1. General provisions. Parties. Legal purpose of the document
This Policy determines the procedure and conditions according to which the WORK2ONLINE PORTAL RESALE sp. z o.o., the incorporated software developer located at Poland, 00-545, Warsaw, Marshalkovskaya str., No. 58 ("We" or "Administration"), shall process the information about an individual that can be obtained by the Administrator from this individual or from a legal representative ("You" or "User"), in the event of the following relationships with the User:
when the Administration exercises the rights and obligations established by agreements and contracts concluded between the Administration and the User;
when processing appeals, complaints, requests, messages sent by the Administrator and the User to each other.
The legal ground for processing personal information shall consist of the following:
the User’s consent to the processing of personal data;
the Administrator's charter;
laws and regulatory legal acts adopted on their basis regulating relations related to information and information technologies;
the legislation of the EU and of the Republic of Poland;
agreements concluded between the Administrator and the User, including the Terms and Conditions and similar;
the European General Data Protection Regulation (“GDPR” or “(EU) 2016/679”) when the Parties’ legal relationship falls under the exterritorial criteria of it.
Our goal is to ensure your safety on our Service, so your privacy and the protection of your personal rights are important to us. In this regard, we ask you to carefully read the following summary, which describes how our Service works. You can be sure that your data will be processed transparently and honestly, and that we will do everything possible to ensure that your data is processed with care and responsibility.
Consent to the terms of the Policy may be expressed by the User through any of the following steps:
a) at the moment of conclusion of an agreement with the Administrator, incl. agreements made in the form of public offer acceptance;
Data Operator and/or Administration means WORK2ONLINE PORTAL RESALE sp. z o.o., e-mail: BRAWOBUD@GMAIL.COM, the incorporated software developer located at Poland, Warsaw, Marshalkovskaya str., No. 58, which independently or jointly with others determines the purposes and means of processing personal data.User means any visitor to the Service (freelancer, performer, partner or customer) and other Operator resources and using the Service resources.
User Account means сreated by the Service when registering a User (as a contractor or customer) for the purpose of selling their services and/or ordering services. The account is intended for viewing and managing the available functionality of the Service, as well as storing personal data, information about the User's activities, photos, account images, examples of work, information about previously completed work, skills, ratings and reviews, as well as the User's name. The specified information is visible to all users of the Service.
Personal data means any information related directly or indirectly to an identified or identifiable individual.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing of personal data means any operation or set of operations that are performed with personal data or with sets of personal data, regardless of whether they are automated or not, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, distribution or other provision of access, alignment or combination, restriction, erasure or destruction.
Provision of personal data – actions aimed at disclosure of personal data to a certain person or a certain circle of persons.
Payment Information – if you use the Service to make payments as a Customer, Partner or receive payments as a Freelancer, we will collect your payment information solely for the purpose of such actions and only to the extent required by law.
Dissemination of personal data means any actions aimed at disclosure of personal data to an indefinite circle of persons (transfer of personal data) or familiarization with personal data of an unlimited circle of persons, including the publication of personal data in the media, placement in information and telecommunications networks or providing access to personal data in any other way.
Automated processing of personal data means the processing of personal data using computer technology.
Destruction of personal data means any actions as a result of which personal data is permanently destroyed with the impossibility of further restoration of the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed.
The blocking of personal data means the temporary termination of the processing of personal data (except in cases where processing is necessary to clarify personal data).
Confidentiality of personal data is a mandatory requirement for the Operator or other person who has access to personal data to prevent their dissemination without the consent of the subject of personal data or the presence of other legal grounds.
Service WORK2.PRO is an online platform that allows buyers of professional services (Customers) to search, conclude and manage transactions with professional service providers (Contractor or Freelancer) and managed by the Administration.
Personal data information system means a set of personal data contained in databases, and information technologies and technical means that ensure their processing.
Depersonalization of personal data means actions because of which it is impossible to determine, without the use of additional information, the identity of personal data to a specific User or other subject of personal data.
An IP address is a unique network address of a node in a computer network built using the IP protocol.
Cookies are a small piece of data sent by the web server and stored on the user's computer, which the web client or web browser sends to the web server each time in an HTTP request when trying to open a page of the corresponding Service. We use several different cookies on our website, including strictly necessary cookies, performance files, advertising files.
Registration form is a special html form provided on the Service at https://work2.pro, when filling out which, the User expresses his consent to the terms of this Agreement and expresses his intention to become a Contractor and /or Customer, as well as to obtain information about the service and so on.
The Partner Program — Administration allows users to send links to the Service to potential new Users, as well as promotional materials about the provision or purchase of services through the Service WORK2.PRO. Persons receiving such links and notifications who register in the Affiliate Program and become referrals should know that WORK2.PRO stores the information used during Registration, for the sole purpose of tracking the success of the program.
Payment services (Partners) — payment systems services Wise, Stripe, FindexIQ. To use the Service, the Use must accept:
FindexIQ Public offer, FindexIQ Cookies policy, FindexIQ Personal data protection policy and other FindexIQ document necessary to work with the FindexIQ;
Stripe Privacy & Terms and other Stripe documents necessary to work with Stripe.
3. Rules for the collection and processing of personal information
Purpose of collecting and processing personal information
The Administration processes personal information for the following purposes (collectively, the "Purpose of processing"):
to identify a party within the framework of agreements and contracts, to fulfill contractual obligations to the User, including providing the functions of the Service;
to comply with the requirements of the current legislation (including in order to prevent or suppress illegal and/or illegal actions of the User or third parties);
for communication with the User, sending messages, notifications, requests, responses, documents on payments and settlements, documents of legal significance to the User;
to send advertising or informational messages to the User, taking into account the restrictions of the relevant section of the Policy;
to check, research and analyze data to maintain and improve the features of the Service, as well as to develop new features;
for conducting statistical and other research based on depersonalized data;
to invite the User to visit other sites and other web resources of the Administrator or third parties, to offer products of the Administrator or third parties that, in the Administrator's opinion, may interest the User (that is, to show the User advertising that takes his interests into account);
in order to protect the rights of the Service, the rights of the Parties or the rights of third parties, as well as to prevent or terminate actions that we may consider fraudulent, illegal or legally binding, or that may pose a risk of their commission.
Personal data subjects. Volumes and categories of information
The subject of personal data is:
an individual who has transferred his personal data to the Administration independently;
a legal representative of an individual, if the data was transmitted by such a representative;
individuals - representatives and employees of legal entities.
For each category of subjects, the following data is included in the personal information, which is collected and processed as follows:
Data provided by the User on his or her own actions while using the functions of the Platform: name, family name, e-mail address;
Data that is automatically transmitted to the Administration's hardware when connecting to the software installed on the User's device: IP address, information about cookies, information about the user's browser (or other program through which access is made), information about hardware and software security, Wi-Fi or wired network data, access date and time, request addresses and content, http/https headers, web beacons and pixel tags;
Information about activity during the use of the Service: history of actions, data on visited pages or sections, likes and preferences, other interaction with the interface of the Service;
Geolocation data (information about the location of the User's equipment), if the User has allowed the equipment to provide it;
The data of the identity document, which can be provided by the User at the request of the Administration in the case when the User asks for any legally significant actions: the series and number of the document, the issuing authority and its code, date and place of issue, photos in the document;
On special (vulnerable) categories of personal data: The Administration does not collect confidential information such as GPS data, race or ethnicity, political views, religious or philosophical beliefs, trade union membership, genetic data, sexual orientation and gender identity, biometric data or health data.
You have no legal obligation to provide us with any information, but you may have a contractual obligation to do so (see the Rules of the Service); in the absence of such information, the Administration will not be able to provide you with Services, in whole or in part.
Procedure and conditions for the processing of personal data
Processing of personal data – any action (operation) or a set of actions (operations) with personal data performed with or without the use of automation tools. When processing personal data, the Administration will perform the following actions: collection; recording; systematization; accumulation; storage; clarification (updating, modification); extraction; use; transfer (distribution, provision, access); depersonalization; blocking; deletion; destruction.
The Administration can process personal information in the above-mentioned ways (operations) both in personal data information systems and without the use of automation tools.
The Administration will process the User's personal information for as long as it is necessary to achieve the specific purpose for which it was collected, or to comply with legal requirements.
In the event that the User revokes consent to the processing of personal data or the expiration of such consent, the Administration has the right to block this data from editing and process it in archive form for 3 (three) years.
Data protection measures
The Administration takes all necessary measures to protect the User's personal data from unauthorized, accidental or illegal destruction, loss, alteration, unfair use, disclosure or access, as well as other illegal forms of processing.
By default, personal information is processed by automatic equipment without access to it by anyone. If such access is needed, the Administration provides access to the User's personal data only to those persons who need this information to ensure the Purpose of processing (clause 3.5.1. of the Policy). In order to protect and ensure the confidentiality of data, such persons must undertake to comply with internal legal rules and procedures, legislation, technical and organizational security measures regarding the processing of personal information.
Both when processing personal data without the use of automation tools and when automated processing, sufficient security of the place where personal data is processed is ensured.
The disclosure of the information provided by the User can be made only in accordance with the current legislation at the request of the court, law enforcement agencies, and in other cases stipulated by the legislation of the EU and of the Republic of Poland.
The Administration does not verify the accuracy of the information provided by the User, and proceeds from the fact that the User, in accordance with the principle of good faith, provides reliable and sufficient information, takes care of the timeliness of making changes to previously provided information and updates the information.
The Administration uses industry standard protocols and technologies to protect the information of registered users. The service is a secure site. All transactions carried out through the Service are conducted in a Secure Socket Layer (SSL) session. The secure sockets layer encrypts all transaction data for transmission in a format that prevents data theft. This process protects all personal information from disclosure to third parties. While on a secure page, the lock icon at the bottom of the web browser (for example, Firefox or Chrome) becomes blocked.
The service also protects the registered user's information offline.
Where and for what period is the User's personal data stored?
The data that the Administration collects about you will be stored and processed both on the territory of the "EEA" and outside it, on properly protected servers, in order to provide our users with the highest quality services. Personal data of Service Users are stored on servers provided by Sum sub (user Agreement https://sumsub.com/terms-of-use and confidentiality policy https://sumsub.com/privacy-notice /) and other SumSab documents, on the basis of which work with Sum sub is carried out and is based in England: Company Registration Number: 09688671. Address: 30 St. Mary Axe, London, England, EC3A 8BF. In addition, the Administration of the Service provides access to personal information that allows you to identify only employees who need specific information to perform a particular task.
The Administration stores your data for as long as it is necessary to achieve the purposes for which they were collected, including for the performance of legal, tax and accounting duties or for reporting purposes.
To determine the appropriate period of personal data storage, we take into account the volume and nature of the data processed, including the nature of data of a certain category. We also take into account the potential risks of unauthorized use or unauthorized disclosure of your personal data, the possibility of implementing the purposes of processing by other means and the content of laws relating to the processed personal data.
We store your personal data related to the Account on the Service for as long as it is in the Service, in order to implement the services provided in accordance with the Rules, as well as for marketing purposes. After deleting your Account, your data will be deleted without unnecessary delay and as quickly as technically possible. Depending on the service you have used and the systems on which your data is stored, the deletion of your data may take no more than 3 months from the date of application. During this period, any access to your data will be immediately restricted or blocked.
After closing and/or deleting your Account, we may store your personal information to the extent and for the period necessary to fulfill obligations arising from laws or our legitimate interests (for example, in order to combat abuse). We will store only those data that are relevant to such purposes, and delete such data after the expiration of the relevant statutory retention periods or the statute of limitations or after fulfilling the relevant legal obligations.
Personal data related to cookie technology is stored for the time corresponding to the life cycle of cookies, or until the user deletes them.
If you have any questions about the retention periods of your data, please contact us through the technical support service or through the contacts specified in section 8 of the Policy.
Rules on the transfer of personal information to third parties
The Administration has the right to transfer personal information to the following third parties:
Service partners providing services to the Service (art. 6 paragraphs 1, B and F GDPR): The Administration uses the services of third parties that help provide us with certain solutions related to our services, as well as to maintain, monitor and improve the quality of our services. Providers of such services may have their headquarters both on the territory of the "EEA" and outside it. We provide service partners with the information necessary for a specific purpose (for example, name and address). For this purpose, your personal data may be transferred to the following recipients or categories of recipients:
payment service providers (Wise, Stripe, FinexIQ) can receive [depending on the payment method and flow, for example, phone number, email address, physical address, identification number, cardholder name, cardholder address, credit card holder name, credit card expiration date, credit card type, etc.] to process payments for the purchase of our paid services. We do not collect or store payment information. They are exclusively and directly transmitted to the relevant payment processor;
providers of means of communication: Stream Telecom (SMS gateway), which can receive information about the User's account, contact information for potential sales for information, marketing and trading promotions and SMS API;
We conduct inspections of our suppliers and require them to ensure the security of your personal data and process it legally. We do not allow our suppliers to process your personal data for their own purposes. As part of our cooperation, we stipulate that suppliers can process them only for clearly specified purposes in accordance with our instructions.
to legal successors: in connection with the merger, acquisition, reorganization or sale of assets, or in case of bankruptcy to the legal successor, as required by law and within the framework of universal succession;
to any national or international regulatory authority, law enforcement agencies, central or local authorities, other official or state bodies and/or courts to which the Administration is obliged to provide information upon request in accordance with applicable law;
to other Users: if you use our services that allow you to communicate with other Users, we transfer your data to the extent associated with such a Service. In addition, if you use the message system as part of the Service, we provide your data related to the correspondence and the username preceding the domain of the postal address (for example, @gmail.com ) used to create an account in the Service.
if the User himself has expressed consent to the transfer of personal information to a third party, or the transfer of personal information is required to provide a certain function of the Platform or to fulfill a certain agreement or contract concluded with the User;
in order to ensure the legal protection of the Administration (protection of property and rights of the Service) or third parties in violation of their rights or threat of violation of their rights, including violation of laws or other regulatory documents;
to auditors: in the amount not exceeding the amount required for the audit.
The Administration does not transfer the User's personal information to third parties for the marketing purposes of these third parties. All user data is stored on secure servers; it is not transferred to third parties, except when it is necessary to support the operation of the Service, for marketing purposes for Google Analytics and when required by law.
Rights and obligations in relation to personal information. Representative.
The User is obliged to take care of the accuracy of the information provided, the timeliness of making changes to the information provided, its updating, otherwise the Administrator is not responsible for default, any damages, harm or loss.
About representatives: The User has the right to allow, restrict or prohibit the processing of personal data of third parties only on the basis of representation established by law (for example, parents and guardians) or a transaction (for example, a power of attorney), giving him the right to give permission to process personal information for a third party and to bear other rights and obligations in the interests of such a third party. If the User does not have the right to give such permission or has lost the right to give such permission, then he is obliged to refrain from transmitting data or stop transmitting data (and delete previously transmitted data), respectively, and in case of relevant claims, he undertakes to resolve the contradictions independently and release the Administrator from the relevant requirements. In case of non-compliance with these requirements, the User is obliged to compensate the Administration for all losses and other losses caused by non-compliance with these requirements.
Addition, correction, blocking and deletion of personal data, the procedure for responding to the subject's requests for access to his personal data
The User can supplement and correct personal information by using the appropriate functions in his Account, and if the functions in the Account are insufficient in the User's opinion – by sending a written request to the Administration's email address specified in this Policy.
The User can block and delete personal information by using the appropriate functions of his Account, and if the Account function is insufficient in the User's opinion – by sending a written request to the Administration's email address specified in this Policy.
Other rights of the User as a subject of personal data are implemented in a similar manner: to exercise the right, the User can use the corresponding functions in the account, and if the functions of the account are insufficient in the opinion of the User – by sending a written request to the Administrator's email address specified in this Policy.
The basic rights and guarantees of GDPR for Users are as follows:
request information about the processing of personal data or access rights;
revoke consent to the processing of personal information;
require restrictions on the processing of personal information;
require the confidentiality of your information;
require updating information about yourself and your actions in the Service;
allow and prohibit the free distribution of categories of personal information by applying visibility settings in your Account;
request to stop processing personal information, if provided by applicable law and this Policy;
the right to object;
the rights related to automatic decision-making.
To control or restrict access to information in the User's Account, the Service also provides the following functionality:
edit information in your Account at any time, decide whether your Account will be available in the Service or for search engines;
require the confidentiality of your information (e.g. Facebook, Instagram, etc..);
delete your Account at any time. When closing your Account, the Administration has the right to deactivate it by deleting your actions from the Service and your Account data. However, certain information will still be stored in the Service even if you close your Account, as they can be used to support agreements between users, document financial transactions and ensure the protection of other legitimate users of the Service. The Administration has the right to leave the information that you have published publicly through or on the Service page. Neither you nor the Administration can delete all copies of information that was previously shared with other Users in the Service.
In addition, if you delete your Account, any associated social data, if any, is also immediately deleted.
If the Administration initiates the deletion of your Account, all social data associated with it is immediately deleted.
In cases provided for by applicable law, the User may also have other rights and guarantees not specified above.
The User undertakes to use the contact information (personal details) from this Policy to send requests for the exercise of the rights of the subject of personal data or complaints about the incorrectness of information or the illegality of its processing. Such appeals and complaints are considered within a period not exceeding 30 (Thirty) calendar days from the moment they are received by the Administration
If the User is not satisfied with the results of consideration of the request or complaint, then he has the right to submit a request or complaint to the government body authorized to protect the rights of subjects of personal data.
The User has the right to allow and prohibit the free distribution of categories of personal information by applying visibility settings in his Account.
4. Communication and marketing
We will communicate with you via email, SMS or via notifications related to our Services/Service. The message will be sent to confirm your registration, inform you when your ad becomes active/expires, and for other transactional messages related to our services. Due to the fact that sending you such messages is necessary from our point of view, you may not be able to refuse to receive them.
We may also communicate with you to collect information about your assessment of the quality of services provided within the Service, as well as communication between Users, including, in particular, receiving feedback from Users to whom we provide your contact information at your request. We take such actions in order to develop our Service and individual services provided within it, but you can object to them.
If you leave us contact information, even if you are not a registered user, we will use it to contact you and respond to your request or provide you with an offer. The personal data of the persons using the contact forms are processed to identify the sender and provide the assistance or information requested by you, including a commercial offer.
You may receive marketing communications when you have informed us of your desire to receive such information, in particular by expressing your consent to receive marketing communications, including by explicitly requesting them or leaving your data for this purpose.
In such cases, we will use your email address and mobile phone number to send you suggestions and recommendations of our services, as well as our partner's services based on our legitimate interests.
However, you can opt out of receiving marketing messages at any time by clicking on the corresponding link specified in the email or SMS sent to you, by changing the notification settings in your Account. If you have any problems or difficulties, please contact us through the support service firstname.lastname@example.org.
If we have received your data from publicly available sources or from third parties, we will make every effort to inform you about the rules for processing your personal data and obtain appropriate consent for marketing contacts using remote communication means. We will also give you the opportunity to express your disagreement with the processing of your data for such purposes
5. Notifications and communication of the parties
The Service sends a welcome email to all newly registered users to confirm their email addresses. Sometimes, the Administration sends out announcements about the provision of services to its registered Users. Registered Users cannot unsubscribe from service announcements that discuss upcoming changes affecting their accounts. In addition, the Administration communicates with registered users using personal emails to provide the requested services.
The User agrees to receive from the Administration messages at the email address and subscriber phone number specified by the User when using the functions of the Service (hereinafter referred to as "Notifications").
The User has the right to withdraw his consent to receive Notifications:
by clicking on the "Unsubscribe" link at the bottom of the email;
by sending a notification to the Administration's email address.
The User agrees that the Administrator stops sending Notifications no earlier than 24 hours after performing the specified actions.
The Administration has the right to use Notifications for:
informing the User about the operation of the Service functions;
informing the User about changes in regulatory documents;
sending messages and newsletters of an informational nature to the User;
sending messages and newsletters of an advertising nature to the User.
The User, in turn, undertakes to send all messages, notifications, statements and documents (including messages that are responses to Notifications) to the Administration's email address specified in this Policy.
Documents that, in the opinion of the Administration, have legal significance, the Administration has the right to request in paper form. Such documents, as well as documents that the User himself considers necessary to send in paper form, are sent to the address of the Administration's location specified in this Policy.
The place of expression of consent to the Policy and the place of execution of the Policy is always the location of the Administration, and the law applicable to the relations between the Administration and the User is always the law of the Republic of Poland, regardless of where the User or the equipment used by him is located. On the territory of the Republic of Poland, the Data Protection Act, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free circulation of such data, applies.
The Policy begins to regulate the relationship between the User and the Administration from the moment the User expresses consent to its terms and is valid indefinitely. The indefinite validity of the Policy as a document in no way means the indefinite/absence of restrictions on the processing of personal data. Unilateral termination of the Policy at the will of one of the parties is not allowed.
7. Data transfer to third countries
In situations where we transfer your personal information outside the "EEA", we guarantee that a similar level of protection is provided by introducing at least one of the following protection measures:
We will transfer your personal data only to those countries that, in the opinion of the European Commission, provide an appropriate level of personal data protection. Detailed information is available here: Adequacy of the protection of personal data in non-EU countries
By using the services of certain providers, we may use agreements approved by the European Commission that provide personal data with the same protection as in the European Union. European Commission: model contracts for the transfer of personal data to third countries.
You can get a copy of one of the above security measures by contacting the contacts of the Service Administration specified in section 8 of the Policy.
The EU General Data Protection Regulation (GDPR) is the body that regulates the processing and transfer of personal data of individuals in the EU. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN, according to which We are obliged to provide you with additional rights and guarantees.
8. Contact us (Data Protection Controller)
The administrator (controller) for the purposes of the GDPR, other legal acts in force in the EU Member States, and other laws relating to data protection is:
Company: WORK2ONLINE PORTAL RESALE sp. z o.o.
Reg. number: 522860394, NIP: 7011101636
The Company's Data Protection Inspector is available at: Wolfgang Stanclik,
Poland, Wroclaw, st. Strzegomska 142A, 54-429
tel: + 48 71 733 1300
By email: email@example.com
9. Edition information.
This edition of the document was published on: February 1, 2023. Location address https://work2.pro/privacypolicy
Cookie Processing Policy
The Cookies, Service Usage Analysis Services.
To do this, we use various cookies and services that guarantee the full functionality of our Service, so that it contains as much information as possible and is as user-friendly as possible. It is important for us that you can easily view our Service, and therefore we attach great importance to continuous improvements. These actions include saving your settings and pre-filled forms so that you don't have to re-enter the same data.
Cookies perform various functions, facilitate navigation through the Service and store information about your preferences to help improve the quality of our services.
Manage your preferences and improve the functioning of our service. As part of these actions, we may collect information about when and for how long you visit our Service, your browser history and your language preferences.
Development of our security measures and detection of illegal actions (so-called fraudulent actions).
Analysis of the availability of our Service, ways of its use and effectiveness, including for the needs of services provided within the framework of the service by third parties.. We use this information to maintain, maintain and continually improve the services we provide.
3. What types of cookies and other technologies do we use?
Our Service uses the following categories of cookies and technologies:
Persistent cookies are a type of cookie stored in your device's browser and used whenever you visit our service. This helps us remember your settings and preferences to make your next visit to our site more convenient. For example, thanks to cookies, you will not be forced to log in again. At the next visit, we will also keep in mind your language preferences.
Temporary cookies (session cookies) are temporary cookies that remain in the cookie archive in your browser until you leave our site. The information we receive through the use of these cookies helps us analyze network traffic, allows us to identify and fix technical problems, and also makes it easier to navigate the site.
4. Are there third-party cookies in our service?
Below is a list of third parties that we allow to store cookies or other technologies on your device.
Read more about how Google uses your data here: https://policies.google.com/technologies/partner-sites?hl=en
5. What can you do to delete, disable or block cookies?
Your web browser usually provides you with information on how you can refuse, delete or block cookies. You can opt out of third-party cookies used in Google Analytics by changing your advertising settings or using the tool provided here: https://adssettings.google.com/
6. Information about the revision of the document
Date of publication of this revision of the document: February 1, 2023
The archive of previous editions of the document is available at: __________________.