Purpose of the Policy

The Policy applies to all websites within the domains www.see.asseco.com, www.asee.io and its subdomains — including cybersecurity.asee.io, live.asee.io, contentservices.asee.io, and digitalbanking.asee.io — which are owned by ASEE (hereinafter referred to as the "ASEE websites"), as well as payten.com.

Asseco South Eastern Europe S.A. declares that ASEE websites are run with utmost care, in compliance with the rules of technical know-how and professionalism, as well as in accordance with the applicable legal regulations, in particular those that protect privacy of Internet website Users:

1. Regulation No 2016/679 of the European Parliament and of the Council of the EU of April 27 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, Official Journal of the European Union L. 2016 No 119/1 (hereinafter “GDPR”);
2. Act of July 18 2002 on the provision of services by electronic means, Journal of Laws from 2013, item 1422, as amended;
3. Act of July 12 2024 Electronic Communications Law, Journal of Laws from 2024, item 1221.

Revealing Personal Data

Please be informed that all companies belonging to ASEE Capital Group may have access to personal data and cookies files stored by ASEE websites. In such case transfer of such data fulfills all requirements arising from above mentioned legal regulations. The list of   ASEE Capital Group companies is presented here: https://see.asseco.com/about/group-structure/.

In case when it is necessary for proper functioning of the ASEE websites or other purposes specified in this Privacy Policy where data processing of the users of websites is necessary, the processing of data can be entrusted to the entities not belonging to ASEE Capital Group. In such case the sub-processing of data is based on the data transfer agreements and fulfills all requirements arising from GDPR.

Data Collection

In accordance with the accepted practice of most of web services, we keep HTTP enquiries sent to our server. This means that we know the public IP addresses from which Users browse information content of our service. The browsed resources are identified by URL addresses. We also know the following:

• time the enquiry arrives;
• time taken to send the reply;
• name of client station – identification is executed by the HTTP protocol;
• information on errors that occurred while executing the HTTP transaction;
• URL address of the site previously visited by the User (referrer link) – if the transfer to the Office’s page was made through a link;
• information on User’s browser.

ASEE may collect information about you from the following sources:

• ASEE websites including temporary campaign landing pages
• Social media including but not limited to LinkedIn, Twitter, Facebook, Instagram
• Events, sales activities, Customer files
• Contact persons from clients included in sales contracts

The information about you that ASEE may collect and process includes:

• name and address, e-mail address and telephone number;
• demographic data, when linked to personally identifiable information;
• photographs and opinions;
• work and educational history, achievements, test results and job qualifications
• transaction data, including products and services ordered, financial data and payment methods used;
• company data such as company name, size and location and your role in the company;
• survey data and publicly available information, such as posts from social networking sites;
• unique identifiers, such as mobile device identifiers or cookie identifiers in your browser;
• IP address and information that may be determined by the IP address, such as geographical location;
• information about the device you are using, such as your web browser, device type, operating system, presence or use of “applications”, screen resolution and preferred language;
• data about the behavior of a computer connected to the Internet or a device used to access websites, such as clicks on ads or their display, sites and their content, dates and times of activity or searches to locate and visit websites.

Regardless of the above, circumstances can be when information other than the above concerning the User, including personal data, will be indispensable to execute the requested service or process. Such is the case, the User will be informed of the necessity to make available of certain information, including personal data, and of the purpose of using such information.

The User is able to make a voluntary decision concerning making available or denial to make available of his/her personal data. Nevertheless, making available of personal data may be required in a situation when the User is interested in obtaining information concerning provision of a service, event specified as a part of ASEE websites (e.g. obtaining information on a product, organized event, offer, downloading a demo; launching an internship program, recruitment process). Thus, the User may be requested to fill in and send a form/questionnaire where it will be clearly indicated what kind of personal data and for what purpose will be gathered.

The personal data collected through ASEE websites may be used for the following purposes:

• marketing communication of own products or services,
• purposes of the recruitment process,
• using telecommunications end devices for the purpose of direct marketing,
• receiving commercial information by electronic means,
• providing information about the structure of ASEE Group

Additionally, ASEE may also process the personal data for following purposes:

– for the purpose of satisfying legal requirements imposed on ASEE (Article 6 (1) (c) GDPR),

– in order to pursue our legally justified interest, including data archiving, protecting against claims and pursuing our own claims.

In a situation when the User reveals personal data of a third person in the form/questionnaire, it is assumed that the User has an appropriate consent of the person whose data he/she has revealed.

The User is entitled to view and the right to amend and complete any incorrect or incomplete personal data. Regardless of the above, the User is at any time entitled to demand that processing of his/her personal data is ceased – the data are deleted. The form of submitting such a request is specified while gathering such data.

We reserve that ASEE websites do not gather, monitor, or verify information on the age of Users visiting them or any other information gathering of which would enable ASEE to determine whether the User (including the recipient and a user of e-mail lists, participant of questionnaire research, and a person participating in contest organized via them) has a capacity to perform acts in law.

Persons not having a full capacity to perform acts in law should not place orders or subscribe services provided by websites, unless their statutory representatives express their consent for this if such a consent is sufficient according to applicable legal regulations.

Cookie Files

ASEE websites use the so-called cookies or other technologies featuring functions similar or equivalent to cookies, i.e., information stored on the end device of Users visiting Websites. Cookies are automatically downloaded and used by Websites at each connection with the User’s end device. Saving data in cookie files and collecting data from the websites, requires your consent (Article 399 of Act of 12 July 2024, Electronic Communications Law).

ASEE websites use cookies in order to:

• adapt the contents of websites to the User’s end device, store individual settings of the User and to optimize the use of websites;
• improve safety by controlling violations in the process of using websites;
• obtain collective, anonymous statistics to improve functionality of websites;
• maintain User’s session (this refers to websites with user log on option) so the User does not have to re-log with his/her login and password on each website;
• enable the use of basic functionalities of websites (e.g., storing visited sites in order to reinstate them at User’s demand);
• for advertising and marketing purposes to adapt the advertising content displayed on ASEE websites and on other websites to User’s preferences.

We use “cookies” for the following purposes:

• adjusting the content of the Service’s websites to the User’s preferences and optimizing the use of websites; in particular, these files allow to recognize the Service User’s device and properly display the website, adjusted to their individual needs,
• creating statistics that help to understand how Service users use the web pages to improve their structure and content,
• maintaining the Service User session (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage of the Service
• improving security by controlling abuse in the use of the Websites,
• obtaining aggregate, anonymous statistical data to improve the functionality of the Websites,
• maintaining your session (applies to Sites with login options) so that you do not have to re-enter your login and password on each page of the Site,
• enabling the basic functionality of the websites (e.g., remembering the pages you visit in turn to restore them on your “request”),
  the website is designed to adapt the content of advertisements and texts displayed on the ASEE websites as well as outside them to the User’s preferences.

As a part of ASEE websites, we use the following types of cookie file:

• session cookie files (temporary) – stored on the User’s device only when websites are used, i.e. until logging off, closing a website or closing browser used by the User,
• permanent cookie files – these remain at the User’s device until their life cycle ends (operating time parameterized for a cookie) or until removed by the User,
• CSRF tokens – these are used to improve safety.

The particular types of Cookies are stored for the following periods of time:

•  session cookie files (temporary) – does not apply
• permanent cookie files – 11 months
• CSRF tokens – does not apply

Settings concerning the files are individual for each internet browser. Each User may choose to deny use of the cookies or limit cookie acceptance to a certain extent on his/her device. We inform that this can influence the comfort of using websites and result in a lack or improper display of a majority of websites. Browser settings prompt User for consent to install cookies. This enables the User to control cookie files but can slow down the browser.

If you accept cookies, it means that they will be placed in your end device and thus the ASEE Group will store information in your end device and access it.

In order to easily manage cookie files, the preferred browser should be selected and instructions should be followed:

Internet Explorer
Firefox
Chrome
Opera
Safari

Mobiles:

Android 4+
iOS 5+
IE Mobile 11+

Making Available of Websites

ASEE websites may include links to internet websites of other entities. ASEE has no influence on privacy policy of such entities and is not responsible for such a policy.

PR and Marketing

All information, including personal data, made available by the User as a part of ASEE websites and provided while the User participates in a range of various meetings organized by ASEE Group entities may be used for marketing and PR purposes as a part of various marketing campaigns conducted by ASEE Group entities if the User expresses his/her consent for that adequately based on GDPR or Act of July 12 2024 Electronic Communications Law, Journal of Laws. User’s consent doesn’t imply acceptance of receiving commercial information. Consent for marketing and commercial purposes is separate.

Personal data will not be processed automatically (including profiling).

Recruitment

ASEE websites may be involved in recruitment of new staff, interns, trainees, partners for ASEE or other ASEE Group entities. Personal data obtained in this manner are used for the needs of recruitment only as a part of current and future recruitment processes. Filling in a recruitment form, the User may express his/her consent for participation in the current and future recruitment processes conducted by ASEE Group. The consent refers to all documents submitted as a part of recruitment processes.

Making Available of Information to Clients, Partners

Personal data and information provided via ASEE websites may be used to develop and manage business relations by ASEE Group entities with a user representing a Partner or Client. In particular, commercial, product, marketing information or information on partner programmes may be sent. ASEE Group entities reserve the right to make available of such information to other associated entities in order to provide a service, process provided making available of such information is possible.

Transfer of Personal Data Within ASEE Capital Group and outside the European Economic Area

The personal data provided to us may be transferred to, stored in, or accessed from a destination outside the European Economic Area (“EEA”), in particular the data may be transferred to the companies from ASEE Group seated outside EEA. It may also be processed by staff operating outside of the EEA who work for a ASEE Group. The personal data are especially transferred within ASEE Group to the following countries outside the EEA, basing on standard contractual clauses: Serbia, Republic of Kosovo, Bosnia and Herzegovina, Republic of North Macedonia, Republic of Moldova, Republic of Albania, Montenegro, Republic of Turkey, Andorra, Republic of Dominicana, Colombia, Peru, Egypt.

The above list may be modified, the full current list of the countries can be found here: https://see.asseco.com/about/group-structure/

Where ASEE transfers the personal data outside the EEA, it is ensured that it is protected in a manner that is consistent with how ASEE protects the data in the EEA, in particular ASEE transfers the data on the basis of agreements with standard contractual clauses adopted by the European Commission or on the basis of  European Commission decision on adequate level of data protection used in the given country.

How Long the Personal Data Is Kept

As the general rule the data provided will be processed for the period necessary to achieve the purpose for which the data were provided, unless the law provides otherwise – laws may set a minimum period for which we have to store the personal data.

The personal data – depending on the purpose for which they were provided – will be processed for the following periods of time:

• for marketing purposes, the data is kept up to 3 years
• for purposes of the recruitment process, the data is kept up to 2 years
• for purpose of receiving commercial information by electronic means, the data is kept up to 5 years.

Regional DPO Contact

Contact for privacy protection or personal data protection issues for Asseco South Eastern Europe SA: Mikołaj Otmianowski, e-mail: asee.dpo@asee.io, tel.: +48 605 884 408.

Information Security Administrator:

Asseco South Eastern Europe S.A., 13 Branickiego Street, 02-972 Warsaw, Poland

ASEE Solutions SRL (Romania) DPO contact

Contact for privacy protection or personal data protection issues for ASEE Solutions SRL (Romania): RADIX CONSULT SRL through Liviu Minciuna – General Manager, e-mail:  dpo@asseco-see.com, phone: +4021-3322024 / +40723-214573, address: 5 Sold. Ionescu Florea street, block no. 2, apartment no. 20, 4th District

Payten d.o.o. (Croatia) DPO contact

Contact for privacy protection or personal data protection issues for Payten d.o.o. (Croatia): Mario Majcen, e-mail: Mario.Majcen@payten.com, phone: +385 (91) 3960 025, address: Zavrtnica 36, 10000 Zagreb

Payten d.o.o. (Serbia) DPO contact

Contact for privacy protection or personal data protection issues for Payten d.o.o. (Serbia): Ivana Ćuk, e-mail: rs.dpo@payten.com, phone: +381 64 8713151, address: Bulevar Mihajla Pupina 10b/2, 11000 Belgrade, Serbia

ASEE DOOEL (Macedonia) DPO contact

Contact for privacy protection or personal data protection issues for ASEE DOOEL (Macedonia): Adrijana Ivanovska, e-mail: adrijana.ivanovska@asee.io, phone: +389 75 292 636; address: Naroden Front 17, 1000 Skopje, Macedonia

ASEE BSS DOOEL (Macedonia) DPO contact

Contact for privacy protection or personal data protection issues for ASEE BSS DOOEL (Macedonia): Irena Cvetkova, e-mail: irena.cvetkova@asee.io, phone: +389 70 595 315, address: Naroden Front 17, 1000 Skopje, Macedonia