Terms of Service – ToS
Don't hesitate to contact us, if you have any questions about those terms. We'll answer immediately via chat or email. We encourage you to contact us, if you would like to cooperate with us on terms other than those listed below. We're ready to talk about the special needs of our clients and we're ready to configure our services to meet your needs.
Table of Contents:
- Subject of the Agreement and the Service Provider's statements
- Service level (SLA)
- Information security and personal data protection
- Duration and termination / withdrawal from the contract
- Final provisions
Cooperation with us and using our services is tantamount to concluding a Contract with us (see provisions of section 1), under the conditions set out in this ToS. The contract is concluded electronically, upon the creation of an account on the User.com Platform by performing the activities described in detail on this Website. Therefore, the terms 'Agreement', 'General Terms of Service', Terms of Service and ToS will be equivalent. Contact between us will take place via the details you provided, and our current ones will always be available on our website.
"With us", that is:
User.com Sp. z o.o. (Ltd.) based in Warsaw, ul. Grzybowska 87, 00-844 Warsaw, TID: 5272791969, REGON: 366211058, entered into the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Department of the National Court Register under the number KRS 0000654981, with share capital of 6,300 PLN,
represented by Grzegorz Andrzej Warzecha - President of the Management Board,
hereinafter referred to as the "Service Provider" or "User.com".
For the purposes of this Agreement, you will be called a "Customer".
Each of the parties will be referred to as the "the Party", and jointly "the Parties".
Read carefully these ToS, including documents contained under hyperlinks, as they are an integral part of ToS.
You can view the latest ToS version at any time. Therefore, be aware that we reserve the right to amend and change the ToS by posting updates and / or changes to our site. It is in your best interest, and at the same time a duty, to check regularly that no changes have been made. By using this website and continuous access to the site, you accept all changes.
By using our services, you confirm that you have reached the age of majority understood by the legal provisions of the given country or region. If your age gives you legal force, you can give permission to use the site to minors who are under your direct protection.
You must know that your safety is most important to us. The main principles that guide us in this regard are here.
Subject of the Agreement and the Service Provider's statements
The Service Provider represents and ensures that it is fully entitled to conclude the Agreement; the conclusion of the Agreement does not violate any rights of third parties that may affect its performance or require the consent of a third party; there are no agreements or arrangements concluded with third parties, of a private or public law nature, which could be relevant to the validity, effectiveness or enforceability of the Agreement and the Service Provider's obligations arising therefrom.
The Service Provider represents and ensures that it has tangible and intangible assets (including human resources, experience and know-how) necessary to perform the obligations arising from this Agreement. The Service Provider declares that the scope of its basic activity includes the provision of services related to programming and graphic design.
The Service Provider represents and ensures that the works that are the subject of the Agreement will be carried out by the Service Provider through the Service Provider's employees, for whose actions or omissions the Service Provider is responsible as for their own actions and omissions (by "Employees of the Service Provider" the Parties understand the persons remaining in the employment relationship with the Service Provider and persons permanently cooperating with the Service Provider to the extent covered by the subject of the Agreement, based on a civil law contract). Entrusting all or part of the works that are the subject of the Contract to a third party who is not an Employee of the Service Provider (subcontractor) requires the Customer's separate consent, granted in writing, otherwise being null and void. If the Customer agrees, referred to in the previous sentence, to entrust work to subcontractors, the Service Provider will be responsible for the actions or omissions of the subcontractors as for their own. The Service Provider is not authorized to incur any obligations on behalf of or for the benefit of the Customer.
The Service Provider is not responsible for the information provided by the Customer on logins and passwords to the User.com panel, and thus deletion of data in the application by third parties. The customer is obliged to store the above-mentioned data in a safe place, preventing access by unauthorized persons.
Only the Customer has access to the data that is in his Services panel. The Service Provider is not able to view, change and delete the Customer's data (except for the situations specified in section 1.8-10, and in the event of the Customer's express request to optimize / improve the operation of the Service). The Service Provider provides technology and a tool for collecting data and communicating with users visiting the Customer's website, the Customer is responsible for the registration and management of existing Contacts.
The Customer is not entitled to independently introduce changes to the mechanisms of the User.com Platform. The Service Provider is responsible for the functioning of all processes and defining automation, while maintaining the correct operation of the system and processes created in it (uninterrupted operation of all functions of the Platform specified in the Agreement).
The collected data in the User.com application is stored for the duration of the Agreement, until the Customer (after termination of the contract) is provided with all data collected during the Agreement term. After termination of the contract, the data is permanently deleted within no more than 60 (sixty) days. During the term of the contract, the Customer may also export his data to CSV files, download via API or delete.
In the event of a slower operation of the application due to the amount of data stored in the website application, User.com is entitled to delete old outdated data (data that is associated with identified users /contacts/, but de facto has no business value: contact page views from 30 days ago, information about products that no longer exist, etc. - the detailed scope of data and a longer retention time of the above-mentioned "old" data will be determined by the Parties on an ongoing basis) leaving a trace of them in an aggregated form (number of subpages visited, date of the first visit), this removal takes place with the prior consent of the Customer by e-mail.
The parties agree that the retention of anonymous data is 90 (say: ninety) days. This means that data about anonymous users (only cookies) who do not have any contact details (user_id, e-mail, telephone number, consent to Web Push communication, identifier used in the mobile application) and have not been active for the last 90 (in words: ninety) days are completely removed from the system every night at night
Service Level Agreement (SLA)
The Service Provider undertakes to maintain the Platform in accordance with the rules indicated in the SLA, which also includes a detailed description and functionality of the Platform.
The Customer makes payments for the Service on the terms and methods specified in the Subscription Plan choosing by him.
The Customer agrees that the Customer's data (in addition to the data from the credit card) may be sent in an unencrypted form and a) be sent to various networks; and (b) amended to comply with the technical requirements of the connecting network or electronic devices. Credit card information is always encrypted during transfer between services. In addition, the Customer agrees to provide current, complete and accurate purchase and account information for all payments on the site. The Customer also agrees to immediately update the account and all information on it, including email address, credit card number and expiration date, which allows the Service Provider to finalize orders placed by the Customer and contact the Customer if necessary.
The Service Provider reserves the right to change the price of products without prior notice by posting new prices on its website. This change will only apply to the customer from the start of the new payment period under the Subscription Plan.
Refund policy and individual cases in which it can be made are described here.
For the purposes of the Contract, the expression "Confidential Information" means all information of a matter of economic, technical, financial, operational, administrative, obtained in writing, orally or otherwise recorded ( in particular in electronic form), which have been disclosed in connection with the conclusion and implementation of this Agreement, excluding publicly available information.
The Parties undertake to keep confidential Confidential Information and refrain from using Confidential Information for purposes other than those for which it was originally provided, as well as not to transfer any Confidential Information to any third party without the prior written consent of the other party. The obligation to maintain confidentiality and confidentiality by itself and third parties (including its employees and associates) having access to Confidential Information, includes in particular, but not limited to, the obligation to:
use Confidential Information only for purposes directly related to the given activity,
not disclosing or passing Confidential Information to any third parties, unless it is necessary for the implementation of a given action;
not to use Confidential Information in the Party's own activities; and
inform the other Party of any breach of the obligations under this Agreement and of any obligation to disclose any Confidential Information in accordance with generally applicable law
The provisions regarding confidentiality and non-disclosure arising from the Agreement shall not apply to:
when their application would prevent the Parties from disclosing information required by applicable law on the basis of an enforceable court decision or an enforceable administrative decision;
when the disclosure of Confidential Information by a Party takes place during judicial, judicial-administrative or administrative proceedings to the extent necessary to properly protect the rights of such Party;
to the advisers of the Parties as well as their subcontractors and consultants who are subject to the obligation of confidentiality; with the proviso that the Party disclosing the Confidential Information to third parties of any information constituting the business secret of the other party referred to in the preceding sentence is responsible for their actions as for their own;
in connection with a dispute, discrepancy or litigation between the Parties, including Confidential Information - whereby the Disclosing Party will take steps to limit the scope of disclosure of Confidential Information for purposes related to such proceeding
The confidentiality obligation applies from the date of the conclusion of the Agreement and is not limited by time, it also applies after the termination of this Agreement.
In the event of a breach of the provisions of the Agreement referred to in section 4.2, the Party shall be obliged to pay to the other Party immediately the contractual penalty amounting to 10% of the monthly remuneration due to the Service Provider for each violation, while the total amount of contractual penalties imposed may not exceed 100 % of the monthly remuneration due to the Service Provider.
The payment of the abovementioned contractual penalty will take place within 30 days of the party finding such a violation, which should be reflected in the Breach Protocol prepared jointly and accepted by both Parties. In the event of non-acceptance of the above-mentioned Protocol by any of the Parties, this issue will be resolved on general terms.
Protection of personal data
In addition to the regulations presented below, full information on information security issues is available at:
but primarily in the Information Security Policy of User.com Sp. z o.o. with seat in Warsaw on March 14, 2020, available at User.com, and on request - in electronic form by e-mail, with the proviso that, for security reasons, the openness of some of the above-mentioned documents may be restricted.
The Customer is the Data Administrator of the personal data of users of the Customer's internet and mobile applications within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46 / EC (Journal of Laws EU.L No. 119, p. 1) (hereinafter referred to as the "GDPR") entrusted for processing User.com on the basis of the provisions of this Agreement. User.com becomes under this Agreement an entity processing personal data on behalf of and on behalf of the Customer within the meaning of art. 31 of the Act and art. 4 GDPR. User.com does not become the administrator of personal data. Notwithstanding the foregoing, User.com is the Administrator of the Customer's personal data, and the rules for processing this personal data can be found here.
The parties are aware of the fact that pursuant to art. 82 paragraph 4 of GDPR if both the controller and the processing entity participate in the same processing and in accordance with art. 82 paragraph 2 and 3 of the Regulation are responsible for damage caused by processing, they bear joint and several liability for all damage, so as to ensure that the data subject actually obtains compensation. Additionally - in accordance with art. 28 section 10 of GDPR, if the Processing Entity violates GDPR in determining the purposes and methods of processing, it is considered to be the controller in relation to this processing, with all the consequences arising from EU and national law.
For the purposes of implementing this Agreement, pursuant to GDPR, the Customer entrusts User.com with the processing of personal data of the users of the Internet and mobile applications of the Customer to the extent and purpose specified under the Subscription Plan, undertakes to process this data in a manner ensuring compliance with the requirements set out in GDPR, as well as in legal acts adopted in the national legal order on the basis of this GDPR.
User.com has the right to process Data only for the purpose of performing services under the Agreement, taking into account the nature and purpose of processing specified in the Agreement. The processing of personal data entrusted pursuant to this contract will take place from the moment the data is transferred to the end of this contract.
The entrustment of the processing of personal data referred to above by the Customer includes personal data to the extent necessary for the fulfillment by User.com of obligations under this Agreement. The categories of data subjects are users of the Customer's web and mobile applications. The catalog of personal data and data related to them is contained in Annex 1, with the proviso that personal data marked as "Custom Attributes" during the term of the Agreement may be independently defined and dynamically changed by the Customer.
The Customer authorizes User.com to process personal data to the extent and purpose specified in this Agreement, as well as to grant further authorizations to process data to persons cooperating with User.com under an employment contract or civil law agreement.
User.com undertakes to process Data only on the documented instruction or with the documented consent of the Customer - which also applies to the transfer of personal data to a third country or international organization - unless such obligation is imposed on him by European Union or Member State law to which the User.com is subject. In this case, before starting processing, User.com informs the Customer of this legal obligation, provided that this law does not prohibit the provision of such information due to important public interest.
If, to perform specific processing activities on behalf of the Customer, User.com uses the services of another processing entity, User.com undertakes to impose on this other processing entity under the contract concluded in writing the same data protection obligations as in this Agreement, in particular the obligation to provide sufficient guarantees for the implementation of appropriate technical and organizational measures to ensure that the processing complies with legal requirements. If this other processor does not comply with its data protection obligations, full responsibility to the Customer for fulfilling the obligations of that other processor is with User.com.
User.com undertakes to apply the security measures referred to in art. 32 of GDPR, in particular to:
the use of technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data protected, and in particular should protect the Data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of the Regulation and the change, loss, damage or destruction of these data,
admission to operate the IT system and the devices included in it, used to process Data only of employees of User.com or persons remaining with User.com in relation to an order or legal relationship of a similar nature, having valid authorization to process data,
keeping records of persons employed by User.com while processing Data,
not disclosing Data to third parties,
controlling the course of the Data processing.
User.com undertakes, in the cases required by the Regulation, to carry out a Personal Data Protection Impact Assessment (DPIA) and provide this assessment to the Customer before processing the Data.
User.com ensures that persons authorized to process personal data commit themselves to secrecy or that they are subject to the appropriate statutory obligation of confidentiality.
User.com is obliged to secure the Data against unauthorized access to them, in particular to keep the Data confidential and not to record it in any way enabling unauthorized access to the Data.
The Customer and User.com agree that in the case of sending files containing personal data, these files will be protected during transmission over a public network using cryptographic means of personal data protection.
In extraordinary situations not provided for in the Agreement, User.com undertakes to process personal data having regard to data protection and the interest of the Customer.
User.com declares that it has appointed the Data Protection Inspector specified in the Regulation, which supervises and controls the compliance with the above principles of personal data protection. Contact details: Attorney-At-Law Kamil Suplewski, +48 506 577 332, firstname.lastname@example.org , email@example.com .
User.com undertakes to deal promptly and properly with each Customer's question regarding the processing of personal data entrusted to him, in particular those regarding the organization of personal data protection at User.com.
User.com, taking into account the nature of Data processing, where possible helps the Customer by appropriate technical and organizational measures to comply with the obligation to respond to the requests of the data subject in the exercise of his rights set out in Chapter III of GDPR.
User.com, taking into account the nature of Data processing and the information available to User.com, helps the Customer to meet the obligations set out in art. 32-36 of GDPR. In particular, User.com undertakes to immediately, not later than 48 hours from detection, inform the Customer of any noticed breaches of personal data protection that will occur in connection with the processing of this data by User.com.
User.com provides the Customer with all information necessary to demonstrate compliance with the obligations set out in Article 28 of GDPR, and enables the Customer or an auditor authorized by the Customer to carry out audits, including inspections, contributes to and participates in them.
User.com shall immediately inform the Customer if, in its opinion, the order issued to it constitutes a violation of GDPR or other European Union law or national law.
The Parties agree that during the implementation of the provisions of this Section of the Agreement they will cooperate closely, informing each other of all circumstances having or likely to affect the implementation of these provisions.
User.com will terminate the processing of Data under this Agreement if the Agreement expires or terminates. In this case, depending on the documented decision of the Customer, User.com will return or delete all entrusted personal data within 60 days from the date of obtaining such a decision of the Customer. User.com does not have to comply with the obligation set out in the preceding sentence only if, pursuant to Union law or national law, it is required to store the Data for a longer period. In such a situation, User.com shall comply with the obligations arising from this paragraph by way of analogy to the Customer at the end of the period of data storage required by Union or national law.
User.com will not process Data if the data subject objects to the processing of his Data. If such objection is raised to User.com, User.com is obliged to immediately inform the Customer about this fact and follow the Customer's instructions.
Duration and termination / withdrawal from the contract
This Agreement is effective from the moment the confirmation of its conclusion by the Customer in the manner specified on the website http://user.com and is concluded for the period specified in the Subscription Plan chosen by the Customer.
The Customer has the right to terminate the contract without notice if the Service Provider completely discontinues the performance of this contract, and the Service Provider has the right to terminate the contract without notice in the event of an unjustified lack of cooperation of the Customer to the extent necessary for the proper performance of the Service Provider's obligations. The abovementioned termination of the contract should be preceded by a written one, which also means by electronic means - e.g. by e-mail, setting an additional 7-day deadline to remove the violations indicated in this letter. Withdrawal from the Agreement for the reasons referred to in the previous sentence may take place within 7 days of the expiry of the above-mentioned 7-day period and should be made by a letter containing the justification. It also constitutes the basis for a request by a Party to pay a contractual penalty of 100% of the monthly remuneration due to the Service Provider.
The Service Provider reserves the right to immediately terminate the Agreement if the Customer uses the Service: (A) for unlawful purposes, or to participate in any unlawful activities; (B) violating the intellectual property or intellectual property rights of others; (C) to harass, abuse, insult, defame, slander, discredit, intimidate or discriminate on grounds of sex, sexual orientation, religion, ethnicity, race, age, national origin or disability; (D) provide false or misleading information; (E) to send viruses or other type of malicious code that can be used in a way that will affect the functionality or functioning of the Website or any related website, other websites or on the Internet as a whole; (F) unlawfully collecting or tracking personal data of others; (G) spamming; (H) for obscene purposes; (I) to disrupt or circumvent the security of our Website or related pages, other websites or the Internet as a whole.
The Parties shall not be liable for non-performance or improper performance of the Agreement if it is caused by force majeure beyond the control of the Parties. Under the Agreement, a case of force majeure is considered to be a situation in which the performance of a Party's obligation has become impossible as a result of external, extraordinary, unpredictable events and which could not be prevented, in particular: strikes, unrest, war, flood, hurricane. If the period of force majeure lasts more than one month, the Parties have the right to withdraw from the further implementation of the Agreement, without any consequences, including penalties and damages, after prior written notification, within one month from the date of receipt of the notification by the Party concerned, with effect at the end calendar month.
This Agreement supersedes all prior agreements, arrangements and proposals, oral or written, between the Customer and the Service Provider regarding the use of the Service by the Customer.
The Customer agrees for User.com to publish information on the Customer's use of the Service, including the use of the Customer's logo and other identifying information.
The Parties agree that neither Party may transfer rights or obligations under this Agreement to a third party without the written consent of the other Party (Prohibition of Assignment).
The provisions of the Agreement which are invalid, unlawful or impossible to meet do not exclude the validity of the Agreement in the remaining scope.
When implementing this Agreement, the applicable law is the law applicable to the Service Provider's seat.
The Parties shall endeavor to amicably resolve any disputes arising in connection with the implementation of the Agreement. Disputes that cannot be resolved amicably within two months of the date of submission of the dispute, the Parties shall submit for resolution by a common court competent for the seat of the Service Provider.
The Service Provider is entitled to make changes to this ToS, as referred to in Introduction, however, these changes will only apply to the Customer from the beginning of a new payment period under the Subscription Plan.
An integral part of the Agreement, apart from the documents to which the hyperlinks highlighted in the text refer, is its Annex No. 1.
Subject and duration of processing, nature and purpose of processing, type of personal data and categories of data subjects, as well as a list of personal data processing operations under the Agreement
Categories of persons who are subject to Personal Data
- users of the client's web and mobile applications
TYPES OF PERSONAL DATA
I. Standard attributes:
1. Examples supplemented automatically by the system:
- identifier from the database assigned to each user account
- the cookie number is always assigned
"status": "visitor", always updated, can be "user" (specific name) or "visitor"
"last_ip": "18.104.22.168", - the IP this user has recently connected to
"timezone": "Europe / Berlin", - the time zone from which this user recently connected
"city": "Niepolomice", - information completed automatically on the basis of IP
"region": "Lesser Poland", - information completed automatically on the basis of IP
"country": "Poland", - information supplemented automatically on the basis of IP
"browser_language": "en", the language of the last used browser.
"browser": "Chrome", - type of recently used browser
"os_type": "Mac OS X", - operating system
"device": "mobile", the type of device based on the operating system
"name": "firstname.lastname@example.org", usually consisting of "first_name" and "last_name" but in the absence of one or the other receiving a value email
"email": "email@example.com", email address
"phone_number": null, - phone number
"unsubscribed": false, updated if the user unsubscribes from email notifications
"score": 0, updated by automations
"facebook_url": null, link to the profile in the social media of this particular user updated manually by import or through some integration with other services (Full contact / zapier)
"linkedin_url": null, link to the profile in the social media of this particular user updated manually by import or through some integration with other services (Full contact / zapier)
"twitter_url": null, link to the profile in the social media of this particular user updated manually by import or through some integration with other services (Full contact / zapier)
"google_url": null, link to the profile in the social media of this particular user updated manually by import or through some integration with other services (Full contact / zapier)
"user_id": null, the unique user ID usually sent from the client application database
"web_push_subscription": false, updated when the user agrees to WebPushe (de facto we need to store some other keys: auth, p256dh, endpoint, and the private and public key assigned to this application
"assigned_to": null - customer account manager or agent assigned to the user
Ii. Custom attributes - set freely by the Customer from among those obtainable from users using the Customer's internet and mobile applications.
III. Elements associated with the user
List of personal data processing operations under the Agreement:
Duration of processing
Personal data may be processed for the duration of the Agreement and the Basic Agreement, extended by the period necessary to pursue claims arising from the performance of these agreements.