We process our clients’ information as they direct and in accordance with our agreements with our clients, and we store it on our service providers' servers, but we do not have control over its collection or management. Our agreements with our clients prohibit us from using that information, except as necessary to provide and improve our service and as required by law. Our clients control and are responsible for correcting, deleting or updating information they have collected from you using the service. We are not responsible for our clients’ use of information they collected.
When you visit our websites, you are free to explore it without providing any personal information about yourself. We will only collect navigational information. When you use our service, contact us, use our web forms, or register for our service, we receive your personal information and process it as described below.
This refers to any information that you submit to us through our service via different communication channels, including web forms, chat, email correspondence and any other information publicly available on the Internet that identifies you, including:
Your personal information will be processed for the purpose of providing you with the service, including:
Personal information that you provide us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about the Subscription Service or our other services), or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
We collect and process payment information from you when you subscribe to our service, including credit cards numbers and billing information, using third party PCI-compliant service providers. Payment information is a sensitive information.
Your payment information will be processed for the purpose of providing you with the service, including:
Payment information that you provide to us will be processed as long you will be using our paid service or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
Our service are not intended for or targeted at children under 18, and we do not knowingly or intentionally collect information about children under 18. If you believe that we have collected information about a child under 18, please contact us at email@example.com, so that we may delete the information.
We use mobile analytics software to allow us to better understand the functionality of our service on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. When you use our mobile apps we may also collect your city location, device model and version, device identifier (or “UDID”), OS version.
Mobile application data can be used to:
We use navigational information to operate and improve the websites and service as described in detail below. We reserve the right to examine this navigational information a posteriori if there is any evidence of illegal use. We may link this collected data to personal information such as name, email address, and phone number.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and then stored by the browser. Usually the identifier is sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" cookies or "session" cookies:
Cookies are used to:
We may store information about your computer hardware and software that is automatically collected by our infrastructure mechanisms and service providers. This information can include: your IP address, browser type, domain names, internet service provider (ISP), length of visits, the files viewed on our site (e.g., HTML pages, graphics, etc.), clickstream data, access times and referring website addresses, operating system, device screen size, page views.
This information is used by Calamari:
You can log in to our site using a Single Sign-on (SSO) service like your Google, Slack, Office 365 and other accounts. This service will authenticate your identity and provide you with the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Such service may give you the option to post information about your activities on this website to your profile page to share with others within your network.
We allow you to exercise your rights with respect to personal information, including the right to access, rectification, restriction, deletion or portability. You have the following data protection rights:
To exercise any of these rights, please contact us at firstname.lastname@example.org. We will respond to your request to change, correct, or delete your information within a reasonable timeframe but no longer than within 30 days and we will notify you of the action we have taken.
If the request is made to Calamari but refers to the data controlled by our client, we will inform your data controller and advise you where to submit your data subject request. The controller is solely responsible for responding to any data subjects requests.
We provide you with the option to opt out of receiving information about our products. If you do not want to receive this information please inform us by email at email@example.com.
You may opt out of having Hotjar collect your information when visiting a Hotjar website at any time by using a ‘Do Not Track’ header. You can read more on how to do that on Hotjar’s website [https://www.hotjar.com/legal/compliance/opt-out]
You may prevent Google from collecting and processing the data generated by the cookie relating to your use of the website (incl. your IP address) by downloading and installing the browser plugin available at [http://tools.google.com/dlpage/gaoptout?hl=en]
Most browsers allow you to choose whether to accept cookies or not, for example:
Blocking all cookies will have a negative impact on the usability of many websites, including ours. You can also delete cookies already stored on your computer, but deleting cookies will have a negative impact on the usability of our websites.
Optimizely also offers a way to opt out. We have prepared a link which will set a cookie on your browser, from the client domain, that prevents you from being placed in any future Optimizely experiments on that domain. Importantly, if you reset your cookies, you will clear the opt out cookie as well. [https://calamari.io/?optimizely_opt_out=true]
If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the data protection authority. In our home country it is Inspector General for the Protection of Personal Data, address: Generalny Inspektor Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warsaw.
The data controller for the purpose of data protection law is: CHROBRUS Hubert Lisek ul. Stanisława Tońskiego 31; 18-414 Nowogród, Poland Tax ID: PL 7182035805
We will not, without your explicit consent, supply your data to any third party. We will never sell your personal information to any third party. We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
We will retain your personal information that you provide us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about the Subscription Service or our other services), or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We will delete your personal information at an earlier date if you so request, as described in "Data subject requests" section.
When we have no ongoing legitimate business need to process your personal information it will be anonymized or deleted from our systems and backups as soon as reasonably practicable within a maximum period of 90 days of data retention. If we are unable to delete the data for technical or other reasons, we will apply measures to ensure that your personal information is blocked from any further processing.
We will take reasonable technical and organizational security measures to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure cloud infrastructure. We implement measures of data security to ensure a level of security appropriate to the risk concerning the confidentiality, integrity, availability and resilience of the systems within the meaning of Article 32 Paragraph 1 of GDPR.
We ensure that any personnel who have been authorized to process your personal data is subject to confidentiality obligations. The undertaking to confidentiality continues after the termination of the above-entitled activities.
Calamari may store and process your information in the Republic of Poland and any other country in which Calamari or any of its sub-processors maintains facilities outside of the EEA for the purposes of providing you with the service. Such countries may not have laws offering the same level of protection for personal data as those inside the EEA; however where such transfers of data occur, Calamari will take steps to prevent the transfer of personal data without adequate safeguards being put in place and will ensure that your data collected in the EEA and transferred internationally is afforded the same level of protection as it would be inside the EEA (according to the Article 46 of GDPR).
Calamari uses a variety of services and employ other companies and people to provide services to visitors to our websites, our customers, and users of the service. We may share personal information we receive with vendors and service providers only as necessary to provide the services to us. Examples may include providing marketing assistance, analyzing data, processing credit card payments, supplementing the information you provide us with in order to offer you better service, and providing customer service. In all cases where we share your information with such vendors we explicitly require the vendor to acknowledge and adhere to our privacy and customer data handling policies. Before onboarding a new vendor, we conduct a verification of the security and privacy practices with applicable legal requirements.