1. general information
PragmaGO SA attaches great importance to transparency in operations and respects everyone’s fundamental right to privacy. Ensuring the confidentiality of data is a priority for us. We make every effort to ensure that the safeguards adopted guarantee the confidentiality and security of your data.
This Privacy Policy is intended to explain how we handle information about you. The phrases and expressions used in this Policy have the following meanings:
- personal data – as defined in art. 4(1) RODO means any information about an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified directly or indirectly;
- processing – within the meaning of Art. 4(2) RODO means an operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collection, recording, organizing, structuring, storing, adapting or modifying, retrieving, viewing, using, disclosing by transmission, dissemination or otherwise making available, matching or linking, limiting, deleting or destroying;
- RODO– Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation);
- administrator –within the meaning of Art. 4(7) of the RODO means a data controller, i.e. an entity that alone or jointly with others determines the purposes and means of processing personal data. Whenever this Policy refers to an administrator, it shall mean PragmaGO SA;
We would like to inform you that according to the current regulations governing the processing of personal data, the administrator of your personal data is PragmaGO SA in Katowice, address: ul. Brynowska 72, 40-584 Katowice, KRS: 0000267847, phone number: +48 32 44 20 200, fax +48 32 44 20240, pragmago.pl, biuro@pragmago.pl
The Data Protection Officer can be contacted at the following addresses: IOD, PragmaGO SA ul. Brynowska 72, 40-584 Katowice and/or iod@pragmago.pl.
(2) We process personal data of our Customers and potential Customers for the following purposes and on the basis of the following legal grounds:
2.1 Before entering into a contract, we process your personal data for the following purposes:
Target | Legal basis | Processing period |
Taking action at your request, i.e. Response to the questions asked, including the presentation of individualized terms of cooperation, seeking to conclude a contract | For sole proprietors: art. 6 paragraph. 1(b) RODO; For those representing and authorized to contact on the side of the potential client: art. 6 paragraph. 1(f) RODO (for the performance of actions taken to conclude a contract with a principal) | the time necessary to establish the terms of possible future cooperation, until the conclusion of an agreement or until negotiations on the conclusion of an agreement break down; in the case of persons representing and authorized to contact on the part of a potential customer, additionally until an effective objection is made to the processing of such data, whichever event occurs first |
To take action at your request, in particular, necessary to process an application for a factoring agreement, assess creditworthiness using publicly available sources (using automated data processing) | For sole proprietors: art. 6 paragraph. 1(b) RODO For those representing and authorized to contact on the side of the potential client: art. 6 paragraph. 1(f) RODO (for the implementation of activities | the time necessary to decide on the conclusion of the contract, until the conclusion of the contract or until negotiations on the conclusion of the contract are broken off; in the case of persons representing and authorized to contact on the part of a potential customer, additionally until an effective objection is made to the processing of such data, whichever event occurs first |
conduct marketing of our own products and services and those of entities of the PragmaGO®Group for the purpose of realizing our legitimate interests, whereby conducting marketing contact by us is possible on the basis of additional consent to use the telephone number and e mail address for marketing purposes | 6 paragraph. 1(f) RODO; Art. 10 of the Law on Provision of Electronic Services, Art. 172 of the Telecommunications Act | Until you object to marketing activities and withdraw your consent to receive marketing materials |
fulfilment of legal obligations incumbent on the controller in context of personal data of customer representatives and client’s actual beneficiaries. In particular, the administrator data as a mandatory institution, for the purpose of applying measures financial security is authorized to process information contained in the identity documents of the customer and the person authorized to act on its behalf and to draw up their copies, as well as to make an analysis of transactions carried out in the as part of the customer’s business relationship | Art. 6 paragraph. 1(c) RODO in connection with. from Art. 34 of the Anti-Money Laundering and Terrorist Financing Law (AML) | According to Art. 49 of the Law of March 1, 2018. On anti-money laundering and countering the financing of terrorism – mandatory institutions shall keep: a) for a period of 5 years from the date of termination of business relations with the customer or from the date of the occasional transaction; (b) at the request of the GIIF for a further period not exceeding 5 years |
Establish, assert or defend against possible claims that may be related to the contracting process, in particular in case of refusal to conclude a contract due to a negative result of a financing risk assessment – for the purpose of realizing our legitimate interests in the form of securing claims | Art. 6 paragraph. 1(f) RODO | for the period of the statute of limitations for claims under the Civil Code |
2.2. In connection with the conclusion of the contract, we process your personal data for the following purposes:
Target | Legal basis | Processing period |
implementation and performance of the contract | For sole proprietors: art. 6 paragraph. 1(b) RODO; For those representing and authorized to contact on the side of the potential client: art. 6 paragraph. 1(f) RODO (for the performance of actions taken for the purpose of executing the concluded contract) | contract duration; in the case of persons representing on the client’s side, additionally, until an effective objection is made to the processing of such data, whichever event occurs first; in the case of persons authorized to contact on the customer’s side, additionally until an effective objection is made to the processing of such data or the loss of authorization to act on behalf of the customer, whichever event occurs first |
fulfilment of legal obligations incumbent on the controller in context of personal data of customer representatives and client’s actual beneficiaries. In particular, the administrator data as a mandatory institution, for the purpose of applying measures financial security is authorized to process information contained in the identity documents of the customer and the person authorized to act on its behalf and to draw up their copies, as well as to make an analysis of transactions carried out in the as part of the customer’s business relationship | Art. 6 paragraph. 1(c) RODO in connection with. from Art. 34 of the Anti-Money Laundering and Terrorist Financing Law (AML) | According to Art. 49 of the Law of March 1, 2018. On anti-money laundering and countering the financing of terrorism – mandatory institutions shall keep: a) for a period of 5 years from the date of termination of business relations with the customer or from the date of the occasional transaction; (b) at the request of the GIIF for a further period not exceeding 5 years |
Fulfillment of legal obligations incumbent on the controller resulting from accounting and tax laws in connection with The wording of these laws (financial reporting, tax, GIIF) | For sole proprietors: art. 6 paragraph. 1(c) RODO in connection with. with the wording of the tax and accounting laws | for the time required by law (the Accounting Act and tax laws), i.e. For a period of 5 years counted from the end of the fiscal year in which the financial document was issued |
Risk management and credit assessment, in particular Assessing the risk of non-payment, late payment by recipients, including using automated data processing | For sole proprietors: art. 6 paragraph. 1(f) RODO (for risk management data related to the financing and execution of the contract). | duration |
personal data of persons providing security for contracts factoring we process in order to secure claims from the factoring agreements, and thus for purposes arising from our legitimate interests | Art. 6 paragraph. 1(f) RODO | for the period of execution of the contract and, in the case of updating a claim secured by a surety on the part of the person providing the surety, until the claim is satisfied |
establish, assert or defend against possible claims that may be related to the performance of the contract-for the performance of our legitimate interests in the form of securing claims | Art. 6 paragraph. 1(f) RODO | for the period of the statute of limitations for claims under the Civil Code |
Preparation and maintenance of statements, analysis, statistics, reporting, i.e. for internal administrative purposes, i.e. to fulfill the legitimate interest of the data controller in the form of risk analysis | Art. 6 paragraph. 1(f) RODO | for the time necessary to compile anonymized statistics and analyses or, in the case of non-anonymized statistics and analyses, for the usefulness of a particular compilation or until you raise an effective objection to the processing of your data |
establish, assert or defend against possible claims that may be related to the performance of the contract-for the performance of our legitimate interests in the form of securing claims | Art. 6 paragraph. 1(f) RODO | for the period of the statute of limitations for claims under the Civil Code |
Preparation and maintenance of statements, analysis, statistics, reporting ie. for internal administrative purposes, thus for the realization of the legitimate interest of the data controller in the form of a risk analysis | Art. 6 paragraph. 1(f) RODO | pending objections |
conduct marketing of its own products and services and entities of the PragmaGO® Group – for the realization of our legitimate interests in the form of conducting direct marketing of products and services, whereby conducting marketing contact by us is possible on the basis of additional consent to use the telephone number and e-mail address for contact | Art. 6 paragraph. 1(f) RODO; Art. 10 of the Law on Provision of Electronic Services, Art. 172 of the Telecommunications Act | until you make an effective objection to marketing activities or until you withdraw your consent to receive marketing and information materials electronically, whichever event occurs first |
2.3 After the expiration of the contract, we also process your data for the following purposes:
Target | Legal basis | Processing period |
Preparation and maintenance of statements, analysis, statistics, Reporting (internal administrative goals), i.e. for To pursue our legitimate interests in the form of risk analysis | Art. 6 paragraph. 1(f) RODO | for the time necessary to compile anonymized statistics and analyses or, in the case of non-anonymized statistics and analyses, for the usefulness of a particular compilation or until you raise an effective objection to the processing of your data |
fulfilment of legal obligations incumbent on The controller in the context of personal data customer representatives and beneficial owners customer. In particular, the data controller as an institution obliged, for the purpose of applying security measures Financial is authorized to process information contained in the identity documents of the customer and the person authorized to act on its behalf and to draw up their copies, as well as to perform analysis of transactions conducted as part of the customer’s business relationship | Art. 6 paragraph. 1(c) RODO in connection with. from Art. 34 of the Law on Anti-Money Laundering and Financing of Terrorism (AML) | According to Art. 49 of the Law of March 1, 2018. On anti-money laundering and countering the financing of terrorism – mandatory institutions shall keep: |
conduct marketing of our own products and services and those of entities of the PragmaGO® Group – for the realization of our legitimate interests in the form of conducting activities in the field of direct marketing of products and services, whereby contact by e-mail or telephone is possible on the basis of consent | 6 paragraph. 1(f) RODO; Art. 10 of the Law on Provision of Electronic Services, Art. 172 of the Telecommunications Act | until youobjectto marketing activities or withdraw yourconsentto receive marketing and information materials electronically, whichever event occurs first |
3. processing of personal data of users of pragmago.pl website
Target | Legal basis | Processing period |
responding to an inquiry directed by you using the contact information provided by SmartsUpp and Thulium, or via the contact form posted on pragmago.pl | realization of our legitimate interest in the form of responding to an inquiry addressed to us, thus on the basis of Art. 6 paragraph. 1(f) RODO | Until the question has been answered, or until you have successfully objected to the processing of your personal data |
conduct marketing of its own products and services using data obtained through the contact form | realization of our legitimate interest in the form of conducting direct marketing activities of our own products and services, so Art. 6 paragraph. 1(f) of the RODO, while in accordance with the provisions of Art. 10of the Law on Provision of Electronic Servicesand Art. 172 ofthe Telecommunications Lawwe need additional consent to use the given communication channels for marketing activities | until you make an effectiveobjectionto marketing activities or withdraw yourconsentto receive marketing and information materials electronically, whichever event occurs first |
creation of analyses, statistics and summaries that will serve to improve the effectiveness of our marketing activities and build our business strategy – the vast majority of such statistics are created based on non-personal data or anonymized data. In some cases, personal data collected from cookies may be used | where personal data will be used for this purpose, their processing will be based on the necessity of realizing our legitimate interest in the form of carrying out analytical and statistical activities aimed at the development of the PragmaGO® Group, thus on the basis of Art. 6 paragraph. 1(f) RODO | until an effective objection is raised |
Establish, assert or defend against possible claims that may arise in connection with your use of the site or in connection with the distribution of marketing and information materials | realization of our legitimate interest in the form of securing claims, thus on the basis of Art. 6 paragraph. 1(f) RODO | for the period of time prescribed by law for the limitation of claims |
In addition, due to the wording of the judgment of the Court of Justice of the European Union on July 29, 2019. (Fashion ID GmbH & Co.KG v Verbraucherzentrale NRW eV, reference C-40/17) PragmaGO SA informs that Facebook is the co-administrator of the personal data of people using the Facebook plug-in posted on PragmaGO SA.
You can read the judgment on the official website of the Court of Justice of the European Union at:http://curia.europa.eu/juris/liste.jsf?num=C-40/17.
The purpose and scope of data collection and further processing and use by Facebook, as well as your privacy rights and settings, can be found in Facebook’s privacy policy: https://www.facebook.com/policy.php.
PragmaGO SA, as part of its cooperation with Facebook, partly obtains personal data directly from PragmaGO SA users, and partly from users’ profiles on the Facebook social network.
- To the extent that PragmaGO SA obtains data directly from users, the provision of personal data is completely voluntary, and failure to provide such data has no effect on the user. The user can use the PragmaGO SA website without providing any personal information and remaining anonymous at all times (in a situation where the user only browses the PragmaGO SA website without interacting with the Facebook plug-in).
- To the extent that PragmaGO SA obtains user data from user profiles on the Facebook social network, user data will be disclosed in the form of anonymous statistical summaries prepared by Facebook.
Target | Legal basis | Processing period |
creation of analyses, statistics and summaries that will serve to improve the effectiveness of our marketing activities and build our business strategy – the vast majority of such statistics are created based on non-personal data or anonymized data. In some cases, personal data collected from cookies may be used | where personal data will be used for this purpose, their processing will be based on the necessity of realizing our legitimate interest in the form of carrying out analytical and statistical activities aimed at the development of the PragmaGO® Group, thus on the basis of Art. 6 paragraph. 1(f) RODO | until an effective objection is raised |
PragmaGO SA also informs that in connection with the operation of the social network Facebook, user profiling may occur, i.e. Create a profile containing information about a user’s interests or specific characteristics. Some features provided by Facebook allow the compilation of users’ personal data and the creation of statistics and summaries from it, which PragmaGO SA can later use to adjust the content provided to users accordingly. At the same time, we would like to inform you that decisions based on the created profiles will not be made by automated means.
Since the cooperation between PragmaGO SA and Facebook involves the co-management of personal data, you have the right to obtain an extract of the arrangements made by Facebook and PragmaGO SA with respect to the co-management conducted. An extract of the most important information is available at:https://www.facebook.com/legal/controller_addendum.
4 What data do we obtain in the operation of the site and how do we use it?
We may collect data pertaining to you by means of forms on pragmago.co.uk and by storing cookies (so-called “cookies”) on your terminal equipment, as well as by collecting web server logs by the web hosting operator Mint Software Sp. z o.o. operating under the address mintsoftware.pl. We may also obtain your personal information if you write via SmartsUpp or use the Thulium tool, or by using the contact information provided on our website and this Privacy Policy.
5 Who can access your data?
PragmaGO SA shares your personal data with: business partners, entities providing IT, postal, courier, HR and payroll, marketing, legal, archiving, accounting services. Recipients of your personal data may be other PragmaGO® Group companies: Pragma Inkaso SA, Pragma Faktor Sp. z o.o., as well as entities to which we subcontract tasks requiring processing of personal data in the field of IT services (Mint Software Sp. z o.o., StrongPC) and legal services (Pragma Adwokaci Bukowska Celary Feder Sp. k, Kancelaria Radców Prawnych Wysocki Zawiejski Sp. p.), as well as companies providing information about your payment credibility (Biuro Informacji Kredytowej SA), entities providing services of access to information concerning you (in the scope of obtaining information and history of operations for the indicated bank accounts – Kontomatik UAB based in Vilnius and Kontomatik Sp. z o.o.), providers of identity verification tools (Blue Media SA) or providers of insurance services (Euler Hermes SA) or providers of tools allowing tracking your activity (Asseco Poland SA).
PragmaGO SA informs you about the exact identity of the recipients in specific information clauses addressed to you in connection with the services you use.
Your data may also be transferred to entities authorized to access them in accordance with generally applicable law (e.g. the police).
Recipients of the data may be located in a country outside the European Economic Area (EEA), in which case, however, the Controller will ensure that an adequate level of safeguards is in place so as to protect the data subject. The transfer of data to countries outside the EEA may be related to, for example.
- actions taken on social networks and the use of plug-ins and other tools from these sites (including Facebook, Twitter, Linkedin, YouTube),
- Using analytical and anonymized user behavior tracking tools, in particular, such as Google Analytics, Lucky Orange.
6 Voluntariness of providing data
Provision of your personal data may be a contractual requirement (i.e. necessary to conclude a contract with PragmaGO SA or to establish and implement cooperation), may be a statutory requirement (i.e. be necessary to comply with legal obligations, such as those under the Anti-Money Laundering and Terrorist Financing Act (AML). If you do not provide the required personal data, it may be impossible or very difficult to cooperate with you.
For the rest, your provision of personal data is voluntary, failure to do so may prevent the implementation of the above. purposes, in particular to contact you.
7 What rights do you have in relation to data processing?
- The right to access the content of your data – Art. 15 RODO. As a data subject, you may request information on data processing and a copy of your data.
- The right to rectify data – Art. 16 RODO. As a data subject, you may request that your data be corrected or updated.
- The right to erasure – Art. 17 RODO. As a data subject, you may request deletion of data in situations provided by law. Removal will not be possible, among other things. in a claim situation, or during the period when PragmaGO is required to process them due to, for example, tax regulations.
- The right to restrict the processing of Data – Art. 18 RODO. As a data subject, you may request the suspension of data operations under the conditions and for the time provided by law.
- The right to data portability – Art. 20 RODO. As a data subject, you may request that your data be transferred to another specifically designated Controller.
- The right to object to data processing – Art. 21 RODO. As a data subject, you may object to the processing of your data at any time. PragmaGO SA, as the Administrator, after reviewing the request, may refuse to exercise the right if there are legal grounds for processing the data and they override the interests of the requester or in cases where by law there is no objection to the processing of personal data.
- The right to withdraw consent previously given for the processing of data for marketing purposes and for a specific contact path, however, withdrawal of consent does not affect the validity and lawfulness of the processing performed before the withdrawal of consent.
- The right to lodge a complaint with the President of the Office for Personal Data Protection if you consider that the processing of your Personal Data violates the provisions of the RODO.
You can exercise the above rights by submitting a request via mail, courier service or email sent toiod@pragmago.pl.
8 Automated decision-making
PragmaGO SA, as a Data Controller, makes partially automated decisions that have an effect on you as a data subject in the case of creditworthiness assessment, credit risk, risk management, including the risk of late repayment.
Assessment of financial capacity for the purpose of concluding a contract – is carried out on the basis of the information you provide in the contract application and financial documents, and is carried out based on a set of rules and algorithms necessary for the examination of creditworthiness. Data is also obtained from publicly available sources, such as. CEIDG, business information offices, BIK. Considerations include:
- amount of financial commitment,
- payment culture,
- period of success,
- Debt in other financial institutions
The effect of assessing financial capacity by automated means is to issue a decision on whether to approve the agreement, the terms of the agreement, change the scope of the agreement based on the assessment of payment culture, or refuse to enter into the agreement. We do not use profiling, i.e. The final decisions are made by our employees.
9. information system
The operator of pragmago.pl website isPragmaGO SAul. Brynowska 72, 40-584 Katowice, tel. +48 32 44 20 200, fax +48 32 44 20 240,pragmago.pl,biuro@pragmago.pl
10. source of data – the information applies to personal data obtained by means other than from the data subject
Your personal data may come from an entrepreneur with whom you have a contractual relationship or in relation to whom you are a beneficial owner, a statutory representative, a principal in the case of a power of attorney granted, another party to a contract with the Company, and from publicly available sources, in particular, databases and registers: PESEL, National Court Register (KRS), Central Register and Information on Business Activity (CEIDG), REGON, Register of Personal Identity Cards, BIK, CEIDG, business information bureau.
11. information about cookies
(1) Cookies (so-called “cookies”) are IT data, in particular text files, which are stored on the website user’s terminal equipment and are intended for use on the website. Cookies usually contain the name of the website from which they originate, the time they are stored on the end device and a unique number.
(2) The entity placing cookies on the website user’s end device and accessing them is the website operator, indicated in point 9 of this Privacy Policy.
(3) All domains of the PragmaGO website use cookies to personalize the display of the website’s pages, support logging and other operations on the website, as well as support advertising and monitor the activity of website users. With this technology, we are also able to constantly work on improving the quality of our service.
(4) The site uses two main types of cookies: “session” (session cookies) and “permanent” (persistent cookies). “Session” cookies are temporary files that are stored on the user’s terminal device until the user logs out, leaves the website or shuts down the software (web browser). “Permanent” cookies are stored on the User’s terminal device for the time specified in the parameters of the cookies or until they are deleted by the User.
5. cookies used by the service, we divide into:
- Essential: they are critical to the core functions of the site and the site will not function as intended without them. These cookies do not store any personally identifiable information.
- Functional: Functional cookies help perform certain functions, such as sharing site content on social media platforms, collecting feedback and other third-party functions.
- Analytical: Analytical cookies are used to understand how users interact with the site. These cookies help provide information on metrics of number of visitors, rejection rate, source of traffic, etc.
- Performance: Performance cookies are used to understand and analyze key performance indicators of the site to help provide a better user experience for visitors.
- Advertising: Advertising cookies are used to deliver personalized ads to users based on the pages they have previously visited and to analyze the effectiveness of the advertising campaign.
- Uncategorized: Other Uncategorized cookies are those that are analyzed and not yet classified in any category.
6 Summary of the domains of the site that use cookies:
- pragmago.pl
- online.pragmago.pl
- partner.pragmago.pl
- app.pragmago.pl
- pragmago.com
12. server logs
1 The information of some retained users is subject to logging in the server layer. This data is used solely for the purpose of administering the site and to ensure the most efficient operation of the hosting services provided.
2 Resources viewed are identified by URLs. In addition, the record may be subject to:
- time of arrival of the query,
- time to send a response,
- the name of the client’s station – identification carried out by the HTTPS protocol,
- information about the errors that occurred during the execution of HTTPS transactions,
- URL address of the page previously visited by the user (referer link) – in case the access to the Website was through a link,
- information about the user’s browser,
- IP address information.
(3) The above data are not associated with specific browsers.
(4) The above data is used only for the purpose of server administration.
13. cookie management
The user, using the functions offered by our website, can make a choice as to the use of particular categories of cookies – giving informed and voluntary consent in this regard. In addition, the user can change these settings at any time using the tools provided for this purpose.
In relation to personal data collected through cookie technology, you have the rights indicated in the section “What rights do you have in relation to data processing?”.
The user can also, in addition to the consent handling function of the website, block the placement of cookies on his/her device at any time, it may then be necessary to manually adjust some preferences each time he/she visits the website. It can also affect the functioning of our website or even block it.
You can also delete any cookies that are already on your device by clearing your browser’s browsing history. This will delete all cookies from all sites visited. However, please note that you may also lose some of your saved information (e.g. saved login data, site preferences).
Most browsers allow you to view and manage, block and delete cookies on websites. While you can manage your cookie permissions on your own, you must remember that by deleting cookies, all preferences you have set may be lost, including the ability to opt out of cookies.