The personal data of the website visitors and other Data Subjects are processed in accordance with the valid legal acts and ensuring the proper technical and organisation data security measures.
The website uses “cookies”, i.e. small text files stored in the browser of your device (such as computer, mobile phone, tablet) when you browse a website.
The cookies we use on the website are necessary for us to:
- ensure the proper functioning of the website;
- ensure optimal website speed and security;
- find out the traffic of the website and its individual parts, to analyse the flows of the website visitors (date and time of the visit, used browsers, types of devices and their screen sizes) and thus to continuously improve the website in order to meet your needs better.
The following types of cookies are used by the Controller:
- CMSSESSIDccee0bc1713c: content management system session id with a session duration – session
- _ga: Google Analytics cookie used to identify users.
- _gat_gtag_UA_102318492_1: Google Analytics cookie used to restrict the number of doubleclick.net queries.
- _gid: Google Analytics cookie used to identify users.
The website provides an opportunity to contact the Controller by filling in the contact form on the Contacts page as well as by the e-mail addresses provided on the website.
The purpose is to respond to your query and to save the evidence of communication (exercising the legitimate interest of effective communication and avoidance of disputes relating to personal service).
The Controller processes the following information submitted by you:
- if a query is sent through the contact form, the name, surname, e-mail address, query’s content, date and time are processed. If you do not submit this information, you will be unable to contact us by sending your query through the contact form.
- if a query sent by the e-mail addresses provided on the website, the name, surname, e-mail address, e-mail date, time and content of communication with the representative of the Controller are processed.
PERSONAL DATA OF THE PROSPECTIVE EMPLOYEES
All personal data of the persons wishing to be employed in the Controller’s company are processed by the Controller only for the purpose of recruitment and employment with the legitimate interest to evaluate the suitability of the candidate for the job the candidate wishes.
Personal data of the prospective employees are received by the Controller directly from the prospective employees, when the prospective employee sends the curriculum vitae (CV), candidate’s profile and other application documents to the Controller as well as from the entities providing job search or recruitment services. The data submitted by the prospective employee to the Controller are not transferred to the third parties.
In addition to the data provided by the person wishing to be employed in the Controller’s company, the Controller may collect and otherwise process personal data related to qualification, professional abilities and organisational competences from publicly available sources, i.e. y. search for information online, check the candidate’s social network profiles (e.g. LinkedIn, Facebook, Twitter), and so on. The Controller may also contact the candidate’s former employers and ask to submit information about the candidate’s qualification, professional abilities and organisational competences.
At the end of the period of selection to a certain position and if neither Data Subject candidate was selected and an Employment Contract with the Data Subject was not concluded, the Company deletes the curriculum vitae (CV) and other data sent by the candidates, unless the Company obtained the candidate’s consent to process his personal data for a longer period in order to offer a position. In such a case the data of the Data Subject are automatically processed and stored for 1 (one) year from the date of data submission.
At the end of the data processing and storage period specified, the Controller’s responsible persons delete the data within 1 (one) calendar week.
The personal data may be stored for a longer period if the personal data are necessary in case of dispute/complaint or other bases specified by legal acts.
INFORMATION ABOUT THE RIGHTS
All persons, whose personal data are processed by the Controller, have:
- the right to familiarise with their personal data processed by the Controller.
- the right to require to correct their incorrect or inaccurate personal data. The rights to familiarise and require correcting the personal data are exercised by submitting the written application to the Controller’s registered office address or by e-mail: firstname.lastname@example.org (if the application is signed electronically). In your application to familiarise with the personal data please specify the personal data you want to familiarise with and which information specified in part 1 of Article 15 of the Regulation you want to receive.
- the right to require deleting unlawfully processed data. This right is exercised by submitting the written application to the Controller’s registered office address or by e-mail: email@example.com (if the application is signed electronically). Not later than within 30 days from the application receipt day, the Data Controller deletes the relevant personal data or refuses to satisfy the application and specifies the reasons for refusal in writing.
- the right to require the Controller to restrict the processing of the personal data until the accuracy of the personal data has been verified, until it is established whether the interests of the Data Subject, who does not agree with the processing of personal data, take precedence over the Controller’s, and in cases, where personal data are processed unlawfully, but the Data Subject does not agree this data to be deleted. This right is exercised by submitting the written application to the Controller’s registered office address or by e-mail: firstname.lastname@example.org (if the application is signed electronically). When it is required to restrict the processing of only the part of the personal data, the application has to contain the categories of the personal data, processing of which it is required to restrict. If the application is reasonable, the personal data processing is restricted within 5 business days from the day of the application receipt.
- the right to transmit the data. This right is exercised by submitting the written application to the Controller’s registered office address or by e-mail: email@example.com (if the application is signed electronically). When it is required to transmit only the part of the personal data processed by the Controller, the application has to contain the categories of the personal data, in respect of which the right to transmit the data is exercised. If the application is reasonable, not later than within 30 days from the application receipt, the Controller submits your personal data in a computer-readable format (depending on your wish, the systemised personal data are sent by e-mail or recorded to an external storage device) to you or the data controller you specified.
- the right to disagree with the personal data processing. This right is exercised by submitting the written application to the Controller’s registered office address or by e-mail: firstname.lastname@example.org (if the application is signed electronically). If you disagree with the personal data processing, it will be assessed whether your legitimate interest, due to which you do not agree with the processing of the personal data, takes precedence over the legitimate interest of the Controller, by which the Controller reasons the processing of your personal data.
- the right to lodge a complaint with the supervisory authority This right is exercised by submitting the complaint to the State Data Protection Inspectorate about any Controller’s actions related to your personal data processing.
If you exercise your rights submitting the written application by mail to the Controller’s registered office address, the notarised ID document (passport, ID card) copy has to be submitted together with the application.