Information clause on processing of personal data


Following the obligation resulting from the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Official Journal of the EU L 119, p. 1) – hereinafter: ‘GDPR,’ the Company SOLIDEXPERT Polska Spółka z ograniczoną odpowiedzialnością spółka komandytowa with its registered office in Kraków (hereinafter: ‘Company’) informs about the principles of processing personal data of entities cooperating with the Company, in particular persons concluding contracts with the Company in the course of their business activity, persons acting on behalf of business entities that are not natural persons who conclude contracts with the Company, persons contacting the Company in connection with the intention to establish cooperation or appointed to contact in connection with the execution of the aforementioned The Company is also aware of the rights of the aforementioned persons.

I. Personal data Controller

The controller of personal data is SOLIDEXPERT Polska Spółka z ograniczoną odpowiedzialnością Sp.k. with its registered office in Kraków, Gabrieli Zapolskiej 44, entered into the register of entrepreneurs kept by the District Court for Kraków Śródmieście in Kraków, XI Economic Division of the National Court Register under KRS no. 0000709694, NIP: 677-238-02-30 (hereinafter: ‘Controller’).

II. Contact with the Controller

For personal data issues, please contact us by post or e-mail using the addresses indicated below:

G. Zapolskiej 44; 30-126 Kraków

III. Aims and legal basis for processing

When processing personal data, the Controller may invoke on one or more of the following legal basis, depending on the circumstances:

a)      6(1)(b) GDPR – processing of data for the purpose of entering into and performing a contract or for taking appropriate steps at the request of the data subject prior to entering into a contract,

b)      6(1)(c) GDPR – processing of data to the extent necessary to comply with a legal obligation incumbent on the Controller, in particular with regard to the mandatory retention of accounting and tax records,

c)      6(1)(f) GDPR – processing of data to the extent necessary for the purposes arising from the legitimate interests of the Controller, in particular: (i) for the purposes of cooperation or performance of a concluded agreement, (ii) for the purposes of establishing and asserting potential claims or defending against claims (iii) for the purposes of responding to enquiries, requests and applications addressed to the Controller related to the Controller’s activity and conducting further correspondence in this respect

d)      6(1)(a) GDPR – processing may also be carried out on the basis of consent given by the data subject in all those cases where such consent is required for the processing of personal data.

 IV. Data storage period

1.      The Controller shall process the personal data acquired in connection with the conclusion and performance of the contract for the time necessary for the performance of the contract and shall keep it for the period required by the legal provisions on compulsory archiving and the time necessary for the settlement of any mutual claims (until the claim is time-barred or the dispute is settled).

2.      Personal data obtained as part of pre-contractual negotiations, negotiations, discussions – if no contract is concluded – will be processed for the period necessary to fulfil the purpose of the processing.

3.      The data obtained in connection with the correspondence will be processed for the period necessary to achieve the purpose of the processing or for the time necessary to defend against claims / assert claims – if the correspondence concerns claims made against / by the Controller.

4.      If data is processed on the basis of consent given, the data shall be stored until consent to processing is withdrawn, unless it becomes unnecessary for the purpose for which it was processed earlier.

V. Data recipients:

The anticipated recipients of the personal data are:

a)      the Controller’s external service providers to the extent necessary to fulfil the purposes set out in point III, i.e. in particular entities providing accounting services, consultancy services, legal services, external auditors, postal and courier companies (in connection with the handling of correspondence), providers of technical and organisational services (in particular those providing technical support for ICT systems);

b)      entities authorised by law.

 VI. Information on required/voluntary data provision

1.      The provision of personal data for the purpose of concluding or performing a contract is voluntary, however, without providing the necessary data the conclusion or performance of the contract will not be possible.

2.      The provision of personal data in connection with correspondence is voluntary, but lack of data necessary to reply will exclude the possibility of a reply.

VII. Video surveillance

In addition, the Controller informs the public that video surveillance is used in the public areas of the building in which its premises are located and in its immediate surroundings, in order to ensure the safety of persons and property.  The Controller of personal data relating to the image captured by the video surveillance is the facility manager. The Controller does not process video surveillance data.

VIII.  Rights of the data subjects:

Individuals whose data is processed by the Controller have the following rights:

a)      the right to access the content of data and to receive a copy of it – in accordance with Article 15 of GDPR

b)      the right to rectify (amend) data or complete incomplete data – in accordance with Article 16 of GDPR,

c)      The right to delete data – in accordance with Article 17 of GDPR,

d)      The right to delete data – in accordance with Article 18 of GDPR,

e)      The right to data transfer – in the cases set out in Article 20 of GDPR,

f)       The right to object to the processing of data – in accordance with Article 21 of GDPR,

g)      the right to withdraw consent to processing, where processing is based on consent, where the withdrawal of consent does not affect the legitimacy of the processing until the consent is withdrawn.

h)      The right to file a complaint with the supervisory authority (the President of the Personal Data Protection Office)

IX. Automated decision-making / profiling

The Controller does not make decisions with an automated process (without human involvement). Neither is personal data used for profiling without the prior consent of the data subject.

 X. Transfer of personal data to a third country or international organisation:

The Controller does not transfer personal data to recipients located outside the European Economic Area ( European Union countries and Iceland, Norway and Liechtenstein).

Usługa współfinansowana w ramach projektu „Inteligentna Super Fabryka – ISF 4.0 KOM2”
współfinansowanego w ramach Programu Operacyjnego Inteligentny Rozwój, oś priorytetowa: „2 Wsparcie otoczenia i potencjału przedsiębiorstw do prowadzenia działalności B+R+I”,
działanie: „2.3 Proinnowacyjne usługi dla przedsiębiorstw”, poddziałanie: „2.3.3. Umiędzynarodowienie Krajowych Klastrów Kluczowych”

Strona zbiera dane użytkownika, personalizuje działania marketingowe z pomocą internetowych plików Cookies. Dowiedz się więcej