Vercom S.A. cares about your sensitive information by making every effort to provide you with reliable and transparent policy on how your personal data is processed.
Learn about our privacy policy
Below, we hereby explain you, how we process your personal data in order to provide our services rendered via our websites: messageflow.com and vercom.pl (hereinafter referred to as the „Websites” or separately as the „Website”) – these information, however, shall apply only in case when you provide us with your personal data for purposes related to the use of our services (both, when you act on your behalf, as the Client, as well as when you use the Services on Client’s behalf, as its representative or a contact person).
If your activity on our Websites is exclusively limited to reading of the content placed therein, then the only information that should apply to you, is the Cookie Policy available here. In the Cookie Policy you can learn about using Cookie and other technologies for purposes related to your activity on our Websites.
Below we may use the „GDPR” abbreviation by which you should understand the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Whenever in this Privacy Policy we say about the „Agreement” (written with a capital letter), it should be understood the Framework Agreement on the Provision of Services by Electronic Means.
Whenever in this Privacy Policy we say about the „Service” (written with a capital letter), it should be understood the Service we may provide you with based on the Agreement.
I. Data Controller
We are the Controller of your personal data – „we” means Vercom S.A. with a registered office in Poznań, at 1B Wierzbięcice St, Building D, 61-569 Poznań, Tax ID: 781-17-65-125, REGON: 300061423, registered in the Register of Entrepreneurs kept by the District Court of Poznań – Nowe Miasto i Wilda, VIII Commercial Department of the National Court Register (KRS) under the KRS No.: 535618, e-mail: .
You can contact our Data Protection Officer, Mrs. Marika Rybarczyk, at: .
II. What are the purposes and legal basis for the processing of your personal data?
- Your personal data shall be processed for the following purposes:
For the conclusion and performance of the Agreement – if you decide to enter into the Agreement with us, we shall process your personal data for purposes related to the performance thereof and rendering of the Services set out in this Agreement (which also relates to the processing of personal data of our corporate Clients’ representatives and/or contact persons). - For the performance of the Newsletter service agreement – if you decide to enter into the agreement on rendering of the Newsletter service, we shall process your personal data for purposes related to the performance thereof; on basis of such an agreement and on terms set out in the Regulations of the Newsletter service, you shall be receiving from us, periodically, the Newsletter containing information related to the e-commerce world, as well as our guides and invitations to webinars.
- For purposes related to the performance of our legal obligations – we, as the Controller of your personal data, may be required to process your personal data in order to fulfill legal obligations that derive from binding legal regulations.
- For purposes related to the performance of our legitimate interests, which are the following:
- Responding to the inquiry, which you may address to us via contact forms or chats available on the Websites, as well as at our e-mail contact addresses – contact forms and chats have been created in order to provide the users of our Websites with a possibility to contact us; in case you decide to reach out to us this way, we shall process your personal data in order to respond to your inquiry, question or contact request; the same applies in case you reach out to us via standard e-mail way or telephone contact;
- Analysing of and responding to your complaint – yes, processing of your personal data in order to analyse and respond to the complaint which you may bring to us, constitutes our legitimate interest. On the one hand, we are obliged to respond to your complaint (our obligation in this regard derives from the Agreement or Regulations of the Newsletter service), on the other hand we believe that responding to your complaint and taking position on any claims you may address to us, may positively affect our relations in the future;
- Direct marketing of our services – your personal data shall be processed for purposes of the direct marketing related to our services, provided that you give us your consent to use electronic end devices and automated calling systems in order to initiate such a contact with you in order to serve you information of a marketing character at your e-mail address or telephone number, or both communication channels at the same time (depending on your preferences); the above applies also to the reverse contact with you, initiated by us as a result of your inquiry for an offer – by reaching out to us with such an inquiry, you give us the consent to initiate a contact with you for direct marketing purposes (presenting the offer), by using telecommunication end devices and automated calling systems. You can withdraw this consent anytime, you can learn more about the withdrawal in „Consent for using telecomminication end devices and automated calling systems”, below.
- Profiling for direct marketing purposes – in case you agree that we shall use telecommunication end devices and automated calling systems in order to initiate contact with you for purposes of a direct marketing using your your e-mail address or telephone number (or both, depending on your preferences), your personal data shall be subject to profiling for purposes related to the direct marketing. The profiling mentioned in the preceding sentence, shall enable us to serve you marketing content that fits your preferences. You have the right to object to the profiling of your personal data for purposes of the direct marketing, as set out in point 7 below.
- Pursuing claims related to our business activity or defending against claims that you may have against us, related to the use of our services – exclusively in justified cases, for example when the complaint procedure initiated by yourself justifies the further need to defend or pursue our/your rights in the court, or in case you do not settle the invoices issued by us for services rendered on your account (debt collection purposes);
Your personal data shall be processed on basis of:
- In relation to the processing performed for the purpose s§et out in 1 and 2 above – Article 6 section 1 point b) of the GDPR, i.e. the processing is necessary for the performance of the agreement which you have entered into with us or are the representative of the Client whom we entered the Agreement with, i.e.: (i) the Agreement, as well as/ or (ii) a Newsletter service agreement, which you conclude with us by subscribing to the Newsletter service, regulated by the Regulations of the Newsletter;
- In relation to the processing performed for the purpose set out in point 3 above – Article 6 section 1 point c) of the GDPR, i.e. the processing is required to fulfill our obligations deriving from binding legal regulations;
- In relation to the processing performed for the purposes set out in point 4 above – Article 6 section 1 point f) of the GDPR, i.e. the processing is necessary to perform our legitimate interests, which we have listed above;
III. Who shall access your personal data – data recipients
Your personal data may be accessed by our employees and associates engaged in rendering of the services for your account, as well as those who may serve you a helping hand in all cases you may contact us. For purposes related to rendering services to your account, your personal data shall be accessed by telecommunication service providers. Your personal data may be also accessed by external entities, that render given services to our account and on our behalf, such as: IT services’ providers, hosting service providers, legal service providers, courier service providers and accounting service providers, as well as providers of tools and software we may use for purposes of our business activity (invoicing system, communication tools etc.); such partners shall be processing your personal data on basis of a data processing agreement concluded with us, and the processing shall be performed on our behalf.
In justified cases, as well as only within the scope permitted by the provisions of the binding Law, your personal data may be accessed by public administration/supervisory bodies, in particular: by the President of the Data Protection Office, Tax Office, as well as Police and Prosecutors Office.
IV. We use Google Workspace in our daily business activity.
All information related to the privacy under the Google services, are available at: https://policies.google.com/privacy?hl=en
At Vercom, we wish that all data of our Customers that we process, shall remain in the European Economic Area region (EEA). Should you have questions related to our using the services of Google, please reach out to us at: .
V. How long do we process your personal data?
If you have entered into the Agreement, then your personal data shall be processed for the period required for the performance of the Agreement. Please, note, that your Agreement may be concluded for a definite period and terminate with the lapse of a period for which it has been concluded, as well as for an indefinite period and terminate with the lapse of the termination notice. In each case, after termination of the Agreement, we shall process your personal data for the period necessary for us to perform our legal obligations deriving from the Law.
So how long, then?
The Act dated as of 29th September 1994 on Accounting (the „Accounting Act”), obliges us to keep your personal data for the period of 5 years counted from the beginning of the year following the financial year in which the agreement has been terminated (settled).
The above shall apply to the Newsletter service agreement accordingly, provided that you have entered into such an agreement.
Other data retention periods
In case, when we process your personal data for purposes related to the performance of our legitimate interests, the retention period of the processing of your personal data shall be, as follows:
- If the processing is performed in order to respond to your inquiry addressed to us via contact form or chat available on our Website, as well as a to ur e-mail addresses/ telephone contact – for the period necessary to recognize and respond to your inquiry;
- If the processing is performed in order to recognize your complaint – for the period necessary to end the complaint proceedings, and, after the end of the proceedings, for the period of 1 year following the year when the complaint has been settled;
- If the processing is performed for direct marketing purposes – exclusively until you withdraw the consent granted to us, on basis of which we could use telecommunication end devices and automated calling systems for purposes of direct marketing; if you withdraw such consent, we shall no longer be authorized to base the processing of your personal data on the ground of a legitimate interest; your personal data shall no longer be processed for direct marketing purposes also in case you object to such processing;
- If the processing is performed in order to profile your personal data for purposes of direct marketing – exclusively until you withdraw the consent granted to us, on basis of which we could use telecommunication end devices and automated calling systems for purposes of direct marketing; if you withdraw such consent, we shall no longer be authorized to base the processing of your personal data for direct marketing purposes on the ground of a legitimate interest, and, furthermore, we shall no longer be authorized to profile your personal data for direct marketing purposes; your personal data shall no longer be profiled for purposes related to direct marketing also in case you object to such profiling;
- If the processing is performed in order to pursue claims deriving from our business activity or in order to defend against claims which you may have against us – for the period of claims’ limitation, and in case of proceedings commenced in order to pursue/ defend of such claims, for the period necessary to close the proceedings and execute the claims. In such a case, however, we will update the notice on processing of your personal data, informing of the processing carried out in this purpose.
VI. Rights that you have in relations to the processing of your personal data
On the conditions set out in the GDPR, you have the right to:
- Access your personal data.
- Demand from us to rectify your personal data.
- Demand from us to delate your personal data, or demand from us to restrict of the processing of your personal data.
- To object to the processing of your personal data, as well as to data portability.
In order to execute your rights related to the processing of your personal data, please contact us at:
VII. You have the right to object to the processing of your personal data.
Yes, you have the right to object to the processing of your personal data – only if we process your personal data on basis of the Article 6 section 1 point f) and/or Article 6 section 1 point e) of the GDPR.
The objection may be brought any time, for reasons related to your particular situation.
In the event when you object to the processing of your personal data based on the Article 6 section 1 point f) or e) of the GDPR, we shall no longer be authorised to process your personal data for purposes covered by the objection, unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of yours, or for the establishment, excercise or defence of legal claims.
In case, however, when we process your personal data for direct marketing purposes, including profiling for these purposes, the objection may be brought anytime – your objection in such a situation does not require any justification.
If you wish to object to the processing of your personal data, please reach us at: .
VIII. You have the right to lodge a complaint to the supervisory authority
In the territory of the Republic of Poland, the competent authority for the protection of personal data is the President of the Data Protection Office, uodo.gov.pl
In the Czech Republic, the competent authority for the protection of personal data is the Office for Personal Data Protection, uoou.gov.cz
In Germany, the competent authority for the protection of personal data is the Data Protection Office, www.bfdi.bund.de
IX. Your personal data shall not be subject to the automated decision-making process.
X. Providing us with your personal data is necessary for us to render the services to your account. If you do not provide us with your personal data, rendering of the services will not be possible.
XI. Consent granted to Vercom on using telecommunication end-devices and automated calling systems for direct marketing purposes
If you grant us the consent for using telecommunicationend-devices and automated calling systems for purposes of a direct marketing, then you have the right to withdraw the consent any time; your withdrawal of the consent shall not affect the lawfulness of our actions taken prior to the withdrawal.
How to withdraw the consent?
- On your own – via your Client’s Profile, by unchecking the relevant check-box;
- On your own – by choosing a link contained in each e-mail or SMS marketing communication;
- By contacting Vercom electronically, at: ;
- By contacting the Support Team at: , or just by informing the Consultant during the call initiated by us for direct marketing purposes, that you wish to withdraw the consent and not to receive further calls or telephone communication to your phone number.
***
This Privacy Policy is of an informative character only and may be amended from time to time. Any amendment of this Privacy Policy shall not constitute an amendment of the Agreement.