I. INTRODUCTION

II. DATA CONTROLLER (ADMINISTRATOR) AND DATA PROTECTION INSPECTOR

The owner of the Website and the Administrator of your personal data is LEXRING sp. z o. o. with its registered office in Warsaw, at. Twarda 18 Street, 19th floor (hereinafter: "LexRing" or "we"). You may contact us in the following ways:

• by post to the address: Lexring sp. z o. o., Twarda 18 Street, 19th floor, 00-105 Warsaw
• by e-mail: privacy@lexring.com

You may direct any questions concerning the processing of your personal data by our Lexring to the following e-mail address: privacy@lexring.com

III. VOLUNTARITY OF DATA SUBMISSION BY YOU

You give your consent to the processing of your personal data voluntarily by accessing our website, by accepting the Cookies policy or by leaving a message in the "Contact form" section together with your personal data. The processing of your personal data is necessary to answer your questions and to provide proper services.

IV. WHOSE PERSONAL DATA ARE PROCESSED ON THE WEBSITE

In managing the Website, we process the following personal data:

• users of the Website - data processing takes place to the extent limited to the use of cookies and other technologies, including Hotjar (see point VII). In addition, this Website collects standard login-related information, such as IP address, browser type, language, access hours, and the address of the page from which the user was redirected.
• persons who leave the information by "contact form" - data processing takes place to the extent necessary to establish and maintain contact.
• customer data (authorized users of the Website) - personal data that we collect, process and manage on behalf of our business customers, transferred to our platforms, products, applications, programming interface.

We do not share any data with third parties that are not related to the purpose for which we have obtained permission. In addition, we only share data with third parties if this is necessary for the provision of services or our legitimate interests (see point VI below). We also do not store confidential or sensitive data.

V. PURPOSES OF COLLECTING AND PROCESSING DATA

We process your personal data in connection with your use of the Website, to a minimum and strictly limited extent, in order to achieve the purposes for which the processing has taken place.

In the course of using our services or in connection with the purchase of our products, your data will be processed in particular for the following purposes:

• to provide electronic services consisting of making the Website and its content available to you – on the basis of Article 6(1)(b) of the GDPR;
• to provide the services you have ordered - on the basis of Article 6(1) (a), (b) of the GDPR;
• to handle the sale of purchased products - on the basis of Article 6(1), (b) of the GDPR;
• to communicate, as far as provided services and concerning the purchased products are concerned - on the basis of Article 6(1), (b) of the GDPR;
• research and development of our products and services - in particular for technical and security development - on the basis of Article 6(1), (f) of the GDPR;
• to analyse for LexRing's internal needs - on the basis of Article 6(1), (f) of the GDPR.

VI. DATA RECIPIENTS

Your personal data in the provision of services and products will not be transferred to other third parties, unless this proves necessary for the provision of services or to ensure our legitimate interests or those of third parties.

The operation of the Website is supported by external professionals. Hence, in connection with your use of the Website, we may disclose your personal data to third party providers of IT or programming support, hosting, marketing or data protection services. In addition, we may be required to provide your personal information to entities authorised by law.

We reserve the right to disclose selected personal data relating to you on the basis of a lawful request for such information. In this case, the data will be passed on to the relevant authorities or third parties acting on a proper legal basis.

VII. COOKIES AND OTHER TECHNOLOGIES

For management purposes and to improve navigation, the Website may use cookies (small text files stored in your browser) and Hotjar (analytical tool which collects data on how visitors interact with different elements of the Website and provides an in-depth understanding of user's behaviour on a Website by tracking these interactions).

Owners of other websites will not have access to this data unless you give such consent in a separate clause, which we will make available to you for legitimate purposes.

We sometimes process user's personal data to use the information obtained to assess user's preferences in order to facilitate their planned and/or ongoing purchases (personal preferences, interests, behaviors, location or movement, etc.). With the help of cookie technology, which is used on this Website, it is possible to profile and learn about user preferences.

VIII. PERIOD OF PROCESSING OF PERSONAL DATA

We will process your personal data for the period necessary to achieve the specific purposes for which it was collected. This means that the length of time we retain your data will be determined by a variety of factors, including the nature of the data, the reasons for which it is being processed, set and achived purposes.

IX. YOUR RIGHTS IN RELATION TO OUR PROCESSING OF YOUR PERSONAL DATA

Upon your request, we will provide you with information about the personal data we collect without any charges (right of access to data) and you can receive a copy of it.

In addition to the right of access, you have the right to request deletion of your personal data, restriction of processing, as well as data portability (when provided by law) and to request rectification of your data if you find it inaccurate.

The right to object to the processing of your personal data insofar as this does not oppose our legitimate interests and the law.

You also have the right to lodge a complaint regarding the processing to the supervisory authorities - the President of the Office for Personal Data Protection (to the address of the Office for Personal Data Protection, i.e. 2 Stawki Street, 00 – 193 Warsaw).

If, from the point of view of the law or other circumstances requiring prolonged processing, deletion of your data proves impossible, we will ensure that your data is not used on an ongoing basis.

In addition, if processing is based on consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.

X. POLICY UPDATES

The Administrator may amend this Policy in the future, e.g. due to:

• introduction of changes to applicable laws, in particular in the area of personal data protection, telecommunications law, services that are provided electronically or regulating consumer rights, affecting the rights and obligations of the Administrator or the rights and obligations of the data subject;
• the continuous development of electronic services caused by advances in network technology, including the use and development of new solutions such as functionality.

In order to introduce changes to the Policy, each time the Administrator will post information about changes to the Policy on the Website, along with a reference to the next issue number and the effective date.

A change to the above-mentioned policy involves a change to the update date located at the top of the page - the Privacy Policy so amended will apply to users and the data they provide starting from the date of the update. We encourage users to regularly check the contents of the Privacy policy for information on how their data is protected.