ABOUT PERSONAL DATA PROCESSING
Pursuant to the Article 13 Items 1 and 2 of the Regulation (EU) of the European Parliament and of the Council 2016/679 of April 27 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (EU Official Journal L 119 of May 04, 2016, p. 1), hereinafter “GDPR”, we would like to inform that:
3. The data controller processes the personal data:
1) Of business partners who are natural persons:
a) pursuant to Art. 6 Item 1 (b) of GDPR - for the purpose of concluding and executing any contracts binding to the Data Controller, for the duration of such contracts;
b) pursuant to Art. 6 Item 1 (c) of GDPR - for the purpose of performing any obligations encumbering the Data Controller, which result from the binding legal regulations, in particular any obligations resulting from fiscal law, until they are fulfilled or expire;
c) pursuant to Art. 6 Item 1 (f) of GDPR - for purposes resulting from the legitimate interests realised by the Data Controller, in particular for the purpose of pursuing, determining and defending any claims, for archiving and statistical purposes and for direct marketing purposes, until a objection is filed against such processing or until the expiry of the statute of limitation on claims / expiry of the Data Controller’s legitimate interest;
d) pursuant to Art. 6 Item 1 (a) of GDPR - in case of expressing a relevant consent for the purpose of transmitting commercial information and promoting own services, until the withdrawal of the expressed consent;
2) individuals present in the Data Controller’s registered office - pursuant to Art. 6 Item 1 (f) of GDPR - in the form of an image recorded by the visual monitoring system, for the purpose of ensuring the safety of individuals present in the Data Controller’s registered office, securing the property and keeping the confidentiality of information, whose disclosure might expose the Data Controller to any losses.
4. The recipients of personal data may be other entities cooperating with the Data Controller for the purpose of achieving the processing goals specified in Section 3. The entities to which personal data may be provided shall maintain the confidentiality and introduce adequate technical and organisational means to guarantee the protection of the provided personal data.
5. You have the right to access your personal data, rectify them, delete them, limit the processing of them, transfer them, object the processing of them and withdraw your consent at any time (with no effect on conformance with the right to processing the data that had been performed before withdrawing the consent).
6. You have the right to file complaints to the President of the Office of Competition and Consumer Protection if your personal data are processed in breach of GDRP regulations, the law of May 10, 2018 on the protection of personal data (Journal of Laws of 2018, Item 1000, as later amended) and any other domestic regulations related to the application of GDRP.
7. Your personal data will not be processed by the Data Controller through automated decision-making, including profiling.
8. The Data Controller will not transfer your personal data to any third countries (outside the European Union or the European Economic Area) or to any international organisations.
9. The personal data are provided by you voluntarily, but their provision is a necessary requirement to perform the purposes specified in Section 3.