Privacy Policy

 

Welcome to Divante Privacy Policy.

Your privacy is very important to us. This document contains all informations on how we collect personal data, including information about how we store, use, transfer, and delete that data at the website https://ecommerce.cloudflight.io/ (“Website”). It also explains how our website uses cookies. Our aim is to bring understanding and clarity on how personal data is processed at Divante.

 

Processing Personal Data

The Controller

The controller of personal data of users the Website is Divante S.A., with its registered office in Poland, at Legnicka 16 Street, 53-673 Wrocław, registered by the District Court of Wrocław Fabryczna, VI Department of the National Court Register (Krajowy Rejestr Sądowy), under entry number KRS 0000875316, NIP [taxpayer ID] 8951930748, REGON 020832512.

The Personal Data

 

We collect and process your data ONLY on your request, on the legal basis of your consent in following fields:
 

1. Offering form



  1. As part of the Website, we provide forms within which you can request an offer of our services. You can find it many different places at the Website, e.g. contact form or problem defining form, but its construction is always the same. The offering form allows you to a sent inquiry about our product and services, costs estimates or product demos.
  2. For the purpose of answering your inquiry, we collect following data: name, e-mail address and individual message (if you provide one). This data is used to marketing purposes - inform you about our services and products.
  3. The legal basis for the processing is the Controller's legitimate interest in marketing of own services (Article 6 item 1 letter f of the GDPR) in connection with yours consent given by the Act on Provision of Electronic Services and the Telecommunications Law.
  4. Your personal data will be processed for the duration of the controller's legitimate interest, no longer than you object. You can object by sending us a message to hello@divante.com.
  5. Your provision of your personal data is always voluntary, but necessary for the purposes of communication with you.

2. E-book


  1. We share our eCommerce knowledge and experience in marketing materials like: publications (reports, ebooks, guides and checklists), blog posts and news. You can find them in Knowledge section, dedicated sites and our blog. You can download them, free of charge, at the time that suits you best.
  2. By downloading the publication you are granted a permission to temporarily download one copy of the materials for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not: modify or copy the materials; use the materials for any commercial purpose, or for any public display (commercial or non-commercial); attempt to decompile or reverse engineer any software contained on divante.com’s web site; remove any copyright or other proprietary notations from the materials; or transfer the materials to another person or “mirror” the materials on any other server. This license shall automatically terminate if you violate any of these restrictions and may be terminated by divante.com at any time. Upon terminating your viewing of these materials or upon the termination of this license, you must destroy any downloaded materials in your possession whether in electronic or printed format.
  3. For the purpose of sharing our marketing materials, we collect following data: name, e-mail address.
  4. The basis for the processing of your data is the contract for the provision of digital content, which you concluded with us by sending the download form (Article 6 item 1 letter b of the GDPR) in connection with the User's consent given by the Act on Provision of Electronic Services and the Telecommunications Law.
  5. Your personal data will be processed for the duration of the agreement, until the statute of limitations for claims under the agreement.
  6. Based on our legitimate interest (Article 6 item 1 letter f of the GDPR) in sending marketing information, we will also provide you with information about other similar materials and content, for as long as our legitimate interest lasts, no longer than you object. You can object by using dedicated button in each message or by sending us a message to hello@divante.com.
  7. Your provision of your personal data is always voluntary, but necessary to conclude contract and to receive information from us. If you do not provide the required data, we will not be able to deliver the e-book to you.

3. Newsletter

  1. You can sign to our newsletter using a dedicated form available on our Website.
  2. Our newsletter is a special selection of our freshest blog posts, publications, case studies, events, products and services, as well as the eCommerce trends and news dedicated to eCommerce technology and software development. The newsletter is designed to share knowledge with eCommerce specialists (business owners, managers, marketers, CTOs, and engineers).
  3. The newsletter is sent to your email periodically (usually once a month) and on special occasions (like publication premiere).
  4. For the purpose of delivering our newsletter we collect following data: name, e-mail address.
  5. The legal basis for the processing is the Controller's legitimate interest in marketing of own services (Article 6 item 1 letter f of the GDPR) in connection with yours consent given by the Act on Provision of Electronic Services and the Telecommunications Law.
  6. Your personal data will be processed for the duration of the controller's legitimate interest, no longer than you object. You can object by using dedicated button in each message or by sending us a message to hello@divante.com.
  7. Your provision of your personal data is always voluntary, but necessary to receive information from us. If you do not provide the required data, we will not be able to deliver the newsletter to you.

 

4. Careers

 

INFORMATION CLAUSE 

  1. We would like to kindly inform you that the Controller of your personal data contained in the submitted application documents is Divante S.A. with its registered office in Wrocław (53-673), ul. Legnicka 16.
  2. Data obtained during the recruitment Divante S.A. processes for the purpose of conducting the current recruitment procedure:
    - if you prefer employment based upon an employment contract - the data will be processed on the basis of Art. 6 items 1 letter c) of the GDPR, i.e. in order to perform obligations arising from legal provisions related to the recruitment process, including in particular Art. 22*1 of the Labor Code. In order to carry out the recruitment process in the field of data not required by law - the legal basis for processing is consent (Article 6 (1) (a) of the GDPR);
    - if you prefer employment based upon a civil law contract, the legal basis for processing data contained in the application documents is the conclusion of an agreement with Divante S.A. (Art.6 item.1 letter b) of the GDPR);
    - in order to determine or assert any claims or defend against such claims by Divante S.A. - the legal basis for data processing is the legitimate interest of the controller (Article 6 item 1 letter f) of the GDPR);
  3. To contact Divante S.A., you can send a message to the e-mail address hr@divante.com. You can contact Divante S.A. also in writing to the address Divante S.A. ul. Legnicka 16, 53-673 Wrocław.
  4. Divante S.A. has appointed a Data Protection Officer. You can contact him by sending an email to los@cloudflight.io
  5. Your personal data may be provided to subcontractors of Divante S.A, such as suppliers of IT systems and IT services, as well as entities providing accounting services.
  6. Your data will be stored for the time necessary to complete the recruitment process and for Divante S.A. selecting a candidate or candidates. The processing period may be each time extended by the limitation period for claims if the processing of your personal data will be necessary for the determination or assertion of possible claims or defense against such claims by the administrator.
  7. You are entitled to withdraw any of your consents at any time. Withdrawal of consent does not affect the lawfulness of the processing carried out before its withdrawal.
  8. You have the right to access your data, rectify, delete, limit processing, the right to transfer data, the right to object to data processed on the basis of the legitimate interest of the controller, as well as the right to lodge a complaint to the supervisory authority.
  9. Providing personal data by you is required:
    - by law, including primarily the Labor Code - if you prefer employment based upon an employment contract;
    - for the purposes of recruitment - if you prefer employment based upon a civil law contract.
    - The consequence of not providing data is the inability to consider your candidacy in the recruitment process. In respect of other data, providing data is voluntary.
  10. More information on the processing of personal data by Divante S.A. is available on the website https://ecommerce.cloudflight.io/privacy-policy.
  11. If you voluntarily agree to participate in future recruitments, we will ask for your consent again after one year.
  12. If you have sent us application documents beyond the recruitment procedure, then after a year we will ask you again for your consent, and the lack of it will mean the immediate deletion of your data from our IT systems.
  13. Your data might be processed outside of the European Economic Area in case any of our Recruiters are staying in so-called “third countries”. Should this ever occur, we have put in place rigorous procedures and precautions, both organizational and technological, to ensure the security of your data.

 

KLAUZULA INFORMACYJNA

  1. Uprzejmie informujemy, że administratorem Twoich danych osobowych zawartych w przesłanych dokumentach aplikacyjnych jest Divante S.A. z siedzibą we Wrocławiu (53-2673), ul. Legnicka  16.
  2. Dane pozyskane w toku rekrutacji przetwarzamy w celu przeprowadzenia obecnego postępowania rekrutacyjnego:
    1. w sytuacji preferowania przez Ciebie zatrudnienia na podstawie umowy o pracę – dane będą przetwarzane na podstawie art. 6 ust. 1 lit. c) RODO tj. w celu wykonania obowiązków wynikających z przepisów prawa, związanych z procesem rekrutacji, w tym przede wszystkim art. 22(1) Kodeksu Pracy. W celu przeprowadzenia procesu rekrutacji w zakresie danych niewymaganych przepisami prawa – podstawą prawną przetwarzania jest zgoda (art. 6 ust. 1 lit. a) RODO, a w zakresie danych dotyczących danych szczególnych jak np. stan zdrowia – art. 9 ust. 2 lit a) RODO);
    2. w sytuacji preferowania przez Ciebie zatrudnienia na podstawie umowy cywilnoprawnej podstawą prawną przetwarzania danych zawartych w dokumentach aplikacyjnych jest zawarcie umowy z  Divante Sp. z o.o. (art. 6 ust. 1 lit. b) RODO);
    3. w celu ustalenia lub dochodzenia ewentualnych roszczeń lub obrony przed takimi roszczeniami przez Divante Sp. z o.o. – podstawą prawną przetwarzania danych jest prawnie uzasadniony interes administratora (art. 6 ust. 1 lit. f) RODO);
  3. Aby skontaktować się z nami, możesz wysłać wiadomość na adres e-mail  lub wysyłając list na adres: ul. Legnicka 16, 53-673 Wrocław.
  4. Wyznaczyliśmy Inspektora Ochrony Danych, którym jest Krzysztof Łoś. Możesz skontaktować się z nim, wysyłając wiadomość na adres e-mail: krzysztof.los@cloudflight.io. 
  5. Twoje dane osobowe mogą być przekazane naszym podwykonawcom, takim jak dostawcy systemów informatycznych i usług IT oraz podmiotom świadczącym obsługę księgową i kadrową. 
  6. Twoje dane będą przechowywane w czasie niezbędnym do zakończenia procesu rekrutacji i dokonania przez nas wyboru kandydata lub kandydatów, czyli po zatrudnieniu na umowę o pracę lub do podpisania umowy cywilnoprawnej. Okres przetwarzania może zostać każdorazowo przedłużony o okres przedawnienia roszczeń, jeżeli przetwarzanie Pani/Pana danych osobowych będzie niezbędne dla ustalenia lub dochodzenia ewentualnych roszczeń lub obrony przed takimi roszczeniami przez administratora.
  7. Każdą z wyrażonych zgód możesz wycofać w dowolnym momencie. Wycofanie zgody nie wpływa na zgodność z prawem przetwarzania dokonanego przed jej wycofaniem. 
  8. Przysługuje Tobie prawo dostępu do swoich danych, ich sprostowania, usunięcia, ograniczenia przetwarzania, prawo do przenoszenia danych, a także prawo wniesienia skargi do organu nadzorczego. 
  9. Masz prawo do wniesienia sprzeciwu wobec danych przetwarzanych na podstawie uzasadnionego interesu administratora.
  10. Podanie przez Ciebie danych osobowych jest wymagane:
    1. przez przepisy prawa, w tym przede wszystkim przez Kodeks Pracy – w przypadku, kiedy preferujesz zatrudnienie w oparciu o umowę o pracę;
    2. dla celów prowadzenia rekrutacji – w przypadku, kiedy preferujesz zatrudnienie w oparciu o umowę cywilnoprawną.
  11. Konsekwencją niepodania danych jest brak możliwości rozpatrzenia Twojej kandydatury w procesie rekrutacyjnym. W zakresie pozostałych danych, podanie ich jest dobrowolne.
  12. Jeśli wyrażasz dodatkowo zgodę na udział w przyszłych rekrutacjach, to po roku ponowimy zapytanie o Twoją zgodę. 
  13. Jeśli prześlesz nam dokumenty aplikacyjne bez związku z rekrutacją, to po roku zapytamy Cię ponownie o zgodę, a jej brak oznaczać będzie niezwłoczne usunięcie Twoich danych.
  14. Twoje dane mogą być przetwarzane poza Europejskim Obszarem Gospodarczym, jeśli któryś z naszych rekruterów przebywa w tzw. państwie trzecim. Stosujemy w takim wypadku rygorystyczne zabezpieczenia i techniczne, i organizacyjne, aby zapewnić Twoim danym bezpieczeństwo.

Recipients of personal data

  1. Recipients of your personal data will be email and server hosting providers, a provider of mailing tools, consulting, marketing and accounting services, entities managing the website, and our co-workers, and also social media operators Facebook, LinkedIn and Twitter (if you use our social media).
  2. Divante S.A. belongs to the Cloudflight capital group, so we share your data with the following companies: Cloudflight GmbH, Sappho zweiundzwanzigste Holding GmbH, Cloudflight Austria GmbH, Cloudflight Romania Srl, Divante S.A., Brand Active sp. z.o.o, Cloudflight Netherlands B.V., Cloudflight Germany GmbH). All companies from capital group are registered offices in the European Economic Area. The legal basis of the transferred personal data to other company from the companies group is our’ legitimate interest (art. 6 item 1 letter f of GDPR) involving the optimization of sales and customer service processes.

Transfer of data outside the European Economic Area (EEA)

  1. The level of personal data protection outside the European Economic Area (EEA) differs from the one ensured by the European law. For the aforementioned reason, We shall transfer personal data outside the EEA only when this is necessary and assuring a relevant level of protection, in particular by means of:
    1. cooperation with personal data processing entities in countries with respect to which a relevant decision of the European Commission was issued;
    2. the application of standard contractual clauses issued by the European Commission;
    3. the application of binding corporate rules approved by a competent supervision body;
  2. We always inform about the intention of transferring personal data outside the EEA at the stage of collection thereof.
  3. In order to provide services, We uses tools that are provided by suppliers that belong to groups of companies that are located in the US (outside the European Economic Area (“EEA”)) so the suppliers may transfer data outside the aforementioned territory:
    1. HubSpot, Inc., Two Canal Park, Cambridge, MA 02141 USA – the service provider of the CRM tool for marketing, sales, customer service, and content management. The basis for cooperation is the data processing entrustment agreement and standard contractual clauses: https://legal.hubspot.com/dpa
    2. Google LLC, with its registered office in California, USA – the provider of the the tool Google Analytics. For more information about Google Analytics’ privacy practices, see their Privacy Policy. Google has stated that it has implemented new standard contract clauses, which you can read about here: https://support.google.com/analytics/answer/9012600, https://business.safety.google/adscontrollerterms/ and https://business.safety.google/adsprocessorterms/.
  4. The social network operators who are recipients of your personal data work with partners and entities worldwide. For this reason, your personal data may be transferred outside the European Economic Area, including to the USA. The operators declare that they base such transfers on standard contractual clauses issued by the European Commission or decisions of the European Commission finding an adequate level of protection with regard to specific countries. You can find more information in the privacy policies of these operators:
    1. Facebook
    2. LinkedIn 
    3. Tiktok
  5. We transfer personal data outside the European Economic Area to other entities only if expressly indicated in this Privacy Policy.

Performance of Your Rights

  1. We collect and process your personal data only with your consent. Your personal data will be stored in our database for the indefinite period of time (unless you agreed differently). At all this time you have the right to request from us:
    1. access to your personal data;
    2. correction of your personal data;
    3. erasure of your personal data;
    4. restriction of processing;
    5. data portability.
  2. To perform any of your rights please email us at hello@divante.com
  3. Your request will be resolved in a timely and effective manner. We might contact you to arrange details of your request.
  4. Withdrawal of your personal data will not affect the lawfulness of processing based on consent before its withdrawal.
  5. The complaint can be also lodged to a competent supervisory authority. For Poland the supervisory authority is The Bureau of the Inspector General for the Protection of Personal Data in Poland (https://www.giodo.gov.pl/).

CO-ADMINISTRATION

  1. The co-controllers of your data are also:
    1. Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, D02X525, Ireland,
    2. LinkedIn Ireland Unlimited Company, Legal Dept., Wilton Place, Dublin 2, Ireland,
    3. TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland,

in connection with the Controller’s use of social networking sites (Facebook, Twitter and LinkedIn) and the posting of social plug-ins on the Service directing to the Controller’s profiles on these social networking sites.

  1. Co-administration includes the aggregate analysis of data for the purpose of displaying statistics on the activity of users of the Controller’s social media profiles and advertising activities through the tools available on these social networks. The Controller shall only be liable to the extent of personal data which it processes for its own purposes. For the rest, the responsibility lies with the provider of the respective social network.
  2. We are responsible to you for: i) having a legal basis for processing your Personal Data for the purposes established by us, ii) complying with the obligations to provide information, which is done in this Policy. The provider of the social networking service is responsible for i) having a legal basis for the processing of your Personal Data for the purposes specified by the provider; ii) ensuring that you are able to exercise your rights; iii) reporting violations to the supervisory authority and notifying you of such violations; iv) ensuring appropriate technical and organizational measures to ensure the security of your data.
  3. You can find more information in the privacy policies of these operators:
    1. Facebook: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
    2. LinkedIn: https://www.linkedin.com/legal/privacy-policy
    3. Tiktok: https://www.tiktok.com/legal/page/eea/privacy-policy/pl

Protection of Personal Data

Data Storage and Technical Solutions

To ensure protection of your personal data we adopt appropriate data collection, storage and processing practices and security measures, including encryption.  
We use third-party vendors and hosting partners, for hardware, software, networking, storage, and related technology we need to run divante.com. Your personal data is stored in secured networks accessible by a limited number of persons who have special access rights to these systems.

Third-Party Software


We occasionally work with third parties who support us with services: Google Analytics tracking technologies, HubSpot communication tools. Those third parties might need to access to specific information to carry out their work for us. We rigorously vet these third-party vendors to ensure they meet our privacy standards and limit the data they can access to only what is necessary for them to perform their contracted tasks.

Third-Party Embeds


In our content, you can firm third-party embeds: Twitter tweets, YouTube videos, SlideShare presentations or social sharing features. These files send data to the hosted site just as if you were visiting that site directly. We don’t control what data third parties collect in cases like this, or what they will do with it. These third-party embeds are covered by the privacy policy of the third-party service.

Cookies and Pixel Tags


We use various tracking methods, such as cookies, pixel tags and other technologies to receive information which may include personal data from your browser (like IP-address, unique cookie identifier; unique device identifier and device type; domain, browser type and language, operating system and system settings; country and time zone; previously visited websites; information about your interaction with our website; and access times and referring URLs).

We use cookies and pixel tags to track your usage of the website and to understand your preferences; to determine whether an email has been opened and acted upon; and to present you with advertising relevant to your interests.

We also may receive reports based on the use of these technologies by our service/analytics providers (like Google Analytics). We use those reports to obtain statistics about traffic and site interaction, so that we can improve our website and your experience.

We do not link the information we store in cookies to any personal data you submit on our site.

Third parties may also collect information via our website through cookies, third party plug-ins and widgets. These third parties collect data directly from your web browser and the processing of this data is subject to their own privacy policies.


Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies are essential to the website and will always be used.

How and why do we use them?

1. For the purpose of site usage (strictly necessary).

These cookies, pixel tags and other technologies are essential in order to enable the website to provide the feature you have requested.

Cookies: _cfuid; PHPSESSID.

2. For the purpose of functionality.

These cookies, pixel tags and other technologies remember your usage of our website. We use these cookies to provide you with an experience more appropriate and to make your use of the Services more tailored.

Cookies: _livechat; _livechat_lastvisit; lc_window_state; lc_ssoundefined; _lc_vv; main_window_timestamp; recent_window; message_text; hubspotutk.

3. For the purpose of analytics.

These cookies, pixel tags and other technologies collect information about way how you interact with our website. We use Google Analytics, Hubspot and Hotjar cookies to understand how you arrive at and browse our products and website to identify areas for improvement such as navigation, user experience, and marketing campaigns.

Cookies: _ga; dc_gtm_UA-#; _gid; _vis_opt_s; _vis_opt_test_cookie; _vwo_uuid;  _vwo_uuid_v2; _vwo_ds; vwo_sn; e.gif, v.gif; __hssc; __hssrc; __hstc; __ptq.gif; _hjIncludeInSample; collect.

4. For the purpose of advertising and retargeting.

These cookies, pixel tags and other technologies collect information about your browsing habits in order to make advertising relevant to you and your interests. They remember the websites you have visited and that information is shared with other parties such as advertising technology service providers and advertisers. We use Facebook Pixel, Google Ads cookies.

Cookies: fr; tr; NID; ads/ga-audiences; nQ_cookieId; nQ_visitId; __adroll_fpc

5. For the purpose of social media sharing.

These cookies, pixel tags and other technologies are used when you share information using a social media sharing button. The social network will record that you have done this. This information may be linked to targeting/advertising activities.

Cookies:

  • LinkedIn: leo_auth_token; JSESSIONID; _lidc; _bcookie; _bscookie; _visit; _lang; IN_HASH
  • SlideShare: _language; SERVERID; __utma; __utmb; __utmc; __utmz; __utmt; _uv_id; RT
  • Twitter:  _twitter_sess; personalization_id; guest_id; external_referer; ct0;
  • Google+: SIDCC, GAPS

How to manage cookies?

 

You may change your cookie settings at any time. Please use the "Cookie Settings" option in the footer of the website, which allows you to access the cookie settings, or by configuring your web browser.

Certain third-party advertising networks permit users to opt out of or customize preferences associated with your Internet browsing. Click here to customize Google cookies preferences. You can opt out of interest-based targeting provided by participating ad servers through the Digital Advertising Alliance.

If you do not accept cookies you may not be able to use all aspects of our website. You will not be able to opt-out of any cookies or other technologies that are “strictly necessary” for the Services.

Changes of Privacy Policy

We may periodically update our Privacy Policy. We will inform you about most significant changes, but some changes will be made without a notice. By using Website you agree to be bound by the current version of our Privacy Policy published at divante.com/privacy-policy. We encourage you to review this Privacy Policy periodically.

Governing Law

Any claim relating to our Privacy Policy shall be governed by the laws of the State of Poland without regard to its conflict of law provisions.

Questions & Contact

Contact us with any and all issues regarding processing of personal data or use of cookies / pixel tags.

We also welcome your feedback about our Privacy Policy.

Contact us at: hello@divante.com.

Data Protection Officer: Krzysztof Łoś, email address: krzysztof.los@cloudflight.io