Skip to main content

Effective Date: August 11, 2023
IMMUNE Spółka z ograniczoną odpowiedzialnością
📍 ul. Szelągowska 49, 61-626 Poznań
📄 NIP: 9721337898
📄 KRS: 0001027313

1. Introduction

IMMUNE Sp. z o.o. (“IMMUNE”, “we”, “our”, or “us”) is committed to safeguarding your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable privacy laws. This Privacy Policy describes how we collect, process, store, and share your Personal Data through our digital platforms and services, including our website, cloud solutions, APIs, applications, and communications (collectively the “Services”).

We act as a data controller when we determine the purposes and means of processing Personal Data, and as a data processor when processing on behalf of customers. For processor-related queries, please consult the privacy policy of the relevant data controller.

For privacy concerns, you may contact our Data Protection Officer at:
✉️ Email: [email protected]

2. What Personal Data We Collect

We collect the following types of Personal Data depending on your interaction with our Services:

a. Information You Provide:

  • Identity Data (name, email, company, phone, job title)

  • Login credentials and authentication data

  • Payment and transaction information (via third-party payment processors)

  • Recruitment data (e.g., CV, references, IDs)

  • Customer support interactions

  • Data you submit through contact forms, surveys, or user-generated content

b. Automatically Collected Data:

  • Device data (IP address, browser type, OS)

  • Usage data (pages visited, session duration, activity logs)

  • Cookies and analytics tracking (see Section 11 below)

c. Third-Party Sources:

  • Partners and platforms (e.g., insurers, cloud vendors)

  • Marketing and business development providers

  • Publicly available and lawful data sources

3. Lawful Basis for Processing

We process your Personal Data based on the following lawful grounds:

  • Contractual Necessity: To provide and manage the Services you request

  • Consent: For marketing or optional data processing (you can withdraw at any time)

  • Legal Obligation: To comply with regulatory requirements

  • Legitimate Interest: For security, analytics, fraud prevention, and product development

4. Purposes for Data Use

We use Personal Data to:

  • Deliver our Services and products to users and customers

  • Communicate about updates, support, and account matters

  • Analyze service performance and user behavior

  • Detect and prevent fraud or abuse

  • Improve and personalise user experience

  • Conduct marketing (based on prior consent or soft opt-in)

  • Comply with legal and contractual obligations

5. Marketing and Communications

You may receive communications from us about similar products and services you’ve used. You can opt out of marketing emails at any time by using the unsubscribe link or contacting us directly.

6. Sharing of Data

We do not sell your data. We share it only with:

  • Service providers (e.g., cloud hosting, payment processors)

  • Partners (e.g., subcontractors supporting our services)

  • Legal authorities, when required to comply with applicable law or protect rights

  • Corporate restructuring scenarios (e.g., mergers, asset transfers)

All third parties are subject to appropriate data processing agreements in line with GDPR Article 28.

7. International Data Transfers

If data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place such as:

  • EU Standard Contractual Clauses (SCCs)

  • Transfer Impact Assessments (TIAs)

  • Vendor due diligence and certifications

Transfers may occur to jurisdictions where IMMUNE’s cloud infrastructure or partners are based.

8. Data Retention

We retain your data:

  • For as long as necessary to provide services or fulfill contractual obligations

  • To meet legal and regulatory requirements

  • As needed to resolve disputes or enforce agreements

Data is securely deleted or anonymized when no longer required.

9. Your Rights

Under GDPR, you have the right to:

  • Access your data

  • Rectify incorrect or outdated information

  • Erase data (“right to be forgotten”)

  • Restrict or object to processing

  • Port your data to another service

  • Withdraw consent at any time

To exercise your rights, please email: [email protected]
We may verify your identity before fulfilling such requests.

10. Data Security

We apply technical and organizational measures including:

  • Data encryption (in transit and at rest)

  • Role-based access control

  • Regular audits and monitoring

  • Secure software development lifecycle (SSDLC)

  • Incident response plans and data breach notification procedures

11. Cookies and Tracking

We use cookies and similar technologies to:

  • Provide core site functionality

  • Monitor usage and improve the site

  • Serve relevant content

You can manage your cookie preferences via your browser or device settings. Full details are provided in our Cookie Policy.

12. Children’s Privacy

Our Services are not intended for children under 13. If we learn that we have collected personal data from a child under 13 without verified parental consent, we will delete it.

13. Complaints

You may lodge a complaint with the Polish Data Protection Authority (UODO) if you believe your data protection rights have been violated. We encourage you to contact us first to resolve concerns directly.

14. Changes to this Policy

We reserve the right to update this Policy from time to time. When we do, we will notify you via our website or email. Please check back periodically to stay informed.

15. Contact Information

If you have any questions or wish to exercise your data rights:

Data Protection Officer
✉️ Email: [email protected]
📍 IMMUNE Sp. z o.o., ul. Szelągowska 49, 61-626 Poznań, Poland