Privacy policy

This Privacy Policy defines the rules for storing and accessing data on Users’ Devices using the Service for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing Users’ personal data voluntarily provided by them through tools available on the Service.

This Privacy Policy is an integral part of the Service Terms and Conditions, which define the rules, rights, and obligations of Users using the Service.

1. Definitions

Service – the online service “crazyfejm.pl” and “crazy-crm.pl”.

External Service – online services of partners, service providers, or service recipients cooperating with the Administrator.

Service / Data Administrator – The Service and Data Administrator (hereinafter “Administrator”) is CRAZY FEJM LTD, operating at 167-169 Great Portland Street, Fifth Floor, London, England, W1W 5PF, company number: 11691924, providing electronic services via the Service.

User – a natural person for whom the Administrator provides electronic services through the Service.

Device – an electronic device with software through which the User accesses the Service.

Cookies – text data collected in the form of files stored on the User’s Device.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation).

Personal Data – information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name and surname, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Processing – any operation or set of operations performed on personal data or sets of personal data, whether automated or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Restriction of processing – marking stored personal data to limit its future processing.

Profiling – any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that person.

Consent – consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by statement or by a clear affirmative action, agree to the processing of personal data relating to them.

Personal Data Breach – a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.

Pseudonymization – processing of personal data in such a way that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure it cannot be attributed to an identified or identifiable natural person.

Anonymization – the irreversible process of manipulating data in such a way that personal data is destroyed/overwritten, making identification or linking of a record to a specific user or natural person impossible.

2. Data Protection Officer

The Administrator has appointed a Data Protection Officer, Michał Olechowski.

The Data Protection Officer can be contacted via:

Email: m.olechowski@crazyfejm.pl
Phone: +48 507292931
Mail: 167-169 Great Portland Street, Fifth Floor, London, England, W1W 5PF

The Data Protection Officer can be contacted regarding all matters related to personal data processing.

3. Types of Cookies

Internal Cookies – files placed and read on the User’s Device by the Service’s IT system.

External Cookies – files placed and read on the User’s Device by IT systems of External Services. External Service scripts that may place Cookies on the User’s Device are intentionally included in the Service via scripts and services installed on the Service.

Session Cookies – files placed and read on the User’s Device by the Service during a single session. These files are deleted from the Device at the end of the session.

Persistent Cookies – files placed and read on the User’s Device by the Service until manually deleted. These files are not automatically deleted at the end of the Device session unless the Device is configured to remove cookies at the end of each session.

4. Data Storage Security

Cookie Storage and Reading Mechanisms – Storage, reading, and data exchange mechanisms between Cookies stored on the User’s Device and the Service are implemented via built-in browser mechanisms and do not allow retrieving other data from the User’s Device or data from other websites visited by the User, including personal or confidential information. The transfer of viruses, trojans, and other malware to the User’s Device is practically impossible.

Internal Cookies – Cookies used by the Administrator are safe for Users’ Devices and do not contain scripts, content, or information that could compromise personal data or device security.

External Cookies – The Administrator takes all possible measures to verify and select Service partners regarding User security. Partners are well-known, large entities with global social trust. However, the Administrator does not have full control over the contents of Cookies from external partners and is not responsible for the contents or their proper use to the extent permitted by law.

Cookie Control – Users may modify settings related to storing, deleting, and accessing Cookies at any time. Instructions for disabling cookies in popular browsers are available online:

Chrome
Opera
Firefox
Edge
Safari
Internet Explorer 11

Users may also manually delete any stored Cookies using Device tools.

User-Side Risks – The Administrator takes all technical measures to secure data in Cookies. However, security also depends on User practices. The Administrator is not responsible for data interception, session hijacking, or deletion due to viruses, trojans, or spyware affecting the User’s Device. Users are advised to follow safe internet usage practices.

Personal Data Storage – The Administrator ensures voluntary User personal data is stored securely, access is limited, and data is used only for its intended purpose. Appropriate physical and organizational safeguards are applied.

Password Storage – Passwords are stored encrypted using the latest standards. Decryption of Service passwords is practically impossible.