PRIVACY POLICY

1. Administrator – Swoopex Group Sp. z o.o. with registered office in Warsaw at Aleje Jerozolimskie 85 lok 21, postal code 02-001, NIP: 7011148164
2. Personal Data – information about an identified or identifiable natural person through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including device IP address, internet identifier.
3. Policy – this Privacy Policy
4. Website – website operated by the Administrator at https://swoopex.pl/
5. External Website – websites of the Administrator's partners, service providers or service recipients.
6. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
7. User – each natural person visiting the Website

In connection with the User's use of the Website, the Administrator collects data to the extent necessary to provide individual offered services. Below are described detailed rules and purposes for processing Personal Data collected during the User's use of the Website.

Personal data of all persons using the Website are processed by the Administrator:

• for the purpose of providing services electronically in the scope of making available to Users content collected on the Website – in this case, the legal basis for processing is the necessity of processing for contract performance (Art. 6(1)(b) GDPR); with respect to data provided optionally, the legal basis for processing is consent (Art. 6(1)(a) GDPR);
• for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Art. 6(1)(f) GDPR), consisting in conducting analyses of User activity on the Website to improve applied functionalities;
• for the purpose of establishing and pursuing claims or defending against claims – the legal basis for processing is the legitimate interest of the Administrator (Art. 6(1)(f) GDPR), consisting in protecting its rights.
• marketing and analytics (with consent)

The User's Personal Data may also be used by the Administrator to direct marketing content to them through various channels, e.g., via email. Such actions are undertaken by the Administrator only if the User has consented to it, which they may withdraw at any time.

The period of data processing by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service provision, until the expressed consent is withdrawn, or until an effective objection to data processing is lodged in cases where the legal basis for data processing is the legitimate interest of the Administrator.

The data processing period may be extended if processing is necessary to establish and pursue possible claims or defend against claims, and after that time only if and to the extent required by law. After the processing period expires, data is irreversibly deleted or anonymized.

The User has the right to access their data and request its correction, deletion, restriction of processing, the right to data portability, and the right to lodge a complaint with the supervisory authority responsible for Personal Data protection.

The User also has the right to object to data processing that takes place based on the legitimate interest of the Administrator.

To the extent that the User's data is processed based on consent, this consent may be withdrawn at any time by contacting the Administrator via email: info@swoopex.pl

In connection with the provision of services, Personal Data will be disclosed to external entities, in particular to IT service providers enabling proper use of the Website.

If the User consents, their data may also be shared with other entities for their own purposes, including marketing purposes.

The Administrator reserves the right to disclose selected information concerning the User to competent authorities or third parties that request such information, based on an appropriate legal basis and in accordance with applicable law.

The level of Personal Data protection outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator transfers Personal Data outside the EEA only when necessary and with ensuring an appropriate level of protection, primarily through:

• cooperation with entities processing Personal Data in countries for which an appropriate European Commission decision has been issued confirming an adequate level of Personal Data protection;
• using standard contractual clauses issued by the European Commission;
• using binding corporate rules approved by the competent supervisory authority.

The Administrator may transfer Personal Data outside the EEA, for example, when some of its service providers are based outside the EEA. In such a situation, the Administrator ensures appropriate protection of Personal Data in accordance with paragraph 1.

The Administrator continuously conducts risk analysis to ensure that Personal Data is processed securely – primarily ensuring that only authorized persons have access to the data and only to the extent necessary in connection with the tasks they perform. The Administrator ensures that all operations on Personal Data are logged and performed only by authorized employees and associates.

The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities also guarantee the application of appropriate security measures in every case when they process Personal Data on behalf of the Administrator.

Information regarding the use of cookies on the Website, including detailed information about types of cookies, purposes of their use, and ways to manage them, is available in a separate document:

In the cookie policy you will find:

• Detailed information about types of cookies
• Purposes of using individual cookies
• Information about third-party cookies (Google Analytics, Facebook Pixel, etc.)
• Instructions for managing cookies
• Information about your rights regarding cookies

Users' Personal Data may also be collected in server logs. Logs include, inter alia, the User's IP address, server date and time, information about the web browser and operating system used by the User. Logs are saved and stored on the server. Data recorded in server logs are not associated with specific persons using the Website and are not used by us to identify the User. Server logs constitute solely auxiliary material for administering the Website, and their content is not disclosed to anyone except persons authorized to administer the server or state investigative authorities.

1. Necessary Cookies These cookies are installed to provide the User with access to the Website and its basic functions, and therefore do not require the User's consent. Without necessary cookies, the Administrator would not be able to provide services to Users within the Website.
2. Optional Cookies The Administrator uses these cookies only when the User consents to it. These are cookies:
   • functional – allow remembering Users' preferences or choices (such as username, language, text size or other customizable elements) and providing users with personalized content within the Website;
   • analytical – enable checking the number of visits and traffic sources on the Website. They help recognize which pages are more or less popular and understand how users navigate the page. Thanks to this, the Administrator can improve the Website's performance;
   • advertising – used to deliver content matching Users' interests and preferences. Based on information from these files and activity on other websites, a profile of Users' interests is built.

When using the Website, the User may receive cookies from third parties cooperating with the Administrator. More detailed information is provided below:

1. Analytics service providers. To better understand how the Website works, the Administrator cooperates with analytics service providers such as Google Analytics provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. More information about how they use Users' data can be found here: https://support.google.com/analytics/answer/6004245. Information collected through Google Analytics may be used to conduct advertising campaigns in Google Ads.
2. Advertising service providers. For the purpose of analyzing Users and better targeting ads, the Website is integrated with:
   • Google Ads. More information about how they use Users' data and other settings can be found here: https://policies.google.com/technologies/partner-sites and https://adssettings.google.com/;
   • Meta Pixel. More information about how they use Users' data can be found here: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0 and https://www.facebook.com/ads/settings;
3. Reverse proxy service provider. GoDaddy Operating Company, LLC. More information about how they use Users' data and other settings can be found here: https://www.godaddy.com/legal/agreements/privacy-policy
4. Video streaming service provider. YouTube. More information about how they use Users' data and other settings can be found here: https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/ and https://support.google.com/youtube/answer/10364219

Users' Personal Data may also be collected in server logs. Logs include, inter alia, the User's IP address, server date and time, information about the web browser and operating system used by the User. Logs are saved and stored on the server. Data recorded in server logs are not associated with specific persons using the Website and are not used by us to identify the User. Server logs constitute solely auxiliary material for administering the Website, and their content is not disclosed to anyone except persons authorized to administer the server or state investigative authorities.

• The User's web browser should provide the ability to change settings to reject, delete or block certain cookies;
• If the User's web browser does not provide the ability to change the settings mentioned in paragraph 1, the User should consult the browser's manual:
  • Google Chrome – https://support.google.com/chrome/answer/95647
  • Mozilla Firefox – https://support.mozilla.org/kb/cookies-information-websites-store-on-your-computer
  • Safari – https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
  • Microsoft Edge – https://support.microsoft.com/microsoft-edge/delete-cookies-in-microsoft-edge
• Since some cookies are necessary for the Website to function, changing browser settings may cause some services to not work properly or even completely prevent use of the Website;
• Settings regarding expressed consents for Personal Data processing can be changed by clicking the "Adjust cookie settings" link in the page footer.

• The Administrator reserves the right to change the Policy at any time without the need to inform the User;
• The Policy is continuously verified and updated as necessary;
• The current version of the Policy was adopted and is effective from September 1, 2023.