Home Privacy Policy
Go back

Privacy Policy

§ 1 General provisions

  1. This Privacy Policy describes the rules of collecting and processing personal data of Users who use the website located at: https://camels.expert — in particular information about the purposes and legal basis for processing personal data, as well as the rights granted to Users.
  2. The Controller of the Users' personal data is Markkon Spółka z ograniczoną odpowiedzialnością, with its registered office in Warsaw, ul. Jarosława Dąbrowskiego 84B, unit No. 18, 02-571 Warsaw, entered into the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw, XIII Commercial Division of the National Court Register, under KRS: 0000644840, NIP: 7123321917, REGON: 365758501. This means that the above-mentioned company «Markkon» determines the purposes and means of processing the User's personal data.
  3. The Controller limits the use and collection of information about Users to the level necessary to provide Users with services of the highest quality.
  4. Before using the website, the User should read the provisions of this Policy.

§ 2 CONTACTING THE CONTROLLER

For any questions related to the protection of personal data, including the exercise of the rights granted to the User under the GDPR, you can contact the Controller in the following ways:

  1. In writing at: ul. Jarosława Dąbrowskiego 84B, unit No. 18, 02-571 Warsaw;
  2. By email: support@camels.expert

§ 3 GLOSSARY OF TERMS

  1. The following definitions are used in this Privacy Policy:
    • Controller — Markkon Sp. z o.o. with its registered office in Warsaw, ul. Jarosława Dąbrowskiego 84B, apt. 18, 02-571 Warsaw, entered into the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw, XIII Commercial Division of the National Court Register, under KRS: 0000644840, NIP: 7123321917, REGON: 365758501. (hereinafter also referred to as the «Company» or «We»).
    • Personal data — any information relating to the User that allows identifying their identity directly, or in combination with other available information such as an email address.
    • Contact form — an electronic service that allows direct communication with the CamelExpert service operated by the Controller. The service involves the User filling in the form, providing personal data to enable contact and the possible sending of a reply to the User's email address regarding inquiries or issues.
    • Inquiry form — a form filled in by a registered User so that the Company can prepare an individual offer for the service requested by the User, specifying at least the price and scope of the service, as well as the rights and obligations of the parties to the future agreement.
    • Account — a set of information resources, identified by an individual login and password, in which data about the User and their (potential) Order placed via the CamelExpert website are stored.
    • Processing — any kind of operation performed on the Users' personal data.
    • Telecommunications Act — the Act of 16 July 2004, the Telecommunications Act.
    • GDPR — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
    • Service — a service provided electronically by the Controller to the User, i.e. the contact form service.
    • UŚUDE — the Act of 18 July 2002 on the provision of electronic services.
    • User — any natural person visiting the website, as well as contacting the Controller via the contact form or any other available communication channel.

§ 4 SOURCE OF USER DATA

In most cases, the User provides their data to the Controller themselves when contacting the Controller through an available channel, following the Controller's social media profiles, or interacting with content published by the Controller. The Controller may also obtain the User's personal data from other authorised persons (lawyers, attorneys-in-fact) provided that the User has granted the relevant authorisation. The scope of data processed depends on the services and features used by the User. The scope of data processed for individual services is described in § 5 of the Privacy Policy. In addition, certain information about the User may be collected automatically by analytics tools or similar tracking technologies used on the website, e.g. Google Analytics.

§ 5 PURPOSES, BASIS AND PERIOD OF DATA PROCESSING

The purpose of processing personal data by the Controller is to enable the User to use the services and functionalities offered on the CamelExpert website. When using the contact form, it is necessary to provide data identifying the User, including contact information (in particular, first and last name, email address, phone number). Providing such data is voluntary but necessary in order to use the contact form and contact the Controller. Over time and as the User uses the website's functionalities, the Controller will collect information about the User that the User has voluntarily provided.

5.1. PROCESSING OF CORRESPONDENCE

When contacting the Controller via the contact form, email, letter or telephone, the User provides the Controller with personal data necessary to contact them and respond to the inquiry, in particular: email address, phone number, personal data contained in the message, depending on the form of contact. The User may also provide additional data to facilitate contact or processing of the inquiry.

The purpose of processing personal data is to enable the User to contact the Controller on any matter related to the Controller's activities and to respond to the message sent or the telephone inquiry received. The legal basis for processing the User's personal data in this case is Article 6(1)(f) of the GDPR (i.e. the Controller's legitimate interest in responding to messages or telephone inquiries).

Please note that the scope of data processed will depend on the type of inquiry you have made. The data will be processed for the time necessary to consider your inquiry and provide an answer. Providing data is voluntary, however, failure to provide it may make it impossible to consider your inquiry. As a result, your message may remain unprocessed.

5.2. MARKETING ACTIVITIES

In connection with marketing activities, the Controller may process information based on the legitimate interests of the Controller or the legitimate interests of organisations cooperating with the Controller (Article 6(1)(f) of the GDPR) or based on the User's consent (Article 6(1)(a) of the GDPR), in order to help us tailor advertising and content to the User's preferences and expectations, including displaying behavioural advertising. For this purpose, data such as IP address, data from cookies, or information about the User's activity on the website, including viewed products and the User's preferences in this regard, may be processed. Marketing activities may include, in particular:

  • Displaying marketing content that does not take into account the User's preferences (so-called contextual advertising) — if personal data are used to display such advertising, their processing is based on the legitimate interests of the Controller or a third party in promoting their own products or the activities of third parties (Article 6(1)(f) of the GDPR). Data will be processed until the User stops using the website.
  • Displaying marketing content tailored to the User's preferences based on viewed offers and the User's activity. Information is collected via cookies or similar technologies and is used by the Controller for marketing purposes based on the User's prior consent to such activities (Article 6(1)(a) of the GDPR). In this case, the data will be processed until the User withdraws their consent.
  • Contacting Users for permitted marketing activities through a communication channel indicated by the User. The legal basis for processing personal data is Article 6(1)(a) of the GDPR in connection with Article 10 of the Act on the Provision of Electronic Services or Article 172 of the Telecommunications Act. In this case, the data will be processed until the User withdraws their consent.

5.3. ANALYTICAL AND STATISTICAL ACTIVITIES

The Controller carries out analytical and statistical activities using information collected via cookies and similar technologies (such as Google Analytics, HubSpot, Facebook Pixel and other similar technologies) during interaction with the User. The collected information may be used to analyse the User's actions on the website in order to improve functionalities and the quality of service. Processing of data for analytical and statistical purposes collected via cookies and similar technologies depends on the User's prior consent to storing such information on their terminal device. Information collected via these technologies, including cookies, may include the IP address of the User's device, the date and time of the visit, the type of operating system of the User's terminal device, approximate location, the type of web browser, time spent on the website, sub-pages visited, and other actions performed on the Controller's website. Usually, the information collected and stored by cookies does not allow identification of individual Users. In some cases, where this information allows identification of the User, data processing is carried out based on the Controller's legitimate interests (Article 6(1)(f) of the GDPR), which include the creation, verification and analysis of statistics related to the User's activity, or based on freely given consent. The User may object to the processing of this information by disabling cookies on their own.

5.4. WEBSITE ADMINISTRATION — SERVER LOGS

Use of the website involves sending requests to the server. Each request to the server is recorded in so-called server logs, which include records of certain parameters of Users accessing the website. The logs contain, in particular, data such as the device's IP address, the time of the event, information about the web browser, and information about the operating system used by the User. The data recorded in the server logs are not associated with specific Users using the website and are used as auxiliary material for administrative purposes. Furthermore, their content is not disclosed to anyone other than persons authorised to administer the server. The legal basis for processing this data is the Controller's legitimate interest in administering the website (Article 6(1)(f) of the GDPR). The data will be processed until an effective objection is filed or until the purpose of processing is achieved. Providing the above-mentioned personal data is voluntary but necessary to ensure the proper functioning of the website.

§ 6 Our objectives

Below we present the purposes for which we use your personal data.

6.1. Catalogue of personal data and processing period

Below we present the catalogue of personal data we collect and process, as well as the periods of their processing:

Whose data do we use?

  • Persons who used the contact form or registered on the CamelExpert service.

What types of data do we use?

  • Depending on your activity and use of the contact form, we may process the following data:
    • First name, last name or nickname;
    • Data published by you in the content of the contact form;
    • Data provided by you in the content of the correspondence, including email address, phone number;
    • Anonymous statistical data about website visitors.

Where do the personal data come from?

  • We obtain personal data directly from you during your interaction when registering on the Service and when filling in the contact form. We collect them when you contact us via the contact form and during registration on the service. In addition, we may obtain anonymous statistical data about website visitors using the functionalities provided by the Service.

6.2. Is providing data necessary?

Providing personal data by website visitors is voluntary and takes place mainly during registration and use of the contact form. Failure to provide data will result in the inability to use all or part of the functionalities of the CamelExpert service and the inability to contact the Controller.

6.3 Personal data retention period

We inform you that data processed on the basis of our legitimate interests will be processed until an effective objection is received or until those interests cease. Personal data obtained as a result of correspondence will be stored for the time necessary to handle the submitted inquiry/request. Data processed for the purpose of establishing, asserting or defending against claims will be processed for a period equal to the limitation period for such claims (typically 3 years). Statistical data about website visitors will be processed for the entire period during which these data are available on the service, in accordance with the applicable rules.

§ 7 DATA RECIPIENTS AND LINKS TO OTHER WEBSITES

  1. The Controller uses the services of third-party entities to which Users' data may be transferred, in particular:
    1. Postal operators;
    2. Email service providers;
    3. Hosting providers and server administrators;
    4. Law firms, if necessary to ensure compliance with the law or to establish, exercise or defend against claims;
    5. Entities providing ongoing support services;
    6. Specialised providers of IT, marketing and analytics tools;
    7. Providers of mailing systems.
  2. The User's personal data may be made available to public authorities, law enforcement bodies (police, prosecutor's office) and courts, if such entities are entitled to access the data under applicable law.
  3. The Controller carefully selects the entities with which it cooperates or whose services it uses, and ensures a high level of protection and security of personal data.

§ 8 TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

  1. Due to the fact that the Controller uses analytical and marketing tools from external providers on the website, personal data collected with their help (in whole or in part) may be stored on servers located worldwide, including in the United States.
  2. Entities processing Users' personal data outside the European Economic Area are:
    1. Meta Platforms, Inc — operator of the social network (Facebook) on which the Controller's fan page is run, and provider of the Pixel Meta marketing tool. More information on data processing rules can be found in the service provider's privacy policy, available at:
    2. Google — provider of analytics tools such as Google Analytics. More information on data processing rules can be found in the service provider's privacy policy, available at:
    3. HubSpot — provider of the marketing tool used for marketing automation, website personalisation and CRM data integration. More information on data processing rules can be found in the service provider's privacy policy, available at:
    4. Edrone Sp. z o.o. — provider of the Edrone mailing system used for newsletters and marketing purposes in email, SMS and social media campaigns initiated or designated by the Controller through the Edrone system. More information on data processing rules can be found in the service provider's privacy policy, available at:
  3. The legal basis for transferring the User's data to third countries may be the European Commission's adequacy decision (e.g. in the case of the United Kingdom, Israel, Japan). When personal data are transferred to a third country for which the European Commission has not issued an adequacy decision (including the United States, Chile, Qatar, India), the Controller will apply appropriate legal safeguards and contractual clauses ensuring an adequate level of protection, in accordance with the standard contractual clauses set out in Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council. The basis for transferring data may also be your consent given when registering on the CamelExpert service, as well as when filling in the contact form or inquiry form.
  4. The User may obtain a copy of the data transferred to a third country from the Controller.
  5. At the same time, the Controller informs that currently the services offered by Google are provided mainly by entities located within the European Union. However, considering the international nature of data flows within these platforms and the potential risk of transferring data to a third country, the User should review the privacy policies of these providers in order to obtain up-to-date information on the protection of personal data.

§ 9 USER RIGHTS

To exercise the above rights, the User must send a relevant request to the Controller using the contact details specified in § 2 of the Privacy Policy. Complaints to the President of the Personal Data Protection Office may be submitted to: ul. Stawki 2, 00-193 Warsaw, or by email at: kancelaria@uodo.gov.pl.

§ 10 AUTOMATED DECISION-MAKING AND PROFILING

We profile users of our website for advertising purposes. Profiling is a form of automatic use of personal data to assess individual characteristics of a person based on the information collected about them. We collect information about the devices and software used by the users of our website. We also obtain information about advertisements viewed and websites visited. These activities do not entail any legal consequences for the User or significantly affect their position in a similar way. The only consequence for the User will be the display or transmission of notifications, messages or other informational or marketing activities carried out by the automated mechanism, taking into account the User's interests. If you object (by blocking the possibility of storing our cookies on your device) to profiling, no negative consequences will arise. Advertising and other marketing information will still be displayed, but it will be less targeted to the User.

§ 11 PRINCIPLES OF SECURITY AND LIABILITY

  1. The Controller has implemented and applies personal data protection procedures and uses modern organisational and technical safeguards to ensure that the collection and processing of personal data by the Controller is carried out in accordance with the provisions of the GDPR, including to prevent accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access, and any other unlawful forms of processing.
  2. The Controller also takes all measures to ensure that the entities cooperating with it provide guarantees of applying appropriate security measures when processing personal data on behalf of the Controller.

§ 13 FINAL PROVISIONS

The Cookie Policy can be found on the website.

Changes to the Privacy Policy may be due to the development of internet technologies or changes in personal data protection legislation.

Changes to the Privacy Policy take effect at the time of their publication.