• Spinprofy
  • Privacy Policy

Spinprofy Website Privacy Policy

At https://spinprofy.com/ (hereinafter referred to as the “Website” or “Operator”), the confidentiality and privacy of our Users is a priority. This document contains key information about the methods, purposes, and legal basis for the processing of personal data, as well as the rules for the use of cookies within our services.

By reading this Policy, the User accepts that their personal data may be processed in the manner specified herein. If you do not accept these terms, please refrain from using the Website and providing us with your data.

1. General Information and Responsible Entity

The Data Controller is the operator of the Spinprofy Website (also referred to in this Policy as “We” or “Our”).

The processing of personal data is carried out in accordance with applicable data protection regulations, including in particular the General Data Protection Regulation (GDPR).

2. Personal Data and Scope of Processing

2.1. Types of Data Collected

Users browsing the Website and using publicly available content do not need to disclose their identity to us. Data collection and processing takes place in connection with the use of services provided electronically or when registering an Account.

The data collected by the Website can be divided into:

  1. Personal Data (Identifiable): Any information that allows for the individual identification of a natural person, e.g., name, email address, IP address, or document details (in the context of registering for services). Providing this data is voluntary, but necessary for the provision of full services.
  2. Usage Data (Anonymous/Non-Identifiable): Information collected automatically (e.g., IP addresses, visit details, information about the operating system, browser, and path of visited pages). This data is collected for statistical purposes and does not indicate the identity of the user.

2.2. Purposes of Data Processing

We process User data for the following purposes:

  • Provision of Services: Provision of services available on the Website, including enabling registration for an Account.
  • Content Customization: Tailoring the content of the Website, including websites, to the User’s interests.
  • Security and Improvement: Detection of bots and abuse, ensuring the security of services and their continuous improvement.
  • Statistical Measurements: Performing statistical measurements to improve the quality of the Website and its content.
  • Marketing (with consent): Processing data, including profiling, for marketing purposes, also in relation to third-party products and services. In the case of subscriptions, data may be used to send information about promotions and bonuses.
  • Claims and Settlements: Processing is permitted or required by law, e.g., for settlement purposes or to pursue claims.

3. Legal Basis for Processing

Data processing is based on several legal grounds under the GDPR:

  • Performance of a Contract (Art. 6(1)(b) of the GDPR): Processing is necessary for the performance of a contract for the provision of services to which the User is a party.
  • Legitimate Interest of the Administrator (Art. 6(1)(f) of the GDPR): Applies in the case of tailoring the content of the Website to the User’s needs, ensuring security, and improving services. Our legitimate interests are aimed at ensuring the high quality of our services. Legitimate interest may also be the basis for processing to protect the rights, privacy, security, or property of us and others.
  • Voluntary Consent of the User: Applies to the processing of data for marketing purposes, including profiling. Consent is not the only basis for processing, but is used when no other legal basis is available or when we decide to do so.
  • Data Provision Requirement: Providing personal data is voluntary, but failure to do so will prevent the provision of certain services, especially those requiring registration or related to participation in non-public events.

4. Data Retention Period

The period of personal data processing depends on the purpose for which it is processed:

  • Services: The data will be processed for the duration of the provision of services and, in justified cases, after their completion, if required by law (e.g., for statistical or accounting purposes, or to pursue claims).
  • Marketing: Data used for marketing purposes is processed until consent for its processing is withdrawn.
  • Content Matching and Statistics: Data will be processed for these purposes until you object or stop using the services provided.

We undertake to store documents in accordance with our Data Retention Policy, and after this period, the data will be permanently deleted.

5. Recipients of Personal Data and Cross-Border Transfer

5.1. Data Recipients

Your data may be transferred to entities that process personal data on behalf of the Administrator. These entities process data solely on the basis of a contract and in accordance with the Administrator’s instructions.

Categories of recipients may include:

  • IT Service Providers: including cloud services and technical support providers.
  • Group Entities: Other companies within our group, for the purpose of supporting business operations or fulfilling legal obligations.
  • Marketing Partners: Social media platforms and business partners for advertising campaigns, market analysis, and research.
  • Communication and Payment Service Providers.
  • Professional Advisors: Lawyers, auditors, bankers.
  • Competent/Regulatory Authorities: To the extent necessary to comply with government requests, court orders, or applicable laws, including for the purpose of fraud prevention.

5.2. Data Transfer Outside the EEA

Personal data may be transferred to third countries (outside the European Economic Area – EEA). In such a case, the Administrator ensures adequate safeguards for the User’s rights.

This transfer will only take place if:

  • The User has expressly consented to it.
  • It is necessary for the conclusion or performance of a contract.
  • In order to comply with legal obligations.
  • When a third country ensures an adequate level of protection (so-called “white list” countries of the European Commission).