Privacy Policy

Privacy Policy

Privacy Policy – Personal Data Processing Rules

The purpose of our Personal Data Processing Policy is to explain the issues and rules according to which your personal data are processed and to discuss your basic rights related to the processing of your personal data.

We process your personal data on a voluntary basis. However, depending on the circumstances, a refusal to supply data or a request for deletion of data may prevent us from, for example, contacting you, providing you with information about our activities or performing a service.

Personal data controller

The Personal Data Controller (Controller) is responsible for processing your personal data depending on how you interact and relate with the relevant entity. Please review our List of Administrators to determine the responsible entity, as well as their respective contact information.  

Personal data are collected and processed by the Administrator in accordance with the principles set out in the data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as RODO (English equivalent of GDPR), and in Polish regulations issued in connection with RODO, including the Act of 10 May 2018 on personal data protection.

Scope and purposes of personal data processing by the Administrator

As part of its activities, the Administrator collects and processes personal data in order to:

a) Establishing business relationships as the Administrator’s legitimate interests, which is to seek to sell services, provide services to customers, market its own services, provide information about its activities, as well as for analytical and statistical purposes and to ensure ICT security related to the website (legal basis Article 6(1)(f) RODO).

b) Conclusion and execution of contracts concluded with customers, cooperation with suppliers and other entities cooperating until the termination of the contract (legal basis Article 6(1)(b) RODO).

c) Handling of complaints, claims, applications as a legitimate interest of the Administrator, which is to take care of the quality and image of the entrepreneur (legal basis Article 6(1)(f) RODO). 

d) Possible claim and defense against claims, related to the concluded contract (legal basis – Article 6.1.f RODO).

e) Fulfilling the Administrator’s legal obligations, e.g. keeping accounting, tax and HR records (legal basis art. 6 par. 1 letter c RODO). 

f) To recruit individuals interested in a job or collaboration (legal basis Article 6(1)(c) and Article 6(1)(a) of the RODO);

Your rights

You have the right to access your data, request rectification, erasure, restriction of processing. To the extent that the processing of your personal data is based on the premise of a legitimate interest of the Controller, you have the right to object to the processing of your personal data, which shall be binding on the Controller, unless the Controller can demonstrate that there are compelling legitimate grounds in relation to your data which override your interests, rights and freedoms, or your data are necessary for the possible establishment, assertion and defence of claims. You also have the right to lodge a complaint to the supervisory authority dealing with personal data protection (in Poland: the President of the Office for Personal Data Protection) if you consider the processing to be unlawful. In order to exercise the above rights, please contact the Administrator.

Personal data processing period

The personal data will be processed respectively until the relevant legitimate interests pursued by the Administrator related to the processing of specific data are realised, until the expiry of limitation periods related to the contract with which the processing of personal data is connected or related to the limitation period of obligations arising from the provisions of law, until the time of filing an objection to the processing for marketing purposes.

Transfer of personal data to other entities

The recipients of your personal data may be, in particular, entities directly or indirectly related to the Controller, in particular in an organisational or personal capacity, which would be established in one of the Member States of the European Union, as well as external service providers (e.g. IT service providers, entities providing services within the scope of marketing and promotional activities, other entities processing data on behalf of the Controller on the basis of an agreement on entrusting the processing of personal data), accountants, human resources specialists, auditors and auditors, lawyers, administrative bodies, state services and courts.

Personal data is not transferred to countries outside the European Union. In case of transfer of personal data to third countries outside the European Union, the Administrator will apply appropriate measures to ensure the security of your personal data.

No profiling

With regard to the processing of your personal data, decisions regarding your data will not be made by automated means (i.e. without human intervention).