PRIVACY AND SECURITY POLICY
- WHO WE ARE:
We the “Holiapp” is an eLearning platform where people or specialist can learn about the natural ways of helping themselves or others and can organize or purchases pre-developed e-courses. We are focusing on holistic medicine and personal growth.
“Application” –an internet platform operating in the domain https://holiapp.me/(the “Website “or “Site”)
“Customer “- a natural person with full legal capacity, and in cases provided for by generally applicable regulations, also a natural person with limited legal capacity or a legal person or an organizational unit without legal personality, which the law grants legal capacity - which has concluded or intends to conclude an Agreement for the provision of electronic services with Holiapp and use or intend to use at least one Electronic Service;
“Organizer” - the entity responsible for the organization of the course or training;
“Course form” - an electronic service, an interactive form available in the Application that allows you to sign up for a course or training of your choice, in particular by making an electronic subscription to the appropriate course or training and defining the terms of the Agreement for the provision of services, including payment and the method of providing the Service ;
“Service “- training or course, or other service activity being the subject of the Service Agreement between the Client and the Organizer;
‘Product”- mean the E-Courses including but not limited to “Pinopressure Therapy E-Course”
“Electronic service” - a service provided electronically by Holiapp.me to the Customer via the Application;
“Contract for the provision of services” - a contract for the provision of services concluded or concluded between the Customer and the Organizer via the Application;
“Agreement for the provision of electronic services” - an agreement for the provision of electronic services concluded or concluded between the Customer and Holiapp.me, via the Application;
“Order “- the Customer's declaration of intent submitted via the Course Form and aimed directly at concluding the Agreement for the provision of services with the Organizer on the terms described in these Regulations and in the offer made available by the Organizer;
“Registration form” - a form available in the Application that allows you to create an Account;
“Account” - Electronic service, marked with an individual name (login) and password provided by the Customer. Upon creating the Account, the Customer becomes the sole owner of the access data to the Account;
“Customer Panel” - an area in the Application where the Customer, after setting up an Account, can obtain information on the courses or trainings carried out, gain access to the history of his trainings or courses, the possibility of changing the password, personal data and other additional information provided by the Customer.
“Publisher” - TCM Brand Sp. z o . o
“Application” - an internet platform operating in the domain https://holiapp.me/;
“Regulations” - a document setting out the rules for using the Application, general terms and conditions for concluding contracts, rules and the method of providing services, including electronic services, by Holiapp.me;
“Business day” - one day from Monday to Friday, excluding public holidays;
- THE TYPES OF DATA WE COLLECT FROM YOU:
When you present in the Site or Application, in particular while using our Site Electronic Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information (PII) may include, but is not limited to your Full Name, Surname, Email Address, Phone Number, City, State, Country, Zip Code (“Personal Data”).
The scope of entrusting your data is broken down into mandatory and non-mandatory data, each time specified in an adapted form for entering this data, according to the needs of a given Electronic Service or Service that the user or the Customer intends to use. Providing data is always voluntary, but sometimes necessary for the proper completion of the Order or Electronic Service. We may collect the following information from you;
- User-provided Information:
- Account Information. When you place any order to our Website or purchase any e-courses, or want to publish any e-course, you may need to sign up or register for an user account and access to the user dashboard(You may also directly register for an account with us) which we require certain information such as your First Name, Last Name, Email Address, etc.
- Profile or Account Information. To use certain features within the ”Holiapp”, we may also ask the user to complete you profile or account with us, which may include your Photo, phone number, occupation, skill interests, gender, race,, Mailing Address (including but not limited to City, State, Country, Zip Code), Language, Date of Birth ,government ID information, verification etc.
- Payment Information. We don’t locally process any payments and we don’t collect any payment information by us or transferred to us either through our Website or Application. All payments will be handled through the secure gateway system either through our Website and or otherwise. We are using “PayU” as our payment getaway and no payment data will be collected by “Holiapp” itself. At the point of payments through the secure gateway system, you are transferred to a secure page of “PayU” payment service provider and any data collected through the PayU will be conduct by the Privacy Statement of “PayU” you can find here https://poland.payu.com/en/privacy-statement/
- Communications with “Holiapp” Via Live Chat or Other ways. When any User communicates with “Holiapp” using our Contact us form, support email, Phone Call or live chat option or/with a phone call we may collect Personal Data through such communications.
- Other Information. The user may otherwise choose to provide us information when you fill our product returns form, Contact us from, update or add information to your account with us or interest with your social media account.
- Data Collected via Technology:
We may also collect and store information that is generated automatically as you navigate online through the Site or its services. When you visit or use our site and its services, we may collect technical information including but not limited to your Usage Information, your IP (Internet Protocol) address, Location Information, Log Data, and Transaction Information, Cookies and Similar Technologies “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type etc. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message, to the extent permitted under applicable law.
We may use Google Analytics, Google's and Facebook's ad tracking feature and remarketing pixels and other third-party vendors to collect information anonymously and report Website and it’s services trends without identifying individual visitors. Facebook and Google use its cookie to track visitor interactions. Website owners can view a variety of reports about how visitors interact with their Website and it’s services so they can improve their Website and how people find it.
4. PURPOSE AND SCOPE OF DATA COLLECTION
The data is processed solely for the purpose for which “Holiapp” was provided. We may use your Personal Data for the purposes of including but not limited to
- To personify the user experience;
- To maintain your interest and account with us.
- To Analyze and enhance our communications and strategies;
- Respond to your inquiries;
- To create, manage and control your account and dashboard information and to verify access rights to the Site and Services.
- To protect the security and safety of our users, protect against and prevent fraud, unauthorized transactions, claims and other liabilities, and manage risk exposure, including by identifying potential hackers and other unauthorized users, to respond to claims of any violation of our rights or those of any third parties.
- To comply with all applicable legal requirements, industry standards and our policies, including, reasonable necessity to comply with legal process and law enforcement instructions and orders.
5. DISCLOSEING OR SHAREING YOUR PERSONAL DATA:
In the following circumstances and with your prior permission, we may share or disclose your information
- To any trusted third party, who assist us in operating our website, conducting our business, as long as those parties agree to keep this as confidential information
- To our employees, contractors and/or related entities.
- To whom we transfer or may transfer our rights and duties
- To any relevant government regulators or authority or law enforcement agency to comply with any laws or rules and regulations imposed by any governmental authority; and
- To any other party, entity or authority when we have believed in good faith that, disclosing any information is necessary to protect our rights or interest or property.
- To any other party, entity or authority. when we have believed in good faith that, disclosing any information is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend our rights, property or safety of our Company, users, employees, or others;
- To protect and defend the legal rights, liabilities, interests, property or safety of our Company, users, employees, or others to protect and defend our rights,
- To whom you authorize us to disclose your Personal Data.
- To comply with applicable law or co-operate with law enforcement;
By providing us with your personal information, you consent to the disclosure of your personal information to third parties who reside outside Poland and EU and acknowledge that we are not required to ensure that those third parties comply with Poland and EU privacy laws. We have sole discretion to take all reasonable steps to secure the information against unauthorized access or disclosure.
- THE BASIS ON WHICH YOUR PERSONAL DATA IS PROCESSED
“Holiapp” follow lawful basis for collecting and/or processing your personal data. We generally rely on a number of grounds (reasons) for this processing within our business activities. We process your personal data in accordance with the provisions set out in the GDPR and the relevant applicable data protection laws and regulations. The legal bases for processing your personal data are:
- To comply with contractual obligations. When you wish to get any particular service, we are offering through our Site or Application, the purposes of processing your personal data are primarily determined by that service and we will process your information so that we can provide that service to you.
- There is a legitimate interest. In certain situations, we may not need your consent to use your data as we will have a legitimate interest to do so, but we must inform you of this. Examples of such situations are:
- To analyze and optimize our Store;
- To guarantee IT security and safeguard our IT operations;
- To prevent and investigate criminal acts.
We may have legal obligations to follow or there is a general public interest. As any other company, we are subject to legal obligations and regulations. In some cases, the processing of your personal data will be necessary to fulfill these obligations.
7. SOCIAL MEDIA PAGES/INTERACTIVE SERVICES:
If you interact with us by and through the Interactive Services or any Social Media Pages, you should be aware that the personal data that you submit by and through such venues can be read, collected and/or used by other users of these forums (depending on your privacy settings associated with the accounts you have with the hosts of such Social Media Pages, if applicable), and could be used to send you unsolicited messages or otherwise to contact you without your consent or desire. We are not responsible for the personal data that you choose to submit in these forums. The Social Media Pages reside on website (“Social Media Sites”) that are operated independently from “Holiapp”, and we are not responsible for such Social Media Sites’, interfaces or privacy or security practices. We encourage you to review the privacy policies and settings of the Social Media Sites with which you interact to help you understand those Social Media Sites’ privacy practices. If you have questions about the security and privacy settings of any Social Media Sites that you use, please refer to their applicable privacy statements or policies.
8. DATA ADMINISTRATOR:
9. CHILDREN’S PRIVACY PROTECTION:
We take children’s privacy seriously. Our website complies with the Children’s Online Privacy Protection Act (“COPPA”). We do not knowingly collect Personal Data from children under the age of 18 or the age majority defines under your territory. If we become aware that a child under age of majority has provided us with Personal Data, we will delete such information from our Site or server.
10. COOKIES POLICY:
Our Site or Application may use “cookies” to enhance User experience. User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. Cookies are small files and understood as IT data, in particular short text files, stored by a web browser or directly in the end devices of users or customers, intended for the use of websites. These files allow recognizing the user’s or customer’s device and properly displaying the website tailored to his individual preferences. Cookies usually contain the name of the website they come from, the storage time on the end device and a unique number.
By showing how and when visitors use the Site, cookies help us deliver advertisements, identifying how many unique users visit us, and tracking user trends and patterns. They also prevent you from having to re-enter your preferences on certain areas of the Site where you may have entered preference information before. The Site also may use web beacons (single-pixel graphic files also known as “transparent GIFs”) to access cookies and to count users who visit the Site or open HTML-formatted email messages. Cookies can compile information about your browsing habits and can also enhance your browsing experience.
Cookies are used for the following purposes:
- To understand browsing habits on the Sites;
- To create statistics that help to understand how you use the Site or Application, which directly affects the improvement of their structure and content;
- To improve your user experience on this website;
- To remember your preferences and to maintain your session in the Site or Application,
- To determine the user or customer profile in order to display him matched materials in advertising networks, in particular the Google network.
- To understand the number of visitors to the Sites and the pages visited; and
- To enable this website to function properly
There have two basic types of cookies: session cookies and persistent cookies. "Session" files are temporary files that are stored on the user's or customer's end device until logging out, leaving the Application or turning off the software (web browser). "Permanent" files are stored in the user's or customer's end device for the time specified in the parameters of "cookies" or until they are manually deleted by the user.
Software for browsing websites (web browser) usually by default allows the storage of "cookies" on the user's or customer's end device. Application Users or Clients may change the settings in this regard. The web browser allows you to delete cookies". It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.
Pursuant to the applicable provisions of the Telecommunications Act of July 16, 2004 (Journal of Laws of 2004, No. 171, item 1800, as amended), in particular Art. 173 paragraphs. 2, the end user has the right to decide on the access of "cookies" to his end device by setting the appropriate settings (rights) for these files in the settings window of his web browser. If the user leaves the settings of the software installed on the end device unchanged, he / she agrees to place "cookies" text files on the user's device. Please note that, by not accepting cookies, you might not be able to use all functionality of this site or its services.
11. SERVER LOGS:
Information about some actions taken by users is logged in the server layer. These data are used only to administer the Application. The browsed resources are identified by URL addresses. In addition, the following may be saved:
- time of arrival of the inquiry;
- time of sending the response;
- name of the user or client station - identification carried out by the HTTP protocol;
- information about errors that occurred during the execution of the HTTP transaction;
- URL address of the page previously visited by the user or the Customer (referrer link) - in the case when the Application was accessed via a link;
- information about the user's or customer's browser;
- information about the user's or client's IP address;
The above data is not associated with specific people browsing the website and is used only for the purpose of administering the Site or Application.
12. ADVERTISING AND ANALYTICS:
We may use third-party advertising platform including but not limited to Google ads, Facebook Ads, Google Analytics and Facebook's ad tracking feature, etc. to promote our services and Services. We may also use remarketing pixels through Google and Facebook. We do not share Personal Data that directly identifies you with third-party advertisers for their direct marketing purposes. We may use Google Analytics, which may uses “cookies”. The information generated by the “cookies” about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. You can refuse the use of Google Analytics by clicking on Opt-Out.
13. SECURITY AND PROTECTION OF YOUR PERSONAL DATA
We will processes your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC and that it applies technical and organizational measures ensuring protection of the processed data, appropriate to the threats and categories of data to be protected, in particular, protects the personal data of users and customers against unauthorized access, loss or damage. So, we take all reasonable and necessary steps to protect the information provided by you from unauthorized access. We follow commonly accepted industry standards to protect the Personal Data submitted to us. We are also using SSL CERTIFICATE security system for ensuring and protect the confidentiality of your personally identifiable information. However, no method of transmission over the Internet or method of electronic storages is 100% safe and secure. Therefore, we are not in the actual position to guarantee the absolute security of your information. If you have any questions about security on our website, you can submit us an email email@example.com. We may take all reasonable steps and may allow third parties and who assist us to adopt proper security measure to safeguard your Personal Data
14. AUTO RESPONDERS AND MARKETING OPT-OUTS:
We may use Get-Response auto responders to communicate with you by e-mail. You may opt out of receiving emails and other messages from us by following the instructions in those messages. We may also use the information that you provide to us to communicate with you about our current activities or to notify you about any updates or changes to our services. If you decide that you would no longer want to receive such messages you can opt-out from receiving such emails from us. In order to opt-out you can click on an unsubscribe link provided at the bottom of every email. If you have difficulties opting out, you may contact us by sending an e-mail firstname.lastname@example.org , or sending us a mail to the address listed below.
15. OTHER LIBILITY LIMITATIONS:
In no event we will be liable for any direct, indirect, incidental, consequential, punitive, and special or other damages and breach arising out of or in any way connected with a third party's unauthorized access to your Personal Data, the property information or any other user-provided information, regardless of whether such damages and breach are based on contract, strict liability, tort or other theories or liability, and also regardless of whether “Holiapp” was given actual or constructive notice that damages were possible.
16. INTERNATIONAL DATA TRANSFERS
- Outside the Republic of Poland consent to processing and transfer of information
If you access “Holiapp” outside of the Republic of Poland, you fully understand and unambiguously consent to the transfer of your personal data to, and the collection and processing of such personal data in the Republic of Poland. The recipients of the personal data disclosures described in this policy may be located in the Republic of Poland or elsewhere in the world. Privacy laws in any country which may not provide protections equivalent to those of your country of residence, and your government may or may not deem such protections adequate.
- Outside The EEA: Please note that some of our service providers may be located outside the European Economic Area (the “EEA”). In such cases we will transfer your data only to such countries as approved by the European Commission as providing adequate level of protection of personal data, or enter into legal agreements ensuring an adequate level of data protection. We may transfer our databases containing your Personal Data in connection with the transfer or sale of all (or substantially all) of our business assets, or in the event of a merger, consolidation or similar transaction.
IF YOU ARE LOCATED IN THE EUROPEAN ECONOMIC AREA, WE MAY PROCESS YOUR PERSONAL DATA FOR THE ABOVE PURPOSES WHEN
- YOU HAVE CLEARLY CONSENTED TO THE USE OF YOUR PERSONAL DATA,
- WE NEED YOUR PERSONAL DATA TO PROVIDE YOU WITH SERVICES OR TO RESPOND TO YOUR INQUIRIES,
- WE HAVE A LEGAL OBLIGATION TO USE YOUR PERSONAL DATA
- WE HAVE A LEGITIMATE INTEREST IN USING YOUR PERSONAL DATA TO ENSURE AND IMPROVE THE SAFETY, SECURITY, AND PERFORMANCE OF OUR SERVICE.
We do not share any of your personal data or transactional data with any person or entity, other than as set out in this policy. No other third party receives your Personal Data or other transactional data. However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.
17. GOVERNING LAW AND JURISDICTION
This privacy statement has been prepared based on provisions of the General Data Protection Regulation (GDPR)of the European Union, Personal Data Protection Act 2018('PDA') and the Telecommunications Law (TL) and The Act on Electronic Provision of Services (AEPS) of the Republic of Poland, Children's Online Privacy Protection Act (COPPA), California Online Privacy Protection Act of 2003 (CalOPPA), other applicable Polish and International data protection law and other relevant law of the local territory of the user. We and each user may submit to the exclusive jurisdiction of the local territory of the users. We and each user may submit to the exclusive jurisdiction of the local territory of the users.
18. YOUR PERSONAL DATA RIGHTS AND CHOICES:
You may, of course, decline to submit information to us, in which case you may not be able to use our website or purchase any Services from us. You may also control the types of notifications and communications we send and limit the information shared within our website or otherwise amend certain privacy settings.
- Right to access: You have right to access in particular by accessing the Customer Panel or right to request copies of your Personal Data from us;
- Right to correct: You have right to correct or rectify your Personal Data with us, if it is inaccurate or incomplete;
- Right to erase: You have right to request that us to delete or remove your Personal Data from our systems. This right is commonly referred to as the "right to be forgotten." We are obliged to delete all data of the reporting person, with the proviso that there will be no other legal basis for further processing of this data; such basis may result from e.g. the obligation to keep financial documentation. However, if it is not possible to fulfill the request, we will inform you about it, together with an indication of the legal basis.
- Right to withdraw: You have right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Right to restrict: You have right to ‘block’ us from using your Personal Data or limit the way in which we can use it;
- Right to data portability: You have right to request us to move, copy or transfer your Personal Data;
- Verify and seek rectification: You have right to verify the accuracy of their Data and ask for it to be updated or corrected
- Right to object: You have right to object to our use of your Personal Data including where we use it for our legitimate interests or where we use your Personal Data to carry out profiling to inform our market research and customer demographics
- RIGHT TO DATA TRANSFER: At the express request of the person whose data is processed by us, you will receive a structured data file from us in a commonly used format. Under this law, you can also indicate the entity to which we, as the data controller, should send your data.
- Lodge a complaint: You have right to bring a claim before their competent data protection authority.
You may, of course, decline to submit information to us, in which case we may not be able to provide certain services to you. You may also control the types of notifications and communications we send, limit the information shared within our platform Platform about you, and otherwise amend certain privacy settings.
19. DURATION OF HOLDING YOUR PERSONAL DATA:
20. YOUR CONSENT:
21. FREEDOM TO PROVIDE DATA:
Each of our user or Customer has the right to enter data voluntarily in order to use or purchase or Electronic Services or Services. In the case of using some Electronic Services or concluding a Service Agreement, including during the Order submission process, entering data, although voluntary, may be necessary for the performance of the Electronic Service or the conclusion of a Service Agreement. The data necessary (mandatory) to be entered in the case of using the Electronic Service or concluding a Service Agreement, each time remain specified in the form intended for entering this data.
This Privacy and Security Policy does not cover information on services, goods or websites of third parties, made available in the Application under agreements with other entities. Third parties, on their own and on their own responsibility, define separate, individual rules for the functioning of their services, goods or websites in their regulations. In the event of concluding a Service Agreement between the Customer and the Organizer, the issues of liability and data processing, including the exercise of the rights arising from the Regulation, in the scope of data made available for the performance of the Service, should be addressed to the Organizer.
23. ANTI-SPAM POLICY:
We also hate spam or junk e-mail (unsolicited commercial e-mail) like you do. We endorse and complies with the requirement of the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act of 2003) and other applicable unsolicited commercial e-mail laws. If you subscribe or are connected with us, it will always be an option to unsubscribe.
We don't track you personally and we never sell your personal data. Only we may track how you use our site in general so that we can make it better. We are monitoring traffic, usage activity, site performance, and we use general analytic tools so that we can improve your experience. We do not associate any of this data with you personally. We never sell or share your personally identifiable information unless required to do so by law.
25. EXTERNAL LINKS POLICY:
26. CHANGES OR MODIFICATION TO THIS PRIVACY:
27. YOUR ACCEPTANCE OF THESE POLICIES:
28. CONTACT US FOR ANY QUESTIONS OR INQUARY:
If you have any question about this Privacy Statement or would like to access or modify your personal identifiable information, please contact us.
Address: TCM Brand Sp. z o. o., Winnicka 52,
30-394 Kraków, Poland
Phone: +48 502 380 358
FYI: Please note that,