Privacy Policy

Document dated 26 September, 2018
Privacy Policy
§1. General information
  1. Privacy Policy lays down rules of personal data processing and protection with regard to the use of Controller's contact forms by the User.
  2. Within the meaning of this Privacy Policy, User is a natural person submitting an inquiry and / or an order concerning services provided by Controller.
  3. Within the meaning of regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC („GDPR”) L 119/40 PL Official Journal of the European Union 4.5.2016., Personal Data Controller is Sunrise System sp. z o.o. sp. k., NIP: 7831707183, REGON: 302598908, KRS 0000489705, with headquarters in 61-894 Poznań, Plac Andersa 3, tel: 61 655 95 55, e-mail:
  4. Controller designates Data Protection Officer who can be contacted:
    1. by email:
    2. by post: Plac Andersa 3, 61-894 Poznań
  5. Scope, purpose and period of data processing is specified in the following parts of this Privacy Policy.
§2. Purpose of data processing by the Controller
  1. User entrusts the Controller with processing of personal data in order to:
    1. use the Controller’s websites,
    2. finalize a contract according to Terms of Service available at pursuant to Art. 6 (1) (b) RODO,
    3. process the inquiry and / or order made via contact form, including sending to the User a personalized commercial message.
  2. Submitting by the User a phone number constitutes a consent for contact by phone for purposes defined in point 1 above.
  3. Submitting by the User an email address constitutes a consent for contact by email for purposes defined in point 1 above.
  4. Giving consent by submitting contact data is voluntary, although in some cases might make the processing of inquiry / order, submitted via contact form, impossible.
  5. User's personal data might be shared with the following recipients: processor from within the Controller's capital group and Controller's partners, with whom the Controller cooperates, combining products or services. In a situation when the cooperation is established, the data might also be available to subcontractors (processors), such as: bookkeeping companies.
  6. Controller reserves the right to submit an inquiry to the User – during processing of inquiry / order – via phone and / or email concerning further consent for processing of personal data with the purpose of direct marketing and use of telecommunications devices. Without User’s consent the data will not be processed for this purpose.
§3. Scope of data processing by the Controller
  1. Users' personal data, gathered on the basis of this Privacy Policy, include part or all of the following data:
    1. User's data:
      • name and surname,
      • contact phone number,
      • contact email address,
    2. IP addresses,
    3. www address of the domain, which the User wants to promote via the Controller's services.
  2. Scope of processing of data described above also includes making backup copies.
  3. An automated system, which allows to monitor user’s behavior and adjusting content to user's preferences, works on the website. This system is integrated with our website and every user might object to it at any time.
  4. Controller uses cookie files in order to ensure correct operation of the website, especially to adjust the content of pages to user preferences and to optimize the use of pages. These files especially allow to recognize basic parameters of user's device (such as: device type, resolution, country of visit) and, as a result, appropriately display the website adjusted to user's needs.
  5. For analytical purposes the Controller uses Google Analytics tool, which through cookie files gathers information about users’ behavior on our website. Users can remove their data connected with cookie files – details in the Cookie Policy.
    Data about users and events on our website are stored on Google Analytics servers for 50 months.
  6. User can independently and at any time change cookie files’ settings, defining conditions of their storage and conditions of gaining access by cookie files to user's device. User can change these settings in web browser settings. These settings can be changed especially to block automatic cookie files support in web browser's settings or inform each time cookies are put on user's device. Detailed information on possibilities and methods of cookie files support are available in software’s (web browser’s) settings.
  7. User can remove cookie files by using functions available within the web browser used.
  8. Limiting cookie files support might influence some of the functions available on the website.
  9. More about cookie files: Cookie policy
  10. Remarketing
    In order to display to the users personalized ads the Controller uses:
    1. the remarketing function of Google Ads, including Google Sponsored Promotions and other Google formats, which allow to display ads of our company within Google display network on the basis of user behavior on the website – visits on specific pages. Google uses cookie files to display ads on the basis of user visits on our website. In order to cancel the consent to display personalized Google ads please follow detailed instructions described in the Cookie Policy.
    2. the retargeting function of Facebook Ads, which, on the basis of cookie files gathered by Facebook, displays on the website ads to the users, who visited our website or are similar to such a group of people. To create similar groups of recipients Facebook analyzes information shared by the websites users, data from Facebook account and activity on websites and apps outside of Facebook. In order to cancel the consent to display personalized Facebook ads please follow detailed instructions described in the Cookie Policy.
    3. In all of the above ad systems we also adjust ads on the basis of demographic and location criteria.
§4. Rights of the User, whose data are processed
  1. User has right to:
    1. access personal data,
    2. correct personal data,
    3. remove personal data,
    4. limit processing of personal data,
    5. transfer personal data,
    6. object to processing of personal data.
  2. To exercise these rights, the User should send an email to:
  3. Controller processes User's request immediately, with the reservation that removal, limitation, transfer or objection to data processing might influence the possibility or scope of correct processing of the inquiry / order placed, including sending personalized marketing message.
§5. Period of personal data processing by the Controller
Controller stores Users’ personal data for a period no longer than it is necessary to process inquiry / order placed, including preparation of personalized commercial offer and allowing the Controller to fulfill their obligations. After this time the data are stored only for the purpose of securing legal claims. Please remember, that Users can request to remove data at any time.

    §6. Controller's obligations
    Personal Data Controller undertakes measures to secure processing of personal data with regard to the Regulation, especially to:
    1. protect data from being shared with unauthorized persons, from being appropriated by an unauthorized person, changed, damaged or destroyed,
    2. allow to process personal data only by persons with authorization submitted by the Controller,
    3. ensure control over correct personal data processing,
    4. maintain a record of persons authorized to process personal data, take special care that persons authorized to process personal data keep it secret, also after processing by the Controller ended, including but not limited to informing them about legal consequences of breaching data confidentiality and collecting statements on the obligation of keeping this data confidential,
    5. maintain, required by the letter of the law, documentation describing the methods of processing of the entrusted personal data and technical and organizational resources ensuring protection of processing of that data, including especially: Register of Data Processing Processes, Personal Data Privacy Policy and Management Instruction of IT System used for Personal Data Processing,
    6. ensure that devices and IT and telecommunications systems used to process personal data comply with the requirements of the Regulation of 29 April 2004 by the Minister of Internal Affairs and Administration as regards personal data processing documentation and technical and organizational conditions which should be fulfilled by devices and computer systems used for the personal data processing.