Privacy policy

Privacy Policy

I. General Information

1. The Privacy Policy of the website (hereinafter referred to as “Website“) is addressed to the users of Website (hereinafter referred to as “Users“) and determines type, scope, and ways of use of personal data as well as rights and obligations of the User and means of protecting the personal data.

2. A controller of the personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the “GDPR“) is NEUROHM Sp.z o.o. (former: NEUROHM Ohme Sp.k), with its registered office in Warsaw (00-585), Poland, at 11/3 Bagatela St., entered in the National Court Register under entry no. 0000984443, registered by the District Court for the capital city of Warsaw in Warsaw, XII Commercial Division of the National Court Register, NIP 7010369265, REGON 146535475 (hereinafter referred to as “Service Provider“).

3. You can contact the Service Provider in the following ways: by email:, by telephone: +48 22 417 42 70, or you can write a letter to the following address: 11/3 Bagatela St., Warsaw, (00-585), Poland.

II. The collected data

Data collected by creating an iCode™ account

1. In order to use the Website, a new User has to register by creating an iCode™ account (hereinafter referred to as the: “Account”) and provide the following personal data: country, User name (i.e., name and surname of a company representative or an individual person – the User), company name, email, password – are obligatory, city, zip code, address, mobile phone and tax ID are optional at this step (the User might skip it). They will be obligatory in the moment of requesting the report.

Data collected automatically

1. The website automatically collects information through cookies. By accepting the Privacy Policy, you are agreeing to the use of cookies described in the following points.

2. During using the Website by the User following personal data are automatically collected: e-mail address and the operating system type. These data can be collected by the cookies files, Google Analytics and

3. Cookies, referred to in the point 1 above, are files sent to a computer or other device of the User while browsing the Website. If you want to delete existing cookies from your device, you can do it using the options of your browser.

4. Service Provider uses following types of cookies (unless otherwise specified):

- necessary cookies – files which are essential to enable Users navigating through the Website and use its features,

- performance cookies – files collecting information about how Users use the Website, which parts of the Website are being visited the most often. The data collected by these cookies is anonymous and used only to improve the functioning of the site;

5. Google Analytics, referred to in 1, is a web analytics system that gives an insight into a traffic on the Website, used to carry out marketing activities.

Log data

1. Our servers store log files, which record any access to them. The log files contain data about the type of each access, including IP addresses, files displayed on our website, operating system versions, types of device and time stamps.

III. Use of data

1. Data given by the User or the data collected automatically are used (processed) by the Service Provider for the following purposes:

- performance of the service, registration and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);

- ensuring the proper functioning, configuration, security and reliability of the Website – processing is necessary for the proper performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);

- monitoring of a session’s status – processing is necessary for the proper performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);

- adjusting the display of information to the User – processing is necessary for performance of the service and management of the Account (Art. 6 Sec. 1 letter (b) of GDPR);

- analysis, statistics, research and audit of views of the Website – these processing activities are necessary for Service Provider’s legitimate business interest in managing the Website and improving services (Art. 6 Sec. 1 letter (f) of GDPR);

- direct marketing of Service Provider’s products and services – these processing activities are necessary for Service Provider’s legitimate business interests in the direct marketing (Art. 6 Sec. 1 letter (f) of GDPR);

- processing is necessary also in order for the Service Provider to comply with any legal or regulatory obligations, especially tax and accounting obligations (Art. 6 Sec. 1 letter (c) of GDPR);

- processing is needed for establishment, exercise or defence of legal claims – these processing activities are necessary for the Service Provider’s legitimate business interests in establishment, exercise or defence of legal claims (Art. 6 Sec. 1 letter (f) of GDPR).

2. Providing personal data listed in the point II.1 is voluntary, however it is necessary to conclude and execute the service (failure to provide data results in the inability to conclude and perform the service, and consequently the inability to use the Website).

3. The Service Provider may disclose User’s personal data to following recipients: employees and co-workers of the Service Provider, IT service providers, entities providing advisory and legal services, banks and entities operating the module instant payments at the Website.

4. The Service Provider may disclose User’s personal data to enforcement and judicial authorities or to other entities entitled to receive them under the law, if there are justifiable legal ground for such.

5. The Service Provider does not intend to transfer the User’s personal data to a third country or international organization outside the European Economic Area.

6. The Service Provider will not make automated decision making towards Users, including profiling.

IV. Data retention

1. Data processed for registration purposes will be processed until the eventual deletion of the service account, resulting in the termination of the service contract.

2. Data processed in connection with the conclusion of contracts will be stored until the statute of limitations for claims under those contracts. Due to the need to fulfill obligations of a tax and accounting nature, some personal data will be stored for a period of 6 years from the date of termination of the Services.

3. Information necessary for the handling of the complaint will be processed until the expiration of rights under this title.

4. Personal data obtained for the purpose of contact with the Service Provider will be processed for the period of this contact and then archived for a period of 3 years after the end of contact, which is justified by the need to reconstruct the content of such contact in connection with the investigation of possible claims.

5. Data processed in connection with the assertion of potential claims, as well as for archiving purposes, will be processed for 3 years after the termination of the Services.

V. Rights of the User

1. The User has following rights:

- the right to request an access to User’s personal data;

- the right to request rectification of User’s personal data;

- the right to request erasure of User’s personal data;

- the right to restrict processing of User’s personal data;

- the right to object to the processing of your personal data.

2. In order to exercise the above rights, please contact the Service Provider, using the above-mentioned contact details (see point I.3 above).

3. In addition, the User has the right to lodge a complaint with the supervisory body dealing with the protection of personal data (pol. Prezes Urzędu Ochrony Danych Osobowych), if the User thinks that the data processing violates the GDPR.

4. Any changes concerning User’s personal data may be made by the User once he is registered and/or logged into the Website or via the link sent by the Service Provider to the User via e-mail.

VI. Protection of personal data 

1. The Service Provider shall apply appropriate technical and organizational measures to ensure the security of personal data processed, appropriate to the threats and the category of personal data protected. In particular, the Service Provider shall protect the data from being made available to unauthorized persons, from being accessed or taken by unauthorized persons, from being processed in violation of applicable laws, and from being altered, lost, damaged, or destroyed.

2. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of the processing as well as the risk of violation of the rights or freedoms of natural persons with different probability of occurrence and severity of the threat, the Service Provider shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such as:

- encryption of personal data,

- the ability to continuously ensure the confidentiality, integrity, availability and resilience of the processing systems and services,

- the ability to quickly restore availability of and access to personal data in the event of a physical or technical incident,

- regular testing, measurement and evaluation of the effectiveness of technical and organizational measures designed to ensure the security of processing.

VII. Contact

1. Any additional questions and information related to the present Privacy Policy may be directed to the Service Provider at the following email address:

VIII. Final provisions

1. The rules described in this Privacy Policy shall be subject to the law of the Republic of Poland.

2. The Service Provider is entitled to unilaterally amend the Privacy Policy, among others, in the event of:

- the circumstances of force majeure,

- changes in the regulations in force applicable to the provision of electronic services, to the transactions concluded at distance, or in the regulations of personal data protection

- changes in the offer of the Service Provider.

- development of functionality or Services dictated by advances in Internet technology, including application/implementation of new technological or technical solutions, affecting scope of the Privacy Policy.

3. The Service Provider will notify the User of any changes of the Privacy Policy in a form of message sent to User’s email address. All the Users will be bound by the provisions of the new Privacy Policy in case it changes, unless they terminate it within thirty (30) days from the date of notification about changes in the Privacy Policy.

© Senetic ®

The cookies we use are necessary to help us deliver our services. By using this website, you agree to our use of those necessary cookies. To find out more, read Privacy Policy and Terms and Conditions.