Privacy policy
This Privacy Policy is a document related to the Terms of service available here https://bugbug.io/terms-of-service/ (“Terms of service”). The provisions and definitions of the Terms and Conditions are applied accordingly.
The Policy is for information purposes and serves to satisfy the information obligations imposed on the data controller under the GDPR, i.e. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
When processing personal data TestRevolution meets all requirements resulting from the Developer Program Policies of Google LLC. The installed Extension provides for complete security of personal data processed by means of it.
1. PERSONAL DATA CONTROLLER
1.1 The controller of the personal data of you and other persons visiting the Website is TestRevolution sp. z o.o. with its registered office in Tarnowskie Góry (42-600), Gliwicka 35 street, entered into the register of entrepreneurs of the National Court Register under the KRS number: 0000832174, Tax Identification number NIP: 6452563868, National Business Registry Number REGON: 385150770, share capital in the amount of PLN 60.000 (“Service Provider,” “we,” “us,” “our”).
1.2 Contact details of the data controller: info@testrevolution.io.
2. DATA PROCESSING METHOD
2.1 The scope, purposes, and legal grounds for the processing of your personal data are presented in the table below.
| Purpose | Scope of data | Legal ground | Processing period |
|---|---|---|---|
| providing access to the Website | IP address | Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement | until lapse of the period of limitation applicable to claims connected with access to the Website and the User’s actions within the Website, counted from the time of the User’s last visit on the Website |
| setting up an Account on the Website | |||
| operating the User Account | user’s name, first name, e-mail address, other personal data voluntarily provided by the User within the Account, in particular phone number and address | Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement | Until the User deletes the Account or until the lapse of the period of limitation of claims connected with the Account operating service |
| providing Services by electronic means on the website bugbug.io | first and last name, e-mail address, residential address, residential address, address for correspondence, IP address, phone number, Tax Identification Number NIP, National Business Registry number REGON, business name, Google, Github, Microsoft identifiers and payment card details | Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement | a period sufficient for Service Provided to prove the appropriate performance of its obligations, whereby such term corresponds to the period of limitation of claims; |
| enabling conducting tests in accordance with the License | first and last name, e-mail address, residential address, residential address, address for correspondence, IP address, phone number, Tax Identification Number NIP, National Business Registry number REGON, business name, Google, Github, Microsoft identifiers and payment card details | Article 6(1)(b) of the GDPR – processing is necessary for the performance of the Agreement or undertaking actions upon request of the data subject prior to concluding the Agreement | a period sufficient for Service Provider to prove the appropriate performance of its obligations, whereby such term corresponds to the period of limitation of claims; |
| providing technical support | IP address, details of the User’s Account | Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in providing technical support for the Website Users | for the duration of the support expected by the User |
| contact with the Users, responding to queries | first name, e-mail address, phone number, other personal data voluntarily provided by the User in the form | Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in responding to queries and correspondence provided directly by the data subjects | until correspondence ends or the User objects |
| analysing traffic within the Website | IP address, cookies | Article 6(1)(a) of the GDPR – consent given by the User | until the data cease to be useful or the User withdraws the consent |
| sending promotional and commercial materials | e-mail address | Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in informing about the Website and its functionalities, as well as the Artwork offer | until data cease to be useful, the Account is deleted, or the User objects |
| issuing and storing accounting documents | first and last name, address, tax identification number, other data required by law necessary for issuing a bill or VAT invoice | Article 6(1)(c) of the GDPR in connection with tax regulations – processing is necessary for compliance with a legal obligation to which the Service Provider is subject | for the term for which accounting documents have to be kept as prescribed by legal provisions (5 years from the end of the year of issue of a relevant document) |
| handling reports regarding illegal content | first and last name, e-mail address, other data voluntarily provided by the data subject | Article 6(1)(c) of the GDPR in connection with Article 16(2)(c) of the Act on digital services (Regulation 2022/2065) – processing is necessary for compliance with a legal obligation to which the Service Provider is subject | until the lapse of the period of limitation of claims connected with the notification of illegal content |
| protection against claims, raising claims | e-mail address, first and last name, other data voluntarily provided by the data subject | Article 6(1)(f) of the GDPR – legitimate interest of the controller that consists in protecting against claims and raising claims | until lapse of the period of limitation applicable to claims connected with access to the Website and the User’s actions within the Website |
2.2 If we are advised that you use the Website in violation of the Terms and Conditions or applicable provisions of law (unauthorised use), then we may process your personal data to the extent required for establishing the scope of your liability.
2.3 The provision of personal data within the Website is voluntary, but failure to provide them will prevent you from contacting us, creating the Account, and placing an Order.
2.4 Your personal data may be transferred to third countries (beyond the European Economic Area) in particular to states such the United States. Any transfer of personal data to the U.S. will be based on standard contractual clauses or Data Privacy Framework.
2.5 In the case of third countries other than the U.S., your personal data may be transferred there only subject to the conditions resulting from Article 45 of the GDPR (data transfers on the basis of an adequacy decision issued by the European Commission), Article 46 of the GDPR (transfers subject to appropriate safeguards).
-
the legal basis is the statutory authorization to process data necessary to perform an agreement if the data subject is a party to such agreement (Article 6.1(b) of the GDPR);
-
initiation of promotional and commercial actions carried out by TestRevolution—the legal basis is a legitimate interest executed by TestRevolution (Article 6.1.(f) of the GDPR) or voluntary consent (Article 6.1(a) of the GDPR).
3. PROFILING
3.1 Service Provided will not carry out automated decision-making based on your personal data.
3.2 Service Provider may carry out profiling for marketing purposes, i.e. for the purpose of presenting you its offer of products and services tailored to your needs.
3.3 Profiling consists in an automated assessment of certain personal factors related to a relevant person. Service Provider makes such an assessment to analyse your needs in the context of Service Provider’s offer and for the purpose of presenting you materials tailored to your preferences.
3.4 You will not suffer any negative consequence in connection with carried out profiling, and your personal data will not be subject to profiling otherwise than for the purpose stated in clause 3.2. above.
3.5 In the scope in which your personal data are subject to profiling, you are entitled to object to such activities, while in the scope in which the basis for processing is your consent, you are entitled to revoke such consent.
4. RECIPIENTS OF DATA
4.1 We may entrust the processing of personal data to third parties for the purpose of carrying out the activities indicated in the Terms of service and servicing the User. In such a case, the recipients of your data may involve the provider of hosting, the e-mail operator, a law firm, an accounting firm, the entities providing solutions for researching traffic on the website and marketing activities.
4.2 Personal data collected by us may also be disclosed to competent state authorities upon their request on the basis of relevant provisions of law or other persons and entities – in the cases prescribed in the provisions of law.
4.3 Each entity to which we transfer your personal data for processing on the basis of a personal data transfer agreement guarantees an adequate level of security and confidentiality of the processing of personal data. The entity processing your personal data on the basis of the data transfer agreement may process such personal data through another entity only upon our prior consent.
4.4 Disclosing personal data to unauthorised entities under this Privacy Policy may take place only upon your prior consent.
5. RIGHTS OF DATA SUBJECT
5.1 You have the right to: (a) delete the collected personal data referring to you both from the system belonging to us as well as from bases of entities with which we have co-operated, (b) restrict the processing of data, (c) portability of your personal data, in this to receive them in a structured form, (d) request us to enable you access to your personal data and to rectify them, (e) object to processing, (f) withdraw the consent at any time without affecting the legality of the processing carried out on the basis of the consent before it is withdrawn, (g) lodge a complaint about us to the supervisory authority (President of the Personal Data Protection Office).
5.2 In order to exercise your rights, you can contact us via the e-mail address indicated in clause 1.2. or via the form available on the Website.
6. OTHER DATA
6.1 We may store http enquiries, therefore the files containing web server logs may store certain data, including the IP address of the computer sending the enquiry, the name of the station – identification through http protocol, if possible, date and system time of registration on the Website and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the User before if the User has entered the service through a link, information concerning your browser, information concerning errors that occurred during the http transaction. Web server logs may be collected for the purpose of proper administration of the Website. Only persons authorised to administer the IT system have access to data. Files containing web server logs may be analysed for the purposes of preparing statistics concerning traffic and occurring errors. A summary of such details does not identify a specific person, and hence they are not personal data.
7. SECURITY
7.1 We apply technological and organisational means in order to provide for the protection of the processed personal data corresponding to the threats and category of data to be secured, in particular, through technical and organisational means we secure data against being published to unauthorised persons, taken over by an unauthorised person, processed in violation of the law, and changed, lost, damaged, or destroyed; among others, we apply SSL certificates. The set of collected Users’ personal data is stored on a secured server. Data are also secured by our internal procedures related to the processing of personal data and information security policy.
7.2 We have also implemented appropriate technical and organisational means, such as pseudonymisation, designed to effectively enforce the data protection principles, such as data minimisation, and for the purpose of providing the processing with necessary safeguards, so as to meet the GDPR requirements and protect the rights of data subjects.
7.3 Please remember that using the Internet and services provided by electronic means may pose a threat of malware breaking into your ICT system and device, as well as any other unauthorised access to your data, including personal data, by third parties. In order to minimise such threats, you should use appropriate technical safeguards, e.g. use updated antivirus programs or programs securing the identification on the Internet. In order to obtain detailed and professional information related to security in the Internet, we recommend taking advice from entities specialising in such IT services.
8. COOKIES
8.1 In order to ensure the correct operation of the Website, we use Cookie support technology. Cookies are packages of information stored on your device through us, usually containing information corresponding to the intended use of a particular file, by means of which you use the Website – these are usually: address of the website, date of publishing, lifetime of a cookie, unique number, and additional information corresponding to the intended use of a particular file.
8.2 We use two types of Cookies: (a) session cookies, which are permanently deleted upon closing the session of the browser; (b) permanent cookies, which remain on the device after closing the session until they are deleted.
8.3 It is not possible to identify you on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents the collection of any personal data.
8.4 The Cookies used by us are safe for your device, in particular, they prevent viruses or other software from breaking into the device.
8.5 Files generated directly by us may not be read by other websites. Third-party Cookies (i.e. Cookies provided by entities co-operating with us) may be read by an external server.
8.6 You may individually change the Cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service, as well as by means of the functionalities of the website.
8.7 First of all, you may disable storing Cookies on your device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of our Website.
8.8 You may also individually remove Cookies stored on your device at any time in accordance with the instructions of the browser producer.
8.9 We use own Cookies for the following purposes: authentication of the User and maintaining the User’s session; configuration of the website and adjustment of the page content to the preferences or conduct of the User; analysis and research of views, click number, and path taken on the website to improve the appearance and organisation of the content, time spent on the website, number and frequency of visits on our website.
8.10 We use Third-party Cookies for the following purposes: preparing statistics (anonymous) for the purposes of optimising the functionality of the website by means of analytic tools.
8.11 The scope of Cookies used by us depends on the consents given by the relevant person.
8.12 Detailed information concerning Cookie support is available in your browser settings.
8.13 TestRevolution uses third-party cookies for the following purposes:
8.13.1 Goggle Analytics - collecting general or anonymous statistical data by means of analytical tools;
8.13.2 Google Ads - promotional and marketing actions within the retargeting process;
9. FINAL PROVISIONS
This Privacy Policy comes into effect on 26.11.2024.