The Developer and Administrator of the Personal Data of the mobile application Xopero ONE Backup, hereinafter referred to as the "Application", is XOPERO SOFTWARE S.A. based in Gorzow Wlkp., 3 Herberta St., 66-400 Gorzow Wlkp, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Zielona Gora, VIII Economic Department of the National Court Register under KRS number: 0000684240, NIP: 5993066603, REGON: 080285693, hereinafter referred to as the "Administrator".
Contact with the Administrator is possible by correspondence to the Company's address indicated above or by e-mail to: DPofficer@xopero.com.
The Administrator has appointed an Inspector for Personal Data Protection, which is Tadeusz Koper of KBG Law Firm - T. Koper, A. Baś-Gidlewska S.C., Inspector's e-mail address: DPofficer@xopero.com. Any inquiries, requests, complaints regarding the processing of personal data by the Administrator, hereinafter referred to as "Notifications", should be sent to the above-mentioned e-mail address or in writing to the Administrator's address indicated above. The content of the notification should clearly indicate:
- details of the person or persons affected by the Notification,
- the event that is the reason for the Notification,
- the demands and the legal basis for the demands,
- the expected manner of handling the case.
The Administrator processes your personal data in accordance with the requirements of the law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).
The application collects the following personal information:
- name - may be processed when users of the Application (including customers or potential customers) provide it to us via email, contact form, registration form or Account data form available on our Application, as well as when you provide this data to us in person or via snail mail or when contacting us by phone, in order to take advantage of our offer;
- user name - data processed in connection with the establishment and maintenance of your individual user account. Providing this type of data is necessary to finalize the creation of an account in the Application;
- telephone number - may be processed when you contact us by phone and also when you provide it to us in person, by phone or via email or contact form. The phone number is processed to enable us to contact you, regarding the processing of a given order or to answer any other question you may have;
- address of residence (including country)/correspondence address - we process this data in order to properly implement the services provided;
- e-mail address - may be processed when you, as users of the Application (including customers or potential customers), provide it to us when we contact you via e-mail, contact form, registration form or order form available on our Application, as well as via snail mail or when contacting you by phone. Through the e-mail address, we answer questions related to our offer, as well as provide information related to the execution of the concluded contract. In addition, if you have consented to the transmission of marketing content and have become a subscriber to our newsletter, we will also send you commercial and marketing information no more than several times a month,
- the device's IP address - information resulting from the general rules of Internet connections, such as the IP address (and other information contained in system logs), is used for technical and statistical purposes, including, in particular, the collection of general demographic information (e.g., about the region from which the connection is made),
- possibly other data may be collected as part of the conduct of specific cases or may be provided by you as a user of the Application via email, snail mail or when contacting us by phone.
We process your personal data for the purpose of:
- the provision by us of services related through the Application (Article 6(1)(b) of the GDPR) - in this regard, the personal data provided will be processed for the period necessary for the provision of services of the specified type and will cease to be processed after this period;
- entering into and performing contracts in connection with the services we offer (Article 6(1)(b) of the GDPR) - in this regard, personal data will cease to be processed once the contract in question has been fulfilled,
- to maintain an individual user account (Article 6(1)(b) of the GDPR) - in this regard, personal data will cease to be processed when the user deletes the account,
- to carry out the newsletter (subscription) service and send marketing content (Article 6(1)(a) of the GDPR) - in this regard, the personal data provided will be deleted upon withdrawal of consent and removal from the list of newsletter subscribers,
- to perform legal obligations incumbent on the Administrator, in particular record keeping, issuing invoices, etc. (Article 6(1)(c) of the GDPR) - in this regard, personal data will be deleted once certain legal obligations have been fulfilled, including the expiration of the statute of limitations for claims or public law liabilities;
- ongoing communication related to the operation of the Application (Article 6(1)(f) GDPR, i.e. the legitimate interest of the Administrator) - in this regard, personal data will cease to be processed when the question or questions in question are answered,
- to establish, assert or defend against claims (Article 6(1)(f) GDPR, i.e. the legitimate interest of the Administrator) - in this regard, personal data will be deleted when the claims in question expire, in particular by the statute of limitations, but as a general rule after the expiration of the 3-year period of the statute of limitations for claims, which ends at the end of the last calendar year of the period;
- express consent of the data subject for the performance of a contract and the provision of services (Article 9(2)(a) of the GDPR) - with respect to the processing of other specific data - in this regard, personal data will cease to be processed upon withdrawal of consent.
The source of the data processed by the Administrator is you, i.e. the individuals to whom the data relates.
The administrator uses the tools of Google Ireland Ltd (Google WorkSpace, Google Ads, Google Analytics, YouTube) Meta Platforms Ireland ltd. (Facebook, Facebook Pixel, Instagram) and Apple Distribution International Ltd. (App Store, Apple ID). Data processed as part of the use of these tools, is processed within the European Union/European Economic Area - in principle on servers in Ireland.
We do not share any personal data with third parties without the express consent of the data subject. Data may be shared without the consent of the data subject only with entities authorized to process personal data in applicable laws (e.g. the Police, the Prosecutor's Office, the Tax Office, etc.). The Administrator shall share personal data of its customers in particular: payment operators, companies providing postal and courier services and tax authorities.
Personal data may be entrusted for processing to entities that process such data on our behalf as the Administrator. In such a situation, we as the Administrator shall enter into a personal data processing entrustment agreement with the processor. The processor shall process the entrusted personal data only for the purposes, to the extent and for the purposes indicated in the entrustment agreement referred to in the preceding sentence. Without entrusting your personal data for processing, we would not be able to carry out our activities within the Application. As Administrator, we entrust personal data for processing to the following entities in particular:
- providing the hosting services on which the Application runs,
- providing accounting services,
- suppliers of tools related to promotional campaigns and marketing,
- CRM tool providers,
- providing other services to us that are necessary for the ongoing operation of the Application.
Personal data shall not be subject to profiling under the provisions of the GDPR.
In accordance with the provisions of the GDPR, each person whose personal data we process as a Controller has the right to:
- access to your personal data, as referred to in Article 15 of the GDPR,
- to be informed about the processing of personal data, as referred to in Article 12 of the GDPR,
- to correct, supplement, update, rectify personal data, as referred to in Article 16 of the GDPR,
- withdraw consent at any time, as referred to in Article 7(3) of the GDPR,
- deletion of data (right to be forgotten), as referred to in Article 17 of the GDPR,
- limitation of processing, as referred to in Article 18 of the GDPR,
- data portability, as referred to in Article 20 of the GDPR,
- object to the processing of personal data, as referred to in Article 21 of the GDPR,
- in the case of a legal basis, in the form of consent - the right to withdraw consent at any time without affecting the legality of the processing carried out on the basis of consent before its withdrawal,
- not be subject to the profiling referred to in Article 22 in conjunction with Article 4(4) of the GDPR,
- lodge a complaint to the competent supervisory authority (in Poland - to the President of the Office for Personal Data Protection) referred to in Article 77 of GDPR.
If you wish to exercise your rights referred to in the preceding paragraph, please send a message by e-mail to the e-mail address or in writing to the mailing address referred to in paragraph 2 above.
Each identified security breach shall be documented, and in the event of one of the situations specified in the provisions of the GDPR, the data subjects and, if applicable, the supervisory authority shall be informed of such breach.
Our Cookies Policy is a separate document located here.