The administrator of the website at www.pimeyes.com is PimEyes sp. z o.o., with its registered seat in Wrocław, ul. Rodła 36, 54-530 Wrocław, e-mail address: [email protected] ("PimEyes").
Personal identification information (personal data)
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site fill out a form respond to a survey, subscribe to the newsletter and in connection with other activities, services, features or resources we make available on our Site.
Users may, however, visit our Site anonymously.
We process personal data on the following principles:
Who processes Users' personal data?
PimEyes is the Controller of personal data.
What personal data do we process, for what purpose and on what legal basis?
PimEyes processes the following personal data of User’s
- to create and maintain a User's account (Article 6 Section 1b of GDPR)
- to provide the service via the Site (Article 6 Section 1b of GDPR) - in accordance with the Terms and condiotions of use
- for the purposes of communication in matters related to the service (Article 6 Section 1b and f of GDPR)
- to respond to the questions - by contacting us via e-mail for purposes other than using the services we provide, the User agrees to the processing by us of provided personal data in order to respond to the sent question (Article 6 Section 1a of GDPR)
- for marketing purposes - if the User subscribes to our newsletter and thus agrees to the processing of personal data for the indicated purpose (Article 6 Section 1a of GDPR)
- in order for the User to use other functionalities available on the Site, e.g. to complete the survey or use the contact form - if the User decides to use a given functionality, and thus agrees to the processing of personal data for the indicated purpose (Article 6 Section 1a of GDPR)
- for purposes related to the payment process - on the terms set out in point 3 below;
- in order to perform the ordered service, PimEyes processes the User's face images provided by the User - face search is carried out using specific technical processing relating to the physical characteristics of a natural person (biometric data processing), based on the explicit consent to the processing of data expressed by the User before using the service (Article 9 Section 2a of GDPR)
data on payments for services:
- In order to provide Users with secure online payments, Pimeyes uses the services of an authorized external entity, which is responsible for the sale of the PimEyes service as a so-called merchant of records (more on payment methods for services can be found in the Terms and conditions of use). This entity, indicated for the Site, is the controller of the User's personal data processed in order to implement the payment process. The abovementioned entity discloses to PimEyes information about the status of payment, i.e. whether the payment made by the User using the given email address was successful or not, as well as information about the country from which the payment was made. Pimeyes processes this data to register payment for the service and, as a result, to perform the service (Article 6 Section 1b of GDPR).
- The payment servicing entity also provides Pimeyes with User identification data, i.e. name and surname. The indicated personal data of the User may be processed by PimEyes for the purposes of the legitimate interests pursued by PimEyes (Article 6 Section 1f of GDPR), such as establishing, exercising or defencing of legal claims and for billing purposes.
PimEyes processes the following personal data of business clients and/or contractors (being natural persons) and of persons acting in the name of or on their behalf:
data of clients and/or contractors or potential clients and / or contractors - basic identification data, contact details, as well as data related to the business, including in particular name and surname, company name, tax identification number, REGON, telephone number, e-mail address, bank account number:
- for the performance of a contract or in order to take steps prior to entering into a contract (Article 6 Section 1b of GDPR)
- for compliance with a legal obligation to which the controller is subject (Article 6 Section 1c of GDPR), in particular to keep tax records, issue and store invoices,
- for the purposes of the legitimate interests pursued by PimEyes (Article 6 Section 1f of GDPR), such as establishing, exercising or defencing of legal claims.
personal data of persons acting in the name of or on behalf of our client/contractor or potential client/contractor - basic identification data, contact details, in particular name and surname, company name, telephone number, e-mail address; in case the data has not been obtained directly from data subject, it has been obtained by PimEyes from PimEyes’s client or contractor, or from the Internet websites of such client/contractor or from publicly available registers, e.g. KRS and are processed by PimEyes:
- for the performance of a contract or in order to take steps prior to entering into a contract with entity in the name of or on behalf of which the data subject is acting, including for contact purposses – based on the legitimate interests pursued by PimEyes (Article 6 Section 1f of GDPR)
Data collected in Pimeyes’s data base
Pimeyes, like any Internet search engines, performs a service for the User, using its database. „Fingerprints” of faces found in the Internet and thumbnails of face images are collected in this data base only for the purpose of further searches. When searching the Internet for the purpose described above, Pimeyes never looks for a specific person, it only collects pictures available in the Internet and the information about the websites where they were found. Pimeyes does not establish the identity of persons whose photos are included in the database (who are hereinafter referred to as "unidentified entities" in this Policy).
Pimeyes processes the data collected in the database based on art. 6 clause 1 lit. f) GDPR - processing is necessary for the purposes of the legitimate interests pursued by the administrator, which is the creation of a database based on publicly available sources, for the purposes of future service provision.
Personal data received from a source other than the data subject:
In some cases, PimEyes can obtain personal data not directly form data subject but from another controller. It may happen in the cases described above, i.e. when Pimeyes receives the contact details of persons acting in the name of or on behalf of PimEyes’s client / contractor or potential client / contractor and when PimEyes receives the Users' data from the payment servicing entity.
In the case of data of unidentified entities, processed in the Pimeyes’s database referred to in point 4 above, the data comes from publicly available sources. When collecting such data, Pimeyes respects the special rules of each website visited by PimeyesBot web robots and downloads data only from the sites whose robots.txt allows it.
Do we need your consent for data processing?
In the situations indicated above, i.e. based on the specified legal grounds for processing, and for the indicated purposes, we may process personal data without asking for consent. In the indicated cases - it is the User's consent that is the basis for the processing of personal data. If we want to use the data for other purposes for which the basis of processing resulting from applicable law does not apply, we must ask for the consent. The consent is always voluntary, and if granted - personal data will be processed only for the purpose indicated in the consent. You have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. The consent can be withdrawn by sending relevant information to the e-mail address: [email protected] or in another manner specified in the content of the consent, on the occasion of its granting or on the occasion of carrying out activities based on the given consent.
Am I obliged to provide my Personal information?
Providing personal data is voluntary, however if you do not provide all the required personal data, it may result in the inability to conclude and perform the contract / use our services and/or other functionalities available on the Site and the inability to answer your query.
Do we share personal data with third parties?
As a rule - we do not disclose personal data to anyone. Based on the data processing agreement (pursuant to Article 28 GDPR), we entrust personal data to entities whose services we use in connection with data processing, e.g. IT service providers, accounting services - to the extent necessary for the proper performance of these services.
We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
Personal data will not be processed for the purpose of automated decision-making.
How long your personal data will be stored?
The retention of your Personal Information takes place in accordance with legal retention requirements. As a rule, personal data will be stored for the duration of the service and after its completion - for the period necessary to establish, exerce or defend of legal claims and for compliance with a legal obligation to which PimEyes is subject (e.g. invoice issue and storage) - in accordance with the law. However, in some cases, we may store data for shorter period:
- In the case of data processing solely to respond your question - personal data will be deleted (along with correspondence / email sent via the contact form) within 12 months of the response / last contact;
- In the case of (and if) data processing based on the consent - data will be processed no longer than until such consent is withdrawn.
- Face images along with the "fingerprint" of face of unregistered Users are stored for 48 hours from the moment the User sends the photo. We procede this way so that the User can return to the search results at the indicated time (48 hours), and not only use them once. The URL, pointing to each of the search performed, is valid for 48 hours and it is during this period that the search data is stored.
- Data of unidentified entities are stored for 2 years.
What are Your rights?
The person whose personal data we process, has the right to request from us: to access personal data and to the rectification (amendment), to erasure of data (in limited cases indicated in Article 17 GDPR), to restriction of processing of data (in limited cases indicated in Article 18 GDPR), to data portability (in limited cases indicated in Article 20 GDPR); you can exercise your rights by sending us relevant information to the e-mail address: [email protected]
The person whose personal data we process, has the right to lodge a complaint with a supervisory authority -i.e. i.e. the President of the Personal Data Protection Office, if he/she considers that the processing of personal data concerning him/her violates the provisions of GDPR.
Your right to object the processing:
The person whose personal data we process, has the right to object to the processing when: (i) there are grounds relating to his/hers particular situation, and (ii) data processing is based on the necessity for purposes of the legitimate interest pursued by PimEyes. In case personal data are processed for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him/her for such marketing, to the extent that it is related to such direct marketing. The objection can be raised by sending relevant information to the e-mail address: [email protected]
DPO contact data:
The person whose personal data we process, can contact our Data Protection Officer by usiing the following e-mail address: [email protected].
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web Browser Cookies
How We Use Collected Information
PimEyes collects and uses Users non-personal information for the following purposes:
- To personalize user experience. We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
- To improve our Site. We continually strive to improve our website offerings based on the information and feedback we receive from you.
How We Protect Your Information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel
Your Acceptance of These Terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.