Latest update: 24/05/2018
- Processing of personal data, and the purposes, grounds for, periods and ways of their processing;
- Categories of personal data that are processed and who may be their recipients, as well as from whom they may be collected;
- User’s ability to gain access to data and other rights of the User as a data subject;
Seep, as the personal data controller, ensures the security of the data provided thereto. All data are protected and secured against unauthorized access, unauthorized interception, unlawful processing in breach of the GDPR or the Personal Data Protection Act, or modiﬁcation, loss, damage or destruction.
Personal data are processed by Seep in accordance with the provisions of the GDPR and the Polish supplementary provisions to the GDPR, as well as the relevant provisions of the Polish Act on the Provision of Services by Electronic Means.
Seep ensures that Users may exercise their rights under Article 15 to 22 of the GDPR,
- the right of access to their personal data, the right to their rectiﬁcation, restriction of their processing, objection to their processing, data portability and erasure, and to withdrawal of consent to their processing, as well as the right to lodge a complaint with a supervisory
What data are processed by Seep?
Processing involves personal data, i.e. information concerning an identiﬁed or identiﬁable natural person who is or has been a User of the SEEP App; an identiﬁable natural person is one who can be identiﬁed, directly or indirectly, in particular by reference to an identiﬁer such as a ﬁrst name and surname, an identiﬁcation number, location data, an online identiﬁer, or to one or more factors speciﬁc to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Seep primarily processes the following personal data of Users: ﬁrst name, surname, image, age (date of birth), sex, Facebook or Google+ login credentials, phone number, email address, location data, IP number, ID of the Hardware on which the SEEP App is installed, WiFi data, Hardware operation system details, geographic location of the Hardware.
Moreover, Seep also processes other personal data of Users, which will be disclosed (provided) by Users to Seep, in particular: User preferences saved in the Application, family information, address information, information about professional or scientiﬁc activity, including when this information follows from the content of photographs published by Users using the Application, information made available to the public on Facebook or Google+, bank account number, payment card number.
All personal data are stored on servers owned by Seep in Poland. Seep does not intend to transfer your personal data to a third country (i.e. a country outside the European Economic Area) or to an international organization. Although Seep obtains your data from your Facebook or Google+ proﬁle, it does not transfer your data to Facebook or Google+.
Information provided by the User
By signing up for the SEEP App, the User grants their consent to the processing of all the data published in the Application. Data in the Application include, in the ﬁrst instance, data published as User description and any other information published in the Application, including as part of chats, photos, videos, contact details, etc.
Seep obtains access to personal data such as: ﬁrst name, surname, sex, age, location based on GPS navigation. Moreover, the User grants access to their personal preferences, all settings and proﬁle customizations. Seep also has access to all User connections, i.e. chats, messages, likes, chat rooms, group chats, and other data related to Application use. If the User enters into business transactions with Seep or other entities, or purchases the PREMIUM Package, also ﬁnancial data such as bank account number or debit/credit card number are processed.
Information collected and processed automatically
Seep automatically collects and processes data from the SEEP Mobile App. Such information involves IP numbers, IDs of the Hardware on which the SEEP App is installed, WiFi data, operating system data, geographic location of the Hardware on which the SEEP App is running.
Based on your location and the selected Triangle, decisions are made automatically to indicate to you other Users within an area of up to 50 km from your location.
Based on your preferences related to sending red Xs, automatic decisions are made not to indicate to you Users previously marked with the red X and located within an area of up to 50 km from your location.
IDs of electronic devices such as smartphones, tablets (hereinafter “Hardware”)
Seep uses Hardware IDs instead of cookies to identify the User in the Mobile Application. IDs are used to track User movements.
Information collected by third parties for advertising purposes
Third parties associated with Seep have the right to display their advertising content in the SEEP App for the purposes of unblocking the features available in the FREE Package, as described in the Terms and Conditions of Use (T&Cs). The aforesaid entities may use tracking software such as cookies or beacons to acquire the User’s personal information.
For what purposes does Seep process User data?
Seep processes User data for the following purposes:
- To enter into, perform and terminate an agreement for the provision of Services by electronic means through the Application, including for the purpose of providing those Services through the Application;
- To provide and develop the Application and its Services, and for businessmanagement purposes;
- To manage the User’s account and provide consumer support;
- To conduct surveys and analyses on how the Application is used;
- To communicate with the User through the User’s account in the Application, their mailing address, telephone, Hardware, to the extent related to the provision of Services through the Application;
- For marketing purposes, including commercial communications about new Seep products and solutions to Users;
- To identify and prevent personal data breaches, content breaches, breaches of the T&Cs, and other dangerous conduct, and pursuing related claims;
- For settlement purposes, including accounting and tax purposes, involved in providing paid Services;
- For the purposes of establishment and pursuit of and defence against
On what grounds does Seep process User data?
Seep processes Users’ personal data only on the following grounds:
- Entry into, performance and termination of an agreement for the provision of Services related to the use of the SEEP App (Article 6(1)(b) of the GDPR), which ground applies to all the data involved in the registration of an Account, which the User must provide, as otherwise no agreement for the provision of Services through the Application will be executed with them, and other data made available by the User during the use of the Application, the provision of which is voluntary, and the lack of which may have an impact on the manner of using the Application;
- Legitimate interests of the controller, e. Seep (Article 6(1)(f) of the GDPR), including the development of the Application, conducting surveys and analyses on how the Application is used, direct marketing of the Company’s services, identiﬁcation and prevention of personal data breaches, content breaches, breaches of the T&Cs, and other dangerous conduct, and pursuing related claims, as well as establishment and pursuit of and defence against claims;
- Compliance with legal obligations to which the Controller is subject (Article 6(1)(c) of the GDPR), involving compliance with the obligation to keep accounting and tax records, related to the management of payments made by Users of the paid Services;
- Consent given by the User (Article 6(1)(a) of the GDPR) for marketing other than the direct marketing of Seep’s own
Do you need to provide any personal data in order to use the Application?
The use of the Application and the entry into an agreement for the provision of Services by electronic means is entirely voluntary. Therefore, if you do not wish to provide Seep with any of your personal data, do not register and do not use the Application.
If you wish to use the Application, you must provide certain personal data to Seep in order to be able to use it and enter into an agreement for the provision of Services by electronic means. Therefore, their provision is a contractual condition. Therefore, in order to enter into an agreement, you will need to provide the following information to sign up for the Application: your ﬁrst name and surname, date of birth, Facebook or Google+ login credentials, email address or phone number, location data, Facebook or Google+ proﬁle data.
To use the Application, you must grant it, as the user of the Hardware on which the Application is installed, the right to access the location data. Consent to such access is voluntary, but it is necessary for the proper provision of Services through the Application. Therefore, if you do not allow the Application to access your location data, you will not be able to use the Application. The consent to access your location data should not be equated with the consent to the processing of personal data, since the consent to access your personal data is a condition of the provision of a service (a contractual condition), and therefore the processing of the location data is based on the executed agreement, and only the fulﬁlment of this contractual condition takes place by means of expressing consent to access to the data in the operating system of the Hardware on which the Application is installed.
Providing your data in the payment process related to the purchase of the PREMIUM Package is voluntary, but their provision is required to make the purchase of the PREMIUM Package, so if you do not provide them, you will not be able to change the terms and conditions of the agreement by purchasing the PREMIUM Package.
The provision of other data related to the use of the Application is voluntary, and the failure to provide them does not prevent the use of the Application. However, your failure to provide such other data may aﬀect the way you use the Application.
The provision of marketing data for marketing purposes other than direct marketing of Seep’s own services is subject to your consent, which is voluntary and may be withdrawn at any time.
To whom can SEEP make User data available?
Service Providers: Seep makes User data, including ﬁnancial data, available to third parties that provide services through the Application. Such information is made available to enable the provision of services provided by third parties. Such entities are not entitled to and cannot share or process User data for any purposes other than in connection with the services they provide.
At the request of public authorities: for purposes relating to the judicial system, in particular to the enforcement of a judicial decision, or for the use of such data in legal proceedings.
Personal data are disclosed: to enforce the T&Cs, to prevent a crime or other illegal acts from being committed by the User.
Third party web pages: In the SEEP App, the User can click on a number of diﬀerent links to access diﬀerent websites that are not managed or aﬃliated with Seep in any way. A third party may independently obtain User information and share that information with Seep regarding User activities. The terms and conditions of processing of User data in such circumstances are provided by the third party.
Seep may also share your personal data to: payment service providers involved in the handling of payments related to the purchase of the PREMIUM Package, entities providing legal services related to Seep’s operations, entities providing IT services related to Seep’s operations, entities providing audit and other services related to inspecting Seep’s operations, and auditors auditing documents related to Seep’s operations, entities providing accounting and bookkeeping services related to Seep’s operations, entities authorized by you, other than those mentioned above, which under the provisions of law are authorized to obtain from Seep information related to its operations, which may include your personal data, including in particular the supervisory authorities of Seep, as well as other Users (as described below).
Information shared with other Users
Once an account is created in the Application, User personal data are made available to other registered Users of the Application. Other Users will have access to the content published by the User in the Application.
Seep obtains access to User data directly from the User’s Facebook or Google+ account, as well as to data added by the User in the Application.
The User may share information at the chat and message level with other Users by clicking on the appropriate icons in the Application.
To create a User account in the SEEP App, the User is requested to use their Facebook login credentials. By signing in to the SEEP App via Facebook, the User provides Seep with relevant information about their Facebook data. Seep will have access to the information, i.e. the User’s public proﬁle, their email address, interests, liked pages, sex, date of birth, education history, place of residence, friends, etc.
To create a User account in the SEEP App, the User is requested to use their Google+ login credentials. By signing in to the SEEP App via Google+, the User provides Seep with relevant information about their Google+ data. Seep will have access to the information, i.e. the User’s public proﬁle, their email address, age, sex, date of birth.
The User may also provide Seep with additional personal information.
The content communicated in chats with other Users is made available to Seep.
When logging in to the SEEP App, the User makes available a minimum of 3 (three) and a maximum of 7 (seven) photos from their own photo library (available on the Hardware).
The User provides the SEEP App with data that are entered in the three text ﬁelds (“my cuisine”, “my passion” and “my place”) containing a minimum of 1 (one) and a maximum of 15 (ﬁfteen) characters each.
What rights does the User have?
- You have the right to request from Seep access to your personal data, including a copy of the personal data undergoing processing. The ﬁrst copy is free of charge. For any further copies requested by you, Seep may charge a reasonable fee based on administrative costs.
- You have the right to request Seep to rectify your personal data which are inaccurate, particularly because they were collected with errors or because they have changed after they were collected. This right also applies to the completion of incomplete data.
- You have the right to request Seep to erase your personal data, however you may only exercise this right in the cases speciﬁed in the GDPR, i.e. where one of the following grounds applies:
- Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, in the ﬁrst instance if the period during which Seep was to process your data has come to an end;
- You have withdrawn your consent on which the processing is based, unless Seep has another legal ground for the processing;
- You have objected to the processing referred to in point 5. and there are no overriding legitimate grounds for the processing;
- You have objected to the processing referred to in point 6.;
- Your personal data have been unlawfully processed;
- Your personal data have to be erased for compliance with a legal obligation in Union or Member State law to which Seep is
- You have the right to request Seep to restrict the processing of your personal data on the terms and conditions set forth in the GDPR, i.e. where:
- You contest the accuracy of your personal data – for a period enabling Seep to verify the accuracy of the personal data;
- The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- Seep no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- You have objected to the processing referred to in point 5. pending the veriﬁcation whether the legitimate grounds of Seep override the grounds for your
- You have the right to object, on grounds relating to your particular situation, to processing of your personal data pursuant to Article 21(1) of the GDPR which is based on point (e) or (f) of Article 6(1), including proﬁling based on those. In such case, Seep may no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
- You have the right to object to processing of your personal data by Seep pursuant to Article 21(2) of the GDPR. i.e. to object against the processing of your data for the purposes of such direct marketing, which includes proﬁling, to the extent that it is related to such direct marketing. If you exercise this right, Seep may no longer process your data for the purposes of such direct marketing.
- You have the right to data portability: Therefore, you have the right to receive your personal data, which you have provided to Seep, in a commonly used and machine- readable format and have the right to transmit those data to another controller without hindrance from the Controller. However, you only have this right in respect of your personal data which are processed on the basis of your consent or on the basis of a contract, and in respect of the data which are processed by automated means. In exercising the right, you may also request for your personal data to be transmitted directly to another controller, where technically
- You have the right to withdraw your consent based on which your personal data are processed, at any time. However, your withdrawal of consent does not aﬀect the lawfulness of processing based on consent before its withdrawal. Where your consent is withdrawn, Seep no longer processes your personal data which it has been processing only based on consent. If your personal data are also processed on a ground other than consent, Seep may continue to process your personal data on that other ground as long as it continues to exist.
- You have the right to lodge a complaint with a supervisory authority, i.e. an authority established by a Member State to monitor the application of the GDPR. The supervisory authority competent for the territory of the Republic of Poland is the President of the Oﬃce for the Protection of Personal
User’s inﬂuence on the scope of shared personal data
To the extent of data whose provision is not a contractual requirement in order to be able to use the Application, it is the User who decides what personal data will be made available by them and to what extent. Restricted sharing of personal data may result in limited access to all or some of the Application features that are necessary for its proper operation, including the ability to purchase products, use services, receive promotional materials, participate in surveys, and to a limited right to ask questions and initiate other transactions.
How long does Seep store data?
Seep stores the User’s personal data as long as this is necessary to fulﬁl the purpose of the processing.
The data processed in order to enter into, perform and terminate the agreement are processed for the duration of the agreement for the provision of Services by electronic means. Therefore, upon the termination of the agreement, including the deletion of the account by the User, Seep will no longer process these data for this purpose. However, it may still process certain data for purposes which are legitimate
interests of the Controller, including research, scientiﬁc and statistical purposes, and to prevent fraud and enforce the provisions in the T&Cs, and to establish and pursue claims, for as long as such processing is necessary for such purposes, but not longer than until the date on which a reasoned objection is made against such processing.
Data involved in compliance with legal obligations to which the Controller is subject, including compliance with the obligations to keep accounting and tax records, related to settlements with Users of the paid Services, are processed for a period set forth in the applicable provisions of law, in the ﬁrst instance accounting and tax laws and regulations.
Data processed for direct marketing purposes are processed only for the duration of the agreement, but not longer than until the date on which an objection is raised to the processing.
Data processed solely on the basis of your consent are processed for the duration of the agreement and, after its termination, for the period speciﬁed in the consent (if any). However, in no case are they further processed if the consent has been withdrawn.
Personal data provided by the User to third parties are stored by those entities on their own terms and conditions.
How does Seep protect User content?
Seep takes all necessary safeguards to ensure full protection of the information published by the User against unauthorized access and disclosure. However, no data protection system can guarantee that User data are fully secure. The User should carefully consider what content to publish and use special care in making information available, especially by not transferring data via their email account outside the Application.
The User agrees that Seep may communicate with them to ensure security and privacy, and in other administrative matters related to security breaches within the Application. Seep will post data security risk alerts upon taking notice of any attempts to breach system security. The User will receive a system notiﬁcation about security measures within the Application and may request that information in writing. To obtain free written information on security breaches, please contact Seep at firstname.lastname@example.org.
In the SEEP App, the User has the right to receive system notiﬁcations of functionality-related modiﬁcations to the Application. The User may disable system notiﬁcations in Application settings.
How to contact the Controller (Seep)?
Seep sp. z o.o.
ul. Marszałkowska 111
00-102 Warsaw or by email.