Regunaut's Privacy Policy

PRIVACY POLICY 

This Privacy Policy is a document related to the Terms of Use available on the website of the Regunaut system here Terms of use. Definitions of the terms used in the Privacy Policy were included in the Terms of Use. The provisions of the Terms of Use are applied accordingly.

The Policy is for information purposes and serves to satisfy the information obligations imposed on the data controller under the GDPR, i.e. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

  1. PERSONAL DATA CONTROLLER
  1. The controller of the personal data of the Clients, Users, Coordinators, and other persons using the Regunaut functionalities is REGUNAUT spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw at ul. Władysława Pytlasińskiego 16, lok. 13, 00-777 Warszawa, entered in the register of entrepreneurs of the National Court Register (KRS) by the District Court for the capital city of Warsaw in Warsaw, 13th Commercial Division of the National Court Register under number KRS: 0001153531, Tax Identification Number NIP: 5214104515, National Business Registry Number REGON: 540839552, share capital in the amount of PLN 5,000.00 (further “Company,” “we,” “us,” “our”).
  2. Contact details of the data controller: support@regunaut.com; mailing address as indicated above.
  1. DATA PROCESSING METHOD
    1. The scope, purposes, and legal grounds for the processing of your personal data are presented in the table below.

Purpose

Scope of data

Legal basis

Processing period

providing access to the Regunaut system

IP address, device identifier

Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement

until lapse of the period of limitation applicable to claims connected with access to the system and the Client’s actions within the system, counted from the time of the last visit in the system.

 

In the absence of a reasonable premise that the data need to be processed to protect against claims or to pursue claims, the data will be deleted upon termination of the Agreement.

setting up the Account in the Regunaut system

first and last name, e-mail, phone number

enabling the use of chargeable Services

account ID, first and last name, payment details, e-mail address;

Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement

until the termination of the Agreement referring to chargeable Services or the lapse of the period of limitation of claims connected with such Agreement.

 

In the absence of a reasonable premise that the data need to be processed to protect against claims or to pursue claims, the data will be deleted upon termination of the Agreement referring to the Product.

operating the Client’s Account 

account ID, user’s name, first name, e-mail address, other personal data voluntarily provided by the Client within the Account, in particular phone number.

Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement

Until the Client deletes the Account or until the lapse of the period of limitation of claims connected with the Account operating service.

 

In the absence of a reasonable premise that the data need to be processed to protect against claims or to pursue claims, the data will be deleted upon termination of the Agreement.

Setting up and operating the User’s Account

account ID, first and last name, e-mail address, other personal data voluntarily provided by the User (or shared by the Coordinator) within the Account, in particular phone number.

Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in setting up and maintaining a User account in accordance with the Agreement concluded with a given Client

until the User Account is deleted in accordance with the terms of the Agreement or until the lapse of the period of limitation of claims related to the use of the Account by the User.

In the absence of a reasonable premise that the data need to be processed to protect against claims or to pursue claims, the data will be deleted upon delete of the User’s Account.

providing technical support

IP address, details of the Client’s or User’s Account

Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in providing technical support for the users of the Regunaut system

for the duration of the support expected by the Client 

contact with the data subjects, responding to queries

first name, e-mail address, phone number, other personal data voluntarily provided by the data subject in the e-mail correspondence or in the form

Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in responding to queries and correspondence provided directly by the data subjects

until correspondence ends or the User objects

analysing traffic within the Regunaut system

IP address, identifiers assigned within the Regunaut system

Article 6(1)(a) of the GDPR – consent given by the Client

until the data ceases to be useful or the Client withdraws the consent

sending commercial information by e-mail

e-mail address

Article 6(1)(f) of the GDPR – legitimate interest of the Company that consists in the processing of personal data necessary for marketing communications, once the Client has agreed to the sending of commercial information in a relevant form

 

until the data cease to be useful, or the Client revokes the consent to the sending of commercial information, or the data subject objects

issuing and storing accounting documents

first and last name, address, tax identification number, other data required by law necessary for issuing a bill or VAT invoice

Article 6(1)(c) of the GDPR in connection with tax regulations – processing is necessary for compliance with a legal obligation to which the Data Controller is subject

for the term for which accounting documents have to be kept as prescribed by legal provisions (5 years from the end of the year of issue of a relevant document)

protecting against claims, raising claims

e-mail address, first and last name, other data voluntarily provided by the data subject

Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in protecting against claims and raising claims

until lapse of the period of limitation applicable to claims connected with access to the Regunaut system and activities within the system 

  1. If we are advised that you use the Regunaut system in violation of the Terms of Use or applicable provisions of law (unauthorised use), then we may process your personal data to the extent required for establishing the scope of your liability.
  2. The provision of personal data within the Regunaut system is voluntary, but failure to provide them will prevent contact, creating the Account, using the Services, or taking any other action by means of the Regunaut system. This applies in particular to personal data marked as required.
  3. In some cases, we may transfer your personal data to a third country, namely the USA. This may occur in connection with our use of services provided by subcontractors related to newsletter distribution, web analytics, and the development of our application. In such cases, the transfer of personal data will be based on the Data Privacy Framework. If any of the data recipients do not participate in this program, the SCCs in accordance with the Commission’s implementing decision will apply. We will not profile Users. We will also not carry out automated decision-making based on your personal data.
  1. RECIPIENTS OF DATA
    1. We may entrust the processing of personal data to third parties for the purpose of carrying out the activities indicated in the Terms of Use and servicing the Users. In such a case, the recipients of your data may involve the provider of hosting, the e-mail operator, a law firm, an accounting firm, the entities providing solutions for researching traffic on the website and marketing activities. 
    2. Personal data collected by us may also be disclosed to competent state authorities upon their request on the basis of relevant provisions of law or other persons and entities – in the cases prescribed in the provisions of law.
    3. Each entity to which we transfer your personal data for processing on the basis of a personal data transfer agreement guarantees an adequate level of security and confidentiality of the processing of personal data. The entity processing your personal data on the basis of the data transfer agreement may process such personal data through another entity only upon our prior consent. 
    4. Disclosing personal data to unauthorised entities under this Privacy Policy may take place only upon your prior consent.
  1. RIGHTS OF DATA SUBJECT
    1. You have the right to: (a) delete the collected personal data referring to you both from the system belonging to us as well as from bases of entities with which we have co-operated, (b) restrict the processing of data, (c) portability of your personal data, in this to receive them in a structured form, (d) request us to enable you access to your personal data and to rectify them, (e) object to processing, (f) withdraw the consent at any time without affecting the legality of the processing carried out on the basis of the consent before it is withdrawn, (g) lodge a complaint about us to the supervisory authority (Polish President of the Personal Data Protection Office or other supervisory authority competent for your place of residence).
    2. In order to exercise your rights, you can contact us via the e-mail address indicated in clause 1.2. or via the contact form available on the website https://regunaut.com.
  1. SECURITY
    1. We apply technological and organisational means in order to provide for the protection of the processed personal data corresponding to the threats and category of data to be secured, in particular, through technical and organisational means we secure data against being published to unauthorised persons, taken over by an unauthorised person, processed in violation of the law, and changed, lost, damaged, or destroyed; among others, we apply SSL certificates. The set of the collected personal data of the Clients, Coordinators, and Users is stored on a secured server. Data are also secured by our internal procedures related to the processing of personal data and information security policy.
    2. We have also implemented appropriate technical and organisational means, such as pseudonymisation, designed to effectively enforce the data protection principles, such as data minimisation, and for the purpose of providing the processing with necessary safeguards, so as to meet the GDPR requirements and protect the rights of data subjects.
    3. Please remember that using the Internet and services provided by electronic means may pose a threat of malware breaking into your ICT system and device, as well as any other unauthorised access to your data, including personal data, by third parties. In order to minimise such threats, you should use appropriate technical safeguards, e.g. use updated antivirus programs or programs securing the identification on the Internet. In order to obtain detailed and professional information related to security in the Internet, we recommend taking advice from entities specialising in such IT services.
  1. COOKIES
    1. For the purposes of the correct operation of the Regunaut system, we may use Cookie support technology. Cookies are packages of information stored on your device through us, usually containing information corresponding to the intended use of a particular file, by means of which you use the Regunaut system – these are usually: address of the website, date of publishing, lifetime of a cookie, unique number, and additional information corresponding to the intended use of a particular file.
    2. We use two types of Cookies: (a) session cookies, which are permanently deleted upon closing the session of the browser; (b) permanent cookies, which remain on the device after closing the session until they are deleted. 
    3. It is not possible to identify you on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents the collection of any personal data. 
    4. The Cookies used by us are safe for your device, in particular, they prevent viruses or other software from breaking into the device.
    5. Files generated directly by us may not be read by other websites. Third-party Cookies (i.e. Cookies provided by entities co-operating with us) may be read by an external server. 
    6. Any cookies other than those necessary for the use of the Regunaut system and its functionalities will only be used upon your prior consent. Such consent may be withdrawn at any time.
    7. We use own Cookies for the following purposes: authentication of the User and maintaining the User’s session; configuration and adjustment of content to the preferences or conduct of the User; analysis and research of views, click number, and path taken in the Regunaut system to improve the appearance and organisation of the content, time spent on the website, number and frequency of visits on our website.
    8. We use Third-party Cookies for the following purposes: preparing statistics (anonymous) for the purposes of optimising the functionality of the website by means of analytic tools.
    9. The scope of Cookies used by us depends on the consents given by the relevant person.
    10. Detailed information concerning Cookies support is available in the settings of your browser.
  1. FINAL PROVISIONS
    1. This Privacy Policy comes into effect on 15th October, 2025.