Privacy policy
We're pleased that you're interested in SEARWOY.
The SEARWOY places a great value on data protection.
Personal data, such as a data subject's
name, address, email address, or phone number, must always be processed in
compliance with the General Data Protection Regulation (GDPR) and any
applicable country-specific data protection rules.
We would like to inform the general public
about the nature, scope, and purpose of the personal data we collect, use, and
process by means of this data protection declaration. Furthermore, data
subjects are notified of their rights by this data protection declaration.
This Privacy Policy is built on the
principle of transparency, with the concise legal language used to make the
provisions more comprehensible.
The SEARWOY, as controller, has put in
place a number of technical safeguards to ensure the most complete protection
of personal data processed through this App. However, security vulnerabilities
in Internet-based data transfers are possible, therefore complete protection
cannot be guaranteed.
The term Application (hence referred to as
"App") will be defined as a software program that is designed to
execute a specified function directly for the user or, in some situations, for
another application program, for the sake of consistency.
1. Defined terms
1.1. SEARWOY Privacy Policy is based on
the wording used by European legislators in enacting the General Data
Protection Regulation (GDPR). The general public should be able to read and
comprehend our Privacy Policy.
1.2. The following terminology is used in
this Privacy Policy:
a) Personal information
Any information belonging to an identified
or identifiable natural person (“data subject”) is referred to as personal
data. An identifiable natural person is one who can be identified, either
directly or indirectly, using an identifier such as a name, an identification
number, location data, a facial image, an online identifier, or one or more
factors specific to that natural person's physical, physiological, genetic,
mental, economic, cultural, or social identity.
b) Data subject
Any identified or identifiable natural
person whose personal data is processed by the controller responsible for the
processing is referred to as a data subject.
c) Processing
Any activity or combination of activities
conducted on personal data or sets of personal data, whether or not by
automated means, such as collection, recording, organization, structuring,
storage, adaptation or alteration, retrieval, consultation, use, and so on, is
referred to as processing.
d) Processing limitations
The labelling of personal data that has
been saved with the goal of limiting its future processing is known as
restriction of the processing.
e) Profiling
Profiling is any type of automated
personal data processing that uses personal data to analyze or predict certain
aspects of a natural person's work performance, financial situation, health,
personal preferences, interests, reliability, behaviour, location, or
movements.
f) Pseudonymisation
Pseudonymisation is the process of
processing personal data so that it can no longer be attributed to a specific
data subject without the use of additional information, provided that such
additional information is kept separately and is subject to technical and
organizational measures to ensure that the personal data are not attributed to
a specific data subject.
g) The person in charge of the processing,
often known as the controller.
The controller or person responsible for
processing is a natural or legal person, public authority, agency, or other
body that determines the purposes and means of processing personal data alone
or in collaboration with others; where the purposes and means of processing are
determined by European Union or Member State law, the controller or specific
criteria for its nomination may be prescribed.
h) Processor
A processor is a natural or legal person,
government agency, or other entity that acts on behalf of the controller to
process personal data.
i) Recipient
A natural or legal person, public
authority, agency, or other organization to whom personal data is provided,
whether or not it is a third party. Public authorities, on the other hand, that
may receive personal data in the course of a specific investigation under
European Union or Member State legislation are not considered recipients; the
data must be treated in compliance with the applicable data protection
standards for the investigation's goals.
j) Third party
A third party is a natural or legal
person, public authority, agency, or entity that is not the data subject,
controller, processor, or those who are entitled to treat personal data under
the direct authority of the controller or processor.
k) Informed consent
Consent of the data subject is any freely
given, explicit, informed, and unequivocal expression of the data subject's
desires by which he or she expresses consent to the processing of personal data
relating to him or her by a statement or by a clear affirmative action.
2. Name and Address of the controller
2.1. The Controller for the purposes of
the General Data Protection Regulation (GDPR), and other data protection laws
applicable in the Member States of the European Union and other provisions
related to data protection, is:Marcin Matysek
2.2. Rights of the data subject
a) Right of confirmation
The European legislator has provided each
data subject the right to request confirmation from the controller as to
whether or not personal data about him or her is being processed.
b) Right of access
Each data subject should have the right
granted by the European legislature to receive free information and a copy of
his or her personal data held by the controller at any time. Furthermore, the
data subject has access to the following information under European directives
and regulations:
- the processing's goals; the
types of personal data involved;
- recipients or categories of
recipients, including recipients in non-EU countries or foreign
organizations, to whom personal data has been or will be given;
- if possible, the anticipated
time for which the personal data will be held, or if that is not possible,
the criteria used to establish that period; if not possible, the criteria
used to decide that period;
- the existence of a right to
seek from the controller the rectification or deletion of personal data
affecting the data subject, as well as the restriction or opposition to
such processing;
- the possibility of filing a
complaint with a supervisory authority;
- If the data subject's personal
data isn't gathered directly from them, any available information about
their source should be included.
- the existence of automated
decision-making, including profiling, as defined in Article 22(1) and (4)
of the GDPR, and, at a minimum, meaningful information about the logic
involved, as well as the significance and expected repercussions of such
processing for the data subject
-
c) Right to
rectification
Each data subject has the right provided
by the European legislature to have inaccurate personal data about him or her
rectified by the controller without undue delay. The data subject has the right
to have incomplete personal data completed, including by giving a supplementary
statement, taking into account the purposes of the processing.
d) Right to erasure (Right to be
forgotten)
Each data subject shall have the right
granted by the European legislator to have personal data concerning him or her
erased without undue delay from the controller, and the controller shall have
the obligation to erase personal data without undue delay where one of the
following grounds applies, as long as the processing is not necessary:
With respect to the purposes for which
they were collected or otherwise processed, personal data is no longer
required.
Where the processing is based on point (a)
of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR and there
is no other lawful ground for the processing, the data subject withdraws
consent.
The data subject objects to processing under
Article 21(1) of the GDPR and there are no overriding legitimate grounds for
the processing, or the data subject objects to processing under Article 21(2)
of the GDPR and there are no overriding legitimate grounds for the processing.
Personal data has been processed in an
unauthorized manner.
Personal data must be destroyed in order
to comply with a legal requirement imposed by European Union or Member State
law on the controller.
The personal information was collected in
compliance with the GDPR's Article 8(1) principles.
Where the controller has made personal
data public and is required by Article 17(1) to erase the personal data, the
controller shall take reasonable steps, including technical measures, to notify
other controllers processing the personal data that the data subject has
requested the erasure of any links to, or copies or replications of, the
personal data.
e) Right of restriction of processing
When one of the following applies, each
data subject has the right provided by the European legislature to demand from
the controller a restriction of processing:
The data subject argues the accuracy of
the personal data for a time that allows the controller to verify the accuracy
of the personal data.
The processing is unlawful, and the data
subject opposes the erasure of his or her personal data and instead wants that
their use be restricted.
The controller no longer requires the
personal data for processing purposes, but the data subject does for the
purposes of establishing, exercising or defending legal rights.
The data subject has objected to
processing under Article 21(1) of the GDPR, pending verification of whether the
controller's legitimate reasons outweigh the data subject's.
If one of the aforementioned conditions is
met, and a data subject wishes to request that SEARWOY restrict the processing
of personal data held by it, he or she may contact the controller at any time.
The processing will be restricted by the controller of SEARWOY.
f) Right to data portability
The European legislator has granted each
data subject the right to receive personal data about him or her. As a result,
he or she shall have the right to transmit this data to another controller
without interference from the controller to whom the personal data was
provided, as long as the processing is based on consent pursuant to point (a)
of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a
contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing
is carried out in accordance with Article 6(1) of the GDPR, and the
Furthermore, in exercising his or her
right to data portability under Article 20(1) of the GDPR, the data subject has
the right to have personal data transmitted directly from one controller to
another, if technically feasible and not infringing on others' rights and
freedoms.
g) Right to object
Each data subject shall have the right
provided by the European legislature to object, at any time, to the processing
of personal data concerning him or her, which is based on point (e) or (f) of
Article 6(1) of the GDPR, on grounds relevant to his or her particular
situation. This is true for profiling based on these requirements as well.
In the event of an objection, SEARWOY will
no longer process the personal data unless we can demonstrate compelling
legitimate grounds for the processing that override the data subject's
interests, rights, and freedoms, or for the establishment, exercise, or defence
of legal claims.
h) Automated individual decision-making,
including profiling
Each data subject has the right granted by
the European legislator not to be subjected to a decision based solely on
automated processing, including profiling, that has legal consequences for him
or her, or similarly significantly affects him or her, as long as the decision
(1) is not required for the data subject to enter into or perform a contract
with the data controller.
i) Right to withdraw data protection
consent
The European legislator has provided each
data subject with the right to withdraw his or her consent to the processing of
his or her personal data at a time.
If the data subject wishes to exercise his
or her right to withdraw permission, he or she may do so at any time by
contacting SEARWOY controller.
3. Type of Personal Data Processed
Name, Last name and other Contact
Details
When you create an account to log in to SEARWOY
we may ask for your personal information such as name, last name, contact
details (email), password creation and payment details where applicable.
SEARWOY could process such data only with
your explicit consent and in compliance with the current legislation. SEARWOY,
therefore, underlines the importance of receiving your explicit consent for the
processing of this data.
Navigation Data and Cookies
During normal operation, the computer
systems and software that run the Application acquire some Personal Data whose
transmission is inherent in the use of Internet communication protocols. This
information is not gathered by SEARWOY to be associated with known data
subjects, but it may, by its very nature, allow data subjects to be identified
through processing and association with data kept by third parties.
The IP addresses or domain names of the
computers used by users connecting to the SEARWOY Application, the addresses of
the requested services in URI (Uniform Resource Identifier) notation, the time
of the request, the method used in submitting a request to the server, the size
of the file obtained in response, and the numerical code indicating the status
are all included in this category of data.
A cookie is a short file placed on a
user's computer that is designed to hold a limited bit of data specific to a
single client and website and may be retrieved by the web server or the client
computer. When you visit a website, a cookie may be used to track your
browser's activity and offer you a more consistent, efficient experience.
We may use cookies to track website
usages, such as the number of visits to a certain page, visitors' entry and
exit points, and details of activities and searches conducted with associated
data. We may use cookies to maintain track of your transaction from one page to
the next if you make a purchase. The cookie does not include any personal
information and is not used for any other reason.
On our websites and mobile apps, we may
employ third-party web analytics providers (such as Google, Facebook, affiliate
tracking etc.). Cookies and web beacons are used by the analytics providers who
manage these services to help us understand how visitors use our websites and
apps.
Our websites may also contain links to
websites operated by third parties over whom we have no control. We are not
responsible for the privacy practices or content of such websites, and we
recommend that you read the privacy policies of any third-party websites you
visit that are linked to us.
Personal Data Processing of Children below
the age of 18 Years
Only those over the age of 18 are
permitted to use the Application.
Users under the age of 18 who access SEARWOY
should be reminded that they can only do so under the supervision and guidance
of their parents.
Purposes of the Personal Data Processing
We will process your Personal Data for the
following purposes:
- Proceeding with the
registration of an account.
- Billing process.
Advertising
We may use third-party Service Providers to show
advertisements to you to help support and maintain our Service.
- AdMob
by Google
AdMob by Google is provided by Google Inc.
You can opt-out from the AdMob by Google
service by following the instructions described by Google: https://support.google.com/ads/answer/2662922?hl=en
For more information on how Google uses
the collected information, please visit the "How Google uses data when you
use our partners' sites or app" page: http://www.google.com/policies/privacy/partners/ or
visit the Privacy Policy of Google: http://www.google.com/policies/privacy/
- Unity
Ads
Unity Ads is provided by Unity
Technologies.
You can opt-out from Unity Ads service by
following the instructions as described by Unity Technologies on their Privacy
Policy page: https://unity3d.com/legal/privacy-policy
For more information about Unity
Technologies, please visit Unity Technologies Privacy Policy: https://unity3d.com/legal/privacy-policy
Payments
We may provide paid products and/or services within
the Service. In that case, we use third-party services for payment processing
(e.g. payment processors).
We will not store or collect your payment card
details. That information is provided directly to our third-party payment
processors whose use of your personal information is governed by their Privacy
Policy. These payment processors adhere to the standards set by PCI-DSS as
managed by the PCI Security Standards Council, which is a joint effort of
brands like Visa, MasterCard, American Express and Discover. PCI-DSS
requirements help ensure the secure handling of payment information.
The payment processors we work with are:
- Apple
Store In-App Payments
Their Privacy Policy can be viewed
at https://www.apple.com/legal/privacy/en-ww/
- Google
Play In-App Payments
Their Privacy Policy can be viewed
at https://www.google.com/policies/privacy/
Lawful Basis for Processing Personal Data
For SEARWOY to comply with the applicable
legal responsibilities, the submission of Personal Data and the related
processing for reasons relating to Legal Compliance is required.
When you provide your Personal Data to SEARWOY,
we are required to process it in accordance with applicable laws, which may
include storing and communicating it to the appropriate authorities for tax,
customs, or other purposes.
Personal Data Sharing
SEARWOY will manage the Personal Data for
the objectives of application development and management and is permitted to
process them for the aforementioned reasons. Regardless of whether or not they
have acquired an adequate legal duty, all employees or agents of SEARWOY are
bound by confidentiality.
Third parties appointed as Data Processors
will have access to personal data when they process data on behalf of SEARWOY
(for example, suppliers with whom it is necessary to interact for provision of
the service such as hosting providers, platform providers for sending e-mails
or suppliers who perform technical maintenance activities including the
maintenance of network equipment and electronic communications networks).
Privacy Policy Amendments
This Privacy Policy was published on (27.VI.2022). Due to changes in the applicable
legislation, SEARWOY reserves the right to modify or simply update its content,
in part or all. SEARWOY will be able to notify you of these modifications as
soon as they are implemented, and they will take effect once they are published
on the Application. SEARWOY welcomes you to return to this part on a frequent
basis to familiarize yourself with the most recent and updated version of the
Privacy Policy, so that you are always informed about the Personal Data
gathered and how SEARWOY uses it.