According to Art. 13 sec. 1 and sec. 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (GDPR), we inform:
a. General information:
a. The Administrator of Personal Data within the meaning of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (Official Journal EU L 2016, No. 119) (hereinafter referred to as GDPR) is NATURALLY WITH TASTE, NIP: 8132942677 , with its seat at 37-600 Lubaczów, ul. Baziaka 15A, tel. 794 006 653, e-mail: email@example.com
c. Contact in matters relating to the processing of personal data by the Administrator: firstname.lastname@example.org
2. Purpose of data processing by the Administrator.
a. The User entrusts the processing of personal data to the Administrator in order to handle the recruitment, inquiry or order submitted via the contact form.
b. Providing personal data by the User during contact is voluntary, and the data provided will be used (if applicable) only for the purposes of:
a. Provide answers.
b. Presentation of the Administrator’s offer.
c. Security of the Administrator’s network systems (eg protection against spam and DDOS attacks).
d. To measure web audience.
e. Employee recruitment.
c. Expressing consent by providing contact details is voluntary, but in some cases failure to provide them may prevent the handling of the inquiry / order submitted via the contact form.
3. Legal basis for data processing by the Administrator.
a. The legal basis for the processing of personal data for the purposes set out in 2.b.a and 2.b.b. constitutes the User’s consent (Article 6.1. a) of the GDPR), and / or Article 6.1. b) of the GDPR if the User wishes to conclude a contract.
b. The premise for the processing of personal data for the purpose specified in 2.bc is the legitimate interest pursued by the administrator (Article 6.1.f) of the GDPR), and the legal basis is Recital 49 of the GDPR and the Regulation of the Minister of Internal Affairs and Administration of April 29, 2004 on personal data processing documentation and technical and organizational conditions to be met by devices and IT systems used to process personal data.
c. The premise for the processing of personal data for the purpose specified in 2.bd is the legitimate interest pursued by the administrator (Article 6.1.f) of the GDPR), and the legal basis is Article 8 point 1 d) of the Regulation of the European Parliament and of the Council on respect for life data protection and the protection of personal data in electronic communications and repealing Directive 2002/58 / EC (Regulation on privacy and electronic communications).
d. Personal data for the purpose specified in 2.b.e. are processed due to the willingness to conclude a contract (Article 6.1 b) of the GDPR), and the legal basis for the collected data is Article 221 § 1 of the Labor Code
4. The scope of data processing by the Administrator
a. For the purposes indicated in 2.b.a and 2.b.b., to the extent that the User voluntarily provides, the Administrator may process:
a.name and surname (contact person)
b. contact telephone number
c. contact e-mail address
d. Internet domain address (and possibly other related data provided by the User)
e. other data provided by the User
b. For the purpose mentioned in 2.b.c .:
b.metadata sent by the browser (or other end device connecting to the Administrator’s website)
c. For the purpose stated in 2.b.d .:
a.metadata sent by the browser
d. For the purpose specified in 2.b.e (recruitment), we will ask the person applying for employment to provide data such as: name and surname, date of birth, place of residence (correspondence address), education and previous employment history.
e. Recipients of personal data and transfer of personal data to a third country:
a. User’s personal data related to the purposes mentioned in points 2.b.a. to 2.b.c. and 2.b.e. will be processed only by the Administrator.
b. Data related to the purpose of point 2.b.d. will be processed by the Administrator and the partner, Google Inc. based in the USA, whose web audience measurement tool (Google Analytics) is used by the Administrator. These data are anonymous and are not shared further.
c. Google, which performs the web audience measurement service for the Administrator, has joined the EU-US Privacy Shield agreement, and in accordance with the decision of the European Commission of July 12, 2016, IP / 16/216, the transfer of personal data to entities based in the United States, which joined the above-mentioned of the agreement, ensures an adequate level of personal data protection, in accordance with Art. 45 GDPR;
f. The User’s personal data may be made available to entities from the Administrator’s capital group and the Administrator’s partners with whom the Administrator cooperates by combining products or services. In the event of cooperation, the data may also be accessed by subcontractors (processors), such as, for example, accounting companies, hosting companies.
a. The User has the right to:
a.access to your personal data,
b. rectify personal data,
c. delete personal data,
d. restrictions on the processing of personal data
e. transferring personal data
f. object to the processing of personal data
g. Withdrawal of previously given consent to the processing of personal data
b. To exercise their rights, the User should send an e-mail to the address provided in 1.a., a letter to the registered office address provided in 1.a. or call the number provided in 1.a.
c. The Administrator executes the User’s request immediately, with the reservation that the removal or limitation of the possibility of data processing may affect the possibility or scope of correct handling of the submitted inquiry / order.
a. The Administrator stores Users’ personal data for a period not longer than necessary to handle the submitted inquiry / order, including the preparation of a personalized commercial offer and enabling the Administrator to perform his obligations.
b. At any time, the User may submit a request to delete his personal data. In such a case, they will be removed immediately, but this may result in interrupting the handling of the submitted query.
a. To ensure the correct operation of the website, and in particular to adjust the content of the website and advertisements to the User’s preferences and optimize the use of the website, the Administrator may use the end device for processing and storage and may collect information from the User’s end device.
b. The data described in point 1 will be used by the Administrator only to the extent necessary to provide services requested by the User and to protect network systems.
c. The user can decide what data will be sent to the Administrator by changing the settings of his browser (eg by blocking the saving of Cookie files).
d. The website uses web traffic analysis scripts (Google Analytics) provided by Google Inc. based in the USA, (Google Adwords) provided by Google Ireland Limited based in Ireland, (Facebook) provided by Facebook Ireland Ltd. based in Ireland. These scripts can save data on the end device (e.g. cookie files). The user may refuse this by blocking cookies and other data from external websites in his browser.
e. Instructions on how to change the settings described in points 3 and 4 can be found in the browser settings, its user manual or on the manufacturer’s website.
g. In order to opt out of displaying personalized Google ads (AdWords and others) based on the use of the Website, the User may make appropriate changes to the ad settings using the tool available on the website https://adssettings.google.pl/authenticated and clear cookies in web browser. To resign from displaying personalized Facebook ads based on the use of the Website, the User may make appropriate changes to the ad settings using the instructions indicated on the website https://www.facebook.com/help/1075880512458213/ and clear cookies in the web browser. Blocking data collection by Google analytical tools (Analytics, Optimize and others) and Facebook, the User may, in the settings of his browser, disable the acceptance of cookies and website data of external entities, clear cookies in the web browser, use tools blocking add-ons (e.g. https: / /tools.google.com/dlpage/gaoptout/?hl=pl) or use the Website in a browser without saving information in cookies.
h. more information on cookies can be found on the website: http://wszystkoociasteczkach.pl/
a. The User has the right to object to the processing of his personal data, on the basis of which the Administrator will cease to process data in the indicated scope / purpose. To raise an objection, please send a message as described in point 5.b.
b. The User has the right to lodge a complaint against the Administrator with the supervisory body, which is the President of the Personal Data Protection Office.
9. Responsibilities of the Administrator
a. The Personal Data Administrator undertakes to take measures to secure the processing of personal data to the extent specified in the Act, and in particular undertakes to:
b. Securing data against disclosure to unauthorized persons, removal by an unauthorized person, changes, damage or destruction.
c. Admitting to the processing of personal data only persons authorized by him.
d. Ensuring control over the correct processing of personal data.
e. Keeping records of persons authorized to process personal data, exercise special care so that persons authorized to process these data keep them secret, also after the completion of the Administrator, among others by informing them about the legal consequences of violating the confidentiality of data and collecting declarations on the obligation to maintain the secret of these data.
f. Keeping the documentation required by law, describing the method of processing entrusted personal data as well as technical and organizational measures ensuring the protection of data processing, including in particular: the Data Processing Process Register, Personal Data Security Policy and the IT System Management Instructions for the Processing of Personal Data.
g. Ensure that IT and telecommunication devices and systems used for the processing of personal data comply with the requirements of the Regulation of the Ministry of Interior and Administration of April 29, 2004 on the documentation of personal data processed and technical and organizational conditions to be met by devices and systems. “