Privacy policy

PRIVACY POLICY OF THE WEBSITE
Sense7.eu

1. DEFINITIONS

1.1. Controller – Morele.net sp. z o.o., with its registered office in Kraków, al. Jana Pawła II 43b, 31-864 Kraków.

1.2. Personal Data – information about an identified or identifiable natural person, identifiable through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity, including device IP, location data, online identifier, and information gathered via cookies and other similar technology.

1.3. Policy – this Privacy Policy.

1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

1.5. Website – the website operated by the Controller at the following address:
www.sense7.eu

1.6. User – any natural person visiting the Website or using one or more of the services or features described in the Policy.

2. PROCESSING OF DATA IN CONNECTION WITH USE OF THE WEBSITE

2.1. In connection with the User’s use of the Website, the Controller collects data to the extent necessary to provide the individual services offered, as well as information about the User’s activity on the Website. The detailed rules and purposes of processing Personal Data collected while the User uses the Website are described below.

3. PURPOSES AND LEGAL BASES FOR DATA PROCESSING ON THE WEBSITE

USE OF THE WEBSITE

3.1. The Personal Data of all persons using the Website (including IP address or other identifiers, and information gathered via cookies or other similar technology) who are not registered Users (i.e., persons without a profile on the Website) is processed by the Controller:

3.1.1. for the purpose of providing electronic services involving making content collected on the Website available to Users – the legal basis for processing is then the necessity of processing for the performance of a contract (Article 6(1)(b) GDPR);
3.1.2. for analytical and statistical purposes – the legal basis for processing is then the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in carrying out analyses of User activity and User preferences in order to improve the features used and the services provided;
3.1.3. for the potential establishment and pursuit of claims or defence against claims – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in the protection of its rights;
3.1.4. for marketing purposes of the Controller and other entities, in particular related to the presentation of behavioural advertising – the rules for processing Personal Data for marketing purposes are described in the MARKETING section.

3.2. The User’s activity on the Website, including their Personal Data, is recorded in system logs (a dedicated computer program used to store a chronological record containing information about events and actions concerning the IT system used by the Controller to provide services). The information collected in the logs is processed primarily for purposes related to the provision of services. The Controller also processes it for technical and administrative purposes, for the purpose of ensuring the security of the IT system and managing that system, as well as for analytical and statistical purposes – in this respect, the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR).

REGISTRATION ON THE WEBSITE

3.3. Persons who register on the Website are asked to provide the data necessary to create and operate an account. To make account handling easier, the User may provide additional data, thereby consenting to its processing. Such data can be deleted at any time. Providing the data marked as mandatory is required to create and operate the account; failure to provide it means an account cannot be created. Providing the remaining data is voluntary.

3.4. Personal Data is processed:

3.4.1. for the purpose of providing services related to maintaining and operating an account on the Website – the legal basis for processing is the necessity of processing for the performance of a contract (Article 6(1)(b) GDPR);
3.4.2. for analytical and statistical purposes – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in carrying out analyses of User activity on the Website and how the account is used, as well as User preferences, in order to improve the features used;
3.4.3. for the potential establishment and pursuit of claims or defence against claims – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in the protection of its rights;
3.4.4. for marketing purposes of the Controller and other entities – the rules for processing Personal Data for marketing purposes are described in the MARKETING section.

3.5. If the User posts any Personal Data of other persons on the Website (including their first name and surname, address, phone number, or email address), they may do so only provided that it does not violate the law or the personal rights of those persons.

PLACING ORDERS

3.6. Placing an order (purchasing goods) by a Website User involves the processing of their Personal Data. Providing the data marked as mandatory is required to accept and process the order; failure to provide it means the order will not be completed. Providing the remaining data is optional.

3.7. Personal Data is processed:

3.7.1. for the purpose of fulfilling the placed order – the legal basis for processing is the necessity of processing for the performance of a contract (Article 6(1)(b) GDPR);
3.7.2. for the purpose of fulfilling the Controller’s statutory obligations, arising in particular from tax law and accounting regulations – the legal basis for processing is a legal obligation (Article 6(1)(c) GDPR);
3.7.3. for analytical and statistical purposes – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in carrying out analyses of User activity on the Website and User purchasing preferences in order to improve the features used;
3.7.4. for the potential establishment and pursuit of claims or defence against claims – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in the protection of its rights.

CONTACT FORMS

3.8. The Controller makes it possible to get in touch using electronic contact forms. Using the form requires providing the Personal Data needed to contact the User and reply to their enquiry. The User may also provide other data to make contact or enquiry handling easier. Providing the data marked as mandatory is required in order to accept and handle the enquiry; failure to provide it means the enquiry cannot be handled. Providing the remaining data is voluntary.

3.9. Personal Data is processed:

3.9.1. for the purpose of identifying the sender and handling their enquiry submitted via the available form – the legal basis for processing is the necessity of processing for the performance of a service contract (Article 6(1)(b) GDPR); with regard to data provided optionally, the legal basis for processing is consent (Article 6(1)(a) GDPR).

4. MARKETING

4.1. The Controller processes Users’ Personal Data for the purpose of carrying out marketing activities, which may involve:

4.1.1. displaying marketing content to the User that is not tailored to their preferences (contextual advertising);
4.1.2. displaying marketing content to the User that matches their interests (behavioural advertising);
4.1.3. sending email notifications about interesting offers or content which, in some cases, contain commercial information (newsletter service);
4.1.4. carrying out other types of direct marketing activities for goods and services (sending commercial information electronically and telemarketing activities).

4.2. In order to carry out marketing activities, the Controller uses profiling in some cases. This means that, thanks to the automated processing of data, the Controller assesses selected factors concerning Users in order to analyse their behaviour or create a forecast for the future. This makes it possible to tailor the displayed content more accurately to the User’s individual preferences and interests.

CONTEXTUAL ADVERTISING

4.3. The Controller processes Users’ Personal Data for marketing purposes in connection with directing contextual advertising to Users (i.e., advertising that is not tailored to the User’s preferences). The processing of Personal Data then takes place in connection with the pursuit of the Controller’s legitimate interest (Article 6(1)(f) GDPR).

BEHAVIOURAL ADVERTISING

4.4. The Controller and its trusted partners process Users’ Personal Data, including Personal Data gathered via cookies and other similar technology, for marketing purposes in connection with directing behavioural advertising to Users (i.e., advertising that is tailored to the User’s preferences).

4.5. The processing of Personal Data also includes the profiling of Users.

NEWSLETTER

4.6. The Controller provides the newsletter service, on the terms set out in the regulations, to persons who have provided their email address for this purpose. Providing this data is required to provide the newsletter service; failure to provide it means the newsletter cannot be sent. This form of communication with the User may include profiling.

4.7. Personal Data is processed:

4.7.1. for the purpose of providing the newsletter sending service – the legal basis for processing is the necessity of processing for the performance of a contract (Article 6(1)(b) GDPR);
4.7.2. where marketing content is directed to the User as part of the newsletter – the legal basis for processing, including with the use of profiling, is the Controller’s legitimate interest (Article 6(1)(f) GDPR) in connection with the consent granted to receive the newsletter;
4.7.3. for analytical and statistical purposes – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in carrying out analyses of User activity on the Website in order to improve the features used;
4.7.4. for the potential establishment and pursuit of claims or defence against claims – the legal basis for processing is the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in the protection of its rights.

5. SOCIAL MEDIA

5.1. The Controller processes the Personal Data of Users who visit the Controller’s profiles on social media (Facebook, YouTube, Twitter, Google+). This data is processed in connection with running the profile, including for the purpose of informing Users about the Controller’s activities and promoting various events, services, and products. The legal basis for the Controller’s processing of Personal Data for this purpose is its legitimate interest (Article 6(1)(f) GDPR), consisting in the promotion of its own brand. More information is available on our social media profiles.

6. POSTING REVIEWS AND COMMENTS

6.1. The Controller makes it possible to post reviews and comments on the Website. Providing data in the fields marked as “required field” is voluntary, but failure to provide it means reviews or comments cannot be posted. The User can decide independently on the scope of Data that is publicly visible to all Users.

6.2. Personal Data is processed:

6.2.1. for the purpose of publishing a review or comment as part of the features made available by the Controller – the legal basis for processing is the necessity of processing for the provision of a service (Article 6(1)(b) GDPR);
6.2.2. for the purpose of moderating reviews or comments (including eliminating spam) – the legal basis for processing is then the Controller’s legitimate interest (Article 6(1)(f) GDPR), consisting in approving comments added by Users and publishing them.

7. COOKIES AND SIMILAR TECHNOLOGY

The Controller uses cookies primarily for the purpose of providing electronic services to the User. Accordingly, the Controller and other entities providing analytical and statistical services for the Controller use cookies by storing information or accessing information already stored on the User’s telecommunications terminal device (computer, phone, tablet, etc.).

NECESSARY COOKIES

7.1. The Controller uses necessary cookies primarily for the purpose of providing Users with the services and features of the Website that the User wishes to use. Necessary cookies may be installed exclusively by the Controller via the Website.
7.2. The legal basis for processing data in connection with the use of necessary cookies is the necessity of processing for the performance of a contract (Article 6(1)(b) GDPR).

FUNCTIONAL AND ANALYTICAL COOKIES

7.3. Functional cookies are used to remember and adapt the Website to the User’s choices and may be installed by the Controller and its partners via the Website.
7.4. Analytical cookies make it possible to obtain information such as the number of visits and traffic sources on the Website. They are used to determine which pages are more and less popular and to understand how Users navigate the site through keeping traffic statistics on the Website. Data processing takes place for the purpose of improving the performance of the Website, and such cookies may be installed by the Controller and its partners via the Website.
7.5. The legal basis for the Controller’s processing of Personal Data in connection with the use of necessary and analytical cookies for this purpose is its legitimate interest (Article 6(1)(f) GDPR), consisting in ensuring the highest quality of services provided on the Website.
7.6. The processing of Personal Data in connection with the use of functional and analytical cookies is subject to obtaining the User’s consent to the use (separately) of functional and analytical cookies. This consent may be withdrawn at any time via this platform.

ADVERTISING COOKIES

7.7. Advertising (marketing) cookies make it possible to match the advertising content displayed to the User’s interests within and outside the Website. Based on information from these cookies and the User’s activity, the User is profiled. Advertising cookies may be installed by the Controller and its partners via our website.
7.8. The legal basis for the Controller’s processing of Personal Data in connection with the use of advertising cookies for this purpose is its legitimate interest (Article 6(1)(f) GDPR).
7.9. The processing of Personal Data using cookies is possible after consent is obtained; such consent may be withdrawn at any time.

8. ANALYTICAL AND MARKETING TOOLS USED BY THE CONTROLLER’S PARTNERS

8.1. The Controller and its Partners use various solutions and tools for analytical and marketing purposes. Basic information about these tools is provided below. Detailed information in this regard can be found in the privacy policy of the particular partner.

GOOGLE ANALYTICS

8.2. Google Analytics cookies are files used by Google to analyse how the User uses the Website, and to create statistics and reports on the operation of the Website. Google does not use the data collected to identify the User and does not combine this information to enable identification. Detailed information about the scope and rules for collecting data in connection with this service can be found at: https://business.safety.google/privacy/.

8.3. Google AdWords is a tool that makes it possible to measure the effectiveness of advertising campaigns carried out by the Controller, allowing for the analysis of data such as keywords or the number of unique users. The Google AdWords platform also makes it possible to display our ads to people who have previously visited the Website. Information about the processing of data by Google in the scope of the above service is available at: https://business.safety.google/privacy/.

FACEBOOK PIXEL

8.4. The Facebook Pixel is a tool that makes it possible to measure the effectiveness of advertising campaigns carried out by the Controller on Facebook. The tool allows for advanced data analytics in order to optimise the Controller’s activities, also with the use of other tools offered by Facebook. Detailed information about the processing of data by Facebook can be found at: https://facebook.com/help/443357099140264?helpref=about_content.

9. MANAGING COOKIE SETTINGS

9.1. The use of cookies to collect data through them, including obtaining access to data saved on the User’s device, requires the User’s consent. This consent may be withdrawn at any time.

9.2. Consent is not required only in the case of cookies whose use is necessary for the provision of a telecommunications service (data transmission for the purpose of displaying content).

9.3. Consent to the use of cookies can be withdrawn via browser settings. Detailed information on this subject can be found at the following links:

9.3.1. Internet Explorer:
https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies
9.3.2. Mozilla Firefox:
http://support.mozilla.org/kb/ciasteczka
9.3.3. Google Chrome:
http://support.google.com/chrome/answer=95647
9.3.4. Opera:
http://help.opera.com/Windows/12.10/cookies.html
9.3.5. Safari:
https://support.apple.com/kb/PH5042?locale=en-GB

9.4. At any time, the User can check the status of their current privacy settings for the browser they are using, using the tools available at the following links:

9.4.1. http://www.youronlinechoices.com/pl/twojewybory
9.4.2. http://optout.aboutads.info/?c=2&lang=EN

10. DATA PROCESSING PERIOD

10.1. The period for which the Controller processes data depends on the type of service provided and the purpose of the processing. As a rule, data is processed for the duration of the provision of the service or the fulfilment of the order, until the consent granted is withdrawn or an effective objection to data processing is raised in cases where the legal basis for processing is the Controller’s legitimate interest.

10.2. The data processing period may be extended if processing is necessary for the establishment and pursuit of potential claims or defence against claims, and after this time only in the event and to the extent that this is required by law. After the processing period has ended, the data is irreversibly deleted or anonymised.

11. USER’S RIGHTS

11.1. The User has the right to access the content of the data and to request its rectification, erasure, restriction of processing, the right to data portability, and the right to object to data processing, as well as the right to lodge a complaint with the supervisory authority responsible for the protection of Personal Data.

11.2. To the extent that the User’s data is processed on the basis of consent, this consent may be withdrawn at any time by contacting the Controller.

11.3. The User has the right to object to the processing of data for marketing purposes if the processing takes place in connection with the Controller’s legitimate interest, and also – for reasons related to the User’s particular situation – in other cases where the legal basis for processing is the Controller’s legitimate interest (e.g., in connection with the pursuit of analytical and statistical purposes).

11.4. More information about the rights arising from the GDPR is available at https://download.morele.net/polityka_transparentnosci.pdf

12. RECIPIENTS OF THE DATA

12.1. In connection with the provision of services, Personal Data will be disclosed to external entities, including in particular providers responsible for the operation of IT systems, entities such as banks and payment operators, providers of accounting services, couriers (in connection with order fulfilment), marketing agencies (in the scope of marketing services), and entities affiliated with the Controller, including companies in its group.

12.2. The Controller reserves the right to disclose selected information concerning the User to the competent authorities or to third parties that request the disclosure of such information, on the basis of an appropriate legal basis and in accordance with applicable law.

13. TRANSFERRING DATA OUTSIDE THE EEA

13.1. The level of protection of Personal Data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, the Controller
transfers Personal Data outside the EEA only when necessary, and with an adequate level of protection ensured, primarily through:

13.1.1. cooperation with entities processing Personal Data in countries in respect of which a relevant decision of the European Commission has been issued finding an adequate level of protection of Personal Data;
13.1.2. the use of standard contractual clauses issued by the European Commission;
13.1.3. the use of binding corporate rules approved by the competent supervisory authority;

13.2. The Controller always informs of the intention to transfer Personal Data outside the EEA at the stage at which it is collected.

14. SECURITY OF PERSONAL DATA

14.1. The Controller continuously carries out risk analyses in order to ensure that Personal Data is processed in a secure manner – ensuring, above all, that only authorised persons have access to the data and only to the extent that is necessary for the tasks they perform. The Controller ensures that all operations on Personal Data are recorded and carried out only by authorised employees and associates.

14.2. The Controller takes all necessary steps so that its subcontractors and other cooperating entities also guarantee the application of appropriate security measures whenever they process Personal Data on behalf of the Controller.

15. CONTACT DETAILS

15.1. The Controller can be contacted at the correspondence address: Sense7.eu, al. Jana Pawła II 43b, 31-864 Kraków.

15.2. The Controller has appointed a Data Protection Officer, who may be contacted by email at iod@morele.net on any matter concerning the processing of Personal Data.

16. CHANGES TO THE PRIVACY POLICY

16.1. The Policy is reviewed on an ongoing basis and updated as necessary.
16.2. The current version of the Privacy Policy has been in force since 20 March 2025.