Last updated: 22.12.2021
If you happen to be left with even more questions after reading our policy – or already have some – do not hesitate to contact us.
“Applicable laws” means all the laws and regulations relevant to the collection, processing and storage of data, especially all the data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”; California Civil Code Section 1798.100 et seq.).
“Voluum” or “we” or “us” or „our” means CentralNic Poland sp. z o.o., with a registered office at ul. Lubicz 17G, 31-503 Kraków, Poland incorporated under the laws of Poland and registered in the companies register of the National Court Register held by District Court Krakow – Srodmiescie in Cracow XI Commercial Division (Sąd Rejonowy dla Krakowa – Śródmieścia w Krakowie XI Wydział Gospodarczy) under (KRS) no. 0000830352, having EU VAT ID: PL5272922087 and the share capital in the amount of 5 000 PLN.
“Cookies” means small text files stored in a web browser by a website (here specifically: Site) or by an ad server. By storing certain information in a cookie, those web browsers, ad servers, and explicitly our Site are able to remember your preferences and recognize websites visited and/or web browsers used from one visit to another.
“Data Protection Officer” means a person appointed by Voluum to, in particular, watch over the security of your Data, monitor our compliance with Applicable laws, and be a point of contact in all matters regarding data protection.
“Legal Grounds” means the legal basis for the collection, processing and storage of your Personal Information, as defined in Applicable laws.
“Group of undertakings” – a group of undertakings affiliated to a central body in the meaning of Recital 48 of the GDPR.
“Log Data” means information that is automatically reported by your browser each time you access our Site or use our Services and which is sent by your web browser that our servers automatically record. Log Data may include information such as your IP address, browser type, web requests, domain names or pages viewed.
„Mobile App”, “App” means any app developed by Voluum and made available in any App Store or via Google Play for you to access, download and install on your device; access to full functionality of our Mobile Apps will only be available to you if you are a registered user of our Services.
“Personal Information” or “Information” or “Data” means any information relating to an identified or identifiable person as defined in Applicable laws, particularly in article 4.1 of GDPR and Section 1798.140 of CCPA.
“Site” means the Voluum website voluumdsp.com.
“Services” means services provided by Voluum via Site in accordance with the Terms and Conditions.
“You” means an individual that uses our Services via the Site or/and an individual who uses the Site but has no access to the areas of the Site and Services.
II. Personal Information we collect about you
We collect Information about you through:
- your use of our contact and registration forms
- your use of sign-in with different account option
- your use of our newsletter form
- your use of our forms to download our publications, like reports, ebooks, guides, presentations, case studies etc.
- your use of our Services
- your use of Site
- you contacting us, for example via email
The categories of your Data that we collect may include:
- Name and surname
- Company name
- Company address
- Company phone number
- Mobile telephone number
- Skype number
- Tax identification number
- E-mail address
- Payment and invoice details
When you register or log on through Google sign-in functionality and grant the “basic profile info”, Google provides us with its Google ID Token that includes your name and surname, email address, language settings and profile picture but we only retrieve your name, surname and email address to verify your identity for our needs while registering or logging you in.
III. Log Data, Cookies and similar technologies
When you interact with our Site, we may also automatically collect information from your Site activities through the usage of Cookies, Log Data and similar technologies on our Site.
By using those technologies we aim to personalize our Site to better meet your needs, as well as to provide you with customized Site content and to act within our advertising purposes. We may also use this information for the purposes of analytics and monitoring of the effectiveness of our performance, including the collection of the aggregate Site usage data (such as the overall number of Site visitors or pages viewed).
The information mentioned above may include:
- information about your interactions with the Site;
- technical information about your computer hardware and software that may include URL information, cookie data, your IP address, the types of devices you are using to access our Site and/or use the Services, device ID, device attributes, network connection type, browser type, language, internet service provider, clickstream data, access times, the files viewed on our Site;
- demographic information such as your ZIP code, age, gender and preferences by using Log Files; such information is not associated with your name or other Personal Information.
Please see our Cookies Policy for more details about our collecting and using of this Data.
IV. Additional information related to the processing of Personal Data while you use our Mobile Apps
When you access and log in to our Mobile App, we process your login information for the purposes of authentication process and ensuring the security of our Apps.
Google Firebase Analytics for Mobile Apps
Voluum Mobile App uses Firebase Analytics to collect App usage statistics. Mobile analytics we use within Mobile Apps allows us to improve our understanding of their functionality on your mobile device by tracking the events that constitute your use of the App, such as when you scroll through the App, switch to another screen, push a button, or interact with the App in another way. We do not register what you see on your screen, text you type in on your device.
By default, Firebase collects identifiers for mobile devices (for example, Android Advertising ID and Advertising Identifier for iOS) and utilizes technologies similar to cookies.
Firebase also collect certain information automatically, including, but not limited to, the type of mobile device you use, your client ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the App as well as aggregate Mobile App usage data (such as the overall number of users, session, session duration).
If the App crashes during the time you are using it, Firebase also generates for us a report including information about the type of device used, history of the user’s activity within the app before the crash and stack trace. We use this information only for diagnostics purposes to improve the functionality of our Mobile Apps. For further information how Google’s Firebase collect your data please see: https://support.google.com/firebase/answer/6318039.
If you wish to temporarily or permanently disable collection of analytics data by Google Firebase, please contact us at [email protected] Upon your request we will deactivate Google Firebase services linked to you.
Google Firebase push notifications for Mobile App
You may also see push notifications when you use the App. Push notification is a message we send you from the level of our application, which later appears on your user interface and they are sent through Firebase services. While we provide you with push notification we use a device push token.
We use push technology only if you voluntarily agree to it by adjusting your mobile application settings. Additionally, if you wish to disable push notification you can deactivate them by changing the Mobile App and/or device settings at any time.
V. Purposes and Legal Grounds for Data processing
Your local law may require to set out the Legal Grounds on which we rely in order to process your Data. Below you will find an outline of the purposes for which we may process your Data accompanied by an indication of a relevant Legal Grounds for such processing pursuant to GDPR:
||The legal basis on which we process your Data in these circumstances is entering into a contract with you (article 6.1. point b) of GDPR).|
||The legal basis on which we process your Data in these circumstances is performance of a contract concluded with you (article 6.1. point b) of GDPR).|
||The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to: pursue claims or defend against claims, responding your inquiries, transfer your inquiries to the relevant entity if that entity is a separate controller of your Data (especially the inquiry relates to Zeropark Platform), improve the Services, detect, prevent, and respond to actual or potential fraud, illegal activities, or intellectual property infringement, monitor compliance with our Terms and Conditions. Our legitimate interest is also ensuring accountability (i.e. demonstration of compliance with our obligations under the law, in particular GDPR), as well as storing data for archiving and statistical purposes.
For the purposes of advertising, market research as well as the research of behaviour and preferences of users, with the purpose of improving the quality of services by results of such research, the legal basis on which we process your Data in these circumstances is your voluntary consent according to the act on providing services by electronic means.
||The legal basis on which we process your Data in these circumstances are our legal obligations we are subject to (article 6.1 point c) of GDPR) to conduct relevant tax and accounting operations in the ordinary course of our business.|
||The legal basis on which we process your Data in these circumstances is our legitimate interest (article 6.1. point f) of GDPR) to promote our products and Services, conduct surveys, analysis or to provide you with the information or publication you requested.
Sometimes we also ask you for your voluntary consent to the specific form of marketing, i.e. sending commercial information via e-mail (newsletter) or contacting with you by phone or skype for our commercial purposes in accordance with applicable law (telecommunication law, act on providing services by electronic means).
For more information about our approach to sending marketing emails please see the next section.
Additionally, when you give us your voluntary consent, we process your Personal Data by using Cookie technology in scope and for the purposes described in our Website’s cookies notification and Cookies Policy.
VI. Newsletter, electronic publications and contact forms
Newsletter, Blog and Webinar Subscriptions
In order to ensure that we are able to send you our newsletter or information regarding our blog or webinars (including inviting you to the webinar), we may process your name, surname and email address (which is necessary in order to provide you such services).
Your consent is voluntary and it is expressed by clicking in the subscription button (legal basis – Article 6 (1) (a) of the GDPR). If you do not provide us with relevant information we will not be able to perform such services for you.
Contact and Support Forms, Chat Box
In order to reply to your inquiry sent us in the contact or support form or through the chat box and to correspond with you, we may process your name, surname and email address (which is necessary in order to provide you such services). We may also process other information if provided by you.
Providing such information is voluntary and we process it on the basis of our legitimate interest (Article 6 (1) (f) of the GDPR). If you do not provide us with relevant information we will not be able to perform such services for you.
If you give us your voluntary consent on sending commercial information on your email address or contacting you by special means such as phone, SMS or skype, we will be able to perform marketing activities related to you, including direct marketing of our own services, as well as contacting with you for purposes related to permitted marketing activities by aforementioned means (email, phone, SMS, skype etc.).
We can process your Data to perform marketing activities on the basis of our legitimate interest (Article 6 (1) (f) of the GDPR), however your consent on a specific means of contact is required in accordance with applicable law (telecommunication law, act on providing services by electronic means).
VII. Your rights
Voluum will respect your legal rights to your Data. You can manage and control your privacy by contacting our Data Protection Officer: [email protected]
Below you will find the description of your rights that you have under the law, and what Voluum does to protect those rights:
|Legal right||What Voluum does to protect your rights|
|The right of access||You have the right to access your Information. You have the right to request a copy of your Data that we hold about you by contacting us.|
|The right to rectification||We aim to keep your Personal Data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your Personal Data is not accurate or not complete, so that we can keep your Personal Data up-to-date.|
|The right to erasure||This is sometimes called ‘the right to be forgotten’. In some circumstances you have the right to the erasure of your Data without undue delay. Those circumstances include situations when: the Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the Data has been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.|
|The right to restriction processing||In some circumstances you have the right to restrict the processing of your Data. Those circumstances are the following: you contest the accuracy of the Data; processing is unlawful but you oppose erasure; we no longer need the Data for the purposes of our processing, but you require Data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your Data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.|
|The right to Data portability||Voluum must allow you to obtain and reuse your Personal Data for your own purposes across Services in a safe and secure way without it affecting the usability of your Data. This right only applies to Personal Data that you have provided to us as the Data Controller. The Data must be held by us by consent or for the performance of a contract and the processing is carried out by automated means.|
|The right to object||In certain circumstances, you have the right to object to the processing of your Personal Data where, for example, your Personal Data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your Personal Data, or if your Data is being processed for direct marketing purposes.|
|The right to withdraw consent||If you have given us your consent to process your Data but changed your mind later, you have the right to withdraw your consent at any time, and Voluum has to stop processing your Data unless Voluum has other Legal Ground for processing of your Data. The withdrawal of consent does not affect the compliance of the processing which was made on its basis before the withdrawal of consent.|
|The right to complain to a Supervisory Authority||You have the right to lodge a complaint with the Supervisory Authority in particular if you feel that Voluum has not responded to your requests to solve a problem.|
In any above-mentioned matter please contact our Data Protection Officer: [email protected] Please include information that will enable us to verify your identity within your request.
VIII. How Data is protected
Voluum uses various security technologies and procedures that help protect your Personal Information from unauthorized access, use, disclosure, alteration or destruction.
- Personnel. Only qualified and authorized employees are permitted to access Personal Information, and they may do so only for permitted business functions;
- Data Protection Officer. We appointed a Data Protection Officer who in particular watches over the security of your Data, monitors our compliance with Applicable laws, and is a point of contact for you in all matters regarding Data protection; here you have contact to our Data Protection Officer: [email protected];
- Security Measures. We use encryption in the transmission of your Personal Information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your Personal Information;
- Payments. All supplied sensitive/credit Information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the Information confidential. After a transaction, your private Information (credit cards, social security numbers, financials, etc.) will not be stored on our servers;
- Additional Safeguards. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your Information. Our security procedures mean that we may request proof of your identity before we disclose Personal Information to you;
We want you to feel confident using our Site to conduct business. However, you should also take care of how you handle and disclose your Data and avoid sending Personal Information through insecure channels or networks. It is important for you to protect yourself against unauthorized access to your password and to your computer. Be sure to sign off when you finish using a shared computer and under no circumstances share your password with anyone, even with us – we will NEVER ask for it.
Please see more Information about security measures we use here.
IX. International transfer of Data
We may transfer Data to a country outside of the European Economic Area (EEA) based on a decision of the European Commission, stating that a third country may be considered as providing an adequate level of data protection or based on standard contractual clauses approved by the European Commission (the EU Commission Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council). If you are located in the EEA, you may contact us if you require a copy of the safeguards which we have put in place to protect your Data transferred outside of the EEA and your privacy rights in these circumstances. You may also learn more about EU Commission Decision on standard contractual clauses for the transfer of personal data to entities established in third countries here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
X. Retention of your Information
Voluum stores your Information for a period of time required for the purposes for which it was collected using generally accepted security standards and in compliance with applicable laws. Voluum will not retain your Personal Information for longer than required.
In particular, we store Information about you when you have an account on our Site and when you use our Services. Please note that even if you delete your account, Voluum may have the right to process your Data for the purpose of creating statistics, pursuing claims or defending against claims, handling your complaints and chargebacks as well as in order to meet the tax and accounting law requirements, where such processing will last only for the period of time necessary to achieve the intended purposes (e.g. for pursuing claims or defending against claims, the period of retention of your Data is no longer than limitation period for claims as defined in statutory law).
Please note, that for marketing purposes your Data will be processed until such time you object to it. Where you have consented to marketing communications via e-mail or other telecommunication means for our marketing purposes (e.g. you agree to receive our newsletter or contacting you by phone), you may withdraw your consent at any time by contacting us as well as you may unsubscribe from newsletter at any time by clicking the unsubscribe link in an email from us. In these circumstances, your personal data will be processed until your withdrawal of the consent.
If you need more detailed information about the retention of your Information, please contact our Data Protection Officer.
We may disclose your Personal Data only to the following trusted third parties:
- Safety, Legal Purposes and Law Enforcement. We may use and disclose the Data when we believe it is necessary: (i) under applicable law, and (ii) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.
- Service providers. We may also engage third parties that support the operation of our Services (acting on our behalf), such as analytics providers, IT services providers (e.g. cloud or host services providers) or advertising agencies.
XII. Additional Notice for California residents
California residents rights
CCPA provides additional privacy protections for California data subjects including:
- the right to request access to your Personal information and request additional details about our practices regarding the processing of your Personal information (right to access),
- the right to request deletion of your Personal information (right to deletion),
- the right to opt out of the “sale” of your Personal information (right to opt out), and
- the right to not be discriminated against for exercising any of your rights granted under the CCPA (right not to be discriminated).
To submit an access or deletion request as well as non-discrimination request please contact our Data Protection Officer via e-mail: [email protected] or by using contact form on page https://voluumdsp.com/contact/. Voluum does not sell customer’s Personal information, hence the right to opt-out does not apply to them (please check detailed information below in this section).
Your request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Please note that if you wish to exercise your rights with any of Voluum other customers, you must make your request directly to them, based on information and procedures that they individually supply.
Categories of Personal Information. We may collect the following categories of Personal information about you:
- Name and surname
- Company name
- Company address
- Company phone number
- Mobile telephone number
- Skype number
- Tax identification number
- E-mail address
- Payment and invoice details
- when you interact with our Site, we may also automatically collect information from your Site activities through the usage of Cookies, Log Data and similar technologies on our Site.
Purposes of use of Personal Information. We may use the categories of Personal information listed above for the purposes of:
- entering into a contract with you (in particular registering your account and verifying your identity)
- performing the contract, in particular performing the Services, ensuring ad security and ad fraud functionality, managing your account, providing you with customer support, processing transactions / issuing invoices, handling your requests, complaints and chargebacks
- pursuing claims or defending against claims
- responding to your inquiries
- improving Services, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement
- monitoring compliance with our Terms and Conditions
- ensuring accountability (demonstration of compliance with our obligations under the law)
- storing data for archiving or statistical purposes
- conducting necessary tax and accounting operations
- performing marketing of our products and Services (our direct marketing, customer satisfaction survey, analysis, enabling you to download the information or publication requested by you)
In addition, we may use the these categories of Personal information for certain business purposes, as specified in the CCPA, in particular as described in this table:
|Categories of Personal Information||Business purposes of use of Personal Information|
|All of the above listed categories.||Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance|
|All of the above listed categories.||Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity|
|All of the above listed categories.||Debugging to identify and repair errors that impair existing intended functionality|
|All of the above listed categories.||Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction|
|All of the above listed categories.||Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services|
|All of the above listed categories.||Undertaking internal research for technological development and demonstration|
|All of the above listed categories.||Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us|
Sale of Personal Information
Please note that Voluum does not and will not sell Personal information of their customers, as defined in section 1798.140 of the CCPA.
Sharing of Personal Information for Business Purposes
If it is necessary to perform our business purposes we may share Personal information in the manner, however, that does not constitute “sell” under CCPA, for example with the parties on behalf of which we operate. Particularly, we may share your Personal information with third parties or allow them to collect Personal information from our sites or services if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal information, or if you use the Voluum Platform or our services to interact with third parties or direct us to disclose your Personal information to third parties.
XIII. Payment Service Providers Notice
The payment service providers are separate controllers of Data which bear the responsibility for your payment data.
For these providers, we recommend that you read their privacy policies, so that you can understand the manner in which your Personal Information will be handled by these providers.
XIV. Children’s privacy
Protecting children’s privacy is very important to Voluum. Our Site is not intended for, designed to be used by, or targeted at children as defined in Applicable laws.
We are in compliance with the requirements of EU General Data Protection Regulation 2016/679, the California Consumer Privacy Act as well as COPPA (Children’s Online Privacy Protection Act) and we do not knowingly collect any Personal Information from anyone under the age of 13.
XV. Notice to parents
If you are a parent or a guardian who knows or has otherwise discovered that your child under the age of 13 has submitted his or her Personal Information, or other information, to us without your consent, permission or authorization, do not hesitate to contact our Data Protection Officer using the following email address: [email protected] .
We will promptly remove your child’s Personal Information or other information from our system, cease the use of such Information and direct any third party with access to it to do the same.
XVII. Contacting us
CentralNic Poland sp. z o.o., with a registered office at ul. Lubicz 17G, 31-503 Kraków, Poland incorporated under the laws of Poland and registered in the companies register of the National Court Register held by District Court Krakow – Srodmiescie in Cracow XI Commercial Division (Sąd Rejonowy dla Krakowa – Śródmieścia w Krakowie XI Wydział Gospodarczy) under (KRS) no. 0000830352, having EU VAT ID: PL5272922087 and the share capital in the amount of 5 000 PLN.
General contact form: https://voluum.com/contact/
Voluum’s Data Protection Officer contact: [email protected]