Privacy Policy

The Controller of Users’ personal data is Blazity sp. z o.o., the entity that owns and operates the MDCMS product, with its registered office in Warsaw, ul. Marszałkowska 89, 00-693 Warsaw, Poland, entered into the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw, XIII Commercial Division of the National Court Register  under number KRS: 0000743458, Tax Identification Number NIP: 9512467349, National Business Registry Number REGON: 38093625300000, share capital in the amount of PLN 5,000.00 (“Blazity” or “Controller”). Whenever this Privacy Policy refers to “MDCMS,” “we,” “us,” or “our,” this refers to Blazity in its capacity as controller of personal data processed in connection with the MDCMS Website.

To contact us, please send an e-mail to: contact@blazity.com.

In every case providing personal data is voluntary, but failure to provide the personal data marked in appropriate forms as obligatory will prevent providing the electronic services on User’s request.

Personal data of Users will be processed for the following purposes: Providing access to the website Scope of data: IP address Legal ground: Article 6.1(b) of the GDPR – statutory authorisation to process data necessary to perform an agreement Processing period: until lapse of the period of limitation of claims connected with access to the website Analysing traffic on the website Scope of data: IP address, Cookie files of the following type: _utma; _utmb; _utmc; _utmz; PHPSESSID Legal ground: Article 6(1)(a) of the GDPR – consent givenby the data subject Processing period: until data cease to be useful or the data subject withdraws the consent Correspondence in electronic form (after the data subject uses the contact form) Scope of data: e-mail address, first and last name, other personal data voluntarily provided by the data subject Legal ground: Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in responding to queries and correspondence provided directly by data subjects Processing period: until correspondence ends or the data subject objects Marketing activities (after the data subject uses the sales form) Scope of data: e-mail address Legal ground: Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in informing about its activity Processing period: for the duration of your subscription and until you withdraw your consent Protection against claims, raising claims Scope of data: e-mail address, first and last name, other data voluntarily provided by the data subject in the course of co-operation Legal ground: Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in protecting against claims and raising claims Processing period: until lapse of the period of limitation applicable to claims connected with access to the Website and users actions within the website, calculated from the time of the user’s last visit on the website Providing the Controller’s social media Scope of data: first name, last name, image, others public information, and, in the case of sending messages, data provided voluntarily in the content of the message or activity Legal ground: Article 6(1)(a) of the GDPR – consent of the data subject Processing period: until the data subject withdraws consent

If Blazity is advised that the person uses the services provided through MDCMS or the Website functionalities in violation of applicable legal provisions, then Blazity may process the user's personal data in a scope required for establishing his/her liability.

Blazity will not make automated decisions against data subjects. Blazity will carry out profiling of data subjects in a scope necessary to present them personalised content of marketing nature adjusted to needs, preferences and conduct of particular Users.

Blazity transfers data outside the European Economic Area (“EEA”) only when it is necessary for the performance of services. Should it become necessary, Blazity will immediately inform each data subject.

Transferring users’ personal data to third parties will be governed by model contractual clauses, where both Blazity and its counterparties undertake to ensure appropriate level of security of users’ personal data. Prior to signing model contractual clauses, Blazity verifies each of its counterparties which would have access to users’ personal data and assesses whether the country to which users’ personal data would be transferred enables enforcement of rights and provides the users with effective legal remedies.

If the European Commission issues a decision in which it determines whether the relevant third country ensures the appropriate level of protection of personal data, then transferring users’ personal data to such country may also proceed on the basis of such decision.

Blazity may transfer users’ personal data to third parties for the purpose of performance of the activities stated in the Terms of Service. The recipients of User’s data are: hosting provider, e-mail operator, software development company, provider of the CRM software, provider of the service connected with sending e-mails, accounting firm, law firm, entities providing cloud and other solutions used by Blazity in its current operations which involve personal data processing.

Personal data collected by Blazity may also be disclosed to competent state bodies or institutions (law enforcement authorities, courts, security service) authorised to gain access to them on the basis of the respective generally applicable legal provisions, or other persons and entities – in the cases prescribed by the generally applicable legal provisions.

Each entity to which Blazity transfers personal data for processing on the basis of a personal data transfer agreement (“Data Transfer Agreement”) guarantees an adequate level of security and confidentiality of the processing of personal data. An entity processing personal data on the basis of the Transfer Agreement may process personal data through another entity only upon prior written consent of Blazity.

Disclosure of Users’ personal data to unauthorised entities under the Privacy Policy may take place only upon prior written consent of the data subject.

With regard to the data that Blazity processes on the basis of your consent, you have the right to access your data, as well as the right to rectify, delete, or restrict its processing, the right to data portability, and the right to withdraw your consent for data processing at any time. Withdrawal of consent does not affect the lawfulness of processing carried out based on consent before its withdrawal.

With respect to data that Blazity processes on a basis other than the consent you have given, you have the right to access your data, as well as the right to rectify, delete, or restrict its processing, the right to data portability, and the right to object to the processing of data based on legal grounds other than consent, in cases provided for by law. Exercising these rights does not affect the lawfulness of processing carried out before the rights were exercised.

Users have the right to object at any time to the processing of your personal data on grounds relating to User’s particular situation in cases where the legal basis for the processing is the legitimate interest of the Blazity. If Blazity concludes that there are compelling legitimate grounds for processing overriding User’s interests, rights and freedoms, or grounds for establishing, asserting or defending claims, Blazity will continue to process your objective data.

To exercise your rights, please contact us at contact@blazity.com or in writing at our registered office address.

We use the "social plug-in", i.e. the X or LinkedIn banners posted on the Website, which redirect to, respectively: a) The Controller’s page maintained by him on LinkedIn [..] (hereinafter: https://pl.linkedin.com/company/mdcms) b) The Controller’s page maintained by him on X […] (hereinafter: "https://x.com/mdcms_ai").

In connection with the Controller’s X Profile and LinkedIn Profile, as well as the posting of social plug-ins on the Website, if you are an EEA user, the co-controller of the User data is also, respectively: a) LinkedIn Ireland Unlimited Company with registered office in Dublin (Ireland), address: Wilton Place, Dublin 2, Ireland (hereinafter: "LinkedIn"), b) Twitter International Unlimited Company Inc. based in Dublin, Ireland, address: Fenian Street Dublin 2, D02 AX07 Ireland (hereinafter: "X") and together with the Controller as: "Co-Controllers").

The Co-Controllers include aggregate data analysis, the purpose of which is to display X Profile and LinkedIn Profile user activity statistics and advertising activities using the tools available there. For more information about Linkedin and X and the arrangements between the Joint Controllers (including their responsibilities), please refer to: a) Linkedin's privacy policy at: https://pl.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com%7Cli-other#other, b) X privacy policy at: https://x.com/en/privacy.

Blazity may store http enquiries, therefore the files containing web server logs may store certain data related to users, including the IP address of the computer sending the enquiry, the name of user’s station – identification through http protocol, date and system time of registration on the website and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the user before (if the user has entered the website through a link), information concerning user’s browser, information concerning errors occurred by realization of the http transaction. Web server logs may be collected for the purposes of proper administration by Blazity. Only persons authorised to administer the IT system have access to the data referred to above. Files containing web server logs may be analysed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Summary of such details does not identify the user.

Blazity may use analytics and marketing tools, in particular Google Analytics and Google Tag Manager, as part of which it has access to anonymised information on users, including: information on the operating system and Internet browser used by the user, time spent on the website, user’s age range, gender, approximate location, interests determined on the basis of his/her activity in the Internet. The details referred to in the preceding sentence are not combined with users’ personal data and do not enable their identification and are not personal data within the meaning of the GDPR.

Blazity takes care of the security of users’ personal data. For this purpose Blazity has implemented appropriate safeguards and means of protection of personal data taking into account risks connected with the process of personal data processing. In particular, Blazity applies technological and organisational means in order to secure personal data against being disclosed to unauthorised persons, taken over by an unauthorised person, changed, lost, damaged or destroyed, as well as processed in violation of the GDPR by using, among other things, SSL certificates. The compilation of personal data collected by Blazity is stored on secured servers, moreover, personal data are also secured by internal procedures of Blazity related to the processing of personal data and information security policy.

Irrespective of the foregoing, Blazity states that using the Internet and services provided by electronic means may pose a threat of malware breaking into the teleinformatic system and device of the relevant person, as well as a third party gaining access to data, including personal data. In order to minimise such threats, each person should use appropriate technical safeguards (antivirus programs) or programs securing identification in the Internet.

For the purposes of the correct operation of the website, Blazity uses a cookie support technology. Cookies are packages of information stored on the device of a relevant user through Blazity, usually containing information corresponding to the intended use of a particular file, by means of which the user uses the Blazity website – these are usually: website address, date of publishing, lifetime of a cookie, unique number, and additional information corresponding to the intended use of a particular file.

Blazity uses two types of Cookies: (a) session cookies, which are permanently deleted upon closing the session of the user's browser; (b) permanent cookies, which remain on the user's device after closing the session until they are deleted.

It is not possible to identify the user on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collection of any personal data.

Cookies used by Blazity are safe for the user's device, in particular they prevent viruses or other software from breaking into the device.

Files generated directly by Blazity may not be read by other websites. Third-Party Cookies (i.e. Cookies provided by entities co-operating with Blazity) may be read by an external server.

The user may individually change the cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service.

The user may also individually remove Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.

Blazity uses own Cookies for the following purposes: configuration of the website and adjustment of the page content to the preferences or conduct of the user; analysis and research of views, click number and path taken on the website to improve the appearance and organisation of content on the website, time spent and number and frequency of visits on the Blazity’s website, as well as determination of Website user’s needs.