Minding your privacy and protection of your personal data, we share this Privacy Policy, so that everyone can find out who is the personal data controller, to what extent and for what purpose the data is processed, to whom it is shared, and how it is protected.
The controller of your personal data is CEDAT Spółka z ograniczoną odpowiedzialnością with its registered office in Gdańsk (80-298) at ul. Budowlanych 19, entered in the register of entrepreneurs of the National Court Register kept by the District Court in Gdańsk, 7th commercial division of the National Court Register under the number 0000076746, NIP [Tax ID No.] 584-02-01-335, REGON [Business ID No.]: 190500761.
We have not appointed a Data Protection Officer, but in all matters related to the processing of personal data, you can contact us at the following e-mail address: ochrona.danych@cekol.pl
CEDAT Sp. z o.o. performs the processing of personal data in accordance with the principles set out in the Polish law, including the regulations of the General Data Protection Regulation (GDPR).
General rules for the processing of personal data
CEDAT Sp. z o.o. makes every effort to ensure that your personal data is:
- processed fairly, legally and in a transparent manner
- correct, adequate and not excessive
- accurate and current – inaccurate personal data will be corrected or deleted or its further processing will be stopped
- kept for no longer than necessary
- processed in a specific, unambiguous and legitimate purpose and in accordance with the purpose for which it is collected
- Safe.
Personal data types
Personal data is provided to us through various communication channels: telephone, e-mail, letter, our website, etc. Some personal data is necessary for us to offer our products and services, while providing other data is voluntary.
We always inform you which personal data is required and what consequences will result from not providing us with this data – this may, for example, result in your request being unable to be met.
The personal data we collect and process depends on the type of relationship we establish with you (contract, invoice, business correspondence, newsletter, etc.)
In order to recruit, we will also process the following information:
- about education
- about professional experience
- about skills
- about gender and age.
In order to accept a complaint, you will be asked to provide your name, telephone number,
e-mail address, and if you need a local vision—also your address. If you are awarded money in cash, we will need your bank account number.
Purpose of personal data processing
We process personal data to:
- facilitate the use of our website, services and enable contacting us
- provide customer service
- recruit employees.
We process personal data for lawful purposes and do so only if:
- the person has consented to the processing of the data
- data processing is necessary for the performance of the agreement
- data processing is necessary to comply with our legal obligation, e.g. to meet the requirements of the Accounting Act or tax laws
- data processing is necessary for the needs arising from our legitimate interests or legitimate interests of external entities and is not considered harmful to the person whose data we process, including our interests in the context of developing, evaluating, offering our services, establishing, developing, and maintaining business relationships with our clients, suppliers, and other business contacts.
Disclosure, transmission, and sharing of personal data to third parties
Disclosure and transmission of personal data by us to third parties is limited to the minimum and depends on the existence of an adequate level of data protection.
We reserve the right to disclose or share personal data to third parties in the following circumstances:
- when external entities provide services on our behalf, for example IT support and hosting, recruitment, health and safety, debt collection etc. These external entities may process personal data transferred or made available to them only on terms defined by us and under a written agreement on data processing;
- legal advisors—in order to establish, exercise or defend our rights or as a service subcontractor;
- in a situation where the user has given prior consent to the disclosure of his/her personal data to third parties
If the recipient of personal data is located in a country outside the EU/EEA that does not ensure an adequate level of data protection, personal data of users will be sent to such recipient only after preparing a written agreement for providing information based on standard contractual clauses adopted by the European Commission.
Security of your data
We are committed to properly protect your personal data in accordance with established internal policies, procedures and standards so that it is protected against unauthorised access, unlawful modification, loss or destruction.
Your personal data will not be stored for longer than is necessary for the purpose for which it was collected, including the need to comply with legal and tax obligations and to resolve disputes, investigate or defend claims.
User consent
You must give your consent for some of our data processing activities. In such case, you have the right to withdraw your consent at any time. If you withdraw your consent, we will cease processing of your personal data, unless its further processing or storage is allowed or required by the applicable provisions of Polish law. Withdrawal of consent will not affect the lawfulness of the data processing that has taken place prior to its withdrawal. Moreover, withdrawal of consent may consequently prevent us from fulfilling your expectations or providing services.
Data profiling
One of the ways we process personal data is the so-called profiling, but only for people visiting the website www.cekol.pl—it takes place through the use of automatic mechanisms that operate based on cookies. [Click to learn more].
Here you can find the information clauses related to our processing of personal data in the areas of:
- Recruitment [click to read]
- Cooperation with our clients and counterparties [click to read]
- Complaints [click to read]
Definitions and abbreviations:
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC