fbpx

GENERAL INFORMATION CLAUSE

Pursuant to Articles 13(1)-(2) and 26(2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to processing of personal data and on free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ. EU L 119, p. 1)-hereinafter GDPR – we inform you that:

I.              Data controller – co-administration

The Controller of your personal data deciding on objectives and the manner of data processing is:

zgoda.net sp. z o.o. ul. 28 Efraim Schroeger Street, 01 -822 Warsaw, NIP: 5272726570, REGON: 360382008, KRS: 0000536149.

 

II.             Data Protection Officer

To ensure an adequate level of protection of personal data, a Data Protection Officer has been appointed, who can be contacted at the following email address: gdpr@zgoda.net or by post at the Controller’s registered office address.

III.            Collection, processing and use of personal data

The manner and scope of the collection of personal data, depends on the purpose for which the data was collected and the legal basis for its processing.

We process personal data for the following purposes and in relation to the following legal grounds (legal grounds – Article 6(1) (a-c, f) of the GDPR):

  • conclusion and execution of individual orders including ensuring correct service quality (legal grounds – Article 6(1) (b) of the GDPR) – “execution of the contract”,
  • performance of legal obligations, e.g. issuing and storing invoices or responding to complaints (legal grounds – Article 6(1)(c) of the GDPR) – “legal obligation”,
  • Investigation of possible claims (legal basis – Article 6(1)(f) RODO) – “legitimate interest”,
  • Marketing of proprietary services during the term of the contract (legal basis – Article 6(1)(f) RODO) – “legitimate interest”,
  • marketing carried out by means of telecommunications, where you have consented to the use of your data for this purpose (legal grounds – Article 6(1) (a) of the GDPR) – “consent”.

We process the personal data provided for the period necessary to fulfil the objectives described above. Depending on the legal grounds, it will be respectively:

  • the time for performance of legal obligations and the time for which the Controllers are required by law to store the data, e.g. tax legislation,
  • the time after which any contractual claims become time-barred,
  • the time until consent is withdrawn.

IV.           Transfer of personal data to third parties

Subject to data security guarantees, we may transfer personal data to other entities, including:

1.    persons authorised by the Controller to process the data,

2.    entities entrusted with data processing e.g. technical service providers and consultancy service providers,

3.    other controllers, e.g. couriers.

 

The entities to which your data is made available may use it in the manner and to the extent necessary to fulfil the purpose specified by the Controller. In addition, the Controller cooperates with consultants who should comply with the regulations and security rules regarding the processing of personal data. The Controller enters into data entrustment agreements with individual entities specifying the conditions of their use of personal data.

 

V.             Personal data in social media

The Controller provides content through social media such as: Twitter, Facebook, LinkedIn and Youtube. When using individual social media, collection and processing of users’ personal data by these entities takes place under the terms and conditions set by their owners, outside the control of the Controller.

VI.           Data security

In order to ensure the confidentiality of the data, the Controller has implemented procedures, organisational and technical solutions to allow access to the data to authorised persons who process them in connection with the tasks assigned. Necessary measures are being taken to ensure that also subcontractors and other cooperating entities guarantee the application of appropriate security measures whenever they process data on behalf of the Controller.

VII.          Rights of the person whose data is being processed

Any person whose personal data is held by the Controller has the right of access to personal data, data portability, data rectification and the erasure or restriction of processing of personal data. Any restrictions in this respect can only result from legislation.

Notwithstanding the rights mentioned above, any data subject may object to the processing of the data if the legal basis for the use of the data is a legitimate interest. Upon acceptance of a request to this effect, the Controller shall be obliged to cease processing the data for the specified purpose.

Withdrawal of consent to processing of personal data does not affect the compatibility with the processing that was carried out on the basis of consent before its withdrawal.

If you wish to exercise these rights, please send an email to kontakt@zgoda.net.

Any data subject also has the right to lodge a complaint with the President of the Data Protection Authority if he/she considers that the processing of personal data by the Controller violates the law.

VIII.        Profiling

Personal data will not be processed by automated means, including profiling.

 

W czym możemy Ci pomóc?

Skontaktuj się z nami za pomocą formularza.
Odpowiemy na wiadomość tak szybko, jak to możliwe.