Privacy Policy

• Data Controller: Red Noses Spółka z ograniczoną odpowiedzialnością (Limited Liability Company) with its registered office in Krakow, ul. Piekarska 9/1, 31-067 Kraków, entered in the National Court Register maintained by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division, under KRS number 0000707270, NIP: 6762540560, REGON: 368888405.
• Application: platform operated and made available to Users by the Operator, available in desktop version (without installation, from the web browser) and as a mobile application for Android and iOS operating systems. The Application is a central environment where Users can choose and use Executive Modules tailored to their needs.
• Website: means the website at www.moviebaker.app, relating to the Application, where the Operator provides access to the Contact Form, Terms and Conditions, Privacy Policy, and Newsletter concerning the Application.
• User: a natural person using the Application.
• Personal Data: all information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

This Privacy Policy informs about the principles of processing personal data in the Application and on the Website concerning the Application belonging to the Data Controller, as well as the use of cookies that may be used or made available when the User uses the Application in desktop version and the Website.

In connection with the User's use of the Application, data concerning concluded rental agreements, parties to these agreements and conditions established by their parties are collected, including data saved in the form of cookies. Data related to the use of cookies generally do not allow identification and determination of the user's identity (the Controller processes only statistical, anonymized data). In case of consent to data processing by the Controller, the Controller may also process some information related to granting consent, including the version or name of the browser or operating system, the User's IP number, or the type of end device through which the user expressed consent.

In case of any questions regarding the processing of Users' personal data by the Controller, you can contact us at the email address [email protected] or by phone: +48 510 469 221.

When using some functions of the Application, the User may be asked to provide their personal data. The scope of mandatory and non-mandatory data is determined each time according to the needs of the given service that the User intends to use. Data in the Application is collected by the Controller directly from the persons to whom the data relates or through persons creating an Account in the Application and using its individual Modules. In case of using the Website by the User solely for the purpose of familiarizing with its content, the Controller may collect some information about the User using cookies, about which Users are informed each time by the Controller. Information about cookies used in the Application is contained in points XI and XII of this Privacy Policy. When using the Application, the User must provide the necessary personal data allowing to use it. Providing data is voluntary but necessary to use the available functions of the Application. Lack of acceptance of the provisions of this Privacy Policy means inability to use the available functionalities of the Application and the User should refrain from sending personal data using forms when they do not accept the provisions of this Policy.

The Controller will collect and process Users' personal data exclusively in accordance with the provisions of this Privacy Policy. All data provided by the User will be used by the Controller exclusively for the purpose of:

• Marketing purposes, when the User consents to receiving commercial or marketing communications from the Controller (including newsletter service) and using marketing tools – the legal basis for data processing is Article 6(1)(a) GDPR;
• Providing access to film equipment rental offers and enabling placing orders and concluding rental agreements for equipment made available within the Application between Application users – the legal basis for data processing is Article 6(1)(b) or (f) GDPR;
• Providing customer service and contacting the User, including for the purpose of informing about any changes concerning the offer and products offered within the Application provided by the Controller – the legal basis for data processing is Article 6(1)(b) or (f) GDPR;
• Processing personal data for the purpose of fulfilling obligations arising from legal provisions – the legal basis for data processing is Article 6(1)(c) GDPR;
• for analytical, developmental purposes, for improvements (including to improve user experiences), administration, maintenance, technical support and security of the Application, which constitutes our legitimate interest in data processing – the legal basis for data processing is Article 6(1)(f) GDPR;
• possible establishment, pursuit or defense against claims, enforcement or investigation of potential violations of the Application's terms of use or other actual or alleged unlawful actions, protection of rights, property or security of the Application, Users, customers and employees of the Controller and other third parties, which constitutes our legitimate interest in data processing – the legal basis for data processing is Article 6(1)(f) GDPR;
• for the purposes of using contact forms made available by the Controller on the Website, including for handling inquiries and submitted requests through the contact channel provided by the User – the legal basis for data processing is Article 6(1)(f) GDPR;
• for the purposes of using login forms made available by the Controller in the Application, including to enable use of the User's account – the legal basis for data processing is Article 6(1)(b) GDPR;
• for marketing purposes, including directing commercial information and direct marketing of services and goods offered for rent through the Application to the user, provided the user has consented to directing such information to them – the legal basis for data processing is Article 6(1)(a) GDPR;
• for the purpose of using tools of our partners supporting the Application's operation and using these tools to enable use of Application functionalities in accordance with point XII of this policy – the legal basis for data processing is Article 6(1)(f) GDPR, and in situations required by applicable law Article 6(1)(a) GDPR, i.e., User consent.

Users' personal data may be transferred by the Controller to:

• persons authorized by the Controller, i.e., employees and collaborators who must have access to personal data to perform their duties;
• Users' personal data may be transferred to our partners and external entities providing services for the Controller and processed by them to enable them to perform services commissioned by the Controller, including IT service providers, providers of solutions supporting the operation of the Website and Application, entities providing accounting, marketing and legal services;
• public authorities or entities entitled to obtain data based on applicable legal provisions, e.g., courts, law enforcement agencies or state institutions, when they make a request based on an appropriate legal basis.

Application Users have the following rights regarding personal data processed by the Controller:

• right of access to the User's personal data;
• right to rectification of the User's personal data if the data is inaccurate or incomplete;
• right to erasure of personal data;
• right to object to the processing of the User's personal data. The right to object applies when data processing by the Controller is based on the Controller's legitimate interest, e.g., for profiling data for marketing purposes. After receiving an objection, the Controller will cease processing data for these purposes, unless there are compelling legitimate grounds that override the interests, rights and freedoms of the User or the User's data will be necessary for the Controller to possibly establish, pursue or defend claims;
• In case of giving consent to personal data processing, e.g., expressing consent to receive commercial information, the User may withdraw their consent to further data processing at any time. Consent can be withdrawn at any time by contacting the Controller at the email address provided in point IV of this Privacy Policy. Withdrawal of consent does not affect the lawfulness of processing carried out by the Controller before the consent was withdrawn by the User;
• right to portability of the User's personal data;
• right to restriction of processing of the User's personal data;
• right to lodge a complaint with a supervisory authority.

The Controller stores and processes Users' personal data for the period necessary to fulfill the processing purposes indicated in point VI of this Privacy Policy or in accordance with absolutely binding legal provisions, i.e., e.g., until the User withdraws their consent or until the completion of contract performance, when parties conclude a contract using the functionality of the Website or Application and the content available in them. After achieving the processing purpose, the Controller will delete or anonymize personal data, and in case it intends to process data for analytical purposes, it undertakes to use data to the extent adequate and necessary for specific processing purposes, and in particular in a way that prevents identification and determination of the identity of persons to whom the data relates (e.g., through the application of pseudonymization mechanisms).

The Controller applies appropriate and adequate technical and organizational measures to ensure an appropriate level of security and integrity of Users' personal data, using proven technological standards to prevent unauthorized access to Users' personal data or other threats to personal data.

• 1. The Application uses cookies for its operation, which are short text information stored in the web browser
• 2. When reconnecting to the Application, the website recognizes the device on which the page is opened. Files can be read by the system used by the Controller, as well as service providers used in creating the Application.
• 3. Some cookies are anonymized, which means that identifying the user without additional information is not possible.
• 4. The User's web browser by default allows the use of cookies on devices used by the User, so when first visiting the Website, a message appears asking for consent to the use of cookies.
• 5. Cookies used in the functioning of the Website serve the following functions:
• - Necessary – Necessary cookies serve the usability of the site by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
• - Preferences – Preference cookies enable the site to remember information that changes the way the site looks or functions, e.g., the preferred language or region in which the user is located.
• - Statistics – Statistical cookies help website administrators understand how different users behave on the site by collecting and reporting anonymous information.
• - Marketing – Marketing cookies are used to track users across websites. The goal is to display ads that are relevant and interesting to individual users and thus more valuable to publishers and third-party advertisers.
• - Login – cookies are used to facilitate the login process, are remembered by the browser used by the User, allow auto-completion of data in forms or remaining logged in after reopening the browser.
• - Unclassified – Unclassified cookies are files that are in the process of classification, together with the providers of individual cookies.
• 6. If you do not wish to use cookies when browsing the Website, you should change the settings in your web browser as follows: completely block automatic handling of cookies, or request notification of each cookie placement on the device. Settings can be changed at any time.
• 7. Disabling or limiting cookie handling may result in significant difficulties in using the Website, e.g., longer page loading times, serious limitations in using functionality or inability to use the Application in desktop version, etc.

For some functions on our Website, we use services from external providers. The relevant services are usually optional functions that must be explicitly selected or used by you (e.g., MailChimp services for newsletter handling, Google services for cookie handling). We have concluded contractual agreements with the relevant providers for the provision or integration of their services and within our capabilities, we make efforts to ensure that external providers also transparently inform about the scope of personal data processing and comply with data protection law provisions.

Data provided by Users in the Controller's Application will not be subject to automated decision-making, however, the Controller reserves that user data may be profiled for marketing purposes.

• In matters not regulated by this Policy, the relevant generally applicable provisions apply, in particular GDPR and the Telecommunications Law Act of July 16, 2004.
• The User will be informed about any changes introduced to this Policy through publication of the new Policy text on the Website, display of a message when entering the Website and – in the case of Users registered in the Application – via email.
• This Policy is effective from _____ 2025.