Privacy Notice (EN)

Who are we and how can you contact us?

This privacy notice aims at giving you information on how your personal data are processed by “BRANDWIZARD” (SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ). In this notice, we refer to ourselves as 'we', 'us' and 'our'.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us using:

our email: privacy@brandwizard.io

The policy extends to:

our product Brandwizard

our website: brandwizard.io , brandwizard.pl, es.brandwizard.io

our email

Content:

What data, for what purposes, on what basis, and for how long do we process?

Where did we get your data from?

Who do we share your personal data with?

Automated decisions

If you are a data subject you have following rights

What data, for what purposes, on what basis, and for how long do we process?

Processings of personal data

Our client; Registration and subsequent authorization in a personal account, editing information in the personal account; Brandwizard User ID Company name Date and time Device E-mail IP-address Job title List of clients Name Phone number Place of residence; N/A; N/A; Contract period Our client; To personalize information in the personal account; Brandwizard User ID Date and time Device E-mail IP-address Name Phone number; N/A; N/A; Contract period Our client; Feedback scraping; Nickname [name e-mail] Photo as feedback Rating Text of the feedback; N/A; N/A; Contract period Our client; To provide clients with the ability to respond to feedback and manage their accounts in social media; Date and time of the post Social network profile Text of the feedback; N/A; N/A; Contract period Our client; To encourage to leave a feedback about the products / services provided by the client (QR-code); Name Phone number Technical information on QR-code scanning Text of the feedback; N/A; N/A; Contract period Our client; Preparing reports for our clients; Company name E-mail Name; N/A; N/A; Contract period Our client; First line customer support; Brandwizard User ID E-mail Logs Name Phone number Screenshots; N/A; N/A; Contract period Our client; Technical support; Brandwizard User ID E-mail Logs Name Phone number Screenshots; N/A; N/A; Contract period Brandwizard; To communicate with the potential client to conclude a contract; Company name E-mail Name Phone number; Contract; N/A; Contract period and 3 years after the contract termination to pass audits Brandwizard; Communicating with current clients via e-mail, messengers or calls; Call record Communication content Company name E-mail Messenger username Name Phone number; Contract; N/A; Contract period and 3 years after the contract termination to pass audits Brandwizard; Billing; Company name E-mail Name; Legal obligation; N/A; Contract period and 6 years from the end of the calendar year in which the last transaction took place Brandwizard; Prolonging contracts and offering new services; All data from CRM Communication content Company name E-mail Name Phone number Purchase history; Contract; N/A; Contract period and 3 years after the contract termination to pass audits Brandwizard; Maintaining a client profile in CRM, saving the history of communication; Call record Communication content Company name Date and time E-mail Name Phone number; Legitimate interest; Legitimate interest to sustain relations with potential and existing clients, to control deals; 5 years Brandwizard; Secondary communication with leads who are considering/rejected; Company name E-mail Name Phone number; Legitimate interest; To develop and grow our business; 3 years Brandwizard; To compose a data base of potential customers for contextual and targeted advertising; E-mail; Legitimate interest; To develop and grow our business; 5 years Brandwizard; Contextual advertising; Cookies Device IP-address; Legitimate interest; To develop and grow our business; 1 year Brandwizard; Targeted advertising for potential customers via Facebook; E-mail Interests and preferences; Legitimate interest; To develop and grow our business; 1 year Brandwizard; Targeted advertising via interests, key words, etc. via Google (incl. remarketing); Interests and preferences; Legitimate interest; To develop and grow our business; 1 year Brandwizard; Targeted advertising via interests via LinkedIn; Interests and preferences; Legitimate interest; To develop and grow our business; 1 year Brandwizard; Direct marketing: finding potential customers to promote them our services (via web scrapping services); Company name E-mail Name Phone number Position Social network profile; Legitimate interest; To develop and grow our business; 3 years Brandwizard; Sending email newsletters about our new services and features; Company name E-mail Name; Legitimate interest; To develop and grow our business; until a data subject expresses an opt-out Brandwizard; To restore data in case of damage or destruction; All data; Legitimate interest; To develop and grow our business; 7 days Brandwizard; To analyze the behaviour of potential customers and to improve work of the website; Cookies; Consent; N/A; Depends on the particular cookie (see cookie policy) Brandwizard; Direct marketing: to offer free marketing report, make a proposal; E-mail Name Phone number; Legitimate interest; To maintain a relationship with persons who expressed a clear interest in one of our products or services; 1 year after the initial inquiry Brandwizard; Logging actions in the service; Action Brandwizard User ID Date and time; Legitimate interest; To maintain security of the service, to investigate incidents; Contract period

Personal data that we process to enter into a contract are necessary to provide you with our services. So, you may face the following consequences if you choose not to give your data

When the data is processed to manage accounts receivable, your receivable account will not be managed.

When the data is processed to manage accounts payable, your payable account will not be managed.

When the data is processed to conclude a contract with clients, you will not be able to enter into contract with us.

When the data is processed to enable ongoing/repeatable payments for products/services, your payment will not be processed.

When the data is processed for the purpose of billing, issue invoices, you will not receive an invoice.

When the data is processed to offer access to a demo of the Brandwizard service, you will not get access to demo version.

When the data is processed to create a new project (client-owner account), you will not be registered in our system.

When the data is processed to manage clients’ subscription, we will not be able to change the modules you are subscribed to.

When the data is processed for the purpose of product support to clients (handling requests, consulting on Brandwizard service, project support), we will not be able to provide you support.

When the data is processed to schedule appointment and send reminders, you will not be able to have a meeting with us.

Personal data that we process to comply with a legal obligation are necessary to provide you with our services. So, we could breach one or more obligations under applicable laws if you choose not to give your data for the following purposes:

Sending information to the tax authorities

Data storage for reporting (accounting, audits)

Where did we get your data from?

Browser

Your internet browser (such as Mozilla Firefox, Google Chrome, or Microsoft Internet Explorer) automatically transmits some information to us every time you access content on one of our internet domains. Examples of such information include the URL of the particular Web page you visited, the IP (Internet Protocol) address of the computer you are using, or the browser version that you are using to access the website.

Directly from you

We may obtain personal data directly from you, e.g. when you contact us, when our cookies are enabled on the clients’ websites.

Who do we share your personal data with?

Information about these companies and their data protection practices :

Data Delivery LLC

The recipient is located in the Republic of Belarus. Relevant Privacy Policy of Data Delivery LLC. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.

Hetzner Online GmbH

Hetzner is a cloud data center. The recipient is located in Germany. All data are stored in Germany. Relevant Privacy Policy.

HubSpot Ireland Limited

HubSpot is a CRM software. The recipient is located in Ireland. Relevant Privacy Policy.

Google LLC

The service is provided by Google LLC. Address: Google LLC, Google Data Protection Office, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Relevant privacy policy of Google. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to Google to ensure that they are properly protected. For more information: click on this link.

Meta Platforms, Inc.

Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to Stripe to ensure that they are properly protected.

LinkedIn Corporation

The services are provided by Linkedin Corporation. Address: 1000 West Maude Avenue Sunnyvale, CA 94085, USA. Relevant privacy policy of Linkedin. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to Stripe to ensure that they are properly protected.

Atlassian

To manage the tasks within our team, we use such tools as Jira. Some of your personal information (such as support request) may be processed within these tools. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to Stripe to ensure that they are properly protected.

Zoom Video Communications, Inc.

The services are provided by Zoom Video Communications, Inc. Address: 55 Almaden Boulevard, 6 th Floor, San Jose, California 95113, USA. Relevant privacy policy of Zoom. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to Stripe to ensure that they are properly protected.

The services are provided by Telegram FZ-LLC. Address: 71-75 Shelton Street Covent Garden London United Kingdom. Relevant privacy policy of Telegram.

Automated decisions

We neither use automated decision-making nor your personal data to automatically assess aspects of your personality (automated profiling).

If you are a data subject you have following rights

request information about the processing of your personal data

obtain access to the personal data held about you

Under Article 15 of the GDPR, individuals have a right of access that gives them the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why companies are using their data, and check the lawfulness of the processing.

ask for incorrect, inaccurate or incomplete personal data to be corrected

Under Article 16 of the GDPR, individuals have the right to have inaccurate personal data rectified. An individual may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing.

request that personal data be erased when they are no longer needed or if processing is unlawful

Under Article 17 of the GDPR, individuals have the right to have personal data erased. This is also known as the 'right to be forgotten'. The right is not absolute and only applies in certain circumstances.

request the restriction of the processing of your personal data in specific cases

Article 18 of the GDPR gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organisation uses their data. This is an alternative to requesting the erasure of their data.

receive your personal data in a machine-readable format and send them to another controller ('data portability')

Under Article 20 of the GDPR, individuals have the right to data portability that gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine readable format. It also gives them the right to request that a controller transmits those data directly to another controller.

object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation

Article 21 of the GDPR gives individuals the right to object to the processing of their personal data at any time. This effectively allows individuals to stop or prevent you from processing their personal data.

request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to challenge the decision

withdraw your consent at any time

The GDPR gives a specific right to withdraw consent. You need to tell people about their right to withdraw, and offer them easy ways to withdraw consent at any time.

lodge a complaint with a supervisory authority

In accordance with Article 77 of the GDPR, you, as a data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or where an alleged infringement of the GDPR has taken place.If you have any questions about the protection of your personal data, you can contact us by using our