I. PERSONAL DATA ADMINISTRATOR
The administrator of personal data is DRP GROUP PRZEMYSŁAW MIŚKIEWICZ I WSPÓLNICY SPÓŁKA JAWNA with its registered office at: ul. Chemiczna 6, 42-520 Dąbrowa Górnicza, entered into the register of entrepreneurs kept by the District Court Katowice-Wschód in Katowice, VIII Commercial Division, under the KRS number: 0000616277, NIP: 629-206-96-96 (hereinafter referred to as: the “Owner”).
II. PURPOSE OF THE PROCESSING OF PERSONAL DATA
1. The Administrator processes the User’s personal data in order to:
a) performing the contract and maintaining contact with the Customer with whom the Administrator intends to conclude or concluded a contract;
b) using the contact forms provided by the Administrator and enabling contact and answering questions;
c) using the complaint form provided by the Administrator and enabling contact and responding to complaints within the time and form provided for by law;
d) using the application form provided by the Administrator in the recruitment process;
e) direct marketing of own products and services, including for analytical purposes, where the Controller’s legitimate interest is to conduct direct marketing (selection of services to the client’s needs, optimization of services based on the client’s comments, optimization of service processes, etc.);
f) customer satisfaction surveys and improvement of the quality and satisfaction of customers with the services provided by the Administrator;
g) archiving data that are the implementation of the legitimate interest of securing information in the event of the need to demonstrate the correct operation of the Administrator;
h) defense against possible claims, where the Controller’s legitimate interest is securing and pursuing claims or protection against claims of the User or a third party.
2. This means that these data are needed in particular for:
- accepting and handling orders;
- reply messages;
- handling complaints;
- implementing of recruitment processes.
3. The User may also consent to receive information about new products and promotions, which will result in the Administrator also processing personal data in order to send the User commercial information.
4. Personal data is also processed as part of the fulfillment of legal obligations incumbent on the Data Administrator and the performance of tasks in the public interest, including to perform tasks related to security and defense or to keep tax documentation.
III.PERIOD OF STORAGE OF PERSONAL DATA
- The Administrator may keep personal data longer if required by law or the legitimate interest of the Administrator, in particular until any claims are time-barred or until the archiving obligation resulting from legal provisions expires, including the obligation to store accounting documents.
- In the event of processing personal data based on your consent, your data will be stored until it is withdrawn. It is possible to withdraw consents at any time. Revocation of consent for processing will not affect the lawfulness of the processing that was carried out before its withdrawal.
IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
- Personal data are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation), OJ L119, 4.5.2016, p. 1 – 88, hereinafter: “GDPR Regulation”.
- The Administrator processes personal data only after obtaining the User’s consent.
- Expressing consent to the processing of personal data is completely voluntary.
V. USER RIGHTS
- The User may at any time request the Administrator to provide information on the scope of personal data processing.
- The User may at any time request the correction or rectification of his personal data.
- The User may at any time withdraw his consent to the processing of his personal data, without giving any reason. Withdrawal of consent will not affect the activities already performed.
- The User may at any time request the Administrator to delete his data, without giving any reason. Deleting the data will not affect the actions already performed.
- The User may at any time object to the processing of personal data, both in terms of all the User’s personal data processed by the Administrator, as well as in a limited scope, e.g. as regards the processing of data for a specific purpose. The objection will not affect the actions already performed.
- The User may request the restriction of the processing of personal data, either for a specified period or without a time limit, but within a specified scope, which the Administrator will be obliged to fulfill. This request will not affect the activities performed so far.
- The User may request the Administrator to transfer the processed User’s data to another entity. For this purpose, he should write a request to the Administrator, indicating to which entity (name, address) the User’s personal data should be provided and what specific data the User wishes the Administrator to provide. After the User confirms his request, the Administrator will provide the selected entity with the User’s personal data in electronic form. The User’s confirmation of the request is necessary due to the security of the User’s personal data and to be sure that the request comes from an authorized person.
VI. ENTRYING THE PROCESSING OF DATA TO OTHER ENTITIES
- The Administrator may entrust the processing of personal data to entities cooperating with the Administrator, to the extent necessary for the execution of the transaction, e.g. to prepare and deliver the ordered goods and to provide commercial information from the Administrator.
- Personal data of website users are not transferred outside the European Union.