Privacy Policy

——————————————————————————————————————————

Personal data processing and cookie regulations

  1. General information
  1. This policy privacy, data processing and cookie regulations apply to the Website at https://controlprocess.pl
  2. The Privacy Policy describes the manner and scope of personal data collection, purposes for which the data is used, whether and to whom it is made available and how it is protected. It also contains information on the rights of data subjects, in accordance with applicable data protection regulations.
  3. The Controller of your personal data is: CONTROL PROCESS S.A. with its registered office in Warsaw, Aleje Jerozolimskie 100/X piętro, 00-807 Warsaw, entered into the register of businesses of the National Court Register under reference number 0000285783, NIP (Tax Identification Number): 8732898418, REGON (National Business Register): 850359556, hereinafter referred to as CONTROL PROCESS S.A.
  4. You may contact the Controller:
    a) by regular mail, addressed to: CONTROL PROCESS S.A. Oddział w Krakowie, ul. Obrońców Modlina 16, 30-733 Kraków,
    b) by email at iod@controlprocess.pl.
  5. The company has appointed a Data Protection Officer, who can be contacted by regular mail, addressed to: CONTROL PROCESS S.A. Oddział w Krakowie, ul. Obrońców Modlina 16, 30-733 Kraków, with the annotation: „Inspektor ochrony danych”, or by email at iod@controlprocess.pl.
  6. The Website uses personal data to handle inquiries via the contact form.
  7. The Website collects information about users and their behaviour in the following way:
    a) through data voluntarily provided in forms, which are introduced into systems,
    b) through saving cookies on end devices.
  1. Purposes and legal grounds related to the processing of your data
  1. Pursuant to Article 13 (1) (2) and Article 14 (1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/56/EC (hereinafter referred to as “GDPR”), applicable from 25 May 2018, we inform you about the method and purpose for which we process your personal data (hereinafter referred to as “data”), as well as about your rights related to data protection.
  2. We process your data in accordance with provisions of GDPR and Polish data protection regulations, complying with:
    a) obligations arising from a contract and we take action at the request of the data subject before concluding the contract (Article 6 (1) (b) of GDPR),
  1. b) legal obligation (Article 6 (1) (c) of GDPR),
    c) tasks carried out in the public interest (Article 6 (1) (e) of GDPR).
  1. Data is processed for the purpose of concluding or performing a contract in connection with which it was disclosed to the Company, for example for the purpose of conducting a recruitment process, establishing relations under a cooperation agreement or other commercial agreement, depending on the circumstances.
  2. Data is processed for the purpose of the Company’s operational activities and the provision of other services as part of the performance of contracts concluded with customers or for the purpose of carrying out activities performed at the customer’s request before or in connection with the conclusion of a contract.
  3. Data may also be processed for purposes such as: identity verification, fulfilling monitoring obligations, and fulfilling obligations under tax legislation.
  4. Where necessary, we process data for the purposes of legitimate interests pursued by the Company or a third party (Article 6 (1) (f) of GDPR). We do so, for example, when we process data of persons acting on behalf of clients and contractors, when we act to prevent crimes against the Company, to ensure the IT security of the Company; to survey customer satisfaction, pursue claims and defend against claims, for the internal administrative purposes of the Company, such as: employee or cooperation-related matters, preparation of statistics and internal reporting of the Company and the capital group.
  5. Your data will be processed for the period necessary to achieve the purposes of processing indicated in item II, i.e.
  1. a) in respect of the performance of an agreement concluded with the Company – until its completion, and after that time for the period required by law or for the establishment, exercise or defence of any claims,
  2. b) in respect of fulfilling legal obligations incumbent on the Company in connection with its activities and performance of concluded agreements – until the Company fulfills these obligations,
    b) in respect of processing carried out solely on the basis of consent – until the immediate erasure of data at your request,
    d) until the fulfillment of legitimate interest of the Company constituting the basis for such processing or until you object to such processing, unless there are legally justified grounds for further processing of the data.

 

III. Hosting

  1. The Website is hosted (technically maintained) on the Operator’s servers.
  2. In order to ensure technical reliability, the hosting company keeps logs at the server level. The following data may be logged:
    a) resources identified by an URL (addresses of requested resources – webpages, files),
    b) time of receipt of request,
    c) time of sending a response,
    d) name of the client station– identification via the HTTP protocol,
    e) information on errors that occurred during an HTTP transaction,
    f) URL of the webpage previously visited by the user (referer link) – where the Website was opened via a link,
    g) information about the user’s browser,
    h) information about the user’s IP address,
    i) diagnostic information related to the process of self-ordering services via the registers on the website,
    j) information related to handling emails sent to or by the Operator.
  1. User’s rights and additional information on data transfers
  1. In some circumstances, the Controller is entitled to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the Controller’s obligations. This applies to the following groups of recipients:
    a) hosting provider, on an entrustment basis,
    b) insurers,
    c) law firms and debt collection companies,
    d) banks,
    e) public authorities,
    f) authorized employees and associates who use the data to perform a party’s tasks.
  2. Your personal data is processed by the Controller for no longer than is necessary to perform the activities related to the processing specified in separate regulations (e.g. on accounting). In relation to marketing data, the data will not be processed for longer than 3 years.
  3. Users of the Website have the right to:
    a) request access to their data, as well as request their rectification, restriction of their processing or their erasure,
    b) withdraw their consent for processing at any time, to the extent covered by the consent, provided that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal,
    c) request the transfer of your data provided to the Company for the purposes of concluding and performing a contract or processed on the basis of consent. The transfer involves the Company providing you with your data in a structured, commonly used and machine-readable format and the right to transmit those data to another controller, if technically feasible. This right does not apply to data which constitutes the Company’s business secret,
    d) lodge a complaint with a supervisory authority, if you believe that the processing your data violates regulations, including provisions of GDPR; the Polish supervisory authority is the President of the Personal Data Protection Office.
  4. You also have the right to object at any time to the processing of your data by the Company on grounds relating to your particular situation, if the Company processes data for purposes based on its legitimate interest (article 21 (1) of GDPR).
  5. The Company may request the provision of additional information necessary to confirm your identity in order to exercise your rights.
  6. Provision of personal data is voluntary, but necessary to use the Website.
  7. You may be subject to automated decision-making, including profiling, in order to enable the provision of services under a concluded contract and to enable the Controller to engage in direct marketing.
  8. Personal data may be transferred to recipients in countries outside the European Union („third countries”):
    a) if necessary to perform a contract concluded between you and the Company or to take action prior to concluding such a contract in order to conclude it,
    b) as part of the Company’s use of IT infrastructure (cloud computing, email).
  9. Where processing involves the transfer of data outside the European Union, such transfer will be carried out using Standard Contractual Clauses in order to ensure an adequate level of personal data protection required by law.
  10. In other situations, your data may be transferred to third countries in the cases indicated in GDPR. You can obtain a copy of the data transferred to a third country after submitting such a request to the Data Protection Officer. Data may also be transferred to a third country after obtaining your consent. In accordance with the above, your data will be transferred to a third country on the basis of Article 49 (1)(a) and Article 49 (1) (b) of GDPR.
  1. Information in forms
  1. The Website collects information provided voluntarily by the user, including personal data, if provided.
  2. The service may save information about your connection parameters (time stamp, IP address).
  3. In some cases, the website may save information that facilitates associating the data in the form with the email address of the user filling out the form. In such event, the user’s email address appears inside the URL of the page containing the form.
  4. Data submitted in a form is processed for the purpose resulting from the function of a specific form, e.g. to process a request, commercial communication, registration of a service registration, etc. The purpose of each form is clearly indicated in its list of topics.
  1. Cookie policy
  1. When using our sites, you agree to the use of cookies in accordance with this Cookie Policy. If you do not agree to our use of cookies, you should change your browser settings. Detailed information about the possibilities and methods of handling cookies can be found in the help section and settings of your software (internet browser).
  2. Cookies are small files, in particular text files, saved and stored on the end device of Website Users (computer, telephone, etc.), intended to facilitate using the Website.
  3. Cookies usually contain the name of the website they come from, the time they are stored on the end device and a unique number used to identify the browser used to connect to the website.
  4. Cookies are used to adapt the content of the Website to your preferences and to optimise the use of web pages, as well as to collect anonymous, aggregated statistics that allow us to understand how users use our pages and help improve their functionality and content.
  5. By using cookies in the manner described above, we do not in any way identify specific users based on them.
  6. Types of cookies used on the Website:
    a) essential – necessary for the correct use of the services available on the Website, e.g. authentication cookies used for services that require logging into the Website; storing actions performed within the session (e.g. closing a pop-up window),
    b) performance – these cookies collect information about how visitors use our pages, by providing information about the areas they visit, the time they spend there, or problems encountered during the visit,
    c) functional – used to store the settings you have selected, personalizing the Website interface, e.g. in terms of the selected language, font size, etc.
  7. Session cookies are temporarily saved to your device until you log out, leave the Website, close the program (browser), while permanent cookies remain on your device for as long as their set lifetime or until you delete them.
  8. The Service also uses solutions and tools from external providers, including Google.
    a) reCAPTCHA is a free tool provided by Google, the primary purpose of which is to protect the Website from bots or spam attacks.
    Additional information about the tool can be found at
    https://cloud.google.com/security/products/recaptcha
    b) Google Maps enable displaying a visualised map of a specific location on the Website, available in Google Maps.
    Additional information about the tool can be found at
    https://developers.google.com/search/docs/crawling-indexing/sitemaps/build-sitemap?hl=pl
  1. Limiting the use of cookies may affect some of the functionalities available on the Website.

VII. Cookie management

  1. 1. If the user does not wish to receive cookies, they may change their browser settings. We reserve that disabling the use of cookies necessary for authentication, security, and maintaining user preferences may make it difficult, and in extreme cases may even prevent, the use of our webpages.
  2. To manage your cookie settings, select the web browser you are using from the list below and follow the instructions.

Desktop devices:

Mobile devices: