Privacy policy

1. FNX Group's Privacy Policy explains the principles and scope of the processing of the User's personal data, the User's rights, the Administrator's obligations and informs about the use of cookies. It serves to ensure the secure processing of personal data collected by FNX Group.
2. We use technical and organisational measures to ensure the highest security of the personal data processed and to protect against unauthorised access.
3. For the purpose of a better perception of the Privacy Policy, we have replaced the term "User" with "You", "Administrator" with "We". The term "RODO" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

Controller of personal data

The administrator, i.e. the entity responsible for the processing of your personal data, is FNX Group with its registered office in Gdańsk, 80-280, at 4 Szymanowskiego Street.

If you have any questions regarding the processing of your personal data and the exercise of your rights related to the processing of your personal data, please contact us at biuro@fnx-group.com or the Data Protection Officer at iod@fnx-group.com. Our data protection officer is Karolina Krużewska-Ossowska.

Data is processed in accordance with applicable Polish and European Union law, including the Polish Data Protection Act of 10 May 2018 and the RODO Regulation.

What personal data do we collect?

We process personal data provided by you in the contact forms available on our website www.fnx.group and by storing cookies. This may include:

• business contact data such as your name, email address, telephone number, company name, business position. The provision of such personal data is voluntary, but necessary to handle your case;
• data relating to your interests and preferences, in particular about accessing and downloading content provided by us online, registration for events and webinars, your activity on the website;
• other data provided voluntarily in the course of communication with us (e.g. data contained in the content of your request);
• technical parameters such as advertising identifiers, date and time of access to our site, IP address, operating system type and version, unique device identifier, browser type, browser language, domain and other operating system or platform information. This information is usually collected via cookies, as described below.

For what purpose, on what basis and for how long do we process your personal data?

The data provided in the contact form is processed for the purpose resulting from the function of the specific form, e.g. to process an enquiry or business contact, to register for an event, etc. Each time the context and description of the form makes it clear what it is used for, this is our legitimate interest. We keep the data obtained in this way until you withdraw your consent.

We also process personal data for:

1. marketing - based on your consent and until you withdraw it;
2. sending newsletters and other information about FNX - based on your consent and until you withdraw it;
3. to comply with our legal obligations such as tax or filing obligations required by law, for a period of 5 years from the end of the financial year;
4. for analytical and statistical purposes for business or marketing purposes, which is our legitimate interest, until you raise an objection;
5. to ensure the secure use of the website and the security of servers and IT resources - to detect and prevent threats to our website and IT systems (e.g. attempted attacks, fraud and abuse) - which is our legitimate interest.

To whom do we share personal data?

We may share personal data with:

• to entities that process personal data on our behalf under concluded data entrustment agreements;
• to institutions legally entitled to receive personal data under relevant legislation;
• to companies offering services or products such as website hosting, email solutions, analytics, IT or event-related solutions, insurance companies, etc.; and
• entities providing legal, tax, consultancy, ICT services to us.

Personal data is not transferred from third countries within the meaning of data protection legislation. This means that we do not send them outside the European Union.

Relevant marketing techniques

We use statistical analysis of website traffic using Google Analytics 4 (Google Inc., based in the USA). The tool counts visits and their length on the website and mobile app and indicates the most frequently used functionalities or pages visited. This information allows us to analyse the performance of our website and determine directions for the development of new functionalities and services. We also use Google Tag Manager and Google Search Console, details of the services and Google's privacy protection can be found here.

We use analysis of user behaviour on the website using Hotjar (Hotjar Ltd. based in Malta). The tool collects data about how users use the site (e.g. time spent on specific pages, most frequently used links, difficulties encountered) and the devices on which they view our site (e.g. device screen size, device type, preferred language). This allows us to create and maintain the website in line with users' preferences. Details of Hotjar's privacy protection can be found here.

We do not transmit any personal data to the operators of the above two services, only anonymised information.

We use remarketing techniques to match advertising messages to your behaviour on the website, which may give the illusion that personal data is being used for tracking, but in practice no personal data is transferred by us to the advertising operators. A technological prerequisite for such activities is that cookies are enabled.

We use social media plug-ins such as LinkedIn Insight Tag. The technologies mean that the operator of the social media site knows that a person registered with it is using our website. In this case, it relies on data for which it is itself the controller; we do not pass on any additional personal data to them. The service is based on the use of cookies on your terminal device. Details of LinkedIn's privacy protection can be found here.

Information about cookies

Our website uses cookies. Cookies (so-called "cookies") are IT data, in particular text files, which are stored on your terminal device and are intended for the use of our website. Cookies usually contain the name of the originating website, the length of time they are stored on your terminal device and a unique number.

We use cookies to improve the use and functionality of our website and to better understand how you use it. We also use them to improve your online experience and ensure that what you see is more relevant to your interests, based on information you have previously entered or used on our site.

There are two main types of cookies used on the Website: "session" (session cookie) and "persistent" (persistent cookie). "Session" cookies are temporary files that are stored on your terminal device until you log out, leave the website or switch off your software (web browser). They are necessary for certain functionalities of our website to function correctly. "Permanent" cookies are stored on your end device for the time specified in the parameters of the cookies or until you delete them. They make it easier to use our website (e.g. they remember your chosen resolution, content layout). They can be used for various purposes, including remembering your preferences and choices when using the website.

The categories of cookies we use are:

• essential cookies - these are necessary for our website to function; they cannot be disabled as our website cannot function properly without them. These cookies do not store any personal data.
• functional cookies - allow us to provide greater functionality and personalisation by remembering information that changes the look or feel of the website; without them, some or all of the website's functionality may not function properly.
• analytical cookies - described in the section "Relevant marketing techniques".
• marketing cookies - described in the 'Relevant marketing techniques' section.

We only use cookies with your consent. You can disable or modify the possibility of storing cookies on your terminal device at any time by means of the appropriate settings in your web browsing software (browser). By default, browsers allow cookies to be stored on your end device. Restrictions on the use of cookies may affect some of the functionality available on the pages of our website.

Cookies placed on your end device may also be used by our collaborators, in particular those that enable tools and functions provided to us by third parties on our website, as described under "Relevant marketing techniques".

For more information on how to manage your cookie settings, we recommend following the instructions of the web browser you are using:

• Google Chrome
• Mozilla / Firefox
• Microsoft Internet Explorer
• Microsoft Edge
• Safari
• Opera

Your rights in relation to our processing of your personal data

You have the right to:

1. to access your personal data - including, but not limited to, to obtain information about the data being processed and a copy of the data
2. to have your personal data rectified (corrected) or erased if:

• you have withdrawn your consent to processing and there are no longer any other legal grounds for processing
• you have raised a legitimate objection to the processing of your personal data,
• your personal data is being processed unlawfully or needs to be erased for compliance with a legal obligation
• your personal data are no longer necessary for the purposes for which they were collected or otherwise processed

1. request the restriction of the processing of personal data, unless the processing is required by law. In that case, we limit the processing to storage, unless it is necessary for the establishment, investigation or defence of a claim, or for the protection of the rights of another natural or legal person
2. to have your personal data transferred to another controller
3. to object to the processing if the processing is carried out on the basis of a legitimate interest and the objection is justified by your particular situation
4. to object to direct marketing, which in practice means withdrawing your consent to receive communications from us
5. to withdraw the consent you have given for the processing of your personal data at any time. The withdrawal of consent does not affect the lawfulness of the processing we have carried out prior to the withdrawal of consent.

To exercise the above rights, please contact us or our Data Protection Officer. Contact details are provided in the "Data Controller" section.

You also have the right to lodge a complaint with the President of the Data Protection Authority if you consider that the processing of your personal data violates the law.

Changes to this policy

We will regularly review and update this policy in relation to changes in the law and new measures we are taking to improve the security of your data.