual clauses accepted by the Commission (EU) or participation in the  Privacy Shield Frameworks,  adopted upon the  Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield. The User is entitled to receive a copy of standard contractual clauses upon their request.

 

  1. How long are the Users' personal data processed?

 

How long the Users' personal data are processed by the Administrator differs depending on the type of, ground and reason for their processing – but always with the reservation to process them only until the reason for their processing exists, i.e.:

  1. in the case permission is granted until it is revoked, limited or other actions on the User's side that limit this consent,
  2. in the case of necessity of the data to exercise the contract, throughout the time of its exercising and expiry of the limitation period for claims under the contract (3 years or 6 years),
  3. in the case when the data processing is based on the administrator's legitimate interest until the User effectively objects,
  4. in the case when the data processing is performed to explicitly publicise   the data by the User – until the User deletes the data,
  5. for tax and accounting purposes within the range and over the time in accordance with the rulings in force.

 

  1. Person Data Officer

 

The Administrator informs that he appointed   Person Data Officer (PDO), which is a person with whom the User may contact in any issues related to processing their Personal Data within the services provided in the Application and exercising the rights related with the processing.

 

Contacting the POD is possible:

  1. at the e-mail address: _______________
  2. at the postal address: ul.______________ with the note 'Inspektor Danych Osobowych' (Person Data Officer)

 

  1. Change to the Privacy Policy.

 

The Privacy Policy may be complemented or updated up to the Administrator's current needs in order to provide for the Users up-to-date and reliable information concerning their personal data and information on them. Users shall be informed about any changes to the Privacy Policy in the Application, if the Service Provider considers it suitable or necessary, to their email address provided by the User.

 

 

 

 

 

 

APPENDIX TO THE PRIVACY POLICY: COOKIES POLICY.

 

This Cookies Policy is the appendix to the Privacy Policy, constituting its integral part.

 

PURPOSE OF PROCESSING: Cookie Files or  other similar technologies are processed with the following purposes:

  • in order to better adjust the contents and advertisements available in the Application to the User's expectations and interests,
  • to facilitate presentation to the User  of advertisements adjusted to their interests,
  • to collect aggregated statistics which enable to evaluate how Users use the Application and help improve its functioning and contents.

 

With the above purposes, no Personal Data of the User are collected.

 

HOW LONG DO COOKIE FILES STAY ACTIVE:

Cookie files are installed for various periods of time. In the device used by the User the following cookie types may be used: Session Cookies (they stay in the device only when using the Application) or  Permanent Cookies (they stay in the device as long as their time setting allows or until the User deletes them).

 

RECEIVING COOKIE FILES AND OTHER SIMILAR TECHNOLOGIES FROM THIRD PARTIES: The Administrator enables the User to receive Cookies coming from his Trusted Partners. Trusted Partners may use cookies  or other similar technologies to determine whether a particular advertisement was displayed by them or at their order, as well as to collect information about how the Users react to the displayed advertising banners (i.e. realisation of marketing goals). Trusted Partners may also, based on the User's consent, adjust the displayed banners to the User's interests evaluated on the information shared with Trusted Partners by the User while using the Application. If the User has granted their consent mentioned in the previous sentence, this information may also be shared with further marketing purposes to other entities displaying or ordering advertisement on the Internet.

 

CHANGE OF SETTINGS CONCERNING COOKIE FILES:

Cookie files are processed  based on the User's consent, who can, at any time, change their mind, through modification of the settings so as the Cookie files are blocked. Blocking Cookie files does not disable the usage of the Application, but it may negatively impact the convenience of the Application usage so as the User, for example, will not receive personalised information while browsing it. Detailed information concerning permissions granted to the Application are listed in the settings of the Device used by the User.