Privacy notice

This Privacy Notice describes our privacy practices regarding the collection and use of your personal data in the context of Tooploox’s newsletter.

Who we are?

We are Tooploox, or more formally - Tooploox sp. z o.o. a limited liability corporation established in Poland. Our registered seat is in Wrocław (53-601) at Tęczowa 7. We are the controller of your personal data under the EU General Data Protection Regulation. You can contact us with all questions relating to your privacy at privacy@tooploox.com.

Information we collect and how we use it

When you sign up for Tooploox newsletter you will be asked to give us your name, email, company and role. We will use this data for marketing purposes, including sending our newsletter to you. The processing of your personal data in this context is based on your consent (art. 6(1)(a) of the GDPR). You may withdraw your consent at any time. This will not, however, affect the lawfulness of the processing based on this consent before its withdrawal. Subscribing to our newsletter is completely voluntary.

How long will we store your personal data?

We will store your personal data until you revoke your consent.

Who we may share your personal data with?

We share your personal data with providers of services that help us run our business and help us run marketing campaigns (such as cloud service providers, providers of marketing automation tools, external consultants). We also share information about your use of our sites with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.
Where required or permitted by law, personal data may be provided to others, such as regulators and law enforcement agencies.

What are your right?

You have a right to

• access to data: you have the right to access the information that we have on you. If you choose to exercise this right, upon your request, we will also provide you with a copy of the data we process about you. We will fulfill your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee;
• rectification of data, erasure and restriction of processing: if you believe that the information we have about you is incorrect, you are welcome to contact us, so we can update it and keep your data accurate. We will automatically delete information about you after it is no longer needed for the purposes it was collected for. Nonetheless, if at any point you wish for us to delete information about you, you have the right to do so. You also have the right to obtain restriction of processing of your data.
• data portability: in case the processing of your personal data is based on a contract or your consent, you have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You can also request us to transmit such data to another controller if it is technically feasible.
• withdraw your consent: you may withdraw your consent at any time. This will not, however, affect the lawfulness of the processing based on this consent before its withdrawal.

In order to comply with requests concerning your rights, if the information that you provide is insufficient to identify you, we may ask you to give us additional information that we will use to verify your identity. If you fail to provide such information and the information that you have already given to us is not sufficient to identify you, we may refuse to fulfill your request.

Profiling

We do not use any information provided by you for the purposes of automated decision-making, including profiling.

International data transfers

Whenever possible, we will try to use processors which process personal data within the European Economic Area (“EEA”). In case there is a need for us to use processors located outside of the EEA, we will only disclose personal data to them provided that appropriate international data transfer safeguards described in the GDPR are in place.
As of the date of this Privacy Notice, we may transfer information that you provided us with to the United States of America. Such transfer will rely either on Binding Corporate Rules implemented by our processors, standard data protection clauses approved by the European Commission or will be made within the Privacy Shield framework.
If you have further questions about international data transfers that we make or want to obtain a copy of the safeguards that are in place to guarantee the legality of the transfer you can contact us by sending an email at privacy@tooploox.com.

How to contact us and seek additional help?

If you have any questions or doubts related to this Privacy Notice or want to know more about how we protect your personal data or your rights, you can contact us by sending an email at privacy@tooploox.com. We hope that we will be able to answer all your questions and settle all disputes amicably. Nonetheless, if you think that your rights were not observed or that your privacy was harmed, you can always lodge a complaint with a competent data protection authority.