Privacy Policy

This policy contains information about the processing of personal data by DMSI. The principles of personal data processing have been divided according to participants and categories of processes in connection with which data is processed.

DMSI means:

DMSI Software Sp. z o.o. based in Warsaw (02-699), ul. Kłobucka 23 c lok. 119, NIP: 7952492770, REGON: 180529910, entered into the register of entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, 13th Commercial Division in Warsaw, under KRS number 0000539147 (hereinafter referred to as DMSI Software or DMSI).

Contact DMSI for questions or concerns regarding data processing:

• e-mail: privacy@dmsi.pl the
• in writing to the registered office address: ul. Kłobucka 23c/119, 02-699 Warsaw.

Below we present the principles of data processing by DMSI for individual participants and processes:

1. Processing of data of entities that are parties to contracts for the provision of services

The administrator of your personal data is DMSI Software. The administrator processes your personal data. Regarding the processing of your personal data, you can contact the Administrator by e-mail or in writing to the address of the Administrator’s office provided above.

With respect to personal data of clients, employees or co-workers entered by you into the SAFESTAR system, their administrator is directly you, as a DMSI Software Customer. This data is processed on your behalf and only upon your documented instruction, and without such instruction only if we are obliged to do so by law.
If you have any doubts regarding such a situation, please direct any questions to the details provided above.

Personal data will be processed in order to enable the conclusion and in connection with the conclusion and performance of the Agreement and for archival purposes to secure information for the purpose of demonstrating legally significant facts, which is our legitimate interest. The legal basis for the processing of your personal data for the purposes referred to in the first sentence is Art. 6 section 1 letter b and f of the GDPR, i.e. processing is necessary to perform a contract to which the data subject is a party, or to take action at the request of the data subject before concluding the contract, and processing is necessary for the purposes of the legitimate interests pursued by the controller.

In accordance with the above paragraph, the following categories of personal data are processed:

name, surname, position held, business telephone/fax number, business email address,
REGON, NIP, PESEL, ID card;
login, password and history of account operations;
information that you have read this information clause;
payment details;
telephone calls, e-mail correspondence recorded in connection with the provision of technical support services under the Agreement.

The rule is to process data obtained directly from you, but it may happen that we have your data from our client and it was made available to us in connection with the provision of services under the Agreement. If you have any questions, please direct them to the details provided at the beginning of the document. Your personal data will be made available to other recipients to the extent that these entities perform tasks related to the implementation of the Agreement, i.e.:

Administrator’s accounting service providers,
providers of legal and advisory services of the Administrator,
companies providing courier and postal services,
banks and other financial and payment institutions,
software providers for technical support, e-mail and mailing, telecommunications operators used by the Administrator.

Providing your personal data referred to above is voluntary, but necessary to perform the Agreement.

You have the right to request from the Administrator access to your personal data, rectification, deletion or limitation of the processing of personal data, and to object to such processing. At the same time, we would like to inform you that you have the right to lodge a complaint with the President of the Personal Data Protection Office if you believe that the processing of your personal data violates the provisions of the GDPR.
Your data will not be transferred outside the EEA to third countries or to an international organization. Your personal data will not be used to make automated decisions, including profiling.

Your personal data will be stored for the duration of the Agreement, and for archival purposes to secure information for the purpose of demonstrating legally significant facts, which is our legitimate interest, but no longer than until the expiry of the limitation periods for claims arising from the Agreements concluded between you and the Administrator.

2. Newsletter

The administrator of the personal data provided by you for the purposes of sending the newsletter is DMSI Software (contact details at the beginning of the Policy). Personal data collected for the purposes of sending the newsletter are: e-mail address, name, surname, telephone number, position, IP address (temporarily stored). The personal data mentioned above will be processed by DMSI Software in order to send the so-called newsletters whose purpose is to provide information about:

functionalities and development of the Safestar system and mobile applications integrated with it,
alarm monitoring and remote video surveillance,
training and industry events,
broadly understood safety and security,
promotions for services offered by DMSI.

Your data may be accessed by entities related to DMSI and providers of digital services, such as e-mail or a webinar and mailing system, entities dealing with hosting (storing) the portal and personal data for DMSI, providers of marketing tools (including analytical ones).

The legal basis for the processing of your data is your consent to receive the above-mentioned information from DMSI Software (Article 6(1)(a) of the GDPR) and the necessity of data processing for purposes arising from the legitimate interests pursued by the Administrator, which is conducting marketing, including analyzing whether marketing messages sent by DMSI are read and which content interests you the most (Article 6(1)(f) of the GDPR).
If you consent to receiving marketing messages to the provided e-mail address, the legal basis will also be Art. 10 of the Act of 18/07/2002 on the provision of electronic services and Art. 172 of the Act of 16/07/2004 – Telecommunications Law.

You have the right to request from the Administrator access to your personal data, rectification, deletion or limitation of the processing of personal data, and to object to such processing. At the same time, we would like to inform you that you have the right to lodge a complaint with the President of the Personal Data Protection Office if you believe that the processing of your personal data violates the provisions of the GDPR. Your data will not be transferred outside the EEA to third countries or to an international organization.

Your personal data will be stored until you withdraw your consent to receive the newsletter or until you effectively raise an objection. You can withdraw your consent at any time by sending an appropriate statement to the DMSI Software address indicated at the beginning of the Policy or by clicking the appropriate link included in the newsletter.
Please note that withdrawal of consent to the processing of your personal data prevents us from providing you with the services described above and that withdrawal of consent does not affect the lawfulness of the processing carried out before its withdrawal.

3. Contact forms

DMSI enables contact by interested parties (clients or other interested entities) using electronic contact forms available on DMSI’s websites or in social media. Using the form requires providing the following personal data: name, surname, e-mail address, telephone number, name of the company that the person represents. Providing the above data is voluntary, but necessary to contact the sender and respond to the inquiry.

The administrator of personal data is DMSI Software (contact details at the beginning of the Policy). Personal data collected via the contact form are processed to identify the sender and handle his inquiry (Article 6(1)(b) of the GDPR) and for analytical purposes, as part of legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).

Data collected via the form may be entrusted by the Administrator to entities related to the Administrator, in particular DMSI Trade (in order to handle the inquiry) and processed by entities providing IT tools used by DMSI.

Unless cooperation is established between the person using the contact form and the Data Administrator, personal data are processed on a voluntary basis and will be processed only as long as they are necessary to achieve the purposes described above or until the interested entity expresses effective consent. how to object to the processing of your data. You can object to this by sending an appropriate declaration to the DMSI Software address indicated at the beginning of the Policy. Withdrawal of consent to the processing of personal data left in the contact form does not invalidate the processing of data carried out until the objection was raised.

4. SafestarGO, Patrol 2 and Patrol 3 mobile applications

DMSI Software mobile applications are available through online application stores (Google Play and App Store, respectively). Downloading the application may require the user to register in a given online store. DMSI has no influence on the processing of user data in connection with the registration and use of these stores.

Mobile applications are available to entities that are parties to Service Agreements via the Safestar System.
In order to use the mobile application, the user is required to have appropriate access data in the Safestar System. Therefore, the principles of personal data processing specified in point 1 apply to the user of mobile applications. Processing of data of entities that are parties to contracts for the provision of services. The processing of personal data of the mobile application user begins when the mobile application is paired with the user’s account in the Safestar System.

The use of mobile applications additionally involves the processing of user data in the manner described below. SaferstarGo, Patrol 2, and Patrol 3 app features use your device’s location services to collect location data. If the user allows the application to access location services, his location will be regularly transmitted to the Safestar system in order to perform the tasks covered by the Agreement. The user’s location in the Patrol 3 application is also downloaded in the background, i.e. also when the user is not using the application. SafestarGO, Patrol 2 and Patrol 3 applications can inform the user in the form of push messages about specific events, even if the application is not active at the moment. Push messages are a form of messages specific to mobile applications through which the System can directly contact the user.

For some functions, DMSI Software mobile applications must have access to certain interfaces and data on the user’s device. Depending on the operating system you are using, your explicit consent may be needed.

Below is information on what permissions (if necessary to process user data) applications can request and what type of functions depend on these permissions:

user login and password – enable the use of the mobile application;
location services/location data: permission to access the user’s device’s location services is necessary for the app to determine the location of the user’s device. The user’s location in the Patrol 3 application is also downloaded in the background, i.e. also when the user is not using the application. If you do not allow this access, the display of location-based content may not be possible or will only be available to a limited extent.
push notifications/messages: permission necessary to use push services. In some devices, this permission is enabled by default for all applications.
access saved photos: this permission is necessary for the application to access saved photos (read access) or for photos generated by the application to be saved on the user’s device (write access).
camera: this permission is necessary for the application to use the user’s camera functions, for example to take photos. The application will only have access to the camera when the appropriate function is selected in the application.
mobile data (iOS) or access to all services and connections to services (Android): when using or installing certain applications, a request for these permissions appears to enable the application to transmit data via the Internet connection of the user’s device (Wi-Fi or data transmission ). This permission may be required to transfer data entered in the application, e.g. as part of a search, to the System’s servers.

5. Participants of trainings, webinars, surveys, etc.

The administrator of personal data of participants of training courses, webinars, surveys, etc. (hereinafter: Event) is DMSI Software. In matters related to data processing, please contact the Administrator (contact details at the beginning of the document).

The Participant’s personal data that may be processed by the Administrator in connection with participation in the Event are: name, surname, e-mail address, telephone number, name of the entity that the Participant represents.

The participant’s data will be processed for the purpose of participating in the Event (Article 6(1)(b) of the GDPR), receiving marketing information based on the expressed consent (Article 6(1)(a) of the GDPR) and on the basis of the legitimate interest of the Administrator ( Article 6(1)(f) of the GDPR).

Consent to the processing of personal data may be withdrawn at any time without affecting the processing that took place before its withdrawal. In the case of events organized free of charge, consent to receiving marketing information is voluntary, but necessary to participate in the Event.

The recipients of personal data of an Event participant may be related entities
with the Administrator. Participants’ personal data may also be made available to providers of online tools intended for organizing Events used by the Administrator and entities acting on behalf of the Administrator.

Personal data of the Event participant will be stored until the Administrator’s legal obligations cease. Data processed on the basis of consent will be stored until it is withdrawn or the purpose ceases.

The Event Participant has the right to request access to his or her personal data,
as well as their rectification (correction). The Participant also has the right to request deletion or restriction of processing, as well as to object to processing, however, this is only possible if further processing is not necessary for the Administrator to fulfill a legal obligation and there are no other overriding legal grounds for processing. The Event Participant has the right to lodge a complaint about the processing of his or her data with the President of the Personal Data Protection Office (uodo.gov.pl).

6. Users of DMSI fan pages on social networking sites

DMSI has profiles on social networking sites Facebook, LinkedIn and YouTube (hereinafter: Fanpage). DMSI regularly publishes and shares content on its Fanpages. DMSI Software is the administrator of personal data of users using specific Fanpages.

Administrators of social networking sites record user behavior using cookies and other similar technologies every time a user interacts with DMSI Fanpages. DMSI Software, as the Administrator of the Fanpages of social networking sites, has access to general statistics regarding the interests and demographic data (age, gender, geographic region) of users visiting the Fanpages. As part of the use of social networking sites, the scope and purposes of data processing on social networking sites are determined by the administrators of these sites (Facebook, LinkedIn, YouTube, respectively).

DMSI Software provides content on its Fanpages. In the event of direct communication between the user and DMSI or when the user provides DMSI with content of his/her choice, DMSI Software is responsible for processing the user’s data. An exception concerns the processing of data for the purposes of usage analysis (website statistics) – the administrators of the relevant social networking sites are also responsible for them. DMSI has no influence on the data processing policy of social media administrators.

The processing of data of users of DMSI Fanpages on social networking sites is based on the user’s consent (Article 6(1)(a) of the GDPR) or is necessary for purposes arising from legitimate interests pursued by DMSI Software (Article 6(1)(a) of the GDPR) .f GDPR).

User data, to the extent decided by DMSI Software as the Data Administrator, will be processed until the user withdraws consent. The user may withdraw consent by submitting an appropriate statement to DMSI Software (DMSI Software’s contact details at the beginning of the Policy).

The User has the right to request from the Administrator access to his or her personal data, rectification, deletion or limitation of the processing of personal data, to object to such processing, the right to lodge a complaint to the President of the Office for Personal Data Protection when the user considers that the processing of his or her personal data violates the provisions of GDPR.

7. Job candidates

The administrator of the candidate’s personal data is DMSI Software (contact details at the beginning of the Policy).

The data of persons applying for employment at DMSI are processed in order to carry out the recruitment process, pursuant to the provisions of labor law (Article 6(1)(c) of the GDPR). In terms of information indicated in the advertisement as necessary, in accordance with the Labor Code – providing data is mandatory and necessary to participate in the recruitment process. Data not required by law, provided by the candidate in the submitted documents, will be processed on the basis of consent, which will be considered as their transfer (Article 6(1)(a) of the GDPR). Providing data other than those indicated as required in the advertisement does not affect the recruitment process and is not necessary.

The candidate may withdraw consent to the processing of personal data at any time without affecting the processing that took place before its withdrawal.

The recipients of the candidate’s personal data may only be entities that are entitled to receive them under the law. In addition, the candidate’s data may be made available to suppliers of IT systems used for communication or conducting the recruitment process, which are used by DMSI.

The candidate’s personal data will be stored for the period necessary to complete the recruitment process for a given position. Additionally, personal data may be processed for purposes related to future recruitment processes, based on the candidate’s consent separately. After this period, the candidate’s data is deleted. DMSI reserves the right to contact only selected candidates.

A candidate who has applied for recruitment has the right to request access to his or her personal data and rectification of it. The candidate also has the right to request deletion or restriction of processing, as well as to object to processing, but only if further processing is not necessary for the Administrator to fulfill a legal obligation and there are no other overriding legal grounds for processing. The candidate has the right to lodge a complaint against the processing of his or her data by the Administrator to the President of the Personal Data Protection Office. The candidate’s data will not be made available to a third country and will not be subject to profiling or automated decision-making.