The obligation to provide information
arising from laws and regulations of the European Parliament and the EU Council 2016/679 of 27 April 2016 on the protection
of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data
Protection Information - GDPR).
THE ADMINISTRATOR OF YOUR PERSONAL DATA is HURTOSTAL 2 L.L.C., ul. Pomorska 53 b, Szczecin.
WITHIN OUR ACTIVITY WE PROCESS PERSONAL DATA
- Data subjects: customers, counterparties, potential counterparties, as well as their employees and people who cooperate with them (the range of data which is processed: first names, surnames, business data, contact data, address data, bank accounts numbers, registration and reference data (e.g. PESEL - ID number, identity card number). If sales takes place with transport, additionally, registration numbers, identity card number.
- The aims of data processing:
- conclusion and implementation of sales transactions, delivery of production services and orders
- performing of required legal obligations inter alia complaint submission and handling, data storage on future proceedings of authorised official bodies
- justified legal interest, documentation of transaction's implementation, establishment, defence and redress of claims, direct marketing, providing of compilations, analysis and statistics including turnover and sales on internal demands, verification of payment credibility of the counterparty, archiving.
- Origin of personal data
Data which we process are given to us directly by people to whom these data are regarding to or by the other administrators if data who we cooperate with or from general public sources (inter alia National Court Register, Central Register and Information on Business Organisations, Internet).
- Receivers of personal data
We can transfer data to the subjects who process data on behalf of us: subjects who broker in conclusion of our contracts, subcontractors, subjects who provide advisory, consultancy, auditory, IT services, legal, tax, bookkeeping aid, other administrators of data who process the data on behalf of them, whose participation is required to achievement of appropriate operations inter alia transport companies, insurance companies, government authorities, courts, bailiffs, deliverymen and post operators, banks, subjects who cooperate with us by bookkeeping, tax, legal cases - in a range in which they become the daa administrator.
The delivery of data is as a general rule voluntary, however it may be a prerequisite to entering into the agreement.
- Data processing period
We process data during the time which is necessary to achieve the aim of processing. After finishing it, we archive personal data in accordance with current regulations of law. Due to the legal limitation period for public claims, personal data is removed after the time limit of 10 years from the end of the year in which the aim of data processing was achieved.
- Automated decision taking
We do not take decisions, which are based only on automated processing, including profiling of personal data.
- Transfer of data outside the EEA
If required, when concluding a contract with the counterparty from outside the EEA it may be necessary to transfer personal data outside the EEA area.
As a rule, the transfer of personal data outside the EEA area will take place on the standard contractual clauses, which content is approved by the European Commission.
- People's, to whom data may concern, rights
People, to whom data may concern, have right to:
- rectification (correction) of data, in range and on the terms determined in the article 16 of GDPR
- removing of data, in range and on the terms determined in the article 17 of GDPR
- reducing of processing (holding operations on data or not removing of data - on compliance with a submission of application), in range and on the terms determined in the article 18 of GDPR
- access to data (applying for the information about data which is processed by us and for the copy of data), in range and on the terms determined in the article 15 of GDPR
- moving of data, in range and on the terms determined in the article 20 of GDPR
- objection to the processing by us of personal data (including profiling) if the basis of using the data is our justified legal interest, in range and on the terms determined in the article 21 of GDPR.
To protect data from unauthorized access, we can demand an additional identification of a person to whom data is concerned or additional information.
The possibility of implementation of each right mentioned above results from current regulations of law e.g. it depends on legal basis of data processing and on the aim of its processing.
The person to whom data is concerned has a right to lodge a complaint to the supervisory authority in a range of their personal data processing.