Privacy Policy for the Mobile Application and Cookies

§ 1 Definitions

1. Personal Data Controller, Controller, PDC – a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
2. Mobile Application, Application – the eLeader Mobile Visit mobile application.
3. Processor, eLeader – eLeader Spółka z ograniczoną odpowiedzialnością, based in Lublin, ul. Nałęczowska 16, 20-701 Lublin, Poland, entered into the Register of Entrepreneurs maintained by the District Court Lublin-Wschód in Lublin with its registered office in Świdnik, 6th Commercial Division of the National Court Register under KRS number 0000193608.
4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.
5. Web Service, Service – the eLeader Mobile Visit web platform.
6. User – a person using the Web Service or the eLeader Mobile Visit mobile application.

§ 2 Subject of the Privacy Policy

1. This Privacy and Cookies Policy defines the rules for the processing and protection of personal data entered into the Service and the Application by the Controller and Users.
2. The owner of the Web Service, Mobile Application, and simultaneously the Processor of personal data is eLeader, under a separate data processing agreement concluded with the Controller.

§ 3 Personal Data Security

1. eLeader ensures the security of Users’ personal data through technical and organizational measures designed to prevent unlawful processing, accidental loss, destruction, or damage. Furthermore, eLeader takes particular care to ensure that personal data are:

1. correct and processed in compliance with the GDPR,
2. obtained only for the purposes specified in the data processing agreement and not processed further in ways inconsistent with those purposes,
3. adequate, relevant, and not excessive,
4. accurate and up-to-date,
5. processed in accordance with the rights of data subjects, including the right to restrict disclosure,
6. securely stored,
7. not transferred without appropriate protection.

2. The processing of personal data within the Service complies with the requirements of the GDPR and other applicable laws, particularly the principles set out in Article 5 of the GDPR.
3. The Web Service and Mobile Application record every User activity using system logs, especially actions of data entry, modification, and deletion.
4. eLeader is entitled to use the data collected within the Service and the Mobile Application to provide support, manage User accounts, resolve technical issues, and improve eLeader’s products and services.
5. eLeader may use another processor (“Subprocessor”) for personal data processing, solely for the purpose defined in the data processing agreement concluded between the Controller and eLeader, and only after obtaining prior written consent from the Controller.
6. In case of Subprocessing, eLeader shall ensure that the third party is subject to at least the same data protection obligations as those in the data processing agreement between the Controller and eLeader.
7. Granting access to personal data to individuals employed by or cooperating with eLeader (including under employment or civil contracts, such as self-employed contractors) shall not be considered Subprocessing.

§ 4 Cookies Mechanism

1. The Web Service uses cookies, which are stored on the User’s device if the web browser allows it. A cookie file typically contains the domain name it originates from, its “expiration time,” and an individual randomly generated identifier.
2. eLeader uses session cookies and cookies controlling application behavior.
3. Cookies collect information to maintain the User’s session so that the User does not need to re-enter their login and password on every subpage of the Service.
4. The User may disable cookies in the web browser settings:

• Mozilla Firefox,
• Google Chrome,
• Internet Explorer,
• Microsoft Edge,
• Opera,
• Safari.

§ 5 Location and Google Maps

1. The Mobile Application uses Google Maps and Google Play Services to display locations, plan routes, and visualize visit points. In this regard, the Application may collect and process the User’s device location data.
2. The data referred to in §5 section 1 may be:
   • transmitted to the Application’s server for reporting purposes,
   • temporarily stored locally on the mobile device.
3. The use of the mapping services referred to in §5(1) is additionally subject to Google’s Privacy Policy (LINK)

§ 6 Final Provisions

1. eLeader shall process personal data in the Service and Mobile Application:

1. no longer than for the duration of the data processing agreement referred to in §2 section 2,
2. for the data referred to in §2 section 3 – for the duration of the employment/cooperation relationship or until the agreement is fulfilled.

2. eLeader reserves the right to modify this Policy. Any changes will be made available within the Service or at www.eleader.biz.
3. This Policy document enters into force on 14.10.2025.