- SPYROSOFT – SPYROSOFT Spółka Akcyjna with its registered office in Wrocław, at Nowy Targ Square 28, entered in the Register of Entrepreneurs maintained by the District Court for Wrocław – Fabryczna in Wrocław, 6th Commercial Division under the number KRS: 0000616387, Taxpayer Identification Number (NIP): 8943078149.
- User – natural person using the Application and having it installed in a mobile device.
- Client – employer or principal employing the User on the basis of an employment contract or a civil-law contract as well as cooperating with the User conducting business operations based on the cooperation agreement concluded with SPYROSOFT.
- Application – Allpro installed in the Users’ devices, used by them on the basis of an agreement between the Client and SPYROSOFT.
2. GENERAL INFORMATION
- The owner of the Application available at Microsoft Appsource is SPYROSOFT.
- Willing to ensure the highest privacy protection standards of persons using the Application, SPYROSOFT has developed a set of rules related to the collection and use of the information concerning the Users.
3. DATA PROCESSING
- In principle, the Client is the controller of the Users’ personal data. The Client decides about the purpose and the scope of the Users’ personal data collected. In principle, SPYROSOFT processes personal data at the Client’s request as an entity entrusted with data processing.
- SPYROSOFT can collect and process the data identifying and not identifying the User.
- The Application obtains the information about the Client and about the Users and their behaviour in the following manner:
- a) from the information voluntarily entered in the forms;
- b) from the cookie files by saving them in the end devices;
- c) by collecting server logs by the hosting operator.
- personal data collected by SPYROSOFT can be stored throughout the entire period of its activity for the purpose of the performance of the agreement concluded with the Client and for the purpose of optimization of the Application.
- The User shall have the right to:
- request access to its personal data, to have its data rectified, deleted or to limit its personal data processing,
- object to such processing,
- transfer the data,
- lodge a complaint to a supervisory authority.
One may exercise the aforementioned rights by submitting an application to SPYROSOFT through the data in § 1 par. 1 or by submitting the application directly to the Client.
4. INFORMATION ABOUT THE DATA COLLECTED
- SPYROSOFT can collect the data identifying and not identifying the User.
- The main objective of SPYROSOFT related to the collection of the information that does not enable to identify the Users is the desire to better understand the expectations of the Users using the Application, to optimize its functions and the content.
- In principle, the Application collects the following data:
- a) description of the Users’ characteristics and their employment periods including the information on the rights related to reporting and applications to be submitted (e.g. overtime, holiday, type of the contract),
- description of the project in which the User is involved and the identification of persons managing the said project and their rights,
- assigning the User to the project,
- description of the Client, branches, calendars, available types of contracts with the Users and their parameters,
- applications submitted by the Users (e.g. application for a leave/ non-provision of services, sickness, overtime),
- information about the working time/ hours of rendering services,
- financial information related to the cooperation with a given User,
- description of the employment history and skills held by the User,
- information about business trips,
- the User’s satisfaction survey on the cooperation with the Client,
- information on the User’s professional development, support received from the Client.
- Data for the Application are provided directly by the User or the Client. The data can also be collected in the cookie files.
- In addition, the following information are to be recorded: the moment of sending a query, the name of the User’s device – identification performer by HTTP protocol, the information about errors that occurred during the execution of the HTTP transaction, the URL address of the website visited previously by the User (referrer link) – when the transition to the Application was made via link, data related to the User’s browser and its IP identifier.
- SPYROSOFT has formulated individual goals in the scope of personal data safety and took actions necessary to ensure personal data processing in accordance with the law, in a reliable and transparent manner for the data subject.
- The goals specified in par. 1 are implemented by taking appropriate actions and applying effective safeguards which include in particular:
- adequate protection of IT systems in which personal data are processed,
- regular increase in the awareness and knowledge of the employees/associates in the scope of personal data security,
- informing the employees / associates about the consequences, including disciplinary measures in the event of breach of personal data security,
- granting access to documents, materials or systems containing personal data only to authorised persons,
- securing documents, materials or systems against loss or damage of personal data included therein,
- implementation of detailed rules specifying the method of managing user rights and the authentication rules in all systems used in SPYROSOFT,
- carrying out thorough tests in the process of preparing new software,
- reporting incidents related to information security,
- regular risk analysis in the field of information security and designing activities minimising potential risks,
- entrusting personal data only to third parties that ensure sufficient guarantees of implementing adequate technical and organisational measures so that the processing met the requirements of generally applicable law, this document and protected the rights of data subjects.
- Taking into account the status of technical knowledge, the cost of implementation, the nature, scope, context and purposes of processing, as well as the risk of violating rights or freedom of natural persons with different probability of occurrence and severity of risk resulting from the processing, SPYROSOFT has implemented – both when determining methods of processing and in the course of the processing itself – adequate technical and organisational measures designed for the purpose of effective implementation of data protection rules so as to meet the requirements resulting from generally applicable law and to protect the right of data subjects.