Privacy Policy

The Privacy Policy is a document related to the Terms of Service Rebench available at the URL: rebench.io/terms ("Terms of Service"). The definitions of terms used in the Privacy Policy are included in the Terms of Service. Provisions of the Terms of Service apply accordingly to the Privacy Policy.

The Privacy Policy is informational in nature and fulfills the information obligations imposed on the data administrator by the GDPR, i.e., Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Every person who uses the Platform or Application Rebench (hereinafter referred to as “Rebench”) should familiarize themselves with the Privacy Policy. The privacy policy defines the rules for processing personal data of users of Rebench and the use of cookies and other tracking technologies used in connection with the operation of Rebench.

1. PERSONAL DATA ADMINISTRATOR

1. The personal data administrator of the Users is REBENCH sp. z o.o. with its registered office in Warsaw (00-682), at Hoża Street No. 86, apt. 410, entered into the register of entrepreneurs of the National Court Register under number 0001058355, REGON: 526400399, NIP: 7011164832, with a share capital of 15,000 PLN.
2. The subject of personal data may contact the Service Provider, who is the personal data administrator, by sending a message to the following e-mail address: contact@rebench.io

 

2. METHOD OF DATA PROCESSING

1. The purpose and scope of the personal data processed are determined by the range of consents and data provided by the person concerned in the registration, contact form, or other forms available in Rebench.
2. Providing personal data is voluntary, but failure to provide the personal data marked in the form (especially in the Account registration form) as mandatory will prevent the use of all functionalities of Rebench. The nature of the actions undertaken by the Service Provider prevents them from being provided anonymously.
3. Users' personal data will be processed for the following purposes:

purpose of processing	scope of data	legal basis for processing	period of data processing
providing access to Rebench	IP address	Art. 6(1)(b) of the GDPR - processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract	until the expiration of claims related to providing Rebench to the data subject
registration in Rebench, account creation, providing the possibility of logging into Rebench	IP address, email address, first and last name, position, name and address of the employer/client, other information concerning the employer/client	Art. 6(1)(b) of the GDPR – as above.	until the expiration of claims related to providing Rebench to the data subject in terms of logging capabilities
enabling the publishing of Advertisements	email address, position, first name, last name, other data voluntarily provided in the form content	Art. 6(1)(b) of the GDPR – as above.	until the expiration of claims related to the publication of the Advertisement
enabling the placement of Orders	email address, first name, last name, delivery address, employer's/contractor’s name and address, other information related to the employer/contractor	Art. 6(1)(b) of the GDPR – as above.	until the expiration of claims related to actions taken by the User to place an Order
email contact with the data subjects, responses to emails	email address, first name and last name, other data provided voluntarily in the form or email content	Art. 6(1)(f) of the GDPR – legitimate interest of the Service Provider as the administrator, which consists of handling inquiries and correspondence sent directly by the data subjects	until the correspondence has ended or opposition is expressed by the data subject
telephone contact with the data subjects	phone number, first name and last name, other data provided voluntarily during the conversation	Art. 6(1)(f) of the GDPR – legitimate interest of the Service Provider as the administrator, which consists of handling inquiries and correspondence sent directly by the data subjects	until the end of the conversation or opposition is expressed by the data subject
contact using the contact form	email address, first name, last name, other data provided voluntarily in the contact form	Art. 6(1)(f) of the GDPR – legitimate interest of the administrator in handling inquiries and correspondence directed directly by the data subjects	until the end of the correspondence or opposition is expressed by the data subject
settlement execution, issuance of accounting documents, keeping accounting records	first name and last name, delivery address, bank account number, data related to the conducted economic activity	Art. 6(1)(c) of the GDPR – fulfillment of obligations arising from legal provisions, especially tax law	for the duration of the obligation to store accounting documents resulting from legal regulations
traffic research within Rebench	IP address, cookies used by the Google Analytics 4 tool	Art. 6(1)(a) of the GDPR – consent of the data subject	until the data is no longer useful or consent is withdrawn by the data subject
protection against claims, directing claims	email address, first name, last name, other data voluntarily provided in the contact form	Art. 6(1)(f) of the GDPR - legitimate interest of the administrator consisting in protection against claims and directing claims	until the expiration of the limitation period for claims related to access to the website and the User's activities within the website, counted from the User's last visit to the website

4. In the event that the Service Provider receives information about a person using the services provided by the Service Provider or Rebench functionalities contrary to the generally applicable laws, the Service Provider may process the User's personal data to the extent necessary to determine the scope of their liability, based on Art. 6 sec. 1 lit. f of the GDPR, i.e., the legitimate interest of the Service Provider in pursuing or defending against claims.
5. The Service Provider does not transfer Users' personal data to third countries (i.e., outside the European Economic Area). In the event of an intention to transfer personal data outside the EEA, the Service Provider will inform the persons concerned, ensure the data recipient guarantees the security and integrity of personal data, and will take all actions to ensure the legality of the personal data transfer to a third country.
6. The Service Provider will not engage in automated decision-making based on Users' personal data.
7. The Service Provider may engage in profiling to display personalized advertising or marketing messages to the User, adapted to the Users' preferences and behaviors.
8. The User can object to profiling at any time using the email address indicated in point 1.2. or by sending a letter to the correspondence address. The User may also use the form available on the Service Provider's website.
9. All personal data concerning third parties (e.g., a carrier or a person storing Products) is entered by the User into Rebench, acting as a personal data administrator or its representative. In terms of processing personal data of these categories of persons, the Service Provider acts as a processing entity, based on the appropriate contractual clauses included in the contract with the client. The User is obliged to inform the persons referred to above about how their personal data are being processed (or processed by the User's employer/client).

3. DATA RECIPIENTS

10. The Service Provider may entrust the processing of personal data of Users to third parties for the purpose of performing activities indicated in the Rebench Regulations. The recipients of the User's data may include, in particular: the hosting provider for Rebench, the email service provider, a software development company, CRM software provider, email messaging service provider, accounting, law firm, entity providing the possibility of issuing invoices, entity ensuring the execution of payments in Rebench, entities providing cloud solutions, and other solutions used by the Service Provider in current operations related to the processing of personal data.
11. Personal data collected by the Service Provider may also be made available to appropriate state authorities or institutions (law enforcement agencies, courts, security service) authorized to access them on the basis of generally applicable legal provisions, or to other persons and entities - in cases provided for by generally applicable legal provisions.
12. Each entity to whom the Service Provider entrusts the processing of personal data, based on a personal data processing entrustment agreement ("Entrustment Agreement"), guarantees an appropriate level of security and confidentiality of personal data processing. An entity processing personal data under an entrustment agreement may process personal data through another entity only with the prior consent of the Service Provider.
13. The disclosure of personal data to entities unauthorized under the Privacy Policy may occur only with the consent previously expressed in writing by the person to whom the data relates.
14. Users purchasing Products via Rebench must remember that the administrator of their personal data will be not only the Service Provider but also each User from whom they purchase Products. In such a case, their personal data will be processed by such an entity for the purpose of implementing the Final Agreement and for other legitimate purposes.
15. In the case referred to in section 3.5 above, the selling User is obliged to independently fulfill the information obligation towards purchasing Users, whose data they process as an administrator. In particular, such a User should indicate their contact details, the scope and purposes of personal data processing, as well as inform the persons to whom the data relates about their rights.
16. Rebench has no possibility of effective verification of the fulfillment of obligations referred to in point 3.6 above and bears no responsibility towards the purchasing User in the event of failure to fulfill obligations by the selling User.

4. RIGHTS OF THE DATA SUBJECT

17. Every person whose data is concerned has the right to: (a) deletion of personal data collected about them from both the system belonging to the Service Provider, and from the databases of entities with which the Service Provider cooperates or has cooperated, (b) restriction of processing of personal data, (c) transfer of personal data collected by the Service Provider about the given person, including receiving them in a structured form, (d) request from the Service Provider access to their personal data and their rectification, (e) object to the processing of personal data, (f) withdraw consent to the Service Provider at any time without affecting the legality of the processing of personal data that was carried out on the basis of consent before its withdrawal; (g) lodging a complaint against the Service Provider to the supervisory authority (President of the Office for Personal Data Protection).

5. OTHER DATA

18. The Service Provider may store http requests, therefore, some information about the Users, including: the IP address of the computer from which the request came, the name of the User's station - identification performed by the http protocol, the date and system time of registration in Rebench and receipt of the request, the number of bytes sent by the server, the URL of the page previously visited by the User (when the User entered Rebench via a link), information about the User's browser, information about errors that occurred during the execution of the http transaction, may be recorded in the server's log files. Logs may be collected as material for proper administration of Rebench. Only persons authorized to administer the information system have access to the data referred to in the preceding sentences. Log files may be analyzed to compile traffic statistics in Rebench and occurring errors. The summary of such information does not identify the User.
19. The Service Provider may use analytical tools such as Google Analytics and/or Azure Ad, within which it has access to anonymized information about Users, including: information about the operating system and web browser used by the User, time spent on Rebench, the User's age range, gender, approximate location, interests determined based on their online activity. The information referred to in the preceding sentence is not combined with the personal data of Users and does not allow their identification and is not personal data within the meaning of the GDPR regulations.

6. SECURITY

20. The Service Provider takes care of the security of the Users' personal data. For this purpose, the Service Provider has implemented appropriate security measures and personal data protection, considering the risks associated with the processes of processing personal data. In particular, the Service Provider technically and organizationally protects personal data from being disclosed to unauthorized persons, taken by an unauthorized person, altered, lost, damaged, or destroyed, and from being processed in violation of the GDPR provisions by using, among others, SSL certificates. The collections of personal data gathered by the Service Provider are stored on secured servers, and the personal data are also protected by the Service Provider's internal procedures for processing personal data and information security policy.
21. Regardless of the above, the Service Provider indicates that using the Internet and services provided electronically can be threatened by the penetration of malicious software (malware) into the teleinformatic system and the given person's device, as well as by third parties gaining access to data, including personal data. To minimize such threats, every person should use appropriate technical safeguards (antivirus programs) or those protecting identification on the Internet.

7. COOKIES FILES

22. For Rebench to function correctly, the Service Provider uses cookie files ("Cookies"). Cookies are text information stored on the User's device (computer, tablet, smartphone) that can be read by the Rebench teleinformatics system or third-party teleinformatics systems.
23. The Service Provider uses two types of Cookies: (a) session cookies, which are permanently deleted at the end of the User's browser session, and (b) persistent cookies, which remain on the User's device after the browser session until they are deleted.
24. Based on both session and persistent Cookies, it is not possible to determine the User's identity or identify them in any other way. Cookies do not allow any personal data to be retrieved.
25. Files generated directly by the Service Provider cannot be read by other services. External Cookies (i.e., Cookies placed by entities cooperating with the Service Provider) can be read by an external server.
26. The User can independently change the settings for Cookies at any time, specifying the conditions for their storage, through the internet browser settings or service configuration in Rebench.
27. The User can independently disable the saving of Cookies on their device at any time, in accordance with the instructions of the internet browser manufacturer, but this may cause some or all of the functions of Rebench to be unavailable.
28. The User can independently delete Cookies stored on their device at any time, in accordance with the instructions of the internet browser manufacturer.
29. The Service Provider uses its own Cookies for the following purposes: authenticating the User in Rebench and maintaining the User's session; configuring Rebench and adapting its content to the preferences or behavior of the User; analyzing and researching viewership, including the number of clicks and the path of the User's movement through Rebench, to improve its appearance and organization of content, time spent within Rebench, the number of Users, and the frequency of their visits to Rebench.

The Service Provider uses external Cookies to create anonymous statistics that help optimize the usability of Rebench, through analytical tools such as Google Analytics and/or Azure Ad, as mentioned in section 5.2. above;

30. Detailed information on managing Cookies is available in the settings of the web browser used by the User.

8. POSTANOWIENIA KOŃCOWE

31. Effective date of Privacy Policy: November 1, 2023