Commitment to Data Protection
GENERAL DATA PROTECTION REGULATION EU 2016/697 COMPLIANCE STATEMENT
I. Scope of the Statement
This Data Protection Statement (hereinafter as Statement) applies to the way Woodpecker.co (hereinafter as Woodpecker) process the personal data as defined in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as GDPR).
This Statement applies both to Woodpecker’s Service provided via www.woodpecker.co as well as to all Woodpecker’s employees and collaborators.
II. Definitions
- All definitions, such as “Personal Data”, “Processing”, “Controller”, “Processor”, used in this Statement shall have the meaning as set forth by the GDPR.
- “Sub-processor” means any third party appointed by or on behalf of the Processor who provides any services to the Processor and processes Personal Data.
- “Service” means software provided by Woodpecker via the following website www.woodpecker.co
- “Customer” means any person or entity who uses Woodpecker’s Service with an admin’s permissions and has access to an active Service account regardless of its version (trial or premium).
- “User” means any person who uses Woodpecker’s Services with the access granted by the Customer as an account admin.
- “Prospect” means the person to whom the cold email campaign is being sent by the Customer and/or User with the Woodpecker’s Service usage.
III. Data protection commitment
- This Statement constitutes Woodpecker’s binding commitment in terms of Personal Data and Processing and protection.
- Woodpecker declares that it is aware of risks arising out of Personal Data Processing and shall devote its time and resources to minimize any risk concerning data (including Personal Data) entered into the system via the Service.
- The Personal Data is being processed by Woodpecker.co S.A. (joint-stock company), with its registered office in Poland (50-424 Wrocław, Krakowska street 29D), entered into the National Court Register under the no. 0000563751, having the tax registration no. (NIP) no. 8992769178. Woodpecker is aware of responsibilities arising from the General Data Protection Regulation and dedicates to accomplish goals set forth in the GDPR.
- The Woodpecker undertakes the necessary steps to comply with the GDPR requirements and hereby express its affirmation of the principles mentioned in this Statement.
- Woodpecker processes Personal Data in a transparent way as well as provides applicable and transparent safety and security measures and standards.
- Customers, Users, or website visitors may provide Woodpecker with their Personal Data. By using Woodpecker’s Service or website the above mentioned agrees to the Data Processing by Woodpecker in line with its Statement and other related documents.
- Personal Data is processed to provide the Service as well as to maintain the proper functioning of the Service. Woodpecker will not process the Personal Data otherwise than according to the Controller or Processor’s instructions. However such instructions will not be contrary to the law or to the purpose of data processing by Woodpecker.
- Woodpecker ensures that it takes appropriate security measures to protect the information assets (including Personal Data) from unauthorized access or misuse.
- Woodpecker ensures that all security-related GDPR obligations shall be fulfilled.
- Woodpecker ensures that it has created and follows procedures that adjust data protection reporting to the appropriate supervisory authority.
- Woodpecker shall investigate all factual or suspected data security breaches and shall take necessary steps to eliminate or mitigate the effects of the breach and – in cases specified by law – shall inform the data subjects or the Customer of the breach.
- Woodpecker shall regularly conduct a risk assessment and take all possible precautions and available techniques to minimize the occurrence of data protection breach.
- Woodpecker shall develop, adjust and constantly improve the data protection field to address newly arising concerns of its Customers and Users.
IV. Data Protection Policy
- Woodpecker acts as both, a data Controller and a data Processor. With reference to theIn case of Personal Data of Customers or Users, Woodpecker acts as a data Controller with the ability to define the purpose of Processing.
- With reference to any other data entered to the system by an end user or the Customer, in particular but not limited to Prospects database, IMAP server data, campaign, Woodpecker acts as a Processor which Process Personal Data on behalf of a Controller, by providing automation service.
- Woodpecker acting as a Controller guarantees that data of the EU citizens shall be stored on the EU located servers.
- Woodpecker acting as a Processor declares that it will not transfer any Customer’s Personal Data to any third country which does not guarantee the protection adequate to the protection provided by the GDPR standards, without providing additional security measures. If the Woodpecker transfers the personal data outside the EU to a country which does not guarantee the adequate level of protection, it shall implement additional safeguards (such as Standard Contractual Clauses) to guarantee the safety of the Personal Data of the European Union citizens.
- The main purpose of Persona Data collection and processing is to provide the Service, enable account functioning, provide technical support and maintenance, monitor activities that raise protection security, maintain access via API standard method and provide invoices.
- Under the GDPR the data subject has the right to be informed about processed data, access its data, data rectification, data erasure, to restrict processing, data portability, and the right to object data processing.
- In case of any complaints or doubts concerning Data Processing or security, you can contact us at [email protected]. Any complaints, data deletion request, data modification requests, restrictions of Data Processing or data return request shall be sent to Woodpecker.co via [email protected].
- If Woodpecker processes the Personal Data as a data Processor, it shall not be responsible for the content of conversations and Personal data entered into the Service
- Woodpecker will not lease, sell, or exchange any of Customers or Users data (including Personal Data) Woodpecker may share data (including Personal Data)with processors and sub-processors employed by Woodpecker to provide the Service, or if otherwise required by law (especially if the disclosure is requested by the court, police or other entitled authority).
- To limit data access or request additional information the Customer or User shall submit a written request via [email protected].
- Data processing of Customers’, Users’ and Prospects’ Personal Data is based on the Agreement between the Customer and Woodpecker.
- Data processing of content, Prospects’ database, and campaigns is based upon the agreement between Woodpecker (Processor) and a Customer or User (Controller).
- Woodpecker’s personnel (employees and contractors) is trained in Personal Data data processing and shall not process any Personal Data without appropriate authorization. Personnel is obligated to maintain the confidentiality of Personal Data. Woodpecker has limited the personnel’s access to Personal Data to the minimum necessary to provide the Service and performance maintenance.
V. Dispute solving
- In case of any dispute Woodpecker is willing to first seek to reach an amicable solution.
- If such a solution is not possible, Woodpecker.co as a company registered in Poland is obliged to solve disputes on the grounds of Polish jurisdiction.