1. The controller of Personal Data is Przedsiębiorstwo Handlowo-Usługowo-Produkcyjne “MARCONI” Sp. z o. o. with headquarters at ul. Wrocławska 50, 58-100 Świdnica, NIP: 8840011151, REGON: 00581464100000, entered into the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, 9th Commercial Department of the National Court Register, under the KRS number: 0000138060. The data co-controllers are “MARKONI” Sp. z o. o. with headquarters at ul. Wrocławska 50, 58-100 Świdnica, NIP: 8842749429, REGON: 022310309, entered into the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, 9th Commercial Department of the National Court Register, under the KRS number: 0000489246 and Jerzy Markiewicz, conducting business activity under the name “MARKONI SERVICE – JERZY MARKIEWICZ” with the main plant at: ul. Wrocławska 50, 58-100 Świdnica, entered into the Central Register and Information on Economic Activity, NIP: 8840020865, REGON: 890642367.
2. Respecting your rights as subjects of personal data (data subjects) and respecting applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), hereinafter referred to as the GDPR, the Act on the protection of personal data (hereinafter the Act) and other relevant provisions on the protection of personal data, we undertake to maintain the security and confidentiality of personal data obtained from you. All employees have been properly trained in the processing of personal data, and our company as the Personal Data Controller has implemented appropriate security and technical and organizational measures to ensure the highest level of protection of personal data. We have implemented procedures and policies for the protection of personal data in accordance with the GDPR, thanks to which we ensure compliance with the law and reliability of data processing processes, as well as the enforceability of all rights that you have as data subjects. In addition, if necessary, we cooperate with the supervisory body in the Republic of Poland, i.e. with the President of the Office for Personal Data Protection (hereinafter referred to as PUODO).
3. Our company as the Personal Data Controller appointed the Data Protection Inspector, which is Konrad Cioczek from ENSIS Kancelaria Prawna Cioczek & Szajdziński Sp. j. in Wroclaw. All inquiries, applications and complaints regarding the processing of personal data by our company (Personal Data Controller), hereinafter referred to as Reports, should be directed to the following email address of the Personal Data Protection Inspector: email@example.com or in writing to the Administrator’s address Personal Data, i.e. Wrocławska 50, 58-100 Świdnica. The content of the Application should clearly indicate:
a) details of the person or persons filing the Report,
b) the event which is the reason for filing the Report,
c) the claims and the legal basis for those claims,
d) indicate the expected way of settling the matter.
4. We collect the following personal information on our website:
a) name and surname – when filling out the contact form on our Website, you will be asked to provide your name so that we can easily contact you,
b) phone number – on occasion, we will call you to answer the question you have asked us,
c) e-mail address – we will e-mail you to respond to your inquiries.
5. Providing the data indicated in the previous item is necessary to send us an inquiry using the form available on our Website.
8. Your personal data is processed by our company as a Personal Data Controller in order to provide services offered to you (i.e. data subjects) as part of the Website. In accordance with the principle of minimization, we will process only those categories of personal data that are necessary to achieve the objectives referred to in the preceding sentence.
9. We process personal data for the time necessary to achieve the purposes listed in the previous item. Personal data may be processed for a longer period than indicated in the previous sentence, if such permission or obligation imposed on the Personal Data Controller results from specific legal provisions or if the service we provide is continuous.
10. The source of Personal Data processed by the Administrator are the data subjects.
11. Your personal data shall not be transferred to a third country as defined by the rules of the GDPR.
12. We do not disclose any personal data to third parties without the express consent of the data subject. Personal data without the consent of the data subject may be made available only to public law entities, i.e. authorities and administration (e.g. tax authorities, law enforcement authorities and other entities authorized by generally applicable law).
13. Personal data may be entrusted for processing to entities processing such data for the benefit of our company as a Personal Data Controller. In this case, as the Personal Data Administrator, we enter into an agreement with the processing entity to entrust the processing of personal data. The processing entity processes the entrusted personal data, but only for the purposes to the extent and for the purposes indicated in the entrustment agreement referred to in the preceding sentence. Without entrusting your personal data for processing, we would not be able to operate as part of the Website. As a Personal Data Controller, we entrust personal data for processing to entities:
a) providing hosting services through which our Website operates,
b) providing other services to us as the Controller of personal data that are necessary for the current operation of the Website.
14. Personal data is not subject to profiling by the Personal Data Controller.
15. Pursuant to the provisions of the GDPR, every person whose personal data we process as the Personal Data Controller has the right to:
a) to be informed about the processing of personal data referred to in art. 12 GDPR – controllers are required to provide the persons whose data will process information specified in the GDPR (e.g. about their data, IODO contact details, purposes and legal grounds for processing personal data, recipients or categories of recipients of personal data, if they exist, whether the period during which the data will be processed or the criteria for determining this period). This obligation should be met at the time of obtaining data (i.e. when the customer places an order in an online store), and if the data is not obtained from the data subject, but from another source – within a reasonable time, depending on the circumstances. The administrator may refrain from providing this information if the data subject already has it,
b) access to your personal data as referred to in Article 15 of the GDPR – you have the right to access your personal data when providing us with it; This does not mean, however, that you have the right to access all the documents on which your data appear, as they may contain confidential information; However, you have the right to know what data and for what purpose we process and the right to obtain a copy of your personal data, with the first copy being issued free of charge, and for each subsequent RODO, we charge an appropriate administrative fee corresponding to the cost of making copies,
c) correct, complete, update, correct personal data as referred to in Article 16 of GDPR – if your personal data has changed, please inform us as The Controller Of Your Personal Data so that the data we hold is accurate and up-to-date; also, if there is no change in your personal information, but for any reason this information is incorrect or incorrectly recorded (e.g. due to a clerical error), please let us know to correct or correct such data,
d) data deletion (right to be forgotten) as referred to in Article 17 of the GDPR – in other words, you have the right to request the “deletion” of the data we hold as The Controller Of Your Personal Data and the right to ask us as The Controller Of Your Personal Data so that we can inform other controllers, to whom we have provided your data that you need to delete them. You may request the deletion of your personal data especially when:
• the purposes for which the personal data were collected were achieved, e.g. we have fully completed the sales contract concluded with you,
• the processing of your personal data was based solely on consent, which was subsequently revoked and there are no other legal grounds for further processing of your personal data,
• you have raised an objection under Article 21 of the GDPR and you consider that we do not have any overriding legal basis for further processing of your personal data,
• your personal data was processed unlawfully, i.e. for unlawful purposes or without any basis for processing personal data – please remember that in this case you must have a basis for your request,
• the need to delete your personal data results from legal provisions,
• personal data relates to a minor and was collected in connection with the provision of information society services,
e) restrictions on the processing referred to in Article 18 of the GDPR – you may request our company to restrict the processing of your personal data (which would mean that we would only store the data until we have explained the matter) if:
• you question the accuracy of your personal data, or
• you believe that we process your data without legal basis, but at the same time you do not want us to delete this personal data (i.e. you do not exercise the right referred to in the previous item), or
• you have filed an objection referred to in item f of this point, or
• your personal data is necessary to establish, pursue or defend claims, e.g. in court,
) data transfer referred to in art. 20 of the GDPR – you have the right to obtain your data in a format that allows you to read this data on your computer and the right to send this data in this format to another controller; you only have this right if the basis for the processing of your data was a consent or the data was processed automatically,
g) objecting to the processing of personal data as referred to in Article 21 of the GDPR – you have the right to object if you do not agree to the processing by us of your personal data which we have processed so far for legitimate purposes in accordance with the law,
h) not being subject to the profiling referred to in Article 22 in Article 4(4) of the GDPR – you will not be subject to automated decision-making or profiling within the meaning of the GDPR on our website unless you agree to do so; in addition, we will always keep you informed of profiling if it were to take place,
i) lodging a complaint to the supervisory body (i.e. to the President of the Office for Personal Data Protection) referred to in art. 77 GDPR – if you believe that we process your personal data unlawfully or in any way violate the rights arising from the generally applicable provisions of law on the protection of personal data.
16. With regard to the right to delete data (right to be forgotten), we indicate that according to the rules of the GDPR you are not entitled to exercise this right if:
a) the processing of your personal data is necessary to exercise your right to freedom of expression and information, e.g. if you have posted your data on a blog, in comments, etc.,
b) the processing of personal data is necessary for our Company to comply with legal obligations under the laws, and we cannot delete your data for the time necessary to comply with obligations (e.g. taxes) that provisions of law impose on us,
c) the processing of your data is carried out for the purposes of pursuing, establishing or defending claims.
17. If you wish to exercise your rights referred to in the preceding paragraph, please use the appropriate Website bookmarks to delete your account and data collected by our Website or send an email to: firstname.lastname@example.org or contact the Data Protection Supervisor referred to in point 3 above.
18. Each identified breach of security is documented, and in the event of one of the situations specified in the provisions of the GDPR or the Law, such data breaches are reported to data subjects and, if applicable, to PUODO.