Terms and Conditions
Information on the processing of personal data
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Official Journal of the EU L 119, hereinafter: RODO), we hereby inform you that we process your personal data in accordance with the principles indicated below:
I. Personal data controller
The Administrator of your personal data is Anpol Sprink Sp. z o.o. with its registered office in Mikołów, 43-190 at 105 Katowicka Street, NIP number: 954 274 84 49, hereinafter referred to as the Personal Data Administrator.
The Administrator can be contacted in writing or by telephone: telephone number: +48 518 364 524, and by e-mail: biuro@anpolsprink.pl.
II. Objectives and grounds for processing
Your personal data will be processed in accordance with the applicable legislation, including in particular the RODO, for the following purposes, to the extent necessary for these purposes:
Customer / Contractor data
- taking action prior to the conclusion of the contract and performance of the contract – legal basis – fulfilment of a legal obligation – Article 6(1)(b) RODO and the Administrator’s legitimate interest – Article 6(1)(f) RODO,
- preparation of legally required accounting and bookkeeping documentation, calculation of taxes and other public law fees – legal basis – fulfilment of a legal obligation – Article 6(1)(c) RODO – and the legally legitimate interest of the Administrator – Article 6(1)(f) RODO,
- protection of the Administrator’s interests – asserting or defending against claims that may arise in connection with the performance of a contract – legal basis – Article 6(1)(f) RODO,
- own marketing – legal basis – the Administrator’s legitimate interest – Article 6(1)(f) RODO, whereby the transmission of commercial information to the indicated e-mail address or by telephone will take place after you have given your consent or provided your telephone number or e-mail address for this purpose,
Data of employee candidates
- to conduct ongoing recruitment processes for employee candidates – legal basis – Article 6(1)(a) and (f) of the DPA
- conducting future recruitment processes following your consent – legal basis – Article 6(1)(a) RODO,
III. Categories of your data that we process
In accordance with the provisions of the RODO, we will process the following categories of personal data to the extent necessary to fulfil the purposes indicated above:
Customer / Contractor data
- first and last name,
- residential address, address for service (if different from your residential address),
- data concerning your business activity, including its address, NIP, REGON, PESEL numbers,
- contact details (telephone numbers, e-mail address),
- obligations towards the Administrator,
- information on possible legal proceedings,
and other data provided to us, the extent of which will be adequate for the purposes of processing in each case.
Provision of the personal data indicated above by you is voluntary and aims at concluding and performing the contract, possible settlement of claims that may arise in the course of cooperation, conducting marketing activities. Failure to provide the data may result in the inability to perform the contract and related claims, as well as the inability to conduct marketing activities.
Data of candidates for employees
- first and last name,
- residential address, address for service (if different from residential address),
- contact details (telephone numbers, e-mail address),
- information about your education, skills, previous employment history,
- photograph, if any.
Your provision of the personal data indicated above is voluntary and is intended for the purpose of conducting current and, upon consent, also future recruitment processes. Failure to provide the data indicated above in points a-d may result in the applicant not being considered as an employee in the current recruitment processes and in the course of future recruitment.
IV. Data recipients
We may share Client/Contractor data with the following categories of entities:
- subcontractors involved in the execution of contracts or providing related services, including consultancy firms, notaries, translators,
- entities providing support services to the Administrator, such as, in particular, accounting firms, IT specialists,
- contractors of our customers, public administration bodies, offices and other third parties – insofar as this results from the purpose and scope of the services provided to the contractor, including in particular representation of the contractor before these entities,
- to state authorities, on the basis of specific legal provisions and at the request of these authorities.
We may share the data of employee candidates with the following categories of entities:
- entities providing services to the Administrator, such as, in particular, accounting offices, IT specialists,
- to state authorities, on the basis of specific legal provisions and upon request of these authorities.
At present, we do not transfer the data of Clients, Contractors or Candidates for employees outside the European Union – with the exception of individually agreed cases on the basis of separate arrangements, in particular insofar as this is required by the purpose of the contract and is necessary for its proper execution.
We do not use operations that would involve automated decision-making that would produce legal effects on their addressees or in a similar manner significantly affect them.
V. Data retention period
Customer/Contractor data will be stored for the following periods:
- data obtained on the basis of expressed consent – until the consent is withdrawn, with a maximum period of 10 years,
- data obtained in connection with the conclusion of a contract – until the end of the period of limitation of potential claims under this contract, but no longer than for a period of up to 10 years from the end of the year in which the performance of the contract took place; however, due to regulations on the limitation of tax dues, no less than 6 years from the end of the year in which the transaction took place,
Data of Employee Candidates will be kept for the following periods:
- data obtained in connection with the ongoing recruitment – for a period of no longer than 30 days from the date of the end of the current recruitment; and in the case of granting consent to process the data also for the purposes of future recruitment – until the withdrawal of the consent, however, for no longer than 3 years.
VI. Rights of the data subject:
- You have the right to request from the Controller access to your personal data, rectification, erasure or restriction of processing.The data subject has the right to request from the Controller the immediate erasure of personal data concerning him/her, and the Controller is obliged to erase the personal data without undue delay if one of the following circumstances applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed
- the data subject has withdrawn the consent on which the processing is based and there is no other legal basis for the processing;
- the data subject objects under Article 21(1) of the RODO to the processing and there are no overriding legitimate grounds for the processing; or the data subject objects under Article 21(2) to the processing;
- the personal data has been unlawfully processed;
- the personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State to which the Controller is subject.
The data subject has the right to request from the Controller the restriction of processing in the following cases:
- the data subject challenges the accuracy of the personal data – for a period of time allowing the Controller to verify the accuracy of the personal data;
- the processing is unlawful and the data subject objects to the erasure of the personal data, requesting instead the restriction of their use;
- the controller no longer needs the personal data for the purposes of the processing, but the data are needed by the data subject to establish, assert or defend a claim;
- the data subject has raised an objection under Article 21(1) of the RODO to the processing – until it is determined whether the legitimate grounds on the part of the Controller override the grounds of the data subject’s objection.
- If the processing is based on your consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of consent prior to its withdrawal.
- You may object at any time to the processing of your personal data based on Article 6(1)(f) of the RODO, on grounds relating to your particular situation. Once an objection has been lodged, the Controller shall no longer be allowed to process the personal data in question, unless the Controller can demonstrate the existence of compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims. If personal data is processed for the purposes of direct marketing, the Customer has the right to object at any time to the processing of personal data concerning him/her for such marketing (Article 21(1) and (2) RODO).
- If you have any doubts about the processing of your personal data, you may request information from the Controller regarding the processing. In any case, you also have the right to lodge a complaint to the supervisory authority – the President of the Office for Personal Data Protection.