Pricing
Blog
Community
Start for free
Pricing
Blog
Community
Start for free

Privacy Policy

The aim of this Policy is to inform users (the Users) of the cinnaroll.ai website (the Website) what kind of personal data may be processed on the Website; further, it informs the Users about processing purposes and the manner of using the data, and about related rights available to the Users. A personal data controller (the Controller) protects the Users’ privacy and ensures security of data provided by the Users. The Controller complies with personal data processing rules and applies technical and organisational measures which guarantee that the data are secure and processed as prescribed by law. The Users’ personal data are always processed in conformity with applicable laws, including in particular pursuant to the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the GDPR). The personal data may be processed in the Users’ cookies, in line with rules laid down in the Cookies Policy.

Who is the Controller?

The Controller is Virtus Lab Sp. z o.o. with registered office in Rzeszów (35-211), Poland, ul. Zofii Nałkowskiej 23, National Court Register entry No. KRS 0000349785, Tax Id. No. (NIP): 5170312965, Industry Id. No. (REGON) 180526627. Contact address: [email protected]. Data subjects can contact the Controller also otherwise as preferred, including verbally and in writing.

Purposes of, and a legal basis for, the processing:

  • to provide the Services: Some of the Services might require the submission of personal data. In such a case, the personal data are processed in order to carry out activities, at the User’s request, prior to the conclusion of an agreement, and to perform an agreement, which applies also to the Newsletter Service (Art. 6.1.b of the GDPR). Without the personal data, it will not be possible to render some Services for the User;

  • in order to exchange e-mail correspondence: The personal data are processed in order to communicate with the User (Art. 6.1.f of the GDPR). The personal data are provided on a voluntary basis but the provision thereof is necessary to receive a reply from the Controller. In such a case, the personal data are processed due to the Controller’s legitimate interests. The Controller’s legitimate interest consists in communicating with an individual who requests of the Controller to provide an answer. As its legitimate interests, pursuant to Art. 6.1.f of the GDPR, the Controller also considers: pursuit of and protection against claims, fraud prevention, statistics and analytics, ensuring ICT environment security, application of internal control systems, and in some cases also direct marketing of own services.

Personal data recipients

The personal data may be processed by the Controller’s other service providers rendering, among others, financial settlements, legal, advisory, consulting, archiving and IT services. The Users’ data will not be shared with any third parties, unless this proves necessary and the User consents thereto or a data disclosure obligation results from mandatory rules of law, a final and non-appealable court judgment or a final decision of a relevant body. The Controller does not transfer any data to third countries outside the EEA.

What does profiling involve and are any data on the Website subject to profiling?

Profiling consists in any form of automated processing of personal data evaluating the personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the data subject’s work performance, economic situation, health, personal preferences or interests, reliability or behaviour, location or movements, where it produces legal effects concerning the data subject or similarly significantly affects the data subject. The Controller does not profile the User’s sensitive data. Otherwise, the data on the Website are not subject to profiling.

How can personal data be changed?

The User has the right of access to content of their personal data and the right of rectification and erasure of the personal data, the right to restrict processing of the data and the right to data portability. The User has the right to object to processing of the personal data, which involves especially the profiling. To this end, the User can contact the Controller at an e-mail address: [email protected]. The User can contact the Controller also otherwise as preferred, including verbally and in writing. As for cookies, the User can make relevant changes on their own, in accordance with rules laid down in the Cookies Policy.

How does the Controller protect the personal data?

The Controller protects the Users’ data against unauthorised access, disclosure, change or destruction. In particular, the Controller makes use of data encryption, physical security measures and verification in IT systems. Further, the Controller uses anti-virus software and firewalls. The Users’ data may be accessed exclusively by authorised individuals bound by confidentiality and by subcontractors that have entered into personal data sub-processing agreements with the Controller and satisfy security criteria set forth therein.How long will the personal data be processed?The Users’ data shall be processed for as long as the Users use the Website. In the case of the provision of Services, personal data shall be processed for the duration of the provision of the Services. In the case of e-mail correspondence, personal data shall be processed for the period necessary to reply to the User. To a limited extent, personal data may also be processed after the expiry of the indicated deadlines, until the statute of limitations for possible claims or as long as it is possible or required under applicable law, e.g. for statistical purposes. After the expiry of the processing period, the personal data are permanently deleted or anonymized. Other data processing related rights of the UsersThe Users have the right to file a complaint with the President of the Personal Data Protection Office if they consider that their personal data are processed in breach of mandatory rules of law.This Policy shall apply upon its publication on the Website.

________________________

APPENDIX 1 cinnaroll.ai Privacy Policy

Cookies Policy

The aim of this Policy is to inform users (the Users) of the cinnaroll.ai website (the Website) about purposes of storing and accessing cookies in the Users’ terminal equipment and about options to set terms of storing and accessing the cookies through browser/application settings. The Website’s controller (the Controller) may store the cookies in the Users’ terminal equipment and have access thereto.

What are cookies?

Cookies are information saved in text files sent by the Website to the User’s browser/application and resent by the User’s browser/application whenever the User revisits the Website. The cookies are stored in the User’s terminal equipment. The cookies are used to maintain the User’s session and to save other data so that the User does not need to enter the same information whenever they use the Website. Among other things, the cookies record a website name, data of the User’s browser/application, unique settings and a period for which the data are stored. The cookies might contain personal data in the form of system IDs that allow for the unique identification of a system user on the following websites: cinnaroll.ai website.

Which kind of cookies are used by the Website?

Session cookies – files stored in a memory of a browser/application until it is closed, required for the Website’s functionalities to operate correctly;Permanent cookies – files stored in a memory of a browser/application for a specific period. Among other things, they guarantee the proper navigation and layout of the Website. A period for which these files are stored depends on selection which the User can make in their browser/application settings. This type of the cookies allows for information to be passed to the Website whenever the Website is visited by the User;

Third Party Cookies:

  • Google Analytics cookies – files stored in the memory of the web browser / application for statistical analysis of traffic on the Website. The analysis services are provided by Google Inc. with its seat in the USA. Information obtained using this tool is not made available to entities other than Google and is intended solely for reporting the User’s interactions on the Website,

  • Hotjar – The #1 Leader in Heatmaps, Recordings, Polls, Surveys & More. Cookies are set by the Hotjar script. Hotjar cookies are responsible for displaying the correct content to your visitors without personally identifying anyone,

  • Intercom – we use Intercom to analyze usage data and better understand how you interact with our website and product. Intercom Messenger serves as a direct communication channel between our users and team representatives.

The Website’s Controller

The Website’s Controller is Virtus Lab Sp. z o.o. with a registered office in Rzeszów (35-211), Poland, ul. Zofii Nałkowskiej 23, National Court Register entry No. KRS 0000349785, Tax Id. No. (NIP): 5170312965, Industry Id. No. (REGON) 180526627. Contact address: [email protected]

________________________

Browser settings

The User’s browser might by default allow for storing of the cookies. At any time, the User may set terms of storing and accessing data saved in the cookies, through browser settings. The cookies can be blocked; an option to store the cookies can be restricted (e.g. by informing the User about cookie installation on a case-by-case basis) or access to the cookies can be limited; however, any blocking or restricting of the cookies might prevent the use of the Website and/or the Services on the User’s terminal equipment. Detailed information on the options and manner of handling the cookies is available in browser settings. More information on cookies management is available in a given browser’s functionalities.

This Policy shall apply upon its publication on the Website.