By using our services, you entrust us with your personal data. We would like to assure you that we feel responsible for it and we respect your privacy, therefore we make every effort to ensure its safety. By reading the text below, you will learn about our principles of processing personal data.
Who are we?
The administrator of personal data is Mr Receipt Sp. z o. o. with its seat in Poznań (61-615) at Perkuna 25 street, entered into the Register of Entrepreneurs kept by the District Court for Poznań – Nowe Miasto and Wilda in Poznań under KRS number: 0000822722, Tax ID (NIP): 9721305935.
If you have any doubts about the way we process your personal data, you can always contact us. The preferred form of contact is electronic correspondence to the e-mail address email@example.com. However, you can also contact the company by post, with the note “Personal data”.
What data do we process?
In connection with the provision of our services, we may process the following categories of data:
- identification data (e.g. name and surname, ID on social networks, Tax ID – NIP number),
- contact details (e.g. e-mail address, telephone number, home address),
- socio-demographic data (e.g. age, gender),
- behavioural data (e.g. information from the proof of purchase entered into the Application, about the loyalty cards held and the manner of their use, use of the proposed offers and commercial information),
- location data (e.g. device location, places of use of a loyalty card),
- technical data (e.g. data regarding the device on which you use the Application, Advertisement ID).
Where do we get it from?
We obtain most of the data directly from you – you entrust us with this data by providing it in forms or by entering proofs of purchase or loyalty cards into the Application. Some data is of an operational nature and is saved in our system when you use the Application. We may obtain some data from the websites you use to integrate your account in the Application with your account on other websites.
For what purposes and on what legal basis do we process personal data?
Your data will be processed for the following purposes:
- providing services by electronic means on the terms described in the Terms and Conditions of the MrReceipt application. The provision of our services is related to the processing of personal data and without performing these activities, we would not be able to provide you with our services;
- conducting marketing activities related to our activities by means of electronic communication, e.g. Text messages or e-mail; we will perform such activities only on the basis of your voluntary consent;
- sharing data with our Trusted Partners to personalize ads on your devices. The data will only be shared if you give your consent;
- pursuing our legitimate interests. Our legitimate interest should be understood as: providing payment services, conducting User satisfaction surveys, possible determination, investigation and enforcement of claims or defence against claims, prevention of abuse and fraud, detection of cases of unauthorized use of services, ensuring IT security of the MrReceipt platform, Administrator’s financial analyses, conducting marketing activities, answering inquiries and messages from Users, keeping statistics and conducting analytical research and tests in order to better select services to the User’s needs or optimize processes, profiling the purpose of which is to best match the sent information to the needs and interests of the User, data storage for archiving purposes and ensuring accountability.
How long do we process your personal data?
Your data will be processed until there is a basis for its processing, i.e.
- in the case of data processing on the basis of consent, until its withdrawal;
- in the case of necessity to process data for the performance of the agreement, for the duration of its performance and until the expiry of the limitation of claims related to the subject of the agreement, taking into account the limitation periods for claims specified in generally applicable law;
- in the case when the basis for data processing is the legitimate interest of the administrator, until you object or the interest ceases to exist.
Do we share personal information with anyone?
Your data may be transferred to entities processing data on our behalf, e.g. IT service providers, marketing agencies, legal services, accounting services, customer service, etc., where such entities will process data only on the basis of relevant agreements and only in accordance with our instructions. We require our partners to maintain confidentiality and ensure appropriate security measures.
Your data may also be made available to entities authorized to obtain it on the basis of applicable law, e.g. law enforcement authorities. In addition, other entities may also become other administrators of your data to some extent, e.g. entities conducting payment activities (banks, payment institutions), institutions dealing with debt collection, as well as, if you wish to use certain services, other cooperating entities with us, entrepreneurs such as Primesoft Polska Sp. z o. o. or Towarzystwo Ubezpieczeń i Reasekuracji “WARTA” S.A..
Transmission of data outside the EEA
In principle, we do not transfer personal data to entities whose registered offices are outside the European Economic Area. The only exception is our cooperation with service providers operating under the Google and Facebook brands. In connection with this cooperation. we can provide data characterizing the way of using services provided electronically (so-called operational data) for marketing purposes. Google and Facebook participate in the “EU-US Privacy Shield” program, which guarantees that these companies apply safeguards that are compliant with the provisions in force in the EEA.
Do we process data automatically?
We process some data in an automated manner, e.g. in the form of profiling, however, this action will not have any legal effects on you, it will also not significantly affect your situation. The profiling we perform is only used to analyse your preferences and interests, which will allow for better adjustment of the content that will be presented to you in the first place in the Application.
What rights do you have?
In accordance with applicable regulations, you are entitled to:
- the right of access to your personal data, including the right to obtain a copy of such data;
- the right to correct the data;
- the right to remove the data (the right to be forgotten);
- restrict the processing of personal data;
- the right to object to the processing of data on the basis of our legitimate interest;
- the right to transfer personal data;
- the right to withdraw the consent.
In order to exercise the above rights, please contact us by sending an e-mail to the address firstname.lastname@example.org. If you send us a request to exercise any of these rights from an e-mail address other than the one to which the account was registered, we may request additional information to verify the identity of the person making the request.
If you believe that the manner in which we process your personal data violates applicable regulations, you have the right to lodge a complaint with the President of the Personal Data Protection Office.