Effective 09 Feb
Introduction
In this Privacy Policy we, us, our or AppLiger means Appliger Sp. z o. o. - a company with a registered seat in Dietla 93/7 Street, 31-031, Kraków, Poland, entered in the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under number: 0000941392, e-mail: contact@appliger.com
We are an Atlassian Marketplace Partner, and offer products through Atlassian Marketplace, including Cloud apps and downloadable Server and Data Center apps. We refer to these apps as “Services”.
This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or otherwise collected by us, offline or online, including through our website (“Site”) and from users of our Services.
When we collect, receive, store, and use your personal information, we do so in accordance with the rules set down by the European Union General Data Protection Regulation (EU) 2016/679 (the GDPR).
Personal information
Personal information: The types of personal information or personal data we may collect about you include:
Customer information
Company Name
Region
Country
Maintenance Period
Customer contact
Technical Contact Email
Technical Contact Name
Technical Contact Phone
Technical Contact Address
Technical Contact City
Technical Contact State
Technical Contact Postcode
Billing Contact Name
Billing Contact Email
Billing Contact Phone
Billing Contact Address
Billing Contact City
Billing Contact State
Billing Contact Postcode
Partner information
Partner Name
Partner Type
Partner Contact Name
Partner Contact Email
Other information
details of the services we have provided to you and/or that you have enquired about, and our response to you
your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behavior while using our Site
information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider
additional personal information that you provide to us, directly or indirectly, through your use of our Site, associated applications, associated social media platforms and/or accounts from which you permit us to collect information; and
any other personal information requested by us and/or provided by you or a third party.
We may collect these types of personal information directly from you or from third parties.
Collection and use of personal information
In line with Article 13(1)(d) combined with Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, the processing is required to serve the legitimate interests pursued by us as the data controller under the General Data Protection Regulation.
We may collect, hold, use and disclose personal information for the following purposes:
to maintain the functionality of the Services;
for purposes related to the research and development of the Services;
for customer support purposes, including resolving technical issues and improving the Services;
to contact and communicate with you regarding our Services;
to enable you to access and use our Site, associated applications and associated social media platforms
for internal record-keeping and administrative purposes;
for analytics, market research and business development, including to operate and
improve our Site, associated applications and associated social media platforms;
for advertising and marketing, including to send you promotional information about our products and Services and information about third parties that we consider may be of interest to you and
to comply with our legal obligations and resolve any disputes that we may have.
Disclosure of personal information to third parties
We may disclose personal information to:
third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting providers, professional advisors and payment systems operators;
our employees, contractors and/or related entities;
anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing
third parties to collect and process data, such as Google Analytics or other relevant businesses. This may include parties that store data outside of EU.
Where we disclose your personal information to third parties, including data processors or data sub-processors, we will request that the third party handle your personal information in accordance with this Privacy Policy. The third party will only process your personal information in accordance with written instructions from us and we require that the third party either complies with the privacy shield principles set out in the GDPR or another mechanism set out by applicable EU & Swiss data protection laws for the transfer and processing of personal information. When we refer to ‘processing’ in this clause and this Privacy Policy in general, we mean any operation or set of operations which is performed on personal information, whether or not by automated means, such as collecting, recording, organising, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available personal information.This Privacy Policy sets out our commitment to protecting the privacy of your Personal data provided to us by Atlassian Marketplace due to the use of our Services or collected by us through our website www.apliger.com (“Site”) from users of our Services.
We are an Atlassian Marketplace Partner, and offer products mainly through Atlassian Marketplace, including Cloud apps and downloadable Server and Data Center apps (“Services)”. We may also offer some of our Services directly through our Site.
The Controller of your Personal data isAppliger Sp. z o. o. - a company with a registered seat in Dietla 93/7 Street, 31-031, Kraków, Poland, entered in the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under number: 0000941392, e-mail: contact@appliger.com (“we, us, our or AppLiger”)
When we collect, receive, store, and use your Personal data, we do so in accordance with the rules set down by the European Union General Data Protection Regulation (EU) 2016/679 (the GDPR).
Personal data
In order to provide you with our Services we may process the following Personal data (“Personal data”):
Customer information: Your name and surname and company trade name, which may include your name and surname or other Personal data;
Customer technical and billing contacts: e-mail address of the contact person, contact name and surname, contact phone number;
Atlassian Marketplace Partner information: partner name and surname and Partner trade name, which may include Partner name and surname or other Personal data;
Atlassian Marketplace Partner technical and billing contacts: e-mail address of the contact person, contact name and surname, contact phone number;
Providing the above-mentioned Personal data is voluntary, but necessary for you to be able to use the Services offered by us. We process your Personal data, in particular, to provide the Services to you in accordance with the AppLiger Terms of Use: https://help.appliger.com/easy-templates-for-jira/end-user-license-agreement
We obtain all the Personal data referred to above from an Atlassian Marketplace, our Services, directly or from you via our Site or support/call sessions.
Other information
We may also collect other than Personal data information including:
Your IP address and the end device (e.g. computer, tablet, smartphone) you are using;
Details of the Services we have provided to you and/or that you have enquired about, and our response to you
Your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behavior while using our Site;
Information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;
Collection and use of Personal data
We may process Personal data for the following purposes:
Enable you to use the Services you have ordered via Atlassian Marketplace or directly via our Site: in this case, the basis for the processing is Article 6(1)(b) of the GDPR, according to which processing is lawful when it is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract;
Tailoring, analyzing, and improving Services and ensuring the security of their provision – the basis for processing is Article 6(1)(f) GDPR (the legitimate interest of the controller in this case is the desire and need to adjust, analyze, and improve the Services).
To comply with our legal obligations – the basis for processing is Article 6(1)(c) GDPR (legal obligation of the Controller includes internal record-keeping for tax, social security, and administrative purposes as well as verification of payments and compliance with Services AppLiger Terms of Use;
Establishing, pursuing, or defending claims – the basis for processing is Article 6(1)(f) of the GDPR (the legitimate interest of the controller in this case consists in establishing, pursuing, or defending against possible claims, including claims of Service recipients or third parties);
Disclosure of Personal data to third parties
As a rule, your Personal data will not be shared with third parties. However, in connection with the provision of our Services, access to certain data may be granted to entities whose services we use in connection with our business, such as an external accounting office, IT service providers, data storage, web-hosting providers, professional advisors, and payment systems operators. Entities of this type have access only to the information necessary to provide services (i.e. in the case of an accounting office - accounting data). These entities are so-called processors of Personal Data on behalf of and on our instructions. We have concluded appropriate agreements with them, the subject of which is to protect your Personal data, among other things, against unauthorized access.
It is possible that we will be contacted by public authorities or other entities that are entitled to access your Personal data on the basis of legal provisions (e.g. police, prosecutor's office). In this case, we are obliged to provide the requested data.
Personal data may be transferred outside the European Economic Area to the USA.
Please note that we use the following third parties (Subprocessors) to process your personal information:
Name | Domain | Location | Purpose |
|---|---|---|---|
Atlassian | USA | Host app, ticket management, data processing | |
AWS | USA | Data Storage, hosting infrastructure | |
EU | Analytics, Email accounts | ||
Amplitude | USA | Analytics | |
AppSignal | EU | Logs, troubleshooting, maintenance | |
Slack | EU | Team Chat services | |
Mailerlite | EU | Customer Communication, Marketing |
Our responsibilities as a ‘controller’ under the GDPR
Controllers are defined by the GDPR as natural or legal persons, a public authority, agency or other body to which personal information or personal data has been disclosed, whether via a third party or not, and who determines the purposes and means of processing personal information. We are a controller under the GDPR as we collect, use and store your personal information to enable us to provide you with our services.
As a controller, we have certain obligations under the GDPR when collecting, storing and using the personal information of EU citizens. If you are an EU citizen, your personal data will:
be processed lawfully, fairly and in a transparent manner by us
only be collected for the specific purposes we have identified in the ‘collection and use of personal information’ clause above and personal information will not be further processed in a manner that is incompatible with the purposes we have identified
be collected in a way that is adequate, relevant and limited to what is necessary in relation to the purpose for which the personal information is processed
be kept up to date, where it is possible and within our control to do so (please let us know if you would like us to correct any of your personal information)
be kept in a form which permits us to identify you, but only for so long as necessary for the purposes for which the personal data was collected
be processed securely and in a way that protects against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Specifically, we have the following measures in place, in accordance with the GDPR:
Data protection policies: We maintain internal policies that outline the procedures for the collection, storage, and handling of personal information to safeguard your data.
Right to request erasure of personal information: You have the right to request the deletion of any personal information we hold about you.
Right to request restriction of data processing: You have the right to request limitations on the processing of your personal information. This request can be made if you believe the information we hold is inaccurate and needs verification, or if the processing is unlawful and you prefer restriction over deletion.
Right to receive a copy of your personal information: You have the right to receive a copy of the personal information we hold about you upon request.
Right to transfer your personal information from us to another controller: You have the right to request the transfer of your personal information from us to another data controller of your choice.
Notification of data breaches: We adhere to GDPR regulations regarding the notification of any data breaches.
Our responsibilities as a ‘processor’ under the GDPR
Where we are a processor, we have contracts containing certain prescribed terms in our contracts with controllers. Depending on circumstances, we can be a controller or processor or controller and processor. In addition to:
our contractual obligations with controllers (where we are solely a processor);
our legal obligations under the GDPR as a controller (where we are both a controller and processor) as a processor we also have the following responsibilities under the GDPR:
not to use a sub-processor without the prior written authorisation of the data controller;
to co-operate with supervisory authorities;
to ensure the security of our processing;
to keep records of processing activities;
to notify any personal data breaches to the data controller; and,
to employ a data protection officer and appoint (in writing) a representative within the European Union if required by the GDPR.
Your rights and controlling your personal information
Choice and Consent: Please review this Privacy Policy thoroughly. By furnishing us with personal information, you are giving your consent for us to collect, retain, utilize, and disclose your personal information in accordance with this Privacy Policy. If you are below the age of 16, you must have obtained permission from your parent or legal guardian, and you warrant to us, to the extent permitted by law, that you have obtained their consent to access and use the Site or the Services, and that they (your parents or guardian) have consented to you providing us with your personal information. While you are not obligated to provide us with personal information, please note that abstaining from doing so may impact your ability to use our Site or the Services offered on or through it.
Information from Third Parties: If we receive personal information about you from a third party, we will handle it in accordance with the guidelines outlined in this Privacy Policy. If you are a third party providing personal information about another individual, you confirm and assure us that you have obtained the requisite consent from such individual to furnish us with their personal information.
Restriction of Personal Information Use: You have the option to limit the collection or utilization of your personal information. Should you have previously consented to the use of your personal information for direct marketing purposes, you retain the right to change your preferences at any time by contacting us using the information provided below. Upon your request to restrict the processing of your personal information, we will inform you about how this restriction may affect your interaction with our Site or the usage of our products and Services.
Access, Data Portability, and Correction: You are entitled to request details regarding the personal information we hold about you, including the option to obtain a copy of this data. Additionally, you may request the deletion of your personal information at any time, or request its transfer to another third party (data portability). Should you believe that any information we hold about you is inaccurate, outdated, incomplete, irrelevant, or misleading, please contact us using the details provided below. We will take the necessary steps to rectify any inaccuracies or omissions promptly.
Complaints: If you believe that we have breached the EU Privacy Principles or an article of the GDPR and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.
Subscription Management: If you wish to unsubscribe from our email list or opt out of receiving communications, including marketing materials, please contact us using the information provided below or utilize the opt-out mechanisms included in our communications.
Storage and security
We are dedicated to ensuring the security of the personal information we gather. To prevent unauthorized access or disclosure, we have implemented appropriate physical, electronic, and managerial measures aimed at protecting and securing personal information. These measures are designed to safeguard personal information from misuse, interference, loss, and unauthorized access, alteration, or disclosure.
Please note that while we take steps to protect your personal information, we cannot guarantee the security of information transmitted to or by us over the Internet. The transmission and exchange of information are conducted at your own risk. Despite our efforts to prevent unauthorized disclosures, we cannot guarantee that the personal information we collect will never be disclosed in a manner inconsistent with this Privacy Policy.
Downloadable Applications
Our downloadable applications store all information within the Atlassian Jira server product where they are installed. All data is stored within your IT system (Server or Data Center) that hosts the Atlassian Jira server product.
When you download, install, or use the applications, no information stored on the installation IT system is shared with us. The applications do not transmit data from your IT system or from end-users' web browsers to us or any third party.
Cloud Applications
Cloud-based apps can only be installed within the Atlassian Jira Cloud service. In this scenario, the information or data you provide may be stored on our secure servers, although we currently employ a third party to provide this service. By using cloud-based applications, we have access to user information as outlined in this Privacy Policy, which may include data on how and when the applications are used.
Our Cloud-based applications participate in Atlassian's Marketplace Security Bug Bounty Program, which utilizes crowdsourced vulnerability discovery methods through bug bounty. This program is regarded as one of the most effective post-production tools for detecting vulnerabilities in applications and services.
Cookies and web beacons
...
Term of processing Personal data
Below you will find information on how long we can process Personal data:
Data processed in order to provide Services – for the period necessary to provide the selected Service;
Data processed for accounting or accounting purposes in connection with the provision of Services – for the period required by law;
Data processed for the purpose of establishing, pursuing or defending claims – the period of limitation of possible claims in accordance with the provisions of law;
Adjusting, analyzing, and improving Services and ensuring the security of their provision – for the period until the Service recipient objects to such processing or achievement of the above-mentioned purpose, depending on which of the events occurs first.
Your rights and controlling your Personal Data
In connection with the processing of Personal Data, you have the following rights:
The right to access your Personal data - as part of the exercise of this right, you may request confirmation from us as to whether your Personal data is being processed, and if this is the case, you are entitled to access it and to information about: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, recipients in third countries or international organizations; if possible, the planned period of storage of personal data, and if this is not possible, the criteria for determining this period, the right to request the controller to rectify, delete or limit the processing of your personal data and to object to such processing, the right to lodge a complaint with the supervisory authority, if the personal data has not been collected from the data subject – any available information about their source, automated decision-making, including profiling as referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, relevant information about the basis for such decision-making, as well as the significance and envisaged consequences of such processing for the data subject. If personal data is transferred to a third country or an international organization, the data subject has the right to be informed of the appropriate safeguards referred to in Article 46 of the GDPR related to the transfer. You may request that we provide you with a copy of your personal data being processed. For any subsequent copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs.
The right to rectification – you have the right to request that we promptly rectify inaccurate Personal data concerning you. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data, including by providing an additional statement.
The right to erasure (the so-called "right to be forgotten") – you have the right to request that we erase your Personal data without undue delay, and we as the controller are obliged to delete your Personal data without undue delay if one of the following circumstances applies: (a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) you withdraw the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing; (c) you object to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Article 21(2); (d) the personal data has been unlawfully processed; (e) the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject; (f) the personal data has been collected in connection with the provision of information society services as referred to in Article 8(1) of the GDPR.
Remember, however, that the right to be forgotten is not an absolute right and cannot always be exercised. It does not apply (and therefore it will not be possible to delete your data) to the extent that the processing is necessary: (a) to exercise the right to freedom of expression and information; (b) for compliance with a legal obligation requiring processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (c) for reasons of public interest in the field of public health in accordance with points (h) and (i) of Article 9(2) and Article 9(3); (d) for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1), where it is likely that the right referred to above will prevent or seriously impede the achievement of the purposes of such processing; or (e) to establish, exercise or defend legal claims.
The right to restriction of processing, which you have in the following cases: (a) when you contest the accuracy of the personal data – for a period enabling the controller to verify the accuracy of the data, (b) when the processing is unlawful and the data subject opposes the erasure of the personal data, requesting instead the restriction of their use; (c) when the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them to establish, exercise or defend legal claims; (d) where the data subject has objected to the processing pursuant to Article 21(1) of the GDPR, until it has been determined whether the legitimate grounds of the controller override those of the data subject.
The right to data portability,
In the case of data processing on the basis of Article 6(1)(f) of the GDPR (legitimate interest of the data controller) – the right to object to such processing; to lodge an objection, you may contact the Data Protection Officer or directly with us, either electronically or in writing at the addresses specified in section “Introduction” of this Privacy Policy,
In the case of processing pursuant to Article 6(1)(a) and Article 9(2)(a) of the GDPR – the right to withdraw consent at any time without affecting the compliance of the processing that was carried out on the basis of consent before its withdrawal; to withdraw your consent, you can contact us, either electronically or in writing at the addresses specified in section “Introduction” of this Privacy Policy,
The right to lodge a complaint with the supervisory authority – the supervisory authority in Poland is the President of the Office for Personal Data Protection (2 Stawki Street, 00-193 Warsaw).
The right to cancel marketing subscription: If you wish to unsubscribe from our email list or opt out of receiving communications, including marketing materials, please contact us using the information provided below or utilize the opt-out mechanisms included in our communications.
Storage and security
We are dedicated to ensuring the security of the Personal data. To prevent unauthorized access or disclosure, we have implemented appropriate physical, electronic, and managerial measures aimed at protecting and securing personal information. These measures are designed to safeguard personal information from misuse, interference, loss, and unauthorized access, alteration, or disclosure.
Our downloadable applications store all information within the Atlassian Jira server product where they are installed. All data is stored within your IT system (Server or Data Center) that hosts the Atlassian Jira server product. When you download, install, or use the applications, no information stored on the installation IT system is shared with us. The applications do not transmit data from your IT system or from end-users web browsers to us or any third party.
Cloud-based apps can only be installed within the Atlassian Jira Cloud service. In this scenario, the information or data you provide may be stored on our secure servers, although we currently employ a third party to provide this service. By using cloud-based applications, we have access to user information as outlined in this Privacy Policy, which may include data on how and when the applications are used.
Our Cloud-based applications participate in Atlassian's Marketplace Security Bug Bounty Program, which utilizes crowdsourced vulnerability discovery methods through bug bounty. This program is regarded as one of the most effective post-production tools for detecting vulnerabilities in applications and services.
Automated decision-making
As part of the performance of the Services, we do not make decisions in relation to you based solely on automated data processing.
Cookies and web beacons
From time to time, we may utilize cookies and web beacons on our Site. We use them in order to facilitate the use of the Site and to adapt it to the needs of users.
Cookies are small text files placed in your web browser to store your preferences. Cookies themselves do not reveal your email address or other personally identifiable information. However, they may allow third-party services, such as Google, to display our advertisements on your social media and online platforms as part of our retargeting efforts. If you choose to provide personal information on our website, it may be linked to the data stored in these cookies.
You can delete stored cookies or restrict their reading by using the appropriate functions of your web browser - for this purpose, please refer to the instructions on how to control cookies, which are available through the privacy settings menu of the browser you are using. Remember, however, that disabling the use of certain "cookies" may make it difficult or impossible to use the Site.
Failure to make changes in the settings of the browser used in the field of managing "cookies" will result in the "cookies" being placed automatically on your end device. Failure to make changes in your browser settings resulting in the disabling of the acceptance of "cookies" and the use of the Websites means your consent to the use of "cookies" on the terms described in this Privacy Policy.
Additionally, we may employ web beacons (also known as Clear GIFs) on our Site. Web beacons are tiny snippets of code embedded in a web page to track visitor behavior and gather information about their interactions with the page. For instance, web beacons can be used to tally the number of visitors to a page or deliver a cookie to a visitor's browser.
We may also utilize Google Analytics to collect and analyze data on our Site. For more information on how Google utilizes data from third-party websites or applications, please refer to to http://www.google.com/policies/privacy/partners/ or or any other URL designated by Google.
Links to other websites
Our Site may contain links to other websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which that you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.
Amendments
This Privacy Policy may be modified at our discretion and at any time. Any changes to the Privacy Policy become effective once we notify you of the update by revising the "last updated" date.
For any questions or notices, please contact get in touch with us at: contact@appliger.com
...
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|