Terms of Use

REGULATIONS OF THE WWW.OXLA.COM INTERNET SITE

PRELIMINARY PROVISIONS

1. These Regulations establish the rules for the provision of services by the Service Provider (as defined below) through the website available at www.oxla.com, including, in particular, the rules of downloading, installation and use of the Product by the User.
2. The Provider of the Site and the services offered through the Site is Oxla sp. z o.o. with its registered office in Warsaw (02-703), ul. Bukowińska 2/189, entered into the Register of Business Entities by the District Court for the City of Warsaw in Warsaw, 13th Commercial Division of the National Court Register under No. 0000851382, REGON: 386608946, NIP: 5213902284, with a share capital of PLN 202,000.00 (the “Service Provider”).
3. You may contact the Service Provider by email at: support@oxla.com;
4. These Regulations shall be continuously available on the Site in a manner making it possible to acquire, reproduce and record their content by printing or saving them on a permanent carrier, such as a computer device, at any time.

DEFINITIONS

1. Cluster – a certain number of Nodes that have the same OXLA_HOME folder configuration which are interconnected.
2. Host – a physical or virtual server that can host zero or multiple Nodes.
3. Node –a one running instance of Product running on same Host.
4. Privacy Policy –the document available on the Site, describing, in particular, the rules governing the processing of Users’ personal data in connection with the use of the services available on the Site, including, in particular, in connection with the download, installation and use of the Product.
5. Product – software constituting a database with analytical functions, described in detail in these Regulations and in the documentation available at https://docs.oxla.com, made available for download through the Site in the manner and on the terms indicated in the Regulations.
6. Regulations – these Regulations.
7. Site – the website operated by the Service Provider at www.oxla.com.
8. User – a natural person running a sole proprietorship having full legal capacity, or a legal person or an organisational unit without legal personality, to which the legislature has granted legal capacity, using or intending to use the Service Provider’s services described in the Regulations. Users may only be business entities for whom the agreement for the provision of a given service is of a professional nature.

GENERAL TERMS AND CONDITIONS OF USING THE SITE

1. The Site serves to present the Service Provider’s offer and to provide access to materials, services and functionalities, including, in particular, access to the Product offered by the Service Provider.
2. The Regulations define the type and scope of services provided electronically on the Site, the conditions for the conclusion and termination of agreements, the rules of the use of the Site by the Users, the rules of the use of its additional functionalities, and the rules of downloading, installing and using the Product.
3. A person acting on behalf of a User who is not a natural person shall, by accepting the Regulations and/or starting to use any of the services described in the Regulations, declares, under pain of legal consequences, that he/she is a person authorised to act on behalf of that User either as his/her representative or proxy, as a partner of a partnership, or as an organ of a corporation or another legal person. The User shall be liable for perjury and for any damage to the Service Provider’s property caused by a User’s act.
4. The User, concludes an agreement for providing access to the Site, under the terms and conditions specified in these Regulations, for an indefinite period of time, at the moment when the User effectively brings up the URL address of the Site in the browser window of the User’s device or when the User utilises a redirecting link leading to the Site (i.e. when entering the Site); the agreement for providing access to the Site is terminated when the User leaves the Site.
5. The User will be able to use the Service provided that the User’s ICT system meets the following minimum technical requirements:
   • a ready-to-use browser installed on the User’s Internet-connected device must support HTML5 and the .pdf format; and
   • cookies and javascript must be enabled in the User’s browser;
6. the recommended screen resolution for viewing the Site is 1280 pixels.
7. No fees will be charged or levied for using the Site. For the avoidance of doubt, any fees associated with using the Product are subject to Section 5 of the Regulations.
8. The User must use the Site in accordance with the law and principles of good conduct, taking into account personal rights and intellectual property rights, and, in particular, the copyright vested in the Service Provider or third parties.
9. The User may use the Site exclusively for the User’s own personal use. This means, in particular, that data and any other materials contained in the Site resources, both those copyrighted and not copyrighted, may not be used by the User for commercial purposes, except as pertains to the Product. The rules of using the Product for the purpose of commercial activity by the User are described in detail in section 6 of these Regulations.
10. The User may not undertake any actions which would affect the proper operation of the Site. In particular, it is forbidden to interfere in any way with the content placed on the Site.
11. The User is not allowed to provide any unlawful content via the Site. When using the forms made available on the Site, the User must provide true and accurate information.

FUNCTIONALITIES OF THE SITE

1. On the Site, the Service Provider shall make available to the User the following functionalities:
   1. enabling the download of the Product and the conclusion of an agreement for  the use of the Product;
   2. a newsletter subscription; and
   3. a recruitment form.
2. Through the Site, the Service Provider enables the User to download the Product and to conclude the agreement for  the use of the Product, under the terms and conditions detailed in sections 5 and 6 below.
3. On the Site, the User may agree to receive commercial information from the Service Provider (newsletter subscription). The User may subscribe to the newsletter by completing the following steps:
   1. completing the subscription form available on the Site by providing the User’s email address;
   2. clicking the „Join now” button.
4. A recruitment form is available to the User on the Site. In order to use the recruitment form and submit an application for a job or other form of collaboration, the User should:
   1. complete, as a minimum, the fields marked as required in the form;
   2. read the information obligation below the form;
   3. tick, at least, the consents marked as required;
   4. click “Apply”.

USE OF THE PRODUCT

1. The agreement for the use of the Product is concluded for an indefinite period of time, from the moment the Product is downloaded by the User, provided that the User correctly performs the actions indicated in section 5.2 below.
2. In order to conclude the agreement for the use of the Product, the User must perform the following steps:
   1. Complete the form available on the Site with all the data necessary to conclude an agreement for the use of the Product;
   2. Read and accept these Regulations and give any other required consents;
   3. Click „Accept”.
3. The download and use of the Product is free of charge. However, the User shall bear the costs of connection and use of the Internet in accordance with the User’s agreement with his/her telecommunications operator (Internet provider).
4. The Provider provides the Product, i.e. enables the use of the Product immediately after the User downloads it from the Site and installs it on any chosen computing device.
5. In order to use the Product, the User must have a computer system that meets the following minimum technical requirements:
   1. CPU with x86_64 architecture and support for SSE 4.2 instructions,
   2. 8GB of RAM,
   3. User host system must have a Docker installed or be able to start containers.
6. The Service Provider informs that if the User’s computer system does not meet the above-described minimum technical requirements, the use of the Product may prove impossible, difficult, or the Product may not function correctly.
7. The Service Provider informs that the use of the Product is associated with the risk and threat of the possibility of exposing weaknesses in the User’s cryptographic system and in breaking the User’s secured data communication system in order to obtain personal data or other information.
8. The Service Provider shall ensure that the Product is available continuously, 24/7 (24 hours a day, seven days a week). The Service Provider is not responsible for temporary interruptions in the availability of the Product due to force majeure, the need to carry out necessary maintenance work, or due to other technical reasons.
9. The Service Provider shall ensure that the Product is always provided in the latest version that is available at the time access to the Product is granted. During the period of access to the Product, in the event that the Service Provider carries out updates to the Product that are necessary to make the Product compatible with these Regulations and to ensure an adequate level of security, the Service Provider will inform the User of the available update and of the possible consequences of not installing it through the Site.
10. In order to install the update correctly, the User must follow the Service Provider’s instructions containing information about the update.
11. The Service Provider recommends installing updates as soon as they become available. In any case, the User should install the update no later than 14 days after being notified of its availability in accordance with section 5.9. above. The Service Provider shall not be liable for the incorrect performance of the Product access service, resulting solely from the failure to install an update, in the following cases:
    1. despite having been informed of the available update and the consequences of not installing it, the User did not install the update within the deadline referred to above;
    2. the User failed to follow instructions for the correct installation of the update referred to in 5.10. above and, as a consequence, did not install the update within the time limit referred to in 5.9. above and consequently failed to install or incorrectly installed that update. the User fails to install operating system updates in accordance with the recommendations of the manufacturer of the electronic device owned by the User and the manufacturer of the operating system. Failure to keep the operating system or the Product up to date may lead to a decrease in security.
12. In the case of the unavailability or malfunction of the Product, the User undertakes to cooperate with the Service Provider in order to determine whether the unavailability or malfunction of the Product is due to the characteristics of the User’s digital environment (e.g. the characteristics of the electronic device used by the User or that of the network connection).

DETAILED RULES OF USING THE PRODUCT

1. The Provider grants the User a royalty-free, territorially and temporally unlimited, revocable, non-exclusive, and non-transferable licence to use the Product, without the right to sub-licence, authorising:
   1. to use the Product by reproducing it in the User’s computer’s operating memory;
   2. to make one back-up copy of the Product;
   3. the presentation of the data processed by the Product or a copy thereof by means of any technology;
   4. the public communication and presentation of data processed by the Product;
   5. to input data through the Product, for storage in computer memory or distribution in computer networks, and the analysis of data using the functionality of the Product; and
   6. to make the Product available in such a way as to allow any authorised person to access it whenever such person chooses to do so.
2. Each User may use:
   1. unlimited number of multi-Nodes Cluster of the Product for non-commercial purposes;
   2. one single Node Cluster of the Product for commercial purposes.
3. The Service Provider may inspect the User’s use of the Product. Such inspection shall be carried out during the User’s regular working hours and shall not unreasonably interfere with the User’s business.
4. The User undertakes:
   1. to use the Product in accordance with the applicable legal requirements and its intended use;
   2. to refrain from any interference with the structure of the Product (including its modification or decompilation);
   3. not to duplicate the Product beyond the performance of a licensed backup copy;
   4. not to make the Product available to third parties (whether for a fee or free of charge, in whole or in part).
5. The User may terminate this licence agreement for the use of the Product by permanently discontinuing the use of the Product at any time, such termination not affecting the already existing rights or obligations of the Service Provider or of the User;
6. The Service Provider may terminate this licence agreement for the use of the Product, with immediate effect, by sending an appropriate notice to the User’s email address, provided when downloading the Product, in the event of:
   1. a breach of the provisions of the licence, in particular in terms of copying, modifying or making the Product available to third parties;
   2. when it is necessary to make changes to the Product to such an extent that, in the opinion of the Service Provider, the further effective use of the licence by the User is no longer possible;
   3. cessation of work on the Product.
7. As part of the Product, the Service Provider uses open source software of third parties, which is subject to open source licences. The licenses are distributed together with the database and are located in Docker.
8. To the fullest extent permitted by applicable law, the Service Provider shall not be liable to the User for any damage, including loss of profits, directly or indirectly related to the use of the Product, in particular those resulting from a malfunction of the Product, regardless of whether the User was informed of the possibility of such damage.

LINKS TO OTHER SITES

1. The Site contains redirecting links to information and services provided through other sites provided by the Service Provider, including, in particular, the site available at: https://docs.oxla.com/.
2. The Site also contains redirecting links to the Service Provider’s official profiles on social networks (Twitter, LinkedIn or Discord).
   In the situation described in this section 7.2., the regulations or other documents defined by third parties providing the service in question or providing the site in question shall apply, and the Service Provider is not a party to the agreements on the provision of electronic services concluded between the User and such third party. Responsibility for services provided to Users by third parties is determined by the relevant agreements concluded by the User with those third parties.

TERMINATION OF THE AGREEMENT ON THE PROVISION OF SERVICES BY ELECTRONIC MEANS

1. The Parties may, at any time, terminate any agreement for the provision of services described in the Regulations, without giving any reason and with immediate effect, except for the service for the use of the Programme, to which the provisions of section 6 of the Regulations apply.

COMPLAINT PROCEDURE

1. In the case of concerns regarding the operation of the Site and its functionality or concerns regarding the operation of the Product, the User may submit a complaint by sending an email to: support@oxla.com.
2. Complaints are dealt with immediately, within no more than 14 calendar days from the date of complaint. The User shall receive a reply in the form of an email sent to the email address from which the complaint was sent.

PROCESSING OF PERSONAL DATA

1. The personal data of individuals using the functionalities available through the Site and of individuals using the Product shall be processed in accordance with the rules described in the Privacy Policy, available under “Privacy Policy”, to which a link is provided in the footer of the Site.

AMENDMENTS TO THE REGULATIONS

1. The Service Provider is entitled to unilaterally amend these Regulations, to the extent that they have not been individually agreed with the User, for legitimate reasons. In particular, the occurrence of one of the following circumstances is considered as a justified reason:
   1. a change in the generally applicable law in the Republic of Poland to the extent that such a change in the law modifies the content of these Regulations or imposes an obligation on the Service Provider to modify such content in a specific manner;
   2. decisions, recommendations, obligations or acts of an analogous nature issued by public administration bodies, to the extent that such administrative acts modify the content of these Regulations or impose an obligation on the Service Provider to modify that content in a specific manner;
   3. the introduction by the Service Provider of new functionalities of the Site or Product or modification of their existing scope – in this case, modification of the content of the Regulations is permissible to the extent concerning such new functionalities;
   4. any changes to the products, services, operations or business model of the Service Provider;
   5. the introduction by the Service Provider of new or the modification of existing IT systems – in this case, the content of the Regulations may be amended to the extent that is objectively necessary and directly related to the introduction or modification of the said IT systems;
   6. the emergence of judicial or administrative case law which indicates that contractual provisions analogous to those applied by the Service Provider may be unlawful – in this case, an amendment to the content of the concluded agreement shall be admissible to the extent that, based on a comprehensive consideration of the circumstances of the case, it can be objectively considered that, from the point of view of the average customer of the Service Provider, the proposed amendment is to the benefit of such customer;
   7. the Regulations need to be supplemented, clarified or modified due to provisions of law commonly applicable in the Republic of Poland or for the sake of the greater clarity of its provisions for the Users – in this case, a change in the content of the Regulations shall be admissible to the extent which allows the Regulations to be adjusted to the provisions of the law or to achieve a greater clarity of its provisions.
2. The Service Provider shall inform the User of amendments to the Regulations by the publication on the Site of at least:
   1. the content of the planned amendment to the Regulations;
   2. the effective date of the amendment; and
   3. the consolidated text of the Regulations.
3. Any amendment to the Regulations shall not apply to agreements for the provision of services concluded prior to the effective date of the amendment to the Regulations. In the case of such agreements, the provisions of the Regulations, in force on the date on which the User expresses his or her will to conclude such an agreement for the provision of services, shall apply.

FINAL PROVISIONS

1. The Regulations shall come into force on the 20th of July, 2023.
2. For any matters not regulated by the Regulations, the relevant provisions of law shall apply. For the avoidance of doubt, it is assumed that none of the provisions of the Regulations limits the User’s rights that he/she is entitled to under the provisions of the law in force in the territory of the Republic of Poland. In the case of the existence of such a provision, the provisions of the applicable law shall apply unconditionally.
3. Disputes arising from the Regulations which cannot be resolved amicably between the Users and the Service Provider shall be settled by the court with jurisdiction over the Service Provider’s registered office.

‍

Privacy Policy

DEFINITIONS

1. Controller – Oxla sp. z o.o., with its registered office in Warsaw (02-703) at ul. Bukowińska 2/189, entered in the Register of Business Entities maintained by the District Court for the Capital City of Warsaw in Warsaw, XIII Commercial Division of the National Court Register, under KRS No. 0000851382, REGON: 386608946, NIP: 5213902284, with a share capital of in the amount of PLN 202,000.00.
2. Personal Data– means any information relating to an identified or identifiable natural person who can be identified by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, including by way of an IP address of a device, location data, an online identifier and information collected through cookie files or other similar technology.
3. Policy– this privacy policy.
4. GDPR– the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC.
5. Service – the online service operated by the Controller at www.oxla.com.
6. User– each natural person using the Service or using the Controller’s services as presented in the Rules.
7. Product – the software that is a database with an analytical function, as described in detail in the Rules and in the documentation available at the following address: https://docs.oxla.com/, that is available for download through the Service in the manner and on the terms as provided in the Rules.
8. Rules – the rules of the Service, available at „Terms of Use”.

THE PROCESSING OF DATA IN CONNECTION WITH THE USE OF THE SERVICE

1. In connection with the use of the Service by the User, the Controller collects data to the extent required to render the specific services that it offers, as well as information about the User’s activity while using the Service. The detailed rules and the objectives of processing Personal Data gathered during the use of the Service by the User have been presented below.

THE OBJECTIVES AND LEGAL GROUNDS FOR THE PROCESSING OF DATA IN CONNECTION WITH THE USE OF THE SERVICE

1. THE USE OF THE SERVICE
   1. The Personal Data of all the persons using the Service (using the IP address or other identifiers and information gathered via cookie files and other similar technologies) is processed by the Controller:
      1. to render services electronically within the scope of providing Users with the content gathered in the Service – the legal basis for such data processing is the necessity to conduct processing for the purposes of performing a contract (Article 6(1)(b) of the GDPR);
      2. for analytical and statistical purposes – the legal basis for such data processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), such as conducting analyses of Users’ activity and their preferences to improve the applied functionalities and services rendered; and
      3. for the Controller’s marketing purposes – the rules of processing Personal Data have been presented in the MARKETING section.
   2. The activity of a User in the Service, including his or her Personal Data, is registered in the system logs (a special computer program used to store a chronological record with information about events and actions that relate to the IT system used by the Controller to render services). The information collected in the logs is processed primarily for purposes related to the rendering of services. The Controller also processes it for technical or administrative purposes, to ensure that the IT system is secure and to manage such system, but also for analytical and statistical purposes – in this respect, the legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR).
2. DOWNLOADING PRODUCTS AND CONCLUDING CONTRACTS ON PRODUCT USE
   1. In the case of natural persons operating as a sole proprietorship (jednoosobowa działalność gospodarcza), downloading, installing and using the Product necessitates providing Personal Data required to conclude a contract on the use of the Product. Personal Data must be provided to allow for the conclusion of a contract concerning the use of the Product, and a failure to provide such data would result in an inability to conclude a Product use contract, which would prevent any downloading, installation and use of the Product.
   2. The Personal Data obtained in connection with the conclusion of a contract on the use of the Product is processed by the Controller:
      1. to conclude and perform a contract on the use of the Product, including specifically to allow the downloading, installation and use of the Product – the legal basis for the processing is the need to process Personal Data for the purposes of performing a contract (Article 6(1)(b) of the GDPR);  and
      2. for analytical and statistical purposes – the legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), such as the analysis of Users’ activity and their preferences to improve the applied functionalities and services rendered.
3. CORRESPONDENCE BY EMAIL OR VIA TRADITIONAL ROUTES
   1. In case of any correspondence not related to services rendered to the sender or any other contract concluded therewith which is sent to the Controller via email or via traditional routes, the Personal Data in such correspondence is processed exclusively for communication purposes and the resolution of the issue to which the correspondence relates.
   2. The legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR) comprising responding to correspondence addressed thereto in connection with its business activity.
   3. The Controller processes exclusively the Personal Data that is material to the specific issue to which relevant correspondence relates. All correspondence is kept in a manner ensuring the security of the Personal Data (and other information) included therein and is disclosed to authorised persons only.
4. RECRUITMENT
   1. Within the scope of recruitment processes, the Controller expects that Personal Data (e.g. in a CV or a curriculum vitae) will be transferred exclusively to the extent determined by the labour law. Therefore, no information of a broader scope shall be transferred. If any submitted applications contain additional data that exceed the scope required under the labour law, the processing of such data will be based on the applicant’s consent (Article 6(1)(a) of the GDPR), which was granted based on an unequivocal confirmatory action such as the despatch of application documents by a candidate. If the despatched applications contain any information inadequate for the purpose of recruitment, such information will not be used or taken into consideration in the recruitment process.  
   2. Personal Data is processed:
      1. if the preferred form of employment is a contract of employment – for the purposes of performance of the duties resulting from the law connected with the employment process, including primarily the Labour Code – the legal basis for the processing is the legal obligation to which the Controller is subject (Article 6(1)(c) of the GDPR in conjunction with the relevant labour law regulations);
      2. if the preferred form of employment is a civil law contract – for the purposes of the recruitment process – the legal basis for the processing of data included in the application documents is the taking of action prior to the conclusion of a contract at the request of the data subject (Article 6(1)(b) of the GDPR);
      3. for the purposes of a recruitment process and in respect of data that is not required by law or by the Controller and for the purposes of future recruitment processes – the legal basis for the processing is the consent therefor (Article 6(1)(a) of the GDPR); and
      4. for the purposes of the verification of the qualifications and skills of a candidate and the determination of the terms of cooperation – the legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR). The Controller’s legitimate interest is the verification of candidates for work and the determination of  the terms of cooperation therewith, if any.
   3. To the extent that Personal Data is processed based on consent, such consent may be withdrawn at any time without any impact on the lawful processing of data prior to the withdrawal of such consent. If consent is granted for the purposes of any future recruitment processes, the Personal Data shall be deleted no later than after two years, provided that the consent is not withdrawn earlier.
   4. Providing data within the scope specified in Article 22(1) of the Labour Code is required – if the candidate prefers to be employed based on a contract of employment – by the law, including specifically by the Labour Code, and in the case of a preference for employment based on a civil law contract – by the Controller. Failure to provide such data results in the inability to take the given candidate into consideration in the recruitment process. Providing other data is voluntary.
5. PROCESSING OF THE PERSONAL DATA OF THE REPRESENTATIVES OF THE CONTROLLER’S CLIENTS
   1. In connection with the conclusion of contracts for the use of the Products, the Controller obtains from clients the data of the persons involved in the conclusion and performance of such contracts (e.g. contact persons, persons representing a given entity, attorneys-in-fact). The scope of the provided data is in each case limited to that required to conclude and perform a given contract and usually does not include any information other than the name and surname and the business contact data (in the case of contact persons), or the name, surname, position, data included in public registers or in a power of attorney (in the case of persons representing other entities and attorneys-in-fact).
   2. Such Personal Data is processed to enforce the legitimate interests of the Controller and its contractor/client (Article 6(1)(f) of the GDPR) in connection with the conclusion of a given contract and the proper and efficient performance thereof. Such data may be disclosed to third parties involved in the performance of the agreement.
   3. The data is processed for the period required to achieve the above-mentioned interests and to perform the relevant obligations prescribed by law.

MARKETING

1. The Controller processes the Personal Data of Users for marketing purposes, which processing may comprise various types of analytical and statistical actions and any efforts related to the direct marketing of services (delivery of commercial information via email).
2. For the purposes of the marketing activities, the Controller, in certain circumstances, uses profiling. This means that in order to allow the automatic processing of data, the Controller assesses certain select factors concerning Users for the purposes of analysing their behaviour or presenting a forecast. This allows to better match the content addressed to the User to such User’s individual preferences and interests.  
3. DIRECT MARKETING
   1. A User’s Personal Data may also be used by the Controller to send marketing content to such User via email. Such actions are taken by the Controller exclusively if the User has consented thereto, and such consent may be withdrawn at any time.
   2. Personal data is processed:
      1. to deliver any commercial information that was ordered – the legal basis for the processing, including with the use of profiling, is the legitimate interest of the Controller (Article 6(1)(f) of GDPR in conjunction with any relevant laws concerning electronic communication) promoting the goods or services of the Controller in connection with the consent given for the given channel of communication; and
      2. for analytical and statistical purposes – the legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of GDPR) of conducting analyses of Users activity in the Service to improve the applied functionalities.

SOCIAL MEDIA

1. The Controller processes Personal Data of Users who visit the Controller’s profiles on any social media (Twitter, LinkedIn, Discord). Such data is processed exclusively in connection with the profile, including to inform Users of the activities of the Controller and to promote various types of events, services and products. The legal basis for the processing of Personal Data by the Controller for that purpose is its legitimate interest (Article 6(1)(f) of GDPR) of promoting its own brand.
   
   CAUTION: The above information does not apply to the processing of personal data by service administrators (Twitter, LinkedIn, Discord).

PERIOD OF PROCESSING PERSONAL DATA

1. The period of processing data by the Controller depends on the type of services rendered and the purpose of the processing. In principle, the data is processed throughout the time that the services are rendered, until the consent is withdrawn or until an objection against the processing of data is successfully lodged in circumstances in which the legal basis for the processing of data is a legitimate interest of the Controller.
2. The period of processing of data may be extended if the processing is required to determine and to enforce claims, if any, or to defend any claims, and after that time only if and to the extent that it is required by law. After the period of processing, the data is irrevocably deleted or anonymised.

USER’S RIGHTS

1. A User has the right to access the data thereof and to demand the correction of data, the deletion of data, the restriction of processing of data, the right to transfer data and the right to object against the processing of data, as well as the right to lodge a complaint with a supervisory authority responsible for the protection of Personal Data.
2. To the extent that User’s data is processed based on consent, such consent may be withdrawn at any time by contacting the Controller by email at: support@oxla.com or by traditional post at the following address: Warsaw (02-703) at ul. Bukowińska 2/189.
3. A User has the right to object against  the processing of data for marketing purposes if the processing is done in connection with the legitimate interest of the Controller and – for reasons related to any special circumstances applicable to the User – in other cases when the legal basis for the processing is the legitimate interest of the Controller (e.g. in connection with achieving any analytical and statistical objectives).

RECIPIENTS OF DATA

1. In connection with the performance of services, Personal Data will be disclosed to external entities, including specifically to suppliers responsible for servicing IT systems and marketing agencies (within the scope of marketing services).
2. The Controller reserves the right to disclose select information concerning a User to relevant authorities or third parties who request the disclosure of such information based on a legitimate legal basis and in accordance with applicable law.

TRANSFER OF DATA OUTSIDE THE EEA

1. The level of the protection of Personal Data outside the European Economic Area (EEA) differs from that secured by EU law. For that reason, the Controller transfers Personal Data outside the EEA exclusively when it is necessary and ensures an appropriate level of protection, primarily by:
   1. cooperating with entities processing Personal Data in the countries with respect to which the European Commission has issued a relevant decision concerning confirmation of offering an adequate level of protection of Personal Data;
   2. applying standard contractual clauses issued by the European Commission; and
   3. applying binding corporate rules approved by the relevant supervisory authority.
2. The Controller informs Users of the intention to transfer Personal Data outside of the EEA always at the stage of the collection of such data.

SECURITY OF PERSONAL DATA

1. The Controller analyses risks on an ongoing basis to ensure that it processes Personal Data in a secure manner – primarily ensuring that only authorised persons have access to such data and only to the extent that is required in view of the duties of such persons. The Controller ensures that all of the operations involving Personal Data are registered and performed exclusively by authorised employees and associates (współpracownicy).
2. The Controller takes all of the actions that are necessary to ensure that its subcontractors and other cooperating entities also guarantee the application of relevant means of security in each case when they process Personal Data based on instructions issued by the Controller.  

CONTACT DATA

1. The Controller may be contacted by email at: support@oxla.com or at its address for service: Pl. Europejski 1/40p | 00-844 Warsaw.

CHANGE OF THE PRIVACY POLICY

1. The Policy is verified on an ongoing basis and updated if required.
2. The current version of the Policy has been adopted and has been in force since the 20th of July 2023.

Cookie Policy

‍

DEFINITIONS

1. Controller – Oxla sp. z o.o. with its registered office in Warsaw (02-703), ul. Bukowińska 2/189, entered into the Register of Business Entities by the District Court for the Capital City of Warsaw in Warsaw, XIII Commercial Division of the National Court Register, under KRS No. 0000851382, REGON: 386608946, NIP: 5213902284,  with a share capital of PLN 202,000.00.
2. Personal data – means any information relating to an identified or identifiable natural person who can be identified by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, including an IP of a device, location data, an online identifier and information collected through cookie files or other similar technology.
3. Cookies policy – this cookies policy.
4. GDPR – the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
5. Service – the online service operated by the Controller at www.oxla.com.  
6. User – any natural person using the Service or using one or more services or functionalities as described in the privacy Policy available at: www.oxla.com
   

COOKIES AND SIMILAR TECHNOLOGY

1. The Controller uses cookies mostly for the purposes of delivering to the User services rendered electronically and to improve the quality of those services. Therefore, the Controller uses cookie files by storing information or obtaining access to information that is already stored in the User’s end-use telecommunication equipment (a computer, a telephone, a tablet, etc.). The use of cookie files within the Service is not aimed at identification of the User. The Policy regulates the processing of data related with the use of its own cookies.
   
   STRICTLY NECESSARY AND FUNCTIONAL COOKIES
2. The Controller’s use of strictly necessary cookies is required for the proper functioning of the website. The cookies are installed specifically for the purposes of remembering login sessions and filling out forms and for purposes related with setting any privacy options. Functional cookies remember and match the website to User choices, e.g. language preferences. The User may set the browser so that it blocks or warns of the strictly necessary and functional cookies, but this action may result in a malfunction of certain parts of the website.
   
   ANALYTICAL COOKIES
3. Analytical cookies allow for checking the number of visits and sources of traffic in the Service. They are helpful in determining which websites are more and which are less popular and understand how the Users move around the website. This allows the Controller to review statistics and improve the productivity of the website. The information gathered by such cookies is aggregated and thus is not aimed at determining identity. If a User does not allow for the application of those cookies, the Controller will not be aware when the User visits the Service.
   

ANALYTICAL TOOLS USED BY THE CONTROLLER

1. The Controller applies various solutions and tools used for analytical and marketing purposes. The principal information on those tools is presented below. For detailed information in that respect, please refer to the privacy policy of the relevant partner.
   
   GOOGLE ANALYTICS
2. Google Analytics cookies are files used by Google to analyse the manner in which the Service is used by the User, to develop statistics and reports concerning the functioning of the Service. Google does not use any gathered data to identify the User and does not combine such information to allow for identification. For detailed information on the scope and rules of gathering data in connection with such service, please go to: https://www.google.com/intl/pl/policies/privacy/partners.
   

MANAGING COOKIE PREFERENCES

1. The use of cookies for the collection of data, including obtaining access to data recorded on any User’s device, requires the consent of the User. In the Service, the Controller obtains the User’s consent through the cookies banner.
2. No consent is required only with respect to cookies that are absolutely necessary for the rendering of any telecommunication service (data transmission for the presentation of content) – the User has no option of declining the use of such cookies if the User wishes to use the Service.
3. Withdrawal of consent for cookies in the Service is possible exclusively via the cookies banner. The User may go back to the banner by clicking on the following link: […].  
4. The User also has the option of withdrawing consent by changing his/her browser settings. For detailed information regarding this subject, please click on the following links:
   1. Mozilla Firefox: http://support.mozilla.org/pl/kb/ciasteczka
   2. Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647
   3. Opera: http://help.opera.com/Windows/12.10/pl/cookie.html/
   4. Safari: https://support.apple.com/kb/PH5042?locale=en-GB
   5. Microsoft Edge: https://support.microsoft.com/pl-pl/microsoft-edge/usuwanie-plik%C3%B3w-cookie-w-przegl%C4%85darce-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
5. The User may verify the status of his/her current browser privacy settings at any time by using the tools available under the following links:
   1. http://www.youronlinechoices.com/pl/twojewybory
   2. http://optout.aboutads.info/?c=2&lang=EN
6. In order to exercise the rights of access, correction, deletion, restriction, transfer, and objection to the processing of personal data, the right to lodge a complaint or to ask any other question regarding cookies, please send the relevant request/query to the Controller’s contact data provided in section 5.1. below.
   

CONTACT DATA

1. The Controller may be contacted by email at: contact@oxla.com or at the address for service: Pl. Europejski 1 / 40p. | 00-844 Warsaw.
   

CHANGES OF THE COOKIES POLICY

1. The cookies Policy is verified on an ongoing basis and updated as required.
2. The current version of the cookies Policy has been adopted and has been in force since the 20th of July 2023.