Privacy Policy

1. Who are we?

 

The Personal Data Controller is Comarch Spółka Akcyjna with its seat in Kraków, Aleja Jana Pawła II 39A, entered in the National Court Register maintained by the District Court for Kraków-Śródmieście in Kraków, XI Economic Division of the National Court Register under KRS number 0000057567. The share capital of the company amounts to 8.133.349,00 PLN. The share capital was paid in full. TIN: 677 – 00 – 65 – 406. You may contact the Controller in all matters relating to our processing of your personal data. The preferred form of contact is electronic correspondence addressed to the e-mail address: kontakt@comarch-cloud.pl

2. Personal data

 

We process personal data that you have voluntarily provided to us. If you contact us, we will collect the e-mail address you indicate and any other identifying information you provide, such as your full name, e-mail address, or telephone number.
To protect the privacy of data and personal data that we collect and store, we maintain physical, technical, and administrative safeguards. We continually update and test our security technology. We train our employees on the importance of confidentiality and keeping your information private and secure. Access to your personal data is limited to employees who need it to provide services to you.

 

3. For what purposes and on what legal basis do we process personal data?

 

We process your personal data in order to:
– provide services electronically in accordance with the rules described in Comarch TNA Service Terms and Conditions. The provision of our Services is inextricably linked to the processing of personal data and without performing such activities we would not be able to provide our Services to you;
– conduct marketing activities by means of electronic communication, e.g. via SMS messages or e-mail. We will only perform such activities based on your voluntary consent;
– pursue our legitimate interests. Our legitimate interests include: conducting a survey of the level of user satisfaction, possible establishment, investigation, and enforcement of claims or defense against claims, prevention of abuse and fraud, detection of cases of unauthorized use of services, ensuring IT security, financial analysis of the Controller, conducting activities of a marketing nature, responding to inquiries and messages of users, conducting statistics and performing analytical studies and tests in order to better adjust services to the needs of users or optimize processes, performing profiling operations, the purpose of which is to best match distributed information.

 

4. How long do we process personal data?

 

Your data will be processed until there is a basis for processing, i.e.:
– in the case of data processing based on consent, until its withdrawal;
– in the case of the necessity of processing the data to provide the Service, for the duration of providing the Service, and until the expiration of claims related to the Service, taking into account claim limitation periods set forth in generally applicable laws;
– in the case where the basis for the processing is the legitimate interest of the Controller, until you raise an objection or this interest ceases to exist.

 

5. Android application communication with TNA Gateway

 

Communication with TNA Gateway devices may be established via NFC or Bluetooth.
In order to communicate with TNA Gateway devices via Bluetooth, Comarch TNA application additionally requires a permission to access location services. Access to location services is only used to search for nearby TNA Gateway devices using Bluetooth. No data about the physical location of the user is processed by the application, nor is it sent externally.
Permissions required to properly establish communication with TNA Gateway devices using Bluetooth are: Bluetooth permission to communicate with paired devices (BLUETOOTH), permission to detect and pair devices via Bluetooth (BLUETOOTH_ADMIN), location permission required to search for TNA Gateway devices using Bluetooth (ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION).
Permission required to communicate with TNA Gateway devices via Bluetooth when the user wishes the application to communicate with TNA Gateway even while in the background (ACCESS_BACKGROUND_LOCATION).
Permission required to communicate with TNA Gateway devices via NFC (NFC).

 

6. Access to disk data in the Android application

 

The application allows users to enter actions, such as business trips, and comment on them. Each comment may include a file attachment. Permissions required to add attachments are: permission to add an attachment as a file located in a mobile device’s memory (READ_EXTERNAL_STORAGE), permission to add an attachment as a photo directly from the device’s camera (CAMERA).
Any attachment may also be downloaded. In order to download an attachment, it is required to grant a permission to write an attachment file to a mobile device’s memory (WRITE_EXTERNAL_STORAGE).

 

7. Logi systemowe

 

Each visit of a user accessing Comarch websites is automatically recorded on the server in the so-called system logs. Data stored in this way include the date and time of a visit and an IP address. Data from the system logs is used solely for the purpose of server administration and website visit statistics.

 

8. Pliki cookie i inne podobne technologie

 

Comarch websites use so-called “cookies”, i.e. information recorded by servers on the user’s end device, which can be read by the servers each time the user connects to the websites using that end device. Comarch may also use other technologies with functions similar or identical to cookies. In this Comarch Privacy Policy, information regarding cookies also applies to other similar technologies used within Comarch websites. Cookies typically include the domain name of the website they originate from, the time of their storage on an end device, and a unique number. Cookies can be placed on the user’s end device and then used by third parties cooperating with Comarch that provide external tools for monitoring traffic and activities on the websites.
The cookies technology is used by most well-developed websites in order to improve website quality, and in particular to:

• create viewing statistics for particular content,
• personalize services provided on a website,
• maintain user sessions,
• authenticate persons using a website,
• provide users with personalized advertising content.

Comarch websites use the following types of cookies:

• “indispensable” cookies that make it possible to use services available on a website, e.g. to use sessions
• “functional” cookies that allow “remembering” settings selected by the user and personalizing the user’s interface, e.g. considering the selected mobile/standard version, last phrases typed by the user, a website’s layout, tab mechanism sta-tus, etc.
• “analytical” cookies that allow the monitoring of user activities on a website.

Cookies are not used to process or store personal data, they cannot be used to directly identify a user, and they do not introduce configuration changes to a browser or end device used for telecommunication purposes. The user has the possibility to independently determine the conditions of using cookies and can disable them at any time, using the settings of a web browser or service configuration. This can cause most web pages to be inaccessible or displayed incorrectly.
In some cases, it is possible to set a browser to ask for the user’s consent to cookies in each case. This provides the user with control over cookies, but may slow down a given browser. To easily manage cookies, please select your browser from the list below and follow instructions:

• Edge,
• Firefox,
• Chrome,
• Opera,
• Safari.

Mobile devices:

• Android,
• iOS.

If cookie settings are not changed, it means that cookies will be placed on the user’s end device and thus Comarch will store information on the user’s end device and gain access to that information.