In connection with the obligation to provide information as set out in Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) - hereinafter referred to as "GDPR", having regard to the fact of your previous interaction with Przedsiębiorstwo Metali Nieżelaznych BOBREK sp. j. Krzysztof and Paweł Kleszcz, Bronisław Koźbiał and the fact that your personal data (including your contact details) has been collected in the course of this cooperation, moreover, respecting your privacy and ensuring that you know who and how your personal data is processed, we present the following information which will help you establish and explain the above circumstances.
The Administrator of your personal data is Przedsiębiorstwo Metali Nieżelaznych BOBREK sp. j. Krzysztof i Paweł Kleszcz, Bronisław Koźbiał with its registered office in Bobrek at ul. Krakowska 1a, 32-661 Bobrek, NIP 5491826024, hereinafter referred to as the 'Data Administrator'. You may contact the Data Controller regarding the protection of your personal data at the address of his/her registered office indicated above, and additionally by writing to the following e-mail address: bobrek@bobrek.com.pl or by calling: +48 33 846 44
2. The legal basis for the processing of your personal data is the legitimate interest of the Data Controller (Article 6(1)(f) of the GDPR), in the form of the conclusion and performance by the Data Controller of agreements with its contractors, the conduct of commercial correspondence.
3. Ms/Mr personal data shall only be processed for the following purposes:
4. The Data Controller processes the following categories of personal data concerning Ms/Mr: contact details (name, surname, e-mail address, telephone, place of employment).
5. Ms/Mr personal data will be stored for no longer than necessary, i.e. for the duration of the business relationship with Ms/Mr employer, who is also the Data Controller's contractor, and after their termination for a period of 3 years, calculated from the date of execution of the contract concluded by the Data Controller with the contractor who is also Ms/Mr employer or from the last contact with Ms/Mr, whichever period expires later.
6. The Data Controller shall provide Ms/Mr personal data to the following categories of recipients: entities to which the Data Controller is legally obliged to make the personal data processed by him/her available, entities processing personal data on the basis of processing entrustment agreements concluded with the Data Controller, including transport companies, courier delivery companies, IT companies as well as other companies cooperating with the Data Controller, tax offices.
7. The Data Controller does not intend to transfer Ms/Mr personal data to third countries.
8. Ms/Mr have the right to request access to Ms/Mr personal data from the Data Controller, the right to rectification, erasure or restriction of data processing, the right to object to the processing of Ms/Mr personal data, as well as the right to data portability (i.e. in the cases specified in the provisions of the GDPR, Ms/Mr have the right to request that Ms/Mr personal data be sent by the Data Controller directly to another controller, as far as technically possible.
9. In relation to the processing of Ms/Mr personal data by the Data Controller, Ms/Mr have the right to lodge a complaint with a supervisory authority if Ms/Mr consider that the processing of personal data concerning Ms/Mr violates the provisions of the GDPR. The supervisory authority as of 25 May 2018 is the President of the Office for the Protection of Personal Data.
10. Ms/Mr personal data has been obtained by the Data Controller from its contractor, who is also Ms/Mr employer, for the purpose of fulfilling the concluded contracts and the existing business relationship between the contractor, who is also Ms/Mr employer, and the Data Controller or directly from Ms/Mr.
11. The Data Controller will not make automated decisions, including decisions resulting from profiling (i.e. the Data Controller will not process Ms/Mr personal data in an automated manner involving the use of Ms/Mr personal data for assessment in the Data Controller's decision-making) on the basis of Ms/Mr personal data.
