Section I – General provisions

1. These Terms of Use define the terms and conditions of providing electronic services by the Administrator on the website operating as “Autenti” (hereinafter: “Autenti”).

2. The website Administrator is Autenti sp. z o.o. with its registered office in Poznań at ul. Św. Marcin 29/8, 61-806 Poznań, entered into the Register of Businesses by the District Court for Poznań Nowe Miasto i Wilda in Poznań, 8th Economic Division of the National Court Register under KRS number 0000436998, tax identification number NIP 783-169-32-51, share capital of PLN 600,000.

3. To use Autenti, the User needs to access an ICT system meeting at least the following technical requirements:

a. internet access,

b. possibility to use a standard web browser whose settings should enable the use of encrypted connection if there is an intention to use an encrypted page while logging in to Autenti,

c. possibility to use software that enables the User to read files sent by persons with whom he communicates through Autenti in different formats (e.g. graphical, audio, multimedia, text, video files, etc.) in accordance with Section IV (1) hereof,

d. access to a configured email address provided during Account registration or upgrade.

The use of certain Autenti features may require additional conditions to be met, in particular for the use of a qualified signature – access to equipment to be able to use a secure electronic signature verified with a qualified certificate (e.g. a reader and a card) with a valid certificate issued by a qualified institution providing certification services for electronic signature, as well as installation of JAVA software and its correct configuration with a web browser, or, in the case of features requiring verification of User identity – access to a bank account or a payment card.

4. The Autenti User is obliged to refrain from any illegal activities, including without limitation:

a. using Autenti directly or indirectly for the purpose conflicting with or infringing the law,

b. using Autenti contrary to the Terms of Use, good practices or commonly accepted terms of using the Internet,

c. using Autenti in the manner infringing the rights enjoyed by the Administrator, other Users or third parties, in particular by providing untrue or third party’s data, misrepresentation or abusing User’s rights,

d. providing data by or to Autenti, which results in malfunction or overload of IT systems, or modifying data available on Autenti in an unauthorised way.

Section II – Users and Registration

1. Autenti Users (hereinafter: “Users”) shall be individuals over 18 years of age. Users may be persons between 13 and 18 years of age to the extent they are able to acquire rights and incur obligations in accordance with applicable law.

2. To be able to use all the features available on Autenti, the User shall register an Account. To register an Account, the User shall fill out an electronic form available on Autenti by providing his email address. This email address shall be used by the Administrator to send an activation link necessary to complete registration. The User shall confirm his identity and the intention to register on Autenti by clicking the activation link referring to Autenti.

3. The User may register on and log in to Autenti using a username (login) and password on other websites providing such a possibility, which have been integrated with Autenti (hereinafter: “related websites”). In such case, data integrated with User accounts on these websites, sent to and collected on the Autenti profile, shall be considered data provided by the User to register on Autenti. Users may register on and log in to Autenti also with the use of other systems, under the terms agreed between their administrators and the Administrator.

4. Upon registration, the User starts using Autenti voluntarily and declares that the data provided in the registration form concerns the User, is true and complete.

5. As a result of correct registration, the User shall be provided with access to a data set created for him (hereinafter: “Account”), which can be used on Autenti after entering the email address provided during registration or a telephone number and password confirmed by Autenti, or data used to log in to the websites referred to in clause 2 (login).

6. Autenti Users may act on their own behalf and in their own name, or – under a power of attorney – for and on behalf of legal persons or organisational units without legal personality. Users may use the Autenti services and put electronic signatures on Accounts for Individuals and Accounts for Business.

7. Autenti may be used without a registered Account if the User to whom a draft document was sent through Autenti for electronic approval does not have an Account and none of the Users participating in the approval process requires an additional verification of the User. In such case, the User may sign the draft document sent to his email address through Autenti. Upon approval of the draft document by the User, a relevant Account is created, which may require additional activation.

8. The Account shall contain User data provided by the User and his activity log on Autenti. In the case of any change to data provided on the Account, the User shall update it without delay using a special form available on Autenti. The User shall be held fully liable for providing or keeping incomplete, outdated or untrue data.

9. The User shall not provide his Account to other persons, including without limitation disclose access passwords to the Account. The User shall keep the Account password secret and protect it against disclosure. The User shall inform Autenti without delay about any case of intercepting access data to the Account by third parties and shall explain the circumstances in which it happened.

10. If Autenti allows for the provision of data of third parties other than the User in any place (e.g. for recommendation or communication purposes), the User providing such data shall represent that the User obtained a relevant consent for using this data on Autenti from the person whose data is provided and that in the event of unauthorised provision of this data the User shall be held fully liable for provision of this data and shall indemnify the Administrator against any claims.

11. The User shall not use his Account contrary to the nature and intention of the services provided by the Administrator on Autenti and in the manner interfering with the use of such services, including without limitation to send unsolicited commercial communication through Autenti.

12. If the User violates the Terms of Use, the law or good practices, the Administrator may terminate the agreement with such User or suspend its performance on a certain Account. In particular, it refers to a situation where the User downloaded any materials available on Autenti or used them in any way without the Administrator’s consent.

13. It shall be forbidden to aggregate and process data and other information available on Autenti to provide it to third parties on other websites and offline. In addition, it shall be forbidden to use any Autenti designations, including without limitation characteristic graphical elements, without the Administrator’s consent.

Section III – Use of Autenti

1. The User may use his Account to:

a. make declarations of will on his own behalf,

b. make declarations on someone else’s behalf, including without limitation as a representative or member of a corporate body,

c. participate in document workflow.

2. The Administrator shall provide Users with the following services:

a. ELECTRONIC USER IDENTIFICATION – which involves collecting, storing and sharing information on the methods used to verify [particular] personal data of the User and present his status, based on which entities being User’s business partners verify his credibility;

b. ELECTRONIC SIGNING OF DOCUMENTS – which involves confirming the declarations of will made by Users, including unanimous declarations of will made by Users to each other (with the optional use of third-party tools), to conclude a contract or approve (authorise) a document to create an electronic signature, an advanced electronic signature, a qualified electronic signature respectively on this basis on behalf of the User in accordance with Regulation (EU) NO 909/2014 of the European Parliament and of the Council of 23 July 2014, together with giving the context meaning, e.g. defining it as a “signature” or an “initial”

c. ELECTRONIC SEALING OF DOCUMENTS – which involves ensuring the integrity of a document uploaded by the User (with the optional use of third-party tools) to guarantee the authenticity of document origin from a selected User and the integrity of related data, and creating an electronic seal, an advanced electronic seal or a qualified electronic seal respectively on this basis in accordance with Regulation (EU) NO 909/2014 of the European Parliament and of the Council of 23 July 2014, together with giving the context meaning to a seal;

d. ELECTRONIC SERVICE OF DOCUMENTS – which involves providing evidence concerning documents sent between Users, including without limitation a note of dispatch and receipt of a document, to ensure the integrity of such documents and protect them from being lost, stolen, damaged or changed in an unauthorised manner;

e. STORING AND SHARING OF ELECTRONIC DOCUMENTS – which involves sharing documents with third parties by Users by means of storing them in the Autenti infrastructure and indicating a method to authorise access to a document (e.g. access to a certain email address, telephone number, or having an access code);

f. DIGITAL DOCUMENT VERIFIER – which involves a possibility to verify the authenticity of signatures put by the User on Autenti;

g. ONLINE DURABLE MEDIUM – which involves providing a tool to store a document in the Autenti infrastructure that enables a document addressed personally to the consumer or entrepreneur (e.g. to a certain email address, telephone number, or with the use of an access code) to be stored in a manner accessible for future reference for a period of time adequate to the purposes of the information and which allows the unchanged reproduction of the information stored, together with the option to confirm the contents by the consumer or entrepreneur after the receipt of the document.

3. Users may create Accounts for Business, i.e. Accounts for legal persons or organisational units without legal personality (hereinafter: “Companies”), presenting Company data, list of Users authorised to participate in Company document workflow (including without limitation make declarations on behalf of the Company) and an activity log on Autenti. It shall be forbidden to create Accounts for Business with the use of data of an entity without a relevant power of attorney from persons authorised to act on behalf of such entity.

4. Users who have an Account for Business shall authorise the Administrator to use a name or designation (logo) of an entrepreneur for whom the Account was created to identify the Account and the User to provide the services specified in the Terms of Use and information about these services.

Section IV – Determining document contents and concluding contracts

1. On their Accounts Users may upload electronic files to the Autenti server, which contain information relating to, in particular, a statement, agreement, consultation, or which are an offer to conclude a contract (hereinafter: “files”). A maximum size of a file and the number of files shall depend on the size of Account provided by the Administrator. On Autenti it shall be possible to view files in the following formats: PDF, DOC, DOCX, XLS, XLSX, TXT, RTF (notwithstanding the format, files are presented as PDF). Files in any other format (binary files) shall be opened using another relevant software.

2. The User may indicate other Users to be granted access to the file referred to in clause 1 and define their roles in determining or approving the file contents (AUTOMATIC DOCUMENT WORKFLOW). The User may also indicate a person not being a User by providing his email address. In such case, this person shall be informed about being included in the running AUTOMATIC DOCUMENT WORKFLOW and access to file contents, but he shall be entitled to use the AUTOMATIC DOCUMENT WORKFLOW on Autenti only after registering an Account in accordance with Section II hereof.

3. A User being an administrator of an Account for Business may assign other Users to it and grant them relevant roles in the document workflow with the right to consult a draft document, initial it or make declarations of will to approve a document for and on behalf of an entity for which the Account for Business was created. All the persons entitled to make declarations of will shall be duly authorised to represent the entity for which the Account for Business was created. The Administrator shall not be held liable for the fact that persons authorised by the administrator of the Account for Business lack a relevant power of attorney.

4. By clicking “Sign” or “Initial” the User makes a declaration of will (respectively) with regard to the file contents, while the file shall be deemed signed by the User. The above shall also refer to declarations of will made to approve the contents of a binary file; therefore, Users shall ensure that they have read the contents of such binary file before making a relevant declaration of will

5. Once all the entities referred to as [“SIGNATORIES”] click “Sign”, the document contents shall be approved and, if the document is a contract, such contract shall be concluded in the wording of the attached file. An electronic file together with dates and method used to conclude the contract and data of Users signing it shall appear on the Account of each User signing the contract.

Section V – User verification

1. Autenti Users shall be granted a status relevant to the option used to verify their personal data. On the basis of such status, entities being User’s business partners shall verify his credibility.

2. An Autenti User may verify other Users by:

a. email address;

b. electronic signature verified by a qualified certificate;

c. logging in with a certain account registered on a related website;

d. telephone number;

e. bank transfer or payment card;

Section VI – Payments

1. Some services may be provided by the Administrator on Autenti against a fee.

2. The User shall be informed about the amount of fee due before it is paid by a message to be approved by the User or in the form of the Price List enclosed hereto.

3. Users shall be issued electronic invoices unless a User explicitly demands that invoices be delivered in writing by traditional means. The User may download an electronic invoice by clicking “Download invoice” available on the User’s Account after logging in. By clicking “Download” the User agrees to being sent electronic invoices.

4. Invoices shall be issued on the basis of User’s data presented in the Account.

5. The User shall make a payment within 7 days from delivery/issue of an invoice. If the payment is not made on time, the Administrator shall be entitled to suspend the provision of services to the User or terminate the service provision agreement.

Section VII – Data protection and confidentiality

1. Personal data provided by Users shall be collected and processed by the Administrator in accordance with applicable law, the Privacy Policy and the Cookies Policy. The Administrator’s priority shall be to ensure confidentiality and protection of Users’ personal data.

2. Users’ data may be shared with other Users if it is necessary for communication purposes and to be able to conclude or perform the contract with the use of tools available on Autenti.

Section VIII – Administrator’s role and liability

1. The Administrator shall provide Users with IT tools to communicate; however, the Administrator shall not be held liable for Users’ conduct and for improper performance or failure to perform any factual or legal actions in relation to documents processed on Autenti; in addition, the Administrator shall not be held liable for any consequences of actions performed by Users and third parties, which violate the provisions hereof. In particular, the Administrator shall not be held liable for failure to conclude or invalidity of contracts concluded by Users as a result of their acts or omissions.

2. The Administrator shall not be held liable for accuracy and reliability of information provided by Users and for their legal capacity to exercise rights and be subject to obligations.

3. If User’s actions violate the provisions hereof, applicable law or rights of other Users or third parties or, in justified cases, if the User’s Account or activity on Autenti requires additional data verification, the Administrator may:

a. deactivate the User’s Account for a definite or indefinite period of time;

b. limit the functionality of the User’s Account with regard to the access to particular services provided on Autenti for a definite or indefinite period of time;

c. make the use of Autenti dependent on the confirmation of credibility by the User.

4. Notwithstanding the Account deactivation, the User shall be held fully liable for his actions as a result of which the Account has been deactivated, in particular the User shall be held fully liable for damages towards the Administrator.

Section X – Term and termination

1. Upon registration on Autenti, an agreement shall be concluded between the User and Autenti for an indefinite period of time. The agreement may be terminated at any time with notice submitted to the Administrator in writing or by a relevant electronic form available on Autenti and, afterwards, by clicking the link sent to the User’s main email address on the Account.

2. The User who has registered an Account, but has not used any electronic services provided by the Administrator on Autenti may withdraw from such agreement for any reason within 14 days from the registration. Such withdrawal shall be made with notice submitted to the Administrator in writing and sent to the Administrator’s address or by email to https://autenti.com/Wzor-Odstapienia.pdf.

3. For important reasons for which the Administrator shall not be held liable, the agreement may be terminated by the Administrator with seven-day notice.

4. For important reasons for which the User shall not be held liable, the agreement may be terminated by the Administrator with seven-day notice.

5. If the agreement is terminated upon the Administrator’s decision, the User cannot register an Account again without a prior consent of the Administrator.

Section XI – Final provisions

1. The Administrator may amend the Terms of Use or launch a modified or new version of services provided on Autenti. The amendment shall become effective within the time limit indicated by the Administrator, which cannot be shorter than 10 days from the date when the Terms of Use were published on Autenti.

2. The User shall be notified about such amendments and a possibility to approve them upon first logging in to Autenti. The refusal to approve the amendments shall mean termination of the agreement with the Administrator.

3. Should any provisions hereof be considered invalid by decision of a court or any other competent authority, the other provisions hereof shall remain in full force and effect.

4. The provisions hereof in relations between the Administrator and the User being a consumer shall be without prejudice to the applicable law which cannot be excluded and which grants a greater protection to consumers.

Article 1. Privacy principle

1. Autenti sp. z o.o. with its registered office in Poznań, as personal data controller (“Data Controller”), places strong emphasis on the protection of privacy and confidentiality of personal data entered by Internet users (“Users”) to electronic forms on the website operating as “Autenti” (“Autenti”).

2. The Data Controller shall select and apply appropriate technical and organisational measures with due diligence to ensure the protection of processed personal data. Full access to databases shall be granted only to persons duly authorised by the Data Controller.

3. Passwords shall be encrypted to avoid the possibility of them being read by administrators.

4. Electronic files being part of Users’ documents shall be encrypted.

5. Data shall be transmitted to and from the Data Controller on Autenti with the use of a secure SSL protocol; however, the Data Controller shall not be held liable for the part of data transmission taking place in email systems independent of the Data Controller, used by the User to send or receive a message.

Article 2. Grounds for personal data processing

1. Providing any personal data shall be voluntary.

2. Personal data shall be processed based on the consent expressed by Users as well as the statutory authorisation to process data necessary for information purposes and provision of services by the Data Controller.

3. The Data Controller shall be entitled to process data of third parties provided by Users for communication and recommendation purposes and to be able to use Data Controller’s services, including without limitation to conclude or perform the contract with the use of tools available on Autenti. By providing such data, the User represents that he has obtained a relevant consent for the use of his data on Autenti from the person whose data is provided.

4. Users’ data can be shared with other Users if it is necessary for communication purposes and to be able to use Data Controller’s services, including without limitation to conclude or perform the contract with the use of tools available on Autenti.

Article 3. Collection of personal data

1. Personal data provided by Users through electronic forms shall be processed in accordance with the law applicable to personal data processing, in particular the Personal Data Protection Act of 29 August 1997.

2. To register on Autenti, the User shall fill out the form available on Autenti in accordance with Section II (2) of the Terms of Use.

3. In the case of registration and login on Autenti, when using the username (login) and access password on websites, specified in Section II (3) of the Terms of Use, data contained in User profiles, sent to and collected on the Autenti profile, shall be considered data provided by the User to register on Autenti.

4. To increase his credibility during document authorisation, the User may provide more data than required by the registration form referred to in Article 3 (2) of the Privacy Policy. A User being a natural person may increase his credibility in particular by providing such data as: place of residence, correspondence address, social security number (PESEL), identity card number, telephone number, specimen signature or scan of ID document, while a User being a sole-trader – by providing such data as: first and last name, principal place of business, telephone number.

Article 4. Scope for personal data processing

1. Data provided by the User shall be used for sending information about the Data Controller and its services, performance of services provided by the Data Controller, and for statistical purposes.

2. Personal data of persons indicated by Users, who rejected an invitation to join Autenti, shall be processed by the Data Controller for purposes relating to the management of services offered by the Data Controller, including without limitation verification of persons who rejected the above invitation.

3. The Data Controller shall use IP addresses collected from internet connections to protect the interests of Autenti users or explain facts during the settlement of disputes, dealing with problems or abuses and technical issues relating to server administration. In addition, IP addresses shall be used to collect general, statistical, demographic information (e.g. about the region when the connection is made to set a default interface language for the user).

Article 5. Monitoring of personal data processing

1. Each User whose personal data is processed by the Data Controller shall be entitled to access his data, complete, update, correct it and suspend its processing temporarily or permanently, or demand its removal. The User shall provide complete, up-to-date and true data.

2. The rights referred to above in clause 1 shall be exercised by filling out a relevant form available on Autenti.

3. The User may demand that the processing of his personal data be discontinued at any time. The Data Controller shall discontinue the processing of personal data if the law does not require its further processing.

Article 6. Sharing of personal data

Users’ data may be shared with entities authorised to receive it on the basis of applicable provisions of law, including appropriate judiciary authorities. Users’ personal data may be transmitted to third parties – in cases not specified by the Data Controller or provisions of law – only with User’s consent.

This Cookies Policy shall apply to Autenti (“Autenti”) comprising both websites and apps.

I. Definitions

1. Data Controller – shall mean Autenti sp. z o.o. with its registered office in Poznań, operator of the website administered as “Autenti” (“Autenti”), providing electronic services, as well as keeping and accessing information on User’s equipment.

2. Cookies – shall mean IT data, in particular text files, saved and kept on User’s terminal equipment (e.g. PC, laptop, smartphone). These files enable the recognition of User’s equipment and relevant adaptation of the website to individual preferences and expectations of the User. Therefore, they make it possible to assess User’s preferences and find out how to improve the website. They usually contain a website name they come from, their validity, e.g. storage time in terminal equipment, and unique number for the identification of the browser used to connect to the website. Cookies are not used to identify the User and no identity is established on their basis.

3. Third-Party Cookies – shall mean Cookies placed by entities other than the Data Controller on their websites. Particular entities are operators of Cookies they have initiated, while the Data Controller may not be able to affect their selection and policy applicable to them.

4. Equipment – shall mean any electronic equipment used by the User to access Autenti.

5. User – shall mean an entity for which electronic services are to be provided in accordance with the Terms of Use and provisions of law, or with which an Electronic Service Provision Agreement is to be concluded.

II. Types of Cookies

1. Autenti shall use Cookies to:

a.authenticate and keep the User logged in – Cookies enable the provision of information if the User is logged in, as a result of which Autenti may provide relevant information and features; they also enable keeping the User logged in, as a result of which the User does not have to provide his login and password on every Autenti website; in addition, they save information on how Users use Autenti. Therefore, authentication and keeping the User logged in allows for easy login, automatic filling out the forms and remembering website settings by the User, which improves the services and comfort of using Autenti services;

b. configure Autenti – Cookies enable setting features and services on Autenti, including without limitation the optimisation of using websites and features of the Autenti app, as well as the adaptation of websites and Autenti app features to User preferences and expectations by saving settings selected by him;

c. ensure security and reliability of Autenti – Cookies enable the verification of connection authenticity and optimisation of Autenti performance;

d. display advertisements – Cookies enable the display of promotional messages and advertisements which are more interesting for Users and, at the same time, more valuable for advertisers to customise an advertising message; they can also be used to display advertisements outside Autenti;

e. set User location – Cookies enable the adaptation of information and Autenti features to User location;

f. review viewing figures – Cookies allow the Data Controller to understand Autenti User preferences better to improve and develop services. The Data Controller shall collect anonymous information and process data on trends without identifying personal data of particular Users.

2. As a rule, the following types of Cookies are used:

a. Session Cookies – temporary files kept on the User’s terminal equipment until he is logged out from Autenti or deactivates the software (internet browser);

b. Permanent Cookies – files kept on the User’s terminal equipment for a definite period of time in cookies parameters or until they are removed by the User manually.

3. The Data Controller shall use Third-Party Cookies to:

a. log in to or register on Autenti automatically using a third-party website (e.g. Google, Microsoft, Facebook),

b. collect general and anonymous statistical data using analytical tools,

c. present multimedia contents on Autenti websites downloaded from a third-party website,

d. use interactive functions to facilitate communication or increase the popularity on Autenti using utilities and social media,

e. present opinions and contents on Autenti websites downloaded from a third-party website.

III. Browser settings and Cookies

1. As a rule, software used to browse websites enables placing Cookies on terminal equipment by default. These settings may be changed so as to block automatic processing of Cookies in internet browser settings or inform the User each time they are transmitted to such equipment. For more information on the possibilities and methods used to process Cookies, please check your software (internet browser) settings. If the option enabling Cookies to be saved is deactivated in the internet browser, it usually does not make it impossible to use Autenti websites; however, it may cause some inconvenience and diminish user experience, while it is necessary to accept Session Cookies to use the Autenti app to authenticate and keep the User logged in.

2. An Autenti User using terminal equipment in cooperation with third parties should remember to log out from Autenti after the end of work.

3. The User may remove Cookies at any time, using features available in the internet browser.