Table of contents

Privacy & Cookies Policy

1. PERSONAL DATA ADMINISTRATOR

The administrator of personal data processed on the website: .......and is  Hero.DOT Spółka z ograniczoną odpowiedzialnością  (hereinafter: Hero.DOT sp. z o.o.) with its registered office in Wrocław at Powstańców Śląskich 7A, 53-332 Wrocław, registered in the National Court Register under KRS number 0000746298, NIP: 5242871847, REGON: 381114895, e-mail: rodo@herodot.com.

Any questions related to the processing of your data by us can be directed by writing to us at rodo@herodot.com.

2. INFORMATION ON THE PROCESSING OF PERSONAL DATA

Hero.DOT Sp. z o.o. processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR).

3. PRINCIPLES AND PURPOSES OF PERSONAL DATA PROCESSING

Hero.DOT Sp. z o.o. obtains and processes personal data on the following legal bases and for the following purposes:

E-mail and traditional correspondence

In the case of sending to the Administrator via e-mail or traditional correspondence not related to the services provided to the sender or another contract concluded with him, personal data contained in this correspondence are processed only for the purpose of communication and resolution of the matter to which the correspondence relates.
The legal basis for processing is the legitimate interest of the Administrator (Article 6 (1) (F) of the GDPR) consisting in conducting correspondence addressed to him in connection with his activities. The administrator processes only Personal Data relevant to the matter to which the correspondence relates.

Contact

In the case of contacting the Administrator by phone, in matters not related to the concluded contract or services provided, the Administrator may request Personal Data only if it is necessary to handle the matter to which the contact relates. In such a case, the legal basis is the legitimate interest of the Administrator (Article 6 (1) (F) of the GDPR) consisting in the need to solve the reported case related to his business.

Collection of data in connection with the provision of services or the performance of other contracts

In the case of data collection for purposes related to the performance of a specific contract, the Administrator provides the data subject with detailed information on the processing of his personal data at the time of concluding the contract or at the time of obtaining personal data if the processing is necessary in order for the Administrator to take action at the request of the Data Subject, before the conclusion of the contract.

4. DATA RECIPIENTS

In connection with the conduct of activities requiring the processing of personal data, personal data may be disclosed to external entities, including in particular suppliers responsible for operating IT systems and equipment, entities providing accounting services, postal operators, couriers, marketing or recruitment agencies.
The Administrator reserves the right to disclose selected information regarding the Data Subject to competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with the provisions of applicable law.

5. TRANSFER OF DATA OUTSIDE THE EEA.

The recipients of personal data are entities to which the Administrator commissions the performance of activities involving the need to process personal data, in particular in the field of e-mail service, ICT services, hosting, IT, administrative services, legal or advisory services. The recipients of personal data may also be entities and bodies authorized to receive your data – only in justified cases and on the basis of generally applicable law.
The administrator may transfer personal data to third countries, i.e. countries located outside the European Economic Area. Your data may only be transferred to third countries or entities in relation to which an adequate level of data protection has been established by the decision of the European Commission. The list of countries for which the European Commission has issued a decision confirming that a third country provides an adequate level of protection can be found at this link:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en#relatedlinks

In the absence of a decision of the European Commission stating an adequate level of protection, your personal data may be transferred to a third country only on the basis of: 
1. binding corporate rules, standard data protection clauses adopted by the European Commission
2. standard data protection clauses adopted by Polish supervisory authority and approved by the Commission
3. an approved code of conduct or certification mechanism.
In the absence of an adequacy decision by the European Commission or of adequate safeguards, including binding corporate rules, we will seek your explicit consent to such transfer to a third country or international organisation, informing you of the previous risks associated with such transfer.
In connection with the transfer of data outside the EEA, you can request information about appropriate safeguards in this respect, obtain a copy of these safeguards or information about the place of their disclosure by contacting us at the address indicated in point 1 above.

6. PERIOD OF PERSONAL DATA PROCESSING

The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. The period of data processing may also result from the provisions when they form the basis for processing. Data processed to comply with our legal obligations. In the case of data processing based on the legitimate interest of the Administrator – e.g. for security reasons – the data is processed for a period enabling the implementation of this interest or to submit an effective objection to data processing. If the processing is based on consent, the data is processed until its withdrawal. When the basis for processing is the necessity to conclude and perform the contract, the data is processed until its termination. The period of data processing may be extended if the processing is necessary to establish or pursue claims or defend against claims, and after this period – only in the case and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.

7. RIGHTS IN RELATION TO DATA PROCESSING

In accordance with the regulations, you have the right to request access to your personal data, rectification, deletion or limitation of processing, the right to transfer data and the right to lodge a complaint to the President of the Office for Personal Data Protection, if you consider that the personal data provided is processed contrary to the provisions of the above-mentioned Regulation.

8. SECURITY OF PERSONAL DATA

In order to ensure the integrity and confidentiality of data, the Administrator has implemented procedures enabling access to personal data only to authorized persons and only to the extent that it is necessary due to the tasks performed by them.

9. AUTOMATIC DATA PROCESSING (PROFILING)

Your personal data is not subject to automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

10. COOKIES

Cookies (also called cookies) are IT data, in particular text files, which are stored on the website user's end device and are intended for using the website's websites. Cookies usually contain the name of the website from which they originate, the time of their storage on the end device and a unique number. The default parameters of cookies allow only the server that created them to read the information contained in them.

Purposes of using cookies

The administrator uses cookies to monitor and check how you use our website to improve the functioning of the website by providing more effective and trouble-free navigation. We use various cookies on our website for the following purposes:

1. "necessary" cookies, enabling the use of services available on our website, e.g. authentication cookies used for services that require authentication;
2. Security cookies, e.g. used to detect authentication fraud;
3. "performance" cookies, which allow us to collect information about how you use our websites in order to create statistics that help us improve our website and our services;
4. "functional" cookies, allowing you to "remember" the settings you have chosen and personalize your interface, e.g. in terms of the language or region you choose, font size, website appearance, etc.;
5. "advertising" cookies, enabling you to provide you with advertising content more tailored to your interests.

Tools that use cookies

Cookies may also be used by subcontractors of our services, advertisers and external partners cooperating with us. Thanks to cookies, we can guarantee the highest standard of convenience of using our website, and the collected data is used only to optimize our activities. In this respect, the following third-party cookies are used.

Google Analitics is a tool that automatically records your behavior on our website, in order to personalize ads and collect statistical data, based on our legitimate interest (Article 6 (1) (f) of the GDPR). We also use Google Ads and Tag Manager for marketing purposes. The provider of these tools is Google LLC based in Mountain View, USA.

If you agree to the default cookie settings, Google will use your data to tailor ads to your needs. This means that the site will be able to display information that matches your recent web searches. Every time you visit a website that uses Google tools, your browser automatically sends certain data to Google. This can be the URL of the website you are visiting or the user's IP address. Google may also store cookies in your browser or read cookies already stored in your browser. Apps that use Google's advertising services also share information with Google, such as the name of the app and a unique identifier for ads.

You can agree to the use of default cookies in the consent bar that is displayed when you first visit the site. If you agree to the settings proposed by us, we will be able to better match the content of the page to your needs using Google mechanisms. You can also choose to set cookies yourself. If you do not agree, the website will only use the necessary cookies and will not transmit data to Google.
These data are transferred outside the European Economic Area, however, each such transfer is always carried out in accordance with European regulations, including the GDPR and meets the standards of personal data protection.

You can find more about the processing of data provided by Google at this link:

https://policies.google.com/technologies/partner-sites


Hotjar is an analytical tool that tracks your behaviour on our website in order to optimise it in terms of your experience of using it, which is our legitimate interest (Art. 6 para. 1 lit. f GDPR). 
The tool is provided by an external entity, i.e. Hotjar Limited, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta.

By obtaining data using cookies, Hotjar allows us to analyze information such as: operating system and browser you use, the duration of your visit to our website, your geographical location (country only), preferred language used to display our website, places you click with the mouse, or subpages you browse on our website.

Hotjar stores this information in a pseudonymous user profile. Hotjar does not process this information in order to identify individual users or match it with other data concerning individual users. The information generated by the cookie about your use of our website is stored by Hotjar on servers in the European Union.

More information about data processing by Hotjar Limited and deactivation of the user profile can be found at these links:

https://www.hotjar.com/privacy/
https://www.hotjar.com/policies/do-not-track/

Leadfeeder is an analytical tool that provides a number of opportunities to generate leads. Improves business analysis by integrating sales and marketing data, which is our legitimate interest (Article 6(1)(f) of the GDPR). The service provider is Liidio Oy / Leadfeeder, Keskuskatu 6 E, 00100 Helsinki, Finland.

Leadfeeder, using accepted cookies, collects behavioral data of all visitors to the website (m.in.  time and length of your visit to our website, source of visit, geographical data). It helps to identify companies that visit our website so that they can be reached in a targeted way. Leadfeeder records the IP addresses of visitors. The service then combines a list of IP addresses with information about the companies located under those IP addresses. Since the IP addresses of website visitors are shortened, no direct personal links are made. The processing of this data takes place in an anonymised manner. The data is stored in Amazon Web Services (https://aws.amazon.com)  data centers in the USA and Ireland. The transfer is always carried out in accordance with European regulations, including the GDPR and meets the standards of personal data protection.
You can prevent Leadfeeder from storing your user profile or data about your use of our website at any time by using the opt-out option.  
You can find more information about data processing by Leadfeeder and deactivation of your user profile at this link:

https://www.leadfeeder.com/privacy/

Social media tools in the form of plugins on our website, such as: LinkedIN, Facebook, Instagram, Dribble, Clutch, Behance. If you have a profile on one of these social media, your browser can establish a direct connection to them. As part of these plug-ins, information about your view of our website is collected. The plugins also allow you to directly transfer content from our website to your social media profiles (interaction buttons marked with icons for individual social media).

These data are transferred outside the European Economic Area, however, each such transfer is always carried out in accordance with European regulations, including the GDPR and meets the standards of personal data protection.

Details of the processing of your personal data as part of social media profiles can be found in the privacy policies of individual owners.

Facebook - https://www.facebook.com/help/239070709801747
Instagram - https://www.facebook.com/help/instagram/155833707900388
LinkedIN - https://www.linkedin.com/legal/privacy-policy
Dribble - https://dribbble.com/privacy
Clutch - https://clutch.co/privacy
Behance - https://www.adobe.com/privacy.html

Consent to cookies and restriction of their use. During the first visit to our website, we display information on the use of cookies. If you do not want to receive cookies, you can change your browser settings. Restrictions on the use of cookies may affect some of the functionalities available on our website.
More information about cookies is available in the "Help" section in the menu of your web browser.