Chaos Gears website

Privacy Policy

Chaos Gears S.A., the owner of the www.chaosgears.com service, makes all possible efforts to protect your privacy. This Privacy Policy is effective from May 25, 2018 for the purpose of transparent, lawful and secure processing of personal data.The functioning of the Privacy Policy is based on the GDPR, i.e. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard of the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation), which defines what data and on what terms they are processed.

Personal Data Controller

The controller of personal data is Chaos Gears S.A. with the registered office in Warsaw (02-910) at Goraszewska Street 19; Tax Identification Number: 5213808415; REGON: 369201072; KRS: 0000709846. If you have any questions regarding the processing of your personal data and your rights, please contact us at daneosobowe@chaosgears.com or phone number +48 222630101

Scope, purposes and legal basis for the processing of personal data

1. Personal data are processed to:
a. answer questions addressed to the Controller through the contact forms available on chaosgears.com website, including interactive windows available on each subpage of the website (according to article 6.1.f of the GDPR),
b. dispatch of marketing content, including information about planned events and workshops, business information, joining event community, newsletter or dispatch of eBooks and other information on the basis of the consent (Article 6(1)(a) of the GDPR),
c. recruitment, including:
- to establish and maintain contact with the Candidate in relation to the application documents submitted, pursuant to Article 6(1)(b) of the GDPR, i.e. in relation to taking action at the request of the data subject before concluding a contract,
- carrying out and resolving the recruitment process based on Article 6(1)(b) of the GDPR, i.e. taking the necessary actions at the request of the data subject before concluding the contract
- in the scope of data indicated in Article 221 §1 of the Labor Code and on the basis of the Candidate's consent, i.e. Article 6(1)(a) of the GDPR and in the scope of data beyond the catalog indicated in Article 221 §1 of the Labor Code,
- to take account of the Candidate's application documents in future recruitment processes on the basis of his/her voluntary agreement (Article 6(1)(a) of the GDPR).
d. establishing contact in order to prepare, at the Customer's request, an offer of the Controller’s services and/or products tailored to the Customer's needs (Art. 6.1.b of the GDPR),
e. adapting and developing the website's functionalities, including its structure and content to the needs of Internet users, creating aggregated statistics, and preserving the security and quality of services provided by the service - based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR),
f. investigation or safeguard against possible claims (according to Article 6(1)(f) of the GDPR),
g. conducting statistical analysis of information about participants of our events (according to Article 6 (1) (f) of the GDPR) where the legitimate purpose is to have information about the statistics which allows us to improve our activities.

2.The Service performs the functions of obtaining information about users and their behavior as follows: 
• Through the information voluntarily entered in the forms.
• By storing on end devices on end devices “cookies”
• By collecting web server logs by the hosting operator www.webflow.io

3.The Controller processes personal data only to the extent necessary to achieve a strictly defined purpose, in accordance with the information indicated below:
1. Sending a message through the contact form, among others: e-mail address and telephone number and all other information that the User will provide of his/her own free will in the addressed message,
2. Sending newsletters, commercial and business information and e-books: name and surname, e-mail address, telephone number, among others,
3. Recruitment: the e-mail address from which the message was sent and the information contained in the application form,
4. Preparation of offers: name and surname, e-mail address, telephone number, and other information contained in the message sent through the contact form,
5. Customization and development of website functionality: IP addresses collected during Internet connections for technical purposes related to server administration.

The Controller does not make automated decisions on the basis of data collected about Users.

Information in forms

The Service collects information provided voluntarily by the user. The service may also store information about connection parameters (time stamp, IP address). The data provided in the form is processed for the purpose resulting from the function of a form, e.g. for registration for a seminar or for making a webinar recording available.

Registration for free seminars and workshops

Data scope: In order to register for organized seminars and workshops, we process personal data submitted under the contact form:
Name, e-mail address, telephone number, company name, position. 
Legal basis: Processing is necessary to take action at the request of the data subject 

Download recordings from archival webinars

Scope of data: In order to get a link of the recorded webinar, we process the data sent under the contact form:
Name, e-mail address, telephone number, company name. 
Legal basis: Processing is necessary to take action at the request of the data subject. In the case of personal data obtained in other way than by the chaosgears.com website (by telephone, e-mail, etc.), we process it only for the purpose for which it was made available and for the time necessary for this purpose.
In case of a planned change in the purpose of the processing, we always ask the owner of the personal data for consent and inform about the changing conditions of data processing.

Cookies

We use cookies in order of properly functioning of the website and to adapt the content of the website to the user’s preferences and optimize the usage of the website.These files allow us to recognize the basic parameters of the device (such as: device type, screen resolution, country from which it comes to enter) and thus display the website adapted to your needs accordingly. 
Cookies are also used to collect general and anonymous statistical data through analytical and marketing tools:
1. Google Analytics (cookie administrator: Google Inc. based in the USA),
2. Google AdWords (cookie administrator: Google Ireland Limited, based in Ireland). 

If you do not agree to the use this type of tool, you can change your cookie settings yourself and at any time, specifying the conditions for their storage and access by cookies to your devices. This change can be made in your web browser settings.
This will allow you automatically block cookies, or you will be informed about the placement of cookies on your
device any time. Also in your browser there is an option that allows you to delete cookies at any time.
When you decide to restrict using of cookies, it is possible that this will affect some of the functionalities available on our website.Information about the possibilities and how cookies are handled you can find in your browser.

Transfer of personal data

Your personal data is transferred to entities providing services for us:
• hosting – Webflow, Inc. registered in 398 11th Street, San Francisco 
• contact base management and sending emails - HubSpot company registered in Cambridge, 25 First Street, 2nd Floor, MA 02141 United States
• webinars – Clickmeeting company registered in Gdansk, ul. Arkonska 6/A4.These entities process your Data only on our order.

Location

The suppliers which services we are using, based in Poland, other countries of the European Economic Area and outside the EEA, and in this case we pay special attention to our suppliers to provide guarantees of a high level of protection of personal data. These guarantees arise from an obligation to use standard contractual clauses adopted by the Commission (EU) or to participate in the EU-US Privacy Shield Program. 
The Controller stores your personal data for a period of no longer than is required to prepare an offer, to respond to an inquiry, to sell the service. Data can be deleted at any time.

Server logs

Information about some user behaviors is subject to server-tier logon. This data is used solely for the purpose of administering the service and to ensure the most efficient operation of the hosting services provided. 
The resources viewed are identified by URLs. In addition, the following may be recorded:
a. time of arrival of the request,
b. time of sending a response,
c. the name of the client station – identification made by HTTPprotocol,
d. information about errors that occurred during the execution of http transactions,
e. URL of the page previously visited by the user (referer link) – in case the transition to the Service occurred through a link,
f. information about the user’s browser,
g. Information about the IP address.The above data is not associated with specific people browsing the pages and is used only for the purpose of administering the server.

Rights

In connection with processing by Chaos Gears S.A. your data, you have the following rights:
1. access to your personal data,
2. rectification of personal data,
3. deletion of personal data,
4. restriction of the processing of personal data,
5. transfer of personal data,
6. object to the processing of personal data,
7. withdrawal of previously expressed consent to the processing of personal data.To exercise your rights, please contact us at  daneosobowe@chaosgears.com  or +48 222630101 

If we receive a request for the exercise of the rights mentioned above, we will respond immediately, no later than one month after receipt of the rights mentioned above. Due to the complex nature of the request or the number of requests, if we are unable to comply with the requests within one month, we will fulfill them, upon prior notice, within the next two months.

Security of Personal Data

Chaos Gears S.A. as a Controller of Personal Data undertake to:
1. safeguard personal data:– before it is made available to unauthorized persons,– removal by an unauthorized person–  changes, damage and destruction,
2. admission to the processing of personal data only of persons having authorized issued by us,
3. to ensure control over the correctness of the processing of personal data,
4. keeping records of persons authorized to the processing of personal data, exercise special care so that persons authorized to process such data keep it secret, even after the termination of cooperation,
5. keeping legally required documentation describing the processing of the entrusted personal data and technical and organizational measures ensuring the protection of the processing of such data,
6. security that the devices and information and telecommunications systems used in Chaos Gears S.A. for the processing of personal data, comply with the requirements of the Regulation of the Ministry of Interior and Administration of 29 April 2004 on the documentation of the personal data processed and the technical and organisational conditions to which the devices and systems should correspond.