Privacy Policy and Cookies Policy

§1
General remarks

This Privacy Policy specifies the rules for the protection and processing of personal data of users of the service in the form of a team cooperation platform (the "Platform"), accessible under https://web.getcore.app or downloadable from the website https://www.getcore.app (the "Service"), by the personal data controller - the operator of the Platform, which is Core Labs Spółka z ograniczoną odpowiedzialnością (the "Controller").

A User is any individual using the Platform or the Service (the "User"). Where this Privacy Policy refers to Users, it shall also be understood to mean contractors who have entered into an agreement with the Administrator, or any individuals representing or working with or employed by them, unless specified otherwise.

The legal basis for the adoption of this document are the personal data protection regulations, in particular, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the movement of such data, and repealing Directive 95/46/EC (the "GDPR").

The Service uses cookies. Please refer to the cookies policy for details.

§2
Personal data Controller

The controller of your personal data is Core Labs Spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw (00-844) at ul. Grzybowska 87. The controller can be contacted by e-mail at: hello@getcore.app or by letter to: Grzybowska 87, 00-844 Warsaw.

§3
Categories of personal data processed

1. The User provides the Controller with the following personal data:

1.1. the User's account information (login, password and contact details provided when creating the User's account);

1.2. User-generated content (all content posted on the Platform, in particular text messages, voice messages, emoticons, graphics);

1.3. payment information (information necessary to make a payment);

1.4. information on the actions performed by the User (for example: adding friends, creating groups, moderating content, etc.);

1.5. information needed to enable additional functionalities (additional information needed to integrate with services offered by third parties);

1.6. any other information provided directly by the user (providing feedback, participating in surveys, research, etc.).

2. The provision of personal data is voluntary, but necessary for the Controller to provide its services.

3. The Controller processes the followig personal data using the automated data processing:

3.1. information about the User's device (IP address, operating system information, browser information and information about device settings such as microphone and/or camera);

3.2. information about the use of the Platform (log information related to how and when the services are used - such as pages, servers and channels visited, activities performed or content interacted with);

3.3. other information collected by automated means (for example: clicks on advertisements or referral links);

3.4. cookies information (described in detail within the Cookies Policy).

4. The Controller shall process the personal data of the contractors, their representatives, individuals representing or cooperating with them or employed by them: name, e-mail address, telephone number (if necessary), place of employment/business address, tax identification number (if necessary) and PESEL (Polish citizens only and if necessary).

§4
Purposes of the processing of the personal data

1. The User's personal data will be processed for the following purposes:

1.1. for the purpose of the performance of the agreement, including:

1.1.1. to provide our services - for example: by processing images and sound during a video meeting or storing chat messages;

1.1.2. to be able to contact the User - for example: to verify an account being created or to enable the use of two-factor authentication security;

1.1.3. to provide customer service - for example: to answer questions about the use of the Platform;

1.2. for the purpose of the Controller's legitimate interests, including:

1.2.1. to protect the Platform - in particular to ensure security, prevent abuse and enforce compliance with the Terms and Conditions;

1.2.2. to report on the results obtained within the Platform by the Controller - in particular for the purposes of tracking activity indicators and preparing financial reports;

1.2.3. to personalise the Platform - in particular regarding information on other Users' activities, events and new features;

1.2.4. to improve the Platform - in particular, to gain insight into how Users interact with the Platform and how its reception can be improved;

1.2.5. to advertise the Platform - in particular to inform about the services and functions offered, and to verify the effectiveness of advertising;

1.2.6. to be able to contact the User - in particular for the purpose of sending marketing communications;

1.3. for the purpose of the fulfilment of a legal obligation incumbent on the Controller.

1.4. for the purpose of the performance of the agreement; the basis for processing is Article 6 section 1 letter b) of the GDPR;

§5
Transfer of personal data – recipients

1. The recipients of your personal data are:

1.1. entities ensuring the operation and maintenance of the Controller's IT systems;

1.2. the Controller's associates to whom access to your personal data is necessary to ensure the proper functioning of the Platform;

1.3. entities whose services the Controller uses in connection with ensuring the correct functioning of the Platform, for example: couriers and law firms.

2. The Controller shall not transfer, sell or lend collected personal data to other persons or institutions, except with the express consent or at the request of the User or at the request of authorised state authorities for the purposes of their investigations.

§6
Duration of the processing of personal data

1. The Controller will process your personal data for the period necessary to fulfil the purpose for which these personal data were collected, namely:

1.1. if you enter into an agreement with the Controller - the Controller may process your personal data for the time necessary for the performance of the agreement and subsequently for other lawful purposes, for example: to secure possible claims during the period of limitation;

1.2. where the legitimate interests of the Controller are pursued - until you object to the processing of your personal data;

1.3. in the event of performance of a legal obligation incumbent on the Controller under generally applicable law - until such time as the Controller has fulfilled its obligations under the law;

1.4. in the event of consent - as long as you have not withdrawn it.

2. If you give your consent, the Controller shall be entitled to process your personal data even after the termination of the aforementioned agreement. The Controller will not process your personal data if you withdraw your previously given consent. The withdrawal of consent shall not affect the lawfulness of the processing of your personal data performed prior to the withdrawal of consent.

§7
Transfer of personal data outside of the EEA

Some of our service providers may store User data outside the European Economic Area. In such cases, Users' data may be stored in countries that provide an adequate level of protection for personal data, or in countries that do not provide such a level. In the latter case, the Controller secures Users' data by concluding agreements with Controller's service providers containing the so-called Standard Contractual Clauses approved by the European Commission, which provide a guarantee of adequate protection for Users' personal data in third countries, or uses other bases for the transfer of personal data. For more information in this regard, please contact us.

§8
User's rights

1. The rights you have regarding the processing of your personal data:

1.1. the right to access information regarding what personal data is processed by the Controller and to obtain a copy of that information;

1.2. the right to rectify personal data where it is inaccurate or to supplement it where it is incomplete;

1.3. the right to erase your personal data, if:

1.3.1. when the personal data collected by the Controller is no longer needed by the Controller for the purposes of which you were informed;

1.3.2. if you withdraw your consent to the processing of your personal data;

1.3.3. insofar as the Controller is not entitled to process your data on any other legal basis;

1.3.4. if personal data has been unlawfully processed;

1.3.5. the need to erase personal data arises from a legal obligation of the Controller.

1.4. the right to data portability, meaning the right to request that the Controller send your personal data to another entity;

1.5. the right to restrict the processing of your personal data, if the correctness of your data is contested by you, the processing is unlawful or the Controller no longer needs certain personal data, or when an objection to the processing is raised, you can also request that for a certain, necessary period of time (for example to verify the correctness of your personal data or to assert claims) the Controller does not perform any operations on your personal data, but only stores them;

1.6. the right to object where the Controller processes your personal data for purposes arising from legitimate interests including, but not limited to, conducting marketing activities. In such an event, the Controller will stop processing your personal data immediately after you have raised an effective objection;

1.7. the right to withdraw your consent applies to all consents you have given for the processing of personal data.

2. A request for the exercise of the User's rights can be made:

2.1. in writing, by sending a letter to the address: Core Labs sp. z o. o., ul. Grzybowska 87, 00-844 Warsaw;

2.2. by sending an e-mail to an electronic mail address: hello@getcore.app.

3. The request specified in section 2 should indicate as precisely as possible what the request involves, in particular:

3.1. which of the rights specified in §7 section 1 above the User is seeking to exercise;

3.2. what personal data processing process is the subject of the request (for example: receipt of a newsletter);

3.3. which purposes of the personal data processing the request regards (for example: analytical purposes).

4. If the request made is expressed in such a manner that it is not possible to determine the substance of the request or for other reasons it is not possible to comply with the request, the Controller will request additional information from the User.

5. The request will be answered within 1 month of its receipt by the Controller. If necessary, this period may be extended by a further two months if the complexity of the request or the number of requests so requires. In the event of such an extension, the Controller shall promptly notify the sender of the request.

6. The response will be sent to the e-mail address from which the request was sent and, with regard to requests sent to the Controller's correspondence address, by post to the address indicated on the request, unless it is clear from the content of the letter that a response to the e-mail address is preferred and if such an e-mail address is specified in the request.

7. You have the right to file a complaint to the President of the Data Protection Authority if you consider that the processing of your personal data is unlawful.

§9
Security of personal data

1. The Controller conducts a risk analysis to ensure that personal data is processed in a secure manner, in particular ensuring that only authorised persons have access to the personal data and only to the extent necessary for the performance of the relevant purposes. The Controller shall ensure that all operations on personal data are recorded and performed only by authorised employees and associates.

2. The Controller undertakes all necessary measures to ensure that the Controller's subcontractors and other contracted entities guarantee the application of adequate security measures whenever they process personal data on the Controller's behalf.

§10
Final remarks

1. The Controller does not make any decision regarding Users based on automated processing, including profiling.

2. This Privacy Policy may be updated. When it is, the effective date below will be changed. Any previous versions of the Privacy Policy will be available upon request.

§11
Last updated: 24 Feb 2024

Cookies Policy

§1
General remarks

This Cookies Policy is directed to Users and defines the use of cookies (the "Cookies") by the Controller.

Cookies are placed on the User's end device.

The Controller processes the information contained in Cookies, while as regards the collection of information on Users, only anonymous data is collected in an aggregated form, which does not include any personal data.

Cookies are informational data, including text files, which are stored on the User's end device. These files are intended for the use of the Platform and the Service. In general, they contain the name and address of the website they come from, a unique number and the duration of storage on the User's end device.

Detailed information on the options and methods of using Cookies is available in the settings of your Internet browser. The Controller hereby informs the User that it is possible to configure the Internet browser in a manner which prevents the storage of Cookies on the User's end device.

The Controller hereby informs that Cookies may be deleted by the User after they have been placed by the Controller, by means of the appropriate functions of the Internet browser, programs designed for this purpose or by using the appropriate tools available within the operating system used by the User.

A banner is displayed to the User indicating the types of Cookies used by the Platform or the Service. The User consents to the storage of, and access to, Cookies by the Controller by continuing to use the Platform or the Website after such banner is displayed.

The Cookies are used for the following purposes:

a) to create statistics which help us to understand how Users use the Platform or Service, so that we can improve them;

b) noting and responding to potential errors (ensuring the correct functioning of the Platform or Service);

c) adapting the content of the Platform or the Service to the User's preferences and optimising the use of the Platform or the Service.

§2
Types of cookies

1. The following Cookies are used on the Platform and on the Service:

1.1. a) sesion Cookies, which are temporary files and are stored on the User's end device until the User leaves the Platform or Service or the software (web browser) is switched off,

1.2. b) permanent Cookies, which are stored on the User's end device for the time specified in the parameters of the Cookies or until they are deleted by the User.

2. The following types of cookies are used within this Platform or Service:

2.1. a) "necessary" Cookies enabling the use of functions available on the Platform or the Service, for example: authentication Cookies used for services requiring authentication on the Platform or the Service;

2.2. b) Cookies for providing security, for example: Cookies used for detecting misuse of authentication on the Platform or the Service;

2.3. c) "performance" Cookies, enabling the collection of information about the use of the Platform or the Service;

2.4. d) "functional" Cookies, enabling "memorisation" of the User's chosen settings.

3. The Controller hereby informs the User that it uses Google Analytics to collect and analyse aggregated information on the use of the Platform or the Service.

4. In many instances, the web browser software (Internet browser) allows Cookies to be stored on the User's end device by default. Users may change their settings regarding Cookies at any time. These settings can be changed, in particular, in such a way as to: block the automatic handling of Cookies in the settings of the Internet browser, notify the User each time Cookies are placed on the User's device or delete Cookies previously placed on the User's device. Detailed information on the possibility and methods of using Cookies is available in the settings of your web browser.

5. The Controller hereby informs that restrictions on the use of Cookies may affect certain functionalities available on the Platform or the Website.

Privacy Policy and Cookies Policy

§1General remarks

§2Personal data Controller

§3Categories of personal data processed

§4Purposes of the processing of the personal data

§5Transfer of personal data – recipients

§6Duration of the processing of personal data

§7Transfer of personal data outside of the EEA

§8User's rights

§9Security of personal data

§10Final remarks

§11Last updated: 24 Feb 2024

Cookies Policy

§1General remarks

§2Types of cookies

§1
General remarks

§2
Personal data Controller

§3
Categories of personal data processed

§4
Purposes of the processing of the personal data

§5
Transfer of personal data – recipients

§6
Duration of the processing of personal data

§7
Transfer of personal data outside of the EEA

§8
User's rights

§9
Security of personal data

§10
Final remarks

§11
Last updated: 24 Feb 2024

§1
General remarks

§2
Types of cookies