Privacy policy
For the InnerWeb® mobile demo app.
Dear app user:
To access the InnerWeb® demo application, simply provide your business email address, which will be stored for 13 months by InnerWeb Sp. z o.o., Bielsko-Biala, for return contact. We are counting on your opinion about our application, so we make it available completely free of charge. We will inform you if there is an update or interesting information about our project. You can contact the data controller at support@innerweb.pl. Remember that providing personal data and consenting to its processing is voluntary. Any data you provide to us is secure and processed only to the extent described above and for the purpose for which you have given your consent. At any time you have the right to update or completely delete your email address. Welcome to the world of the new work culture.
Warm greetings
InnerWeb Team
Applies to innerweb.pl
Dear portal user:
To meet the expectations of data protection, we have prepared the following collection of the most important information on the subject, along with an explanation of why and how it is done. Our goal is to minimize such needs, as you can see in our InnerWeb® demo application.
Thank you for your trust
InnerWeb Team
Detailed information
The administrator of the InnerWeb portal is InnerWeb Sp. z o.o., based in Bielsko-Biała 43-300 at 14 Grażyńskiego St. InnerWeb is registered in the Register of Entrepreneurs of the National Court Register under the KRS number 0000826731, with a share capital of PLN 1,431,000. InnerWeb was established on January 10, 2020 as a result of the pre-incubation of the “InnerWeb” project with the participation of the Regional Development Agency S.A. Bielsko-Biala, initiated by World Industry Programming “WIP” Sp. z o.o., based in Bielsko-Biala. Other company data of InnerWeb: NIP: EN 547-22-16-891 (VAT EU), REGON: 385428886
The Beskid Technology Accelerator of ARR S.A. is a continuation of the project “TechnoBIT Venture – knowledge and capital for innovation” co-financed by the European Regional Development Fund.
under Measure 3.1 of the Innovative Economy Operational Programme by the European Union from the European Regional Development Fund.
As a controller of personal data, InnerWeb takes the utmost care to protect the personal data and privacy rights of its users. All information protection measures used by InnerWeb meet the highest standards of protection set forth in the Personal Data Protection Act of August 29, 1997 (hereinafter referred to as the Personal Data Protection Act) and implementing acts issued on its basis.
InnerWeb ensures the exercise of all rights under the a.o.d.o. and RODO, in particular the right of access to the content of the personal data provided to the Portal and the right to correct them. These rights may be exercised, among others, by contacting InnerWeb, including via email address: support@innerweb.pl
InnerWeb collects data on the visitor’s IP address and browser signature as an aid in spam detection.
InnerWeb uses cookie technology, which is small text information sent by a web server and stored on the user’s side. The default parameters of cookies allow only the server that created them to read the information they contain. Cookies are used to collect information related to the user’s use of the Website. Cookies allow m.in.
- maintaining the Portal user’s session after logging in, thanks to which the user does not have to re-enter his/her login and password on each sub-page of the Portal;
- adapting the content of the Portal’s websites to the user’s preferences and optimizing the use of the websites; in particular, these files allow the Portal to recognize the Portal user’s device and appropriately display the website, tailored to his individual needs and the device he uses.
- to collect anonymous, aggregate statistical data that helps us better understand how users use the Portal. This allows us to improve the Portal, its structure and content according to users’ expectations.
The InnerWeb portal uses two types of cookies: “session” and “permanent”. “Session” cookies are temporary files that are stored on the user’s terminal device until the user logs out, leaves the website or shuts down the software (web browser). “Permanent” cookies are stored on the user’s end device for the time specified in the parameters of the cookies or until they are deleted by the user. The website uses third-party cookies, including Google Analytics and Facebook Pixel.
Administrator informs that uses the newsletter system GetResponse, whose supplier is GetResponse Sp.o.o. based in Gdańsk, Arkona 6, 80-387 Gdańsk, with which the Administrator entrusted data entrustment. This entity guarantees the confidentiality of the data stored in its database and on its servers. This entity guarantees compliance with the obligations imposed by RODO.
The Administrator hereby informs the User that it entrusts the processing of personal data to the following entities: – GetResponse Sp. z o.o. with its registered office in Gdańsk, 6 Arkońska Street, A3, 80-387 Gdańsk – for the purpose of sending newsletters and using the GetResponse mailing system.
Due to the fact that the Administrator uses external providers of various services, e.g. Facebook, Google, GetResponse, Microsoft, etc., Users’ data may be transferred to the United States of America (USA) in connection with their storage on servers in the USA (in whole or in part). Google and Facebook use the compliance mechanisms provided by the RODO (e.g. certificates) or standard contractual clauses for their services. They will only be transferred to recipients that guarantee the highest data protection and security, including by:
Cooperation with processors of personal data in countries for which a relevant decision of the European Commission has been issued,
Use of standard contractual clauses issued by the European Commission (as is the case with Google, for example),
application of binding corporate rules approved by the relevant supervisory authority or entities whose personal data you have agreed to share.
Detailed information is available in the content of the privacy policies of individual providers of these services, available on their websites. For example:
Google: https://policies.google.com/privacy?hl=pl
Facebook: https://www.facebook.com/privacy/explanation
GetResponse: https://www.getresponse.pl/informacje-prawne/polityka-prywatnosci
LinkedIn: https://pl.linkedin.com/legal/privacy-policy?
Currently, the services offered by Google and Facebook are mainly provided by entities located in the European Union. However, you should always consult the privacy policies of these providers for up-to-date information on data protection.
The user has the right to:
- Data transfer. A user can write to support@innerweb.pl, requesting all the data that InnerWeb has about him. InnerWeb will prepare a file in JSON format containing all the information about the user.
- Data modification.
- data deletion. Upon your request, InnerWeb will delete your data from the Portal within 7 days. All data, including all security copies, will be deleted within 28 days.
- Submit a complaint to the data protection authority.
Copyrights – The property copyrights of the content published on the Portal belong to InnerWeb. The InnerWeb Portal also contains Publications on InnerWeb for which it has obtained permission from the Author. Copyrights are subject to the protection provided for in the Act of February 4, 1994 on Copyright and Related Rights (Journal of Laws of 2018, item 1191, as amended). Use of content published on the Portal does not imply acquisition of any copyright by the User. The User may use this content only to the extent permitted by the Law on Copyright and Related Rights. No part, as well as the whole of the content used by the User may be reproduced and distributed, in any form or by any other means (electronic or mechanical), including copying and posting on the Internet. Use or exploitation of the content, in whole or in part, without the written consent of the Service Provider is prohibited.
Terms of use of the InnerWeb® mobile application.
Application – a mobile application designed for mobile devices supported by the Android, iOS operating system.
User – an individual, legal entity or organizational unit without legal personality that uses the Application.
Login – the action of entering Identification Data to identify the User.
Identification Data – login (company email address) and 4-digit password received from InnerWeb.
These Regulations set out the rules for the use of the Application. The Regulations are regulations within the meaning of Article 8 of the Act of July 18, 2002 on the provision of electronic services (Journal of Laws of 2019, item 123). The Application and all editorial materials contained therein are the exclusive property of InnerWeb. The application can be downloaded and installed free of charge via the online store:
- Google Play (for Android) – the minimum technical requirements of the device are Android version 6.0 Marshmallow
- App Store (for iOS) – minimum technical requirements are iOS version 10.3 (iPhone only)
Free services are provided through the InnerWeb® Demo Application to demonstrate the functionality and operation of the full version of the InnerWeb® system. These Terms and Conditions apply only to the InnerWeb® Demo Application. The full version of the system is covered by separate terms and conditions and the relevant user manual provided to all users of the system during the installation process at the industrial plant or other location where the system is deployed. The cost of data transmission required for downloading, installing and using the Application shall be covered by the Application User on his/her own under an agreement concluded with the operator of the Internet access service. InnerWeb shall not be responsible for the amount of fees charged for the use of data transmission required to use the Application.
Installation of the Application requires downloading the Application from the online store. Internet access is required for startup and proper operation. Use of the Application implies acceptance of the content of these Terms and Conditions by the User. If the User does not agree to accept the Terms and Conditions, the Application must be uninstalled.
Rules of Use – The User is obliged to use the Application in a manner consistent with applicable law, these Regulations and the regulations of the stores where the Application has been made available, in a manner consistent with the rules of social intercourse, including the general rules of use of the Internet and mobile applications, in a manner that is not burdensome to other Users and the operator of the Internet access service, with respect for the personal property of third parties (including the right to privacy) and any other rights vested in them. The User is obliged to use all information and materials made available through the Application only within the scope of permitted use. The User shall immediately notify InnerWeb of any violation of rights in connection with the use of the Application. The User may stop using the Application at any time. Discontinuation of use requires uninstalling the Application from the mobile device. In the event that the User is found to be committing actions that are prohibited by law or the Regulations, or that violate the rules of social coexistence or harm the legitimate interests of InnerWeb, InnerWeb may take action, including restricting the User’s ability to use the Application and the services provided through it. The User uses the Application voluntarily, at his/her own risk.
Data Protection – The Application processes personal data in the form of the business email address provided during the login process to enable secure, authorized access to the Application in accordance with the License. Access to the Application from private mailboxes is blocked. InnerWeb informs that in order to provide the access service it is necessary to process exploitation data, including:
| Purpose of data collection | Description of the objective | Example |
|---|---|---|
| Application features | This data is used by the functions available in the application. | For example, to enable application features or authenticate users. |
| Analytics | This data is used to gather information about how users use the application or its performance. | For example, to find out how many users are using a specific feature, to monitor the status of an application to identify and fix bugs or crashes, or to improve application performance. |
| Fraud prevention, security and compliance | Data is used for fraud prevention, security or compliance purposes. | This includes, for example, monitoring failed login attempts to identify potentially illegal activities. |
| Account management | Data is used to set up and manage user accounts with the help of a programmer. | For example, to allow users to create accounts or add information to accounts provided by developers used in services and to log in to applications or verify login information. |
| Category | Data type | Type description | Goals |
|---|---|---|---|
| Location | Approximate location | The physical location of the user or device within a minimum area of 3 square kilometers, such as the city where the user is located or the location specified in the authorization. ACCESS_COARSE_LOCATION on Android. | Application features |
| Exact location | Physical location of a user or device in an area of up to 3 square kilometers, e.g., location provided under an entitlement ACCESS_FINE_LOCATION on Android. | Application features | |
| Personal information | Name | The way a user calls themselves, such as a first name or nickname. | Application features |
| Address e-mail | User email address. | Application features, Fraud prevention, security and compliance, Account management | |
| Identifiers users | Identifiers associated with a specific person. For example, it can be an ID, number or account name. | Application features, Fraud prevention, security and compliance, Account management | |
| Phone number | User phone number. | Application features | |
| Other information | Any other personal information | Application features | |
| Photos and videos | Photos | User photos. | Application features |
| Files and documents | Files and documents | User files and documents or information about user files and documents, such as file names. | Application features |
| Activity in app | Interactions with the application | Information about how the user uses the application. This could be, for example, items clicked or the number of visits to the site. | Application features, Analytics |
| Other content users | Other user content that is not listed here or in other sections. These may include, for example, biographies or notes from users or their answers to open-ended questions. | Application features, Analytics | |
| Other activities | Other user actions or activities in the app that are not listed, such as gameplay, likes or window options. | Application features, Analytics | |
| Information on applications and how they work | Failure logs | Application failure log data. This can be, for example, the number of application crashes, crash stack dumps or other information directly related to the crash. | Analytics |
| Diagnostics | Application performance information. This could include, for example, battery life, load time, wait time, frame rate or technical diagnostics. | Analytics | |
| Other performance data applications | Any other application performance data not listed here. | Analytics | |
| Identifiers devices and others | Identifiers devices and others | Identifiers associated with a specific device, browser or application (e.g. IMEI number, MAC address, Widevine device ID, Firebase installation ID). | Application features, Analytics, Fraud prevention, security and compliance, Account management |
Final Provisions – In matters not covered by these Regulations, the relevant provisions of Polish law shall apply, in particular the Civil Code and the Act on Provision of Electronic Services. These Regulations are available at: https://innerweb.pl/polityka-prywatnosci/ and is effective as of 25.05.2020.
Data security
InnerWeb’s infrastructure guarantees optimal data security, in particular by implementing information system security policies and meeting the requirements of various standards and certifications (PCI-DSS certification, ISO/IEC 27001 certification, SOC 1 TYPE II and SOC 2 TYPE II approvals, etc.). It also has the ability to host medical data (HDS). The server infrastructure is secured and continuously monitored for threats. Only essential services (API for mobile applications, web panel) are accessible from the outside using SSL encryption. Database integrity is constantly monitored, and sensitive data is cryptographically protected using the latest and most secure encryption methods. Access to servers is limited to selected employees and is constantly monitored.
Mobile applications use the highest security standards offered by the target versions of the operating systems that InnerWeb supports. For security reasons and the need to use advanced techniques and technologies, InnerWeb in both Android and iOS versions is a native application. All of the solutions crucial to the implementation of the Application’s functionality have been developed by InnerWeb’s development team, and the use of third-party libraries has been kept to a minimum, and none of them are critical components of the system. All sensitive data in the Application is encrypted based on native mechanisms for secure storage of cryptographic keys (for Android – Key Store and iOS – Secure Enclave). The Apps have passed the Material Design Guidelines and App Quality Guidelines approved by Google and Apple’s Human Interface Guidelines.