Privacy Policy

I. Definitions

1. Administrator – Revalize Business Services limited liability company sp.k. with its registered office in Poznań, at 43 Królowej Jadwigi Street, 61-871 Poznań, KRS 0001038612, NIP: 7831881490. Share capital of 5,000.00 PLN; contact details: email address: [poznan.office@revalizesoftware.com] (mailto:poznan.office@revalizesoftware.com

2. Personal Data – information about an identified or identifiable natural person through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity, including the IP address of the device, internet identifier, and information collected through cookies and other similar technologies.

3. Policy – this Privacy Policy.

4. Cookies – small text files saved on the User's device while using the Service and any other similar technologies used to collect information about the User's activity on the Service. Cookies may come from the Administrator or trusted partners of the Administrator.

5. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

6. Service – the website operated by the Administrator at the address: https://revalizeservices.com/.

7. User – any natural person visiting the Service or using one or more services or functionalities described in the Policy.

II. Cookies

1. Cookies are IT data, in particular text files, which are stored on the User's end device and are intended for using the Service's website.

2. The Service uses two basic types of cookies: "session" cookies and "persistent" cookies. "Session" cookies are temporary files that are stored on the User's end device until logging out, leaving the website, or turning off the software (web browser). "Persistent" cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.

3. Cookies used in the Service are divided into the following categories:
Necessary cookies: These cookies are installed to provide the User with access to the Service and its basic functions, and therefore do not require the User's consent. Without necessary cookies, the Administrator would not be able to provide services within the Service.
Optional cookies: are not currently used by the Administrator.

4. The Service uses the following cookies:
XSRF-TOKEN - contains a token preventing request forgery attacks, this cookie serves as protection against CSRF "Cross-site request forgery" attacks; storage period: session file.

5. The Administrator uses Google Analytics within the Service - a service provided by Google Ireland Limited (hereinafter Google) using third-party cookies that allow Google to analyze the use of the Service. In this regard, the Service 

6. Administrator has activated IP anonymization by Google.
The User has the right to prevent Google from collecting and processing data by installing a browser plugin at [https://tools.google.com/dlpage/gaoptout](https://tools.google.com/dlpage/gaoptout).

7. The terms of use of the Google Analytics service can be found at the provided link: [https://www.google.com/analytics/terms/](https://www.google.com/analytics/terms/). The privacy statement can be found at the provided link: [https://policies.google.com/privacy?hl=en-US](https://policies.google.com/privacy?hl=en-US). The privacy policy can be found at the provided link: [https://www.google.comintlenpoliciesprivacy](https://www.google.comintlenpoliciesprivacy).

8. If the User does not want to receive cookies, they can change the browser settings or disable cookies by clicking on the "Cookie settings" link in the footer of the website. It should be noted that disabling cookies necessary for authentication, security, user preference maintenance processes may hinder, and in extreme cases, may prevent the use of the Provider's websites.

9. If cookies are disabled, the User may not be able to use the Service's functions.

III. Hosting

1. The service is hosted by the operator ovh.pl, i.e., OVH Sp. z o.o. with its registered office in Wrocław, ul. Swobodna 1, 50-088 Wrocław, KRS: 0000220286, REGON: 933029040, NIP: 899-25-20-556, share capital 50,000.00 PLN.

2. The hosting provider implements protective mechanisms for personal data, in particular:
a) protection against unauthorized access (Linux PAM or/and SQL authorization mechanisms, Firewall),
b) protection against data loss (Backup proxmox, RAID1 disk array),
c) protection against accidental or unauthorized data modification (Linux PAM or/and SQL authorization mechanisms),
d) login and data entry points, including personal data, are protected by encryption during data transmission between the User's device and the Provider's server (SSL certificate),
e) data loss protection measures (e.g., disk arrays, regular backups),
f) organizational solutions to ensure the highest possible level of protection and confidentiality (training, internal regulations, procedures, password policies, etc.).

3. The Provider automatically creates security logs (system logs) and website usage statistics, which contain information about certain User behaviors. This data is used for service administration and to ensure the most efficient handling of the provided hosting services.
The Provider automatically creates security logs (system logs) and website usage statistics, which contain information about certain User behaviors. This data is used for service administration and to ensure the most efficient handling of the provided hosting services.

4. The following are recorded:
a) resources identified by URL (addresses of requested resources – pages, files),
time of the User's request,
b) information about errors that occurred during the HTTP transaction,
c) information about the public IP address of the internet network,
d) client device identifier – identification carried out by the HTTP protocol,
e) information about the User's browser (name, version),
g) URL address of the page previously visited by the User (referer link) – if the transition to the Service occurred through a link on another website,
h) information related to email handling, if the User uses the email service provided by the Provider.

IV. Processing of Personal Data in connection with the use of the Service

In connection with the User's use of the Service, the Administrator collects only the data necessary for the functioning of the Service in the form of the cookies described above. Below are detailed rules and purposes for processing Personal Data collected during the User's use of the Service. Using the Service with cookies disabled is possible, and therefore their use is voluntary.

V. Purposes and legal bases for processing Personal Data in the Service

The Administrator processes the Users' personal data in connection with the use of cookies in the Services to ensure the proper and secure functioning of the Service – to the extent necessary for purposes arising from the legitimate interests pursued by the Administrator or by a third party, consisting of ensuring the proper functioning of the Services, improving the performance of the Services, collecting information on how users use the Services, improving the Services, and possibly defending against claims (Article 6(1)(f) GDPR).

VI. Personal Data processing period

1. The data processing period by the Administrator depends on the type of service provided and the purpose of processing.

2. As a rule, data is processed for the duration of the service (use of the service), until the consent is withdrawn (if it was the basis for processing) or a valid objection to data processing is raised in cases where the legal basis for data processing is the legitimate interest of the Administrator.

3. Personal data will be processed for no longer than necessary for the purposes for which the data is processed. In the case of personal data obtained in connection with the use of cookies, personal data will be stored for the time specified in the cookie parameters or until they are deleted from the device memory by the User.

4. The data processing period may be extended if the processing is necessary to establish and pursue possible claims or defend against claims, and after that time only if and to the extent required by law. After the processing period expires, the data is irreversibly deleted or anonymized.

VII. User Rights

1. The User has the right to access the content of the data and request its rectification, deletion, restriction of processing, the right to data portability, and the right to lodge a complaint with the supervisory authority dealing with the protection of Personal Data.

2. The User also has the right to object to the processing of data based on legitimate interest.

3. To the extent that the User's data is processed based on consent, this consent can be withdrawn at any time by contacting the Administrator via email or by mail to the addresses indicated in point I.1 above.

4. No automated decision-making, including profiling, will be carried out in relation to the User.

VIII. Recipients of Personal Data

1. In connection with the provision of services, Personal Data will be disclosed to external entities, including in particular IT service providers allowing the proper use of the Service.

2. With the User's consent, their data may also be disclosed to other entities for their own purposes.

3. The Administrator reserves the right to disclose selected information about the User to competent authorities or third parties who request such information, based on an appropriate legal basis and in accordance with applicable law.

IX. Transfer of Personal Data outside the EEA

1. The level of protection of Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Administrator transfers Personal Data outside the EEA only when necessary and with an appropriate level of protection, primarily through:
a) cooperation with entities processing Personal Data in countries for which an appropriate decision of the European Commission regarding the determination of an adequate level of protection of Personal Data has been issued;
b) the use of standard contractual clauses issued by the European Commission;
c) the use of binding corporate rules approved by the competent supervisory authority.

2. The Administrator does not plan to transfer Personal Data outside the EEA. The Administrator always informs about the intention to transfer Personal Data outside the EEA at the stage of their collection.

X. Personal Data Security

1. The Administrator continuously conducts risk analysis to ensure that Personal Data is processed securely – ensuring, above all, that only authorized persons have access to the data and only to the extent necessary for the tasks they perform. The Administrator ensures that all operations on Personal Data are recorded and carried out only by authorized employees and collaborators.

2. The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities provide guarantees of applying appropriate security measures whenever they process Personal Data on behalf of the Administrator.

XI. Contact Details

Contact with the Administrator is possible via email sent to [poznan.office@revalizesoftware.com](mailto: poznan.office@revalizesoftware.com) or by mail to the address indicated in point I.1.

XII. Changes to the Privacy Policy

The Policy is continuously reviewed and updated as necessary.
The current version of the Policy was adopted and is effective from 01.12.2025.

 

 

The website uses cookies to provide services in accordance with the Privacy Policy. You can set your own conditions for storing or accessing cookies in your browser.