Within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ("GDPR") the controller of the personal data is ACE Europe sp. z o.o. with its registered seat in Warsaw.
Detailed information on the processing of your personal data can be found herein.
We encourage you to read it carefully.
The controller of your personal data is ACE Europe Sp. z o.o. with its registered seat in Warsaw, Puławska Street no. 2, 02-566 Warsaw, entered into the register of entrepreneurs maintained by the District Court for the capital city of Warsawin Warsaw, XII Commercial Division of the National Court Register under KRSnumber: 0000703382, NIP: 5252729648, REGON: 368774127, share capital in the amount of PLN 100.000 PLN ("the Controller" or “We”).
The Controller has appointed a Data Protection Officer (Ms. IzabelaPiechowka) who can be contacted electronically by sending a message to thee-mail address gdpr@ace-europe.eu
You cancontact us regarding the protection of your personal data and the exercise ofyour rights, in connection with the protection of such data, via the e-mailaddress: gdpr@ace-europe.eu, telephone number +48 22 10460 91 and in writing to the address of ACE Europe Sp. z o.o. with headquarters in Warsaw, Puławska 2, 02-566 Warsaw.
We may process personal data for the following purposes:
in order to conclude, implement or terminate the contract for the provision of payment services by the Controller, as a domestic payment institution, i.e. pursuant to art. 6 sec. 1 lit. b) GDPR;
based on express and voluntary consent, also for the purpose of marketing our own products and services, consisting in the transmission, display or transmission of commercial information by means of electronic communication, including telecommunications terminal equipment and automatic calling systems, i.e. based on art. 6 sec. 1 lit. a) GDPR;
in order to defend against any claims that may arise in connection with the provision of services based on the legitimate interest of the Controller, i.e. pursuant to art. 6 sec. 1 lit. f GDPR;
in order for the Controller to fulfil the obligations resulting from the provisions of law, including performing the Controller's obligations in the field of counteracting money laundering and terrorist financing, or handling complaints regarding non-performed or improperly performed payment services, i.e. pursuant to art. 6 sec. 1 lit. c) GDPR;
for analytical and statistical purposes, based on the legitimate interest of the Controller, i.e. pursuant to art. 6 sec. 1 lit. f GDPR.
As the Controller, we can process the data of: merchants, customers, recipients, suppliers orbusiness partners and the following categories of data:
Categories of personal data:
At the same time, we would like to point out that we do not process specific categories of your personal data referred to in art. 9 paragraph 1 GDPR.
As the Controller, we can transfer the processed personal data to the following categories of entities:
entities that are authorized to receive personal data on the basis of legal provisions, with the exception of public authorities that may receive personal data as part of a specific procedure in accordance with European Union law or the law of a European Union Member State;
entities entrusted with the processing of your personal data on ourbehalf include accounting offices, companies providing ICT services, companiesproviding telecommunications services, companies providing marketing services.
Acting as the Controller, we do not transfer personal data outside the territory of the Republic of Poland, the European Union and the EuropeanEconomic Area. Should personal data be transferred outside the EuropeanEconomic Area or to another country with restrictions on the international transfer of personal data, we use standard contractual clauses as defined by the European Commission or other data transfer mechanisms compliant with local laws, such as consent, to ensure adequate or the same level of protection for your personal data as the level of protection applied in the country of origin of the data.
Acting as the Controller, we store personal data obtained in order to conclude, perform and terminate the contract - for the period until the end of the limitation period for potential claims of the parties to the contract resulting from such a contract.
If personal data is processed by us on the basis of consent (formarketing purposes, for automated decision making, including profiling) - until you withdraw your consent to such processing.
In the case of data processed on the basis of thelegitimate interest of the Controller, the data will be processed until theobjection is effectively raised or the interest ceases to exist.
Below you will find a list of rights that you are entitled to in relation to the processing of your personal data.
To exerciseyour rights listed below, please send a request to the following e-mailaddress: gdpr@ace-europe.eu
why we process your personal data;
what categories of personal data we process;
to whom we transfer your personal data;
how long we store your personal data or what are the criteria for determining this period;
what sources we obtained your personal data from (if it was not you);
whether data processing involves automatic decision making (so-called profiling).
We draw your attention that the above-mentioned information is reflected in this document.
You can also request a copy of your personal data that we process.However, this may or may not incur fees equal to the cost of handling yourrequest.
If it is necessary to collect fees, we willinform you immediately before processing the request.
Please note that the above description of what the individual rights mean is for information purposes only and does not constitute legal assistance or advice.
The processing of your personal data is necessary to conclude a contract with us for the provision of payment services, as well as its implementation or termination. In the absence or refusal to provide your personal data, we may refuse to conclude or perform a payment service contract with you.
Providing personal data for marketing purposes is voluntary.
In the process of processing personal data, we do not make decisions in an automated manner based on the data we have.
In addition, we do not profile them in the processing of your personal data.
If you do not agree with the above assessment in this respect, regarding the automated processing of personal data, including profiling, please contact us at the above-mentioned contact address of the Controller or Data ProtectionOfficer. If so, please provide information that you believe justifies that our assessment is not accurate. It is possible that we will ask you for this information after you contact us.