HOV sp z o.o. s.k. (owner of Mysa brand) recognize the importance of keeping your personal data (that is any information relating to an identified or identifiable natural person) private and safe. We prepared this document to make it clear how we collect and otherwise process (“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction) your personal data in our capacity of controller (meaning, the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data).
Data You may come visit and stay on our Website without identifying yourself, yet certain third-party analytics tools may collect the following information, including: browser type, browser language, IP address, operating system, Website access times, click events, keyboard events, mouse moves, screen color depth, screen resolution, host name, session ID (meaning recognizing if you have visited the Website before), and cookie values. If you sign up for our newsletter your email as well as your IP address may also be collected.
However, when you want to:
(a) contact us for general questions, technical support, request for quotation, business support, business opportunity, and the like – you will be asked to provide us with your full name, company name, email address, and further information in the “your message” section of the contact form, some of which data may qualify under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) as personal data or call for the treatment as prescribed in said Regulation (“GDPR”);
(b) sign up for our newsletter your email as well as your IP address will be collected, both for in sign up process as well as the receiving process, as we register logo image download. This data may also be qualified under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) as personal data or call for the treatment as prescribed in said Regulation (“GDPR”);
Grounds and Purposes
Your personal data that we collect and further process helps us provide you with the most relevant Website content and user experience as well as high quality Services. We use the personal data you provide us with:
(a) when you want to contact us – to answer, satisfy or otherwise address your questions, inquiries, requests, and the like;
(b) in respect of an account – to create the account, and to let you smoothly access, better navigate, and use other features relating to our Website or Services;
(c) combined with information related to your activity within our Website or Services – (i) for analytical purposes (email address), (ii) to enforce or defend legal claims and to prevent fraud and abuse (account and contract details), and (iii) to create and use your profile for marketing purposes (various). Apart from that, we may use your personal data in order to (iv) send you communication related to the use or functioning of our Website or Services (in particular information, system and transactional e-mails), and (v) provide support, and monitor the quality of our Website and Services.
On top of that it is fair to say that we do not subject you to a decision based solely on automated processing, including profiling, which produces legal effects concerning or similarly significantly affecting you. Therefore, your right not to be subject to such decisions as stipulated in Article 22 GDPR, will not be spelled out in the next chapter. Along the same lines, we will not dwell much on instances where processing takes place based on “vital interests” or “public tasks”, as these do not feature in our activities.
You have the right to:
(a) know if we process your personal data; if we do, you may: (i) access your personal data, and (ii) receive a copy of your personal data (collectively, “right of access”, as defined in Article 15 GDPR) – the first copy is free of charge; for any further copies you request, we may charge you a reasonable fee based on the administrative costs;
(b) complete or otherwise rectify the personal data you provide us with (“right to rectification”, as defined in Article 16 GDPR);
(c) erase your personal data (“right to erasure”, as defined in Article 17 GDPR) if either: (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) you withdraw consent on which processing is based and there is no other legal ground for the processing, (iii) the personal data has been unlawfully processed or has to be erased to comply with a legal obligation, (iv) the personal data have been unlawfully processed, or (v) otherwise as defined in Article 17.1 GDPR; however, we may keep some of your personal data if the processing is necessary for the establishment, exercise or defense of legal claim or compliance with a legal obligation, or otherwise as set forth in Article 17.3. GDPR;
(d) obtain restriction of processing (“right to restriction of processing”, as defined in Article 18 GDPR) when either: (i) you contest the accuracy of your personal data; (ii) the processing of your personal data is unlawful, and you request the restriction of their use instead of erasing it, (iii) we no longer need your personal data, but you require them to establish, exercise, or defend legal claims, or (iv) you object to the processing of your personal data – anyhow, we will make some of the features of our Website or Services connected to the processing of the personal data subject to restriction unavailable to you while we review your request;
(e) object, on grounds relating to your particular situation, at any time to processing of your personal data based on “legitimate interest”, including profiling (“right to object”, as defined in Article 21 GDPR); as regards direct marketing, no grounds are needed and we cannot rely on any compelling legitimate grounds to override your interests, rights, and freedoms behind the objection – when you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes; simple as that;
(f) portability (“right to data portability”, as defined in Article 20 GDPR) – the personal data provided by you and processed by us by automated means based on consent or a contract as between ourselves will be provided to you or transmitted to another controller in a structured, commonly used and machine-readable format;
(g) lodge a complaint with a supervisory authority.
You may exercise your rights by filing a demand to the following email address: . If we deem it reasonably necessary, we may ask you additional questions or ask you to provide us with additional documents – to confirm your identity and entitlement. However, if you don’t want to receive email notifications from Mysa, you may simply unsubscribe from our newsletter. The unsubscribe instructions are placed at the bottom of each email you receive.
At the time of your browsing our Website, our servers automatically collect information sent by your browser and included in log files. The information may include a variety of data, in particular email address, IP address, browser type, internet site you visited immediately prior to accessing our Website, the time of accessing our Website, and other statistical data. Mysa may use the information for the purposes of conclusion, amendment, termination of a contract with you, if any, and to ensure the highest quality of our Services, as well as for technical and statistical purposes.
Mysa may continue to process your personal data after you have ceased to use our Website or Services if the personal data: (i) is necessary for the settlement of dues or satisfaction of claims for payment; (ii) is anonymized and necessary for the purposes of advertising, market research, or your behavior and preferences studies, and the results of the same are to improve the quality of our Services; (iii) is necessary to clarify the circumstances of unauthorized use of our Website or Services; or (iv) may be processed on the basis of applicable laws or agreements.
If Mysa becomes aware or informed that you have abused our Website or Services, we may process your personal data to the extent necessary to determine your liability, provided that we record receipt and contents of the information for evidentiary purposes. We may inform you of unauthorized activities and demand their immediate cessation.
Third Party Analytics, Advertising and Remarketing Tools
Based on data collected by Google Analytics we may also build custom audiences of people who have visited some of our Website’s pages and/or made a conversion on our Website for showing these audiences relevant ads with the help of Google Adwords Remarketing feature. This process doesn’t involve using any of your personal data. Your personal data is not being disclosed or transferred in any way to Google. You may adjust your preferences connected to Google Adwords ads you want or don’t want to see here: https://www.google.com/settings/u/0/ads/authenticated.
Recipients, and third country transfers
We use the services of third-party providers, who process your personal data as processors (meaning, a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller). They provide us with services related to: supporting certain features of our Website or Services, hosting, customer support, tracking security incidents and responding to them, diagnosing and solving problems with our Website or Services, web push notification display, analysis of marketing campaigns efficiency as well as analysis of use of our Website and Services. However, we also cooperate with service providers who themselves determine the purposes and means of processing your data, in order to carry out remarketing campaigns and statistical analysis.
Recipients (meaning, a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not) who we transfer the data to are based mainly in countries of the European Economic Area (EEA). As for those who are based outside of the EEA we’ve made sure that they guarantee a high level of personal data protection, as evidenced by their participation in the „EU-US Privacy Shield” program ( https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en).
Information Security and Data Sharing
We take all appropriate measures to ensure the security of your personal data when you contact us, use our Services, or subscribe to our newsletter. All private information entered by you is transferred via special security systems and automatically encrypted using SSL/TLS. SSL/TLS is the industry standard for transferring sensitive data over the internet. Access to your personal information is restricted to those Mysa employees who need to have access to it and bear responsibility for keeping your information confidential.
We do not sell, rent or give out personal information to any third party. We may involve third-party service providers to assist us in conducting our business (for instance, sending marketing newsletters or surveys) and share with them some of your private data necessary for that purpose if you have given us your consent and if the third party agrees to keep this information confidential. We will not use your information for any purpose outside the scope of communicating with you about our Services.
Our Website contains hyperlinks (for instance, in the form of logos of entities external to Mysa) that, if clicked on, redirect you to external websites. Application of such reference must not be so understood as to imply any kind of association between Mysa and the entity to which the external website belongs. Neither may Mysa be held liable for the consequences of this kind of redirection nor does Mysa determine the content of external websites. We bear no responsibility for the terms and conditions of privacy and security policies in force on those websites, or for cookies used while browsing any such external websites. We encourage you using this kind of reference to consult the contents of the relevant documents in force on external websites.