- 1 General Provisions
- The Controller of personal data shall be the company GRC SP. Z O.O. established in Wrocław, ul. Porajowska 6/2, VAT EU:894-317-84-60 , REGON: 520771634. Protection of data is carried out according to the requirements of generally applicable law, and their storage takes place on the secured servers.
- The term “RODO” means Regulation of the European Parliament and the Council (EU) 2016/679 dated 27 April 2016 on the protection of individuals regarding to the processing of personal data and the free movement of such data and the repeal of Directive 95/46 / EC.
- We respect the right to privacy and we care about data security. For this purpose, among others, secure communication (SSL) encryption protocol is used.
- Personal data provided in the contact form are treated as confidential and are not visible to unauthorized persons.
- 2. The Controller of personal data
- The Service Provider is the data administrator of their clients. This means that if you have an Account on our site, we process Your data as: name, surname, e-mail address, telephone number, position, place of work, IP address.
- The Service Provider is also the administrator of people subscribed to the newsletter, contacting via the contact form and following our profiles on social media – using the “Like it” or “follow” functions (Linkedin, Facebook).
- Personal data are processed according to the provisions of the protection of personal data pursuant to:
- within the scope and purpose necessarily to establish and shape the content of the Service;
- change or its solution and proper implementation of the electronically provided Services;
- within the scope and purpose necessary to fulfil legitimate interests (legitimate purposes); and processing does not violate the rights and freedoms of the data subject:
within the scope and purpose consistent with your consent [e.g.] if you subscribed to the newsletter
within the scope and purpose consistent with your consent if [e.g.] you follow our profiles on social media.
- Any person to whom the data are subject to (if we are their administrator), has the right to access to data, rectify, delete or limit processing, the right to object, the right to submit a complaint to the supervisor authority.
- Contact with the person supervising the processing of personal data in the Service Provider organization is possible via e-mail: email@example.com
- We reserve the right to process your data after termination of the Agreement or withdrawal of consent only in the scope of the needs to pursue possible claims/recovery before the court or if national or EU regulations or international law oblige us to data retention.
- The Service Provider has the right to share personal data of the User and other his data with entities authorized under the applicable law (e.g. law enforcement authorities).
- The removal of personal data may occur as a result of the withdrawal of consent or filing
a legally admissible objection to the processing of personal data.
- The Service Provider does not share personal data with other entities than authorized under the applicable law.
- We have implemented data security, passwords, data encryption and we have introduced access control, this way we minimize the effects of a possible breach of data security.
- Personal data is processed only by persons authorized by us or by the processor with whom we work closely.
- 3. Cookies
- The collected data is used to monitoring and checking how users use our sites, to improve the functioning of the website, providing more efficient and problem-free navigation. To monitor information about users we are using the tool Google Analitics, which records user’s behaviour on the site.
- On our website we are using the cookie files as follow:
- “Necessary” cookies, enabling the use of available services as a part of the website,
g. authentication cookies used for services that require authentication within the website;
- cookies used to ensure security, e.g. used to detect fraud in the field of authentication
on the site;
- “Performance” cookies, enabling the collection of information on the use of website pages;
- “Functional” cookies, allowing “remembering” the settings selected by the user and personalizing the user interface, e.g. in terms of the language or region the user comes from, the size of the font, the appearance of the website, etc .;
- “Advertising” cookies, enabling users to provide advertising content more tailored to their interests.
- The User may at any time disable or restore the option of collecting cookies by changing the settings in the web browser. The cookie file management instructions are available at http://www.allaboutcookies.org/manage-cookies
Additional personal data, such as an e-mail address are collected only in places where the user expressly consented to this by completing the form. The above data is retained and used only for the needs necessary to perform a given function.
Pursuant to Art. 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27/04/2016 on the protection of individuals with regard to the processing of personal data and in on the free movement of such data, as well as repealing Directive 95/46 / EC (general Data Protection Regulation) “GDPR”, we would like to inform you that:
1. GRC sp.z o.o. based in Wrocław, e-mail address: firstname.lastname@example.org, tel. 509-226-802 is the Administrator of your personal data,
2. You can contact the Administrator regarding all matters related to the processing of your personal data. For that purpose please contact directly data protection officer to the e-mail address: email@example.com
3. Personal data of clients who are natural persons will be processed for the purposes as below:
– presentation of the offer, activities related to the conclusion of the contract, conclusion and implementation of contracts and orders, in particular in connection with official correspondence (art.6 par. 1 p. b of the GDPR);
– for the purpose of issuing and forwarding invoices, keeping accounting books and documentation
tax, fulfilling the legal obligations incumbent on the Administrator (Article 6 (1) (c of the GDPR);
– in matters of pursuing claims for business activity, defense against these claims, as well as direct marketing of own products and services, as part of the Controller’s legitimate interest (Article 6 (1) (f) of the GDPR)
– in the event of consent for the transfer of marketing content to Your telephone number and / or e-mail address (Article 6 (1) (a) of the GDPR).
4. Personal data of persons acting on behalf of clients, provided by these clients in the scope name, surname, position and contact details will be processed in connection with implementation of the contract concluded with the client and activities preceding the conclusion of the contract undertaken in order to conclude it, in particular to coordinate it and facilitate contact with the client through the contact persons indicated by him, (art.6 par.1 p.b of the GDPR);
5. The recipients of your personal data may only be entities that are entitled to receive them under the provisions of law. In addition, your data may be made transferred to couriers, postal operators and trusted partners supporting Administrator’s activity.
6. Your personal data will be archived for the duration of the contract, then for the period specified by tax and accounting regulations. In connection with the investigation claims, the data may be archived until the statute of limitations, but not longer than 3 years. The data obtained on the basis of the consent is archived until the consent is revoked .
7. You have the right to request the Administrator to access your personal data and correct them. You also have the right to request deletion or restriction of processing, as well as objection to processing, which is entitled only if further processing is not necessary for the performance of
The Administrator from a legal obligation and there are no other overriding legal grounds
8. You may withdraw your consent at any time, but it will not be had an impact on the processing that took place before the consent was withdrawn.
9. You also have the right to complain against the ones implemented by the Administrator
processing of your data to the President of the Personal Data Protection Office (www.uodo.gov.pl).
10. Providing your personal data is voluntary, however, if you do not provide it
it will not be possible to achieve the purposes of processing related to the conclusion and performance of the contract or issuing an invoice. Providing data for marketing purposes is voluntary, and theirs failure to provide, including failure to consent, does not affect the manner of achieving other goals processing.