Privacy Policy - Dailyboard
-
GENERAL PROVISIONS
-
The Privacy Policy of Dailyboard.io is of an informational nature, indicating that it does not impose obligations on the Users of the Internet Dailyboard.io. The Privacy Policy primarily includes principles related to the processing of personal data by the Administrator on the Dailyboard.io, including the legal basis, purposes, and duration of personal data processing, as well as the rights of individuals whose data is processed. It also provides information on the use of cookies and analytical tools on the Dailyboard.io.
-
Administrator of personal data collected through Dailyboard.io is Dailyboard Sp. z o.o. with its registered office in Poznan, ul. Podlaska 15, 60-623 Poznan, Poland entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for Poznań - Nowe Miasto i Wilda in Poznań, VII Economic Division of the National Court Register under KRS number: 0001062014, NIP: 7812058140, share capital: PLN 5,000.00, e-mail address: office@dailyboard.io
-
Personal data on Dailyboard.io is processed by the Administrator in accordance with the applicable legal regulations, particularly in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - hereinafter referred to as “GDPR” or “GDPR Regulation.” The official text of the GDPR can be found at: http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=CELEX%3A32016R0679
-
The use of Dailyboard.io is voluntary. Similarly, the provision of personal data by the User of Dailyboard.io is voluntary, with two exceptions: (1) entering into agreements with the Administrator - failure to provide, in cases and to the extent indicated on Dailyboard.io and in the Regulations of Dailyboard.io, the necessary personal data to conclude and perform an Electronic Service Agreement with the Administrator results in the inability to conclude such an agreement. Providing personal data is in this case a contractual requirement, and if the individual whose data it concerns wishes to enter into a specific agreement with the Administrator, they are obliged to provide the required data. The scope of data required to conclude an agreement is specified in advance on Dailyboard.io and in the Regulations of Dailyboard.io; (2) legal obligations of the Administrator - providing personal data is a legal requirement arising from universally applicable legal regulations imposing on the Administrator the obligation to process personal data (e.g., processing data for tax or accounting purposes), and failure to provide them will prevent the Administrator from fulfilling these obligations.
-
Taking into account the nature, scope, context, and purposes of processing, as well as the risk of violation of the rights or freedoms of individuals with varying likelihood and severity, the Administrator implements appropriate technical and organizational measures to ensure that processing complies with the GDPR, and to be able to demonstrate such compliance. These measures are subject to periodic reviews and updates as needed. The Administrator employs technical measures to prevent unauthorized acquisition and modification of personal data transmitted electronically.
-
-
BASES FOR DATA PROCESSING
-
The Administrator is authorized to process personal data in cases where - and to the extent that - at least one of the following conditions is met: (1) the individual whose data is concerned has given consent to the processing of their personal data for one or more specified purposes; (2) processing is necessary for the performance of a contract to which the individual whose data is concerned is a party or for taking pre-contractual steps at the request of that individual; (3) processing is necessary for compliance with a legal obligation to which the Administrator is subject; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual whose data is concerned, requiring the protection of personal data, in particular where the individual whose data is concerned is a child.
-
The processing of personal data by the Administrator requires the existence, on each occasion, of at least one of the bases indicated in point 2.1 of the privacy policy. The specific legal bases for processing the personal data of users of Dailyboard.io by the Administrator are specified in the subsequent point of the privacy policy, with reference to the particular purpose for which the Administrator processes the personal data.
-
-
PURPOSE, BASIS, AND DATA PROCESSING TIME
-
Each time, the purpose, basis, duration, and recipients of personal data processed by the Administrator arise from actions taken by the respective User or Client on Dailyboard.io or by the Administrator.
-
The Administrator may process personal data on Dailyboard.io for the following purposes, on the following legal bases, within specified periods, and to the following extent:
-
The purpose of data processing | The legal basis for processing and the period of data retention |
In fulfillment of a contract concluded with the Administrator (e.g., Sales Agreement, use of a Product, or use of an Electronic Service), or the performance of actions at the request of the person to whom the data pertains before the conclusion of the agreement | Article 6(1)(b) of the GDPR (Execution of the contract)The data is stored for a period necessary for the performance, termination, or expiration in another way of the concluded agreement. |
Direct Marketing | Article 6(1)(f) of the GDPR (legitimate interests of the data Administrator) - processing is necessary for the purposes of the legitimate interests pursued by the Administrator – involving safeguarding the interests and good reputation of the Administrator, Dailyboard.io, and striving for the sale of Products. The data is stored for the period of the existence of the legally justified interest pursued by the Administrator, but no longer than the limitation period for claims against the person to whom the data relates, arising from the business conducted by the Administrator. The limitation period is determined by the law, in particular, the Civil Code (the basic limitation period for claims related to business activities is three years, and for a sales contract, it is two years). The Administratorcannot process data for direct marketing purposes in the event of an effective objection in this regard by the person to whom the data pertains. |
The tax, accounting, and financial obligations of the Administrator. | Article 6(1)(c) of the GDPR in connection with Article 74(2) of the Accounting Act of January 30, 2018 (Journal of Laws of 2018, item - processing is necessary to fulfill a legal obligation incumbent upon the Administrator. The data is stored for the period required by the legal provisions obliging the Administrator to keep tax records (until the expiration of the limitation period for the tax liability, unless tax laws provide otherwise). |
Determining, investigating, or defending claims that the Administrator may raise or that may be raised against the Administrator | Article 6(1)(f) of the GDPR - processing is necessary for the purposes of the legitimate interests pursued by the Administrator – involving the determination, investigation, or defense of claims that the Administrator may raise or that may be raised against the Administrator. The data is stored for the period of the existence of the legally justified interest pursued by the Administrator, but no longer than the limitation period for claims against the Administrator or the person to whom the data relates, arising from the business conducted by the Administrator (the basic limitation period for claims against the Administrator is six years) or until an objection is raised. |
Utilization of Dailyboard.io and ensuring its proper functioning | Article 6(1)(f) of the GDPR (legitimate interest of the data Administrator) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator– consisting of maintaining and managing Dailyboard.io.The data shall be stored for the period necessary to fulfill the legitimate interests pursued by the Administrator, but no longer than the statute of limitations period for claims the Administrator may have against the individuals whose data is processed, arising from the Administrator’s business activities or until objection is raised. The statute of limitations is determined by applicable law, particularly the Civil Code (the basic limitation period for claims related to business activities is three years, and for Sales Agreements, it is two years). |
Conducting statistics and analyzing traffic on Dailyboard.io. | Article 6(1)(f) of the GDPR (legitimate interest of the data Administrator) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator– consisting of conducting statistics and analyzing traffic on Dailyboard.io for the purpose of improving the functioning of Dailyboard.io and increasing the sale of Products.The data shall be stored for the period necessary to fulfill the legitimate interests pursued by the Administrator, but no longer than the statute of limitations period for claims the Administrator may have against the individuals whose data is processed, arising from the Administrator’s business activities or until objection is raised. The statute of limitations is determined by applicable law, particularly the Civil Code (the basic limitation period for claims related to business activities is three years, and for Sales Agreements, it is two years). |
Providing responses to directed inquiries and for the purpose of maintaining ongoing correspondence | Article 6(1)(f) of the GDPR (legitimate interest of the data Administrator) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator – in responding to directed inquiries and for the purpose of maintaining ongoing correspondence (pertaining to channels available on the website as well as social media plugins - e.g., Facebook).The data shall be stored for the period necessary to fulfill the legitimate interests pursued by the Administrator, but no longer than the statute of limitations period for claims the Administratormay have against the individuals whose data is processed, arising from the Administrator’s business activities or until objection is raised. The statute of limitations is determined by applicable law, particularly the Civil Code. |
Managing social media accounts. | Article 6(1)(f) of the GDPR (legitimate interest of the data Administrator) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator – managing an account on a specific social media platform, according to the terms and conditions specified by that platform, for the purpose of informing about the Administrator’s activities, promoting events, brand, products, and services, building and maintaining a community with the Administrator, and for communication through the available functionalities of the service.The data shall be stored for the period necessary to fulfill the legitimate interests pursued by the Administrator, but no longer than the statute of limitations period for claims the Administrator may have against the individuals whose data is processed, arising from the Administrator’s business activities or until objection is raised. The statute of limitations is determined by applicable law, particularly the Civil Code |
Publishing reviews and comments | Article 6(1)(f) of the GDPR (legitimate interest of the data Administrator) – processing is necessary for the purposes of the legitimate interests pursued by the Administrator – publishing user reviews and comments on Dailyboard.io The data shall be stored for the period necessary to fulfill the legitimate interests pursued by the Administrator, but no longer than the statute of limitations period for claims the Administrator may have against the individuals whose data is processed, arising from the Administrator’s business activities or until objection is raised. The statute of limitations is determined by applicable law, particularly the Civil Code. |
-
DATA RECIPIENTS
-
For the proper functioning of Dailyboard.io and to fulfill concluded agreements, it is necessary for the Administrator to utilize services provided by external entities (such as software providers). The Administrator exclusively engages services of external entities that process data and ensure adequate guarantees for implementing appropriate technical and organizational measures to meet the requirements of the GDPR and safeguard the rights of the individuals whose data is processed.
-
The Administrator does not transfer data to every recipient or category of recipients indicated in the privacy policy in every instance. Data is only transferred when necessary to achieve the specific purpose of personal data processing and solely to the extent required to accomplish that purpose
-
The Administrator may transfer personal data to a third country (outside the European Economic Area), ensuring that such transfers are made to a country providing an adequate level of protection in accordance with the GDPR. In such cases, the individual whose data is processed has the right to obtain a copy of their data. The Administrator transfers collected personal data only when necessary and to the extent required to achieve the specific purpose of data processing as outlined in this privacy policy. Personal data may be transferred outside the European Economic Area to, among others
-
Google LLC, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, is involved in providing email services and tools encompassed within Google Workspace (formerly G Suite and Google Apps for Work). It is used for statistical and administrative purposes, as well as for employing the Google reCAPTCHA mechanism to ensure security.
-
Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland, is utilized for the provision of personal data processing services aimed at facilitating the services provided by the Administrator within the scope of Dailyboard.io
-
Atlassian Pty Ltd c/o Atlassian, Inc. located at 1098 Harrison Street San Francisco, CA 94103, USA, provides the Atlassian Jira Software service, which the Administrator uses for planning, tracking the software development process, and implementing Dailyboard.io’s software
-
SmartBear Software Inc. at 450 Artisan Way Somerville, MA 02145, USA, provides an application used by the Administrator for monitoring, diagnosing, troubleshooting, and optimizing the software of Dailyboard.io,
-
MailerSend, Inc. at 228 Park Ave S, PMB 54955, New York, New York 10003-1502, USA, provides software enabling the Administrator to send messages, including transactional messages.
-
-
Personal data of the Website Users may be transferred to the following recipients or categories of recipients::
-
Entities handling electronic payments or credit/debit card transactions – in the case of a Customer using electronic payment methods or credit/debit cards on Dailyboard.io, the Administrator provides the collected personal data of the Customer to the selected entity handling such payments on Dailyboard.io at the Administrator’s request, to the extent necessary to process the payment made by the Customer.
-
Service providers supplying the Administrator with technical, IT, and organizational solutions (especially providers of computer software for running the website, systems for managing newsletters, email service providers and hosting, and providing technical support to the Administrator) – the Administrator provides collected personal data to the selected service provider acting on its behalf only in cases and to the extent necessary to achieve the specific purpose of data processing in accordance with this point of the privacy policy.
-
Providers of accounting, legal, and advisory services offering accounting, legal, or advisory support to the Administrator (especially accounting firms, law firms, or debt collection agencies) – the Administrator provides collected personal data to the selected provider acting on its behalf only in cases and to the extent necessary to achieve the specific purpose of data processing in accordance with this point of the privacy policy.
-
In addition, other Users of Dailyboard.io – Dailyboard.io also serves collaborative work planning and communication among Users. Therefore, contact details of Users may be visible to other Users of Dailyboard.io
-
Providers of survey systems for opinions - in the case of a User who has agreed to express an opinion about a concluded agreement, the Administrator provides the collected personal data of the User to the selected entity providing the survey system for opinions on the concluded agreements within Dailyboard.io at the Administrator’s request, to the extent necessary for the User to express their opinion using the survey system
-
Distributors of marketing services, especially Google LLC located in Mountain View, USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), Google Ireland Ltd. (Gordon House Barrow Street Dublin 4, D04E5W5 Ireland), and Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) – the Administrator gathers information provided by users and transfers it to the aforementioned entities for conducting remarketing activities. These activities include directing personalized advertisements to these users and targeting and creating groups of individuals similar to these users for the purpose of directing marketing communications to them. Detailed information and rules regarding data processing by these entities can be found respectively at:
-
-
-
PROFILING
-
The GDPR imposes an obligation on the Administrator to provide information about automated decision-making, including profiling as referred to in Article 22(1) and (4) of the GDPR. Furthermore, at least in these cases, significant details about the decision-making process, as well as the significance and envisaged consequences of such processing for the data subject, must be communicated. Bearing this in mind, the Administrator provides information regarding potential profiling in this section of the privacy policy
-
The Administrator may employ profiling within Dailyboard.io for the purposes of direct marketing. However, decisions based on this profiling by the Administrator do not involve the conclusion or refusal of a Sales Agreement or the ability to use Electronic Services in Dailyboard.io. The outcome of employing profiling withinDailyboard.io may include, for instance, granting an individual a discount, sending a discount code, reminding them of incomplete purchases, presenting a product proposal that aligns with the individual’s interests or preferences, or offering improved terms compared to the standard offerings of Dailyboard.io . Despite the profiling, the individual retains full discretion to decide whether to take advantage of the received discount or better terms and make a purchase in Dailyboard.io
-
Profiling within Dailyboard.io involves the automated analysis or prediction of an individual’s behavior on Dailyboard.io, such as adding a specific product to the cart, browsing a specific product page on the Dailyboard.io , or analyzing the individual’s past purchase history on Dailyboard.io. A prerequisite for such profiling is the Administrator’s possession of the individual’s personal data, enabling them to subsequently send, for example, a discount code.
-
The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
-
-
RIGHTS OF THE DATA SUBJECT
-
The right of access, rectification, restriction, erasure, or portability - the data subject has the right to request from the Administrator access to their personal data, rectification, deletion (‘right to be forgotten’), or restriction of processing, and has the right to object to processing, as well as the right to data portability. The detailed conditions for exercising the aforementioned rights are specified in Articles 15-21 of the GDPR
-
The right to withdraw consent at any time – the data subject, whose data is processed by the Administratorbased on their consent (pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR), has the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
-
The right to lodge a complaint with a supervisory authority – the data subject, whose data is processed by the Administrator, has the right to lodge a complaint with the supervisory authority in the manner and under the procedure specified in the provisions of the GDPR and Polish law, particularly the Personal Data Protection Act. The supervisory authority in Poland is the President of the Office for Personal Data Protection.
-
The right to object - the data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of their personal data based on Article 6(1)(e) (public interest or official authority) or (f) (legitimate interests pursued by the Administrator), including profiling based on those provisions. In such cases, the Administrator shall no longer process the personal data unless they demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
-
The right to object to direct marketing - if personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing, including profiling to the extent that it is related to such direct marketing.
-
To exercise the rights outlined in this privacy policy, individuals may contact the Administrator by sending a relevant message in writing or via email to the Administrator’s address specified at the beginning of the privacy policy, or by using the contact form available on Dailyboard.io.
-
COOKIE POLICY
-
COOKIES IN THE INTERNET SERVICE, USAGE DATA, AND ANALYTICS
-
Cookie files (cookies) are small text files that may be used by websites to enable users to browse the sites more efficiently. The law stipulates that we may store cookies on the user’s device if they are strictly necessary for the functioning of this site.
-
The Administratoruses cookies to personalize content and ads, to provide social media features, and to analyze traffic on its website. We share information about how you use our site with social media, advertising, and analytics partners. Our partners may combine this information with other data received from you or obtained while using their services.
-
The Cookies that may be sent by Dailyboard.io can be categorized into different types based on the following criteria:
-
| Due to their provider: * First-party (created by the Dailyboard.io)
-
Third-party (belonging to individuals/entities other than the Administrator) | Based on their storage period on the visitor’s device:* Session cookies (stored until logging out of Dailyboard.io or closing the internet browser)
-
Persistent cookies (stored for a specified time, defined by the parameters of each file or until manually deleted) | Due to their purpose:* Necessary cookies: Required for the proper functioning of the website. These are computer data saved and stored by the browser. Necessary cookies contribute to the website’s usability by enabling basic functions such as site navigation, customer support tool usage, and access to…
-
Preference/Functional cookies: Related to preferences, allowing the site to remember information that alters the appearance or functioning of the site, e.g., preferred language or user region.
-
Statistical/Analytical cookies: Assist website owners in understanding how different users behave on the site by collecting and reporting anonymous information.
-
Marketing/Advertising and Social cookies: Gather information about the visitor to Dailyboard.io to display personalized ads and conduct other marketing activities, including on separate websites from Dailyboard.io, such as social media platforms. They are used to track users across websites, aiming to display ads that are relevant and engaging to individual users, thereby more valuable to third-party website publishers and advertisers.
-
Unclassified cookies: Cookies in the process of classification, along with the providers of each cookie |
- The Administrator may process data contained in cookies when visitors use Dailyboard.io for the following specific purposes:
Objectives of using Cookies in Dailyboard.io | Identification of Users as logged in to Dailyboard.io and displaying their logged-in status (essential Cookies) |
Storing data from filled forms, surveys, or login information for the Dailyboard.io (essential and/or preference Cookies) | |
Customizing the content of Dailyboard.io page to individual User preferences (e.g., colors, font size, page layout) and optimizing the use of Dailyboard.io (preference Cookies)” | |
Conducting anonymous statistics illustrating the way of using Dailyboard.io (statistical Cookies) | |
Remarketing involves analyzing the behavioral characteristics of visitors to Dailyboard.io through anonymous analysis of their actions (e.g., repeated visits to specific pages, keywords, etc.). This aims to create their profile and deliver tailored advertisements matching their anticipated interests, even when they visit other websites in the advertising network of Google Ireland Ltd. and Facebook Ireland Ltd. (marketing Cookies) |
- Verification in the most popular web browsers of the cookies being sent Dailyboard.io at a given moment (including the duration of cookie operation and their provider) can be conducted as follows:
In the Chrome browser:(1) Click on the padlock icon located on the left side of the address bar,(2) Navigate to the “Cookies” tab. | In the Firefox browser:(1) Click on the shield icon located on the left side of the address bar,(2) Go to the “Permissions” tab and select either “Allowed” or “Blocked”,(3) Click on the field for “Cross-site tracking cookies,” “Social media trackers,” or “Content with trackers.” | In the Microsoft Edge browser:(1) Click on the “Tools” menu,(2) Go to the “Internet Options” tab,(3) Navigate to the “General” section,(4) Proceed to the “Settings” tab,(5) Click on the field for “Display files.” |
In the Opera browser:**(**1) Click on the padlock icon located on the left side of the address bar,(2) Navigate to the “Cookies” tab. | In the Safari browser:(1) Click on the “Preferences” menu,(2) Go to the “Privacy” tab,(3) Click on the field for “Manage Website Data.” | Regardless of the browser, tools available such as those found on websites like https://www.cookiemetrix.com/ or https://www.cookie-checker.com/ can be used to check the cookies being sent and received. |
-
Standardly, most available web browsers on the market accept the storage of cookies by default. Each individual has the capability to determine the terms of cookie usage through their internet browser settings. This implies the ability to partially limit (e.g., temporarily) or entirely disable the storage of cookies. However, in the latter case, it may impact certain functionalities of Dailyboard.io. For instance, it might render some functions, such as progressing through the Order path via the Order Form, unfeasible due to failure in retaining products in the cart during subsequent steps of placing an Order.
-
Upholding the settings within an internet browser concerning cookies holds significance regarding consent for the use of cookies on Dailyboard.io —according to regulations, such consent can also be expressed through internet browser settings. Detailed information on changing settings related to cookies and independently removing them in the most popular internet browsers is available in the browser’s help section and on the following pages (simply click on the respective link):
-
The Administrator may use the Google Analytics, Google Tag Manager, Google Signals and Google Ads services provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on the Dailyboard.io . These services help the Administrator keep statistics and analyze traffic on the Website. The collected data is processed as part of the above services to generate statistics helpful in administering the Website and analyzing traffic on the Website. This data is aggregated. Using the above services on the Website, the Administrator collects data such as the sources and medium of obtaining visitors to the Website and how they behave on the Website, information about the devices and browsers from which they visit the website, IP and domain, geographical data and demographic data (age , gender) and interests. Google Ads and Google Tag Manager services allow the Administrator to conduct marketing and remarketing activities, consisting in conducting marketing campaigns and adjusting the content presented to users, including personalizing advertisements.
-
Using Google Analytics 4 (a tool for analyzing Website statistics) in combination with other Google products such as Google Signals, Google Ads, Google Tag Manager may result in:
-
combining the identifier stored in a cookie (Cookie ID) with the identifier of the user who created an account on the Website (user ID) in order to create profiled lists of recipients or in-depth analysis of users;
-
collecting website and app data to better understand the customer journey;
-
measurement without the use of cookies, and modeling of behavior and conversions;
-
analysis of data on websites in order to optimize marketing activities and areas on the website.
-
using predictive functions that suggest recommended actions without the use of complex models;
-
-
It is possible for a given person to easily block information about their activity on the Website from being made available to Google Analytics - for this purpose, you can, for example, install a browser add-on provided by Google Ireland Ltd. available here: https://tools.google.com/dlpage/gaoptout?hl=pl.
-
Using pixels embedded on the website, the Administrator collects and then uses data in the form of recipient lists. The Administrator reaches out to users who have previously interacted with its website or products by showing them geotargeted ads on other websites or advertising platforms to maintain interest and encourage repeat conversions.
-
You can manage the operation of the Facebook Pixel through the ad settings in your account on Facebook.com: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
- FINAL PROVISIONS
The Website may contain links to other websites. The administrator encourages you to read the privacy policy established there after going to other websites. This privacy policy applies only to the Administrator’s Website.