WHO IS THE DATA CONTROLLER FOR YOUR PERSONAL DATA WE PROCESS AND HOW CAN YOU CONTACT US?
Centrum Bezpieczeństwa Cyfrowego, located in Katowice at Porcelanowa 23, registered at Modlińska 129/U10, 03-186 Warsaw, is the data controller for your personal information we process.
If you have questions about the processing of your personal data and your rights, please contact us:
THE COMPANY HAS DESIGNATED A DATA PROTECTION OFFICER.
It performs this function Michał Chmiel. The Data Protection Officer can be contacted at the following email address: [email protected]
DATA PROCESSING IN ACCORDANCE WITH THE LAW
We collect and process personal data necessary in relation to our business activities, in accordance with applicable law, including the GDPR and the principles of data processing contained therein.
We process personal data transparently and we always inform data subjects about the processing of data at the time of collection, including but not limited to informing them about the purpose and legal basis for processing. We make sure that the data is collected only to the extent necessary to achieve the indicated purpose and processed only for the period in which it is necessary.
When processing personal data, we ensure its integrity and confidentiality as well as access to information about processing to data subjects. If, despite the implemented security measures, there has been a personal data breach (e.g. ‘data leakage’ or loss), we will inform the affected data subjects about such an event in a manner consistent with the law.
FOR WHAT PURPOSES AND ON WHICH LEGAL BASIS WE PROCESS YOUR DATA?
Commercial contracts
In connection with commercial contracts, we obtain data from contractors / clients of persons involved in the implementation of such contracts (e.g. persons authorized to contact, placing orders, executing orders, etc.). The legal basis for processing personal data for this purpose is our legitimate interest (Article 6 (1) (f) of the GDPR), related to effective performance of a commercial contract.
Data processing in connection with the performance of other contracts
When we collect data for purposes related to the performance of a specific contract, we provide the data subject with detailed information regarding the processing of his personal data at the time of concluding the contract or at the time of obtaining personal data when the processing is necessary in order to take steps at the request of the data subject prior to entering into a contract.
Direct marketing
We process personal data through various communications channels, i.e. via email, MMS / SMS or by phone to offer our products and services. The legal basis for processing personal data for this purpose is our legitimate interest (Article 6 (1) (f) of the GDPR) – direct marketing.
Newsletter
We process personal data for the purpose of sending the Digital Fingerprints newsletter based on data subject consent (Article 6 (1) (a) of the GDPR), which can be withdrawn at any time by unsubscribing from the newsletter.
Social media
We process personal data of people visiting our accounts / channels on social networks (LinkedIn, YouTube, Pinterest, Facebook, Twitter, Instagram). We process this data only in connection with our accounts, which includes sharing information about our activities and promote various types of events, services and products. The legal basis for processing personal data for this purpose is our legitimate interest ((Article 6 (1) (f) of the GDPR) – promoting our own brand.
WHAT ARE YOUR RIGHTS RELATED TO THE PROCESSING OF YOUR PERSONAL DATA?
Your right of access
You have the right to ask us for copies of your personal information – we provide information to the person making the request about data processing purposes and legal grounds for processing, scope of data we process, any recipients to which we disclosed the data and when we plan to erase the data.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances:
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances. In the event of such a request, we stop performing operations on personal data – with the exception of operations to which the data subject has consented and their storage – in accordance with accepted retention rules or until the reasons for the restriction of data processing cease ( e.g. a decision of the supervisory authority allowing further processing of data is issued).
Your right to data portability
This applies only to information you have given us. You have the right to ask that we transfer the information you gave us to another organization or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated, provided there are technical capabilities in this regard both on our side and that of another data recipient.
Your right to object to processing
You have the right to object to processing unless we can give your strong and legitimate reasons to continue using your data despite your objections. However, you have an absolute right to object to using your data for the purpose of direct marketing. In this case we will stop processing your data regardless of our legitimate interests.
Your right to withdrawal of consent
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Your right to complain
You also have the right to lodge a complaint to the President of the Personal Data Protection Office, if you feel that the processing of your personal data violates the provisions of the applicable law.
HOW LONG DO WE PROCESS YOUR PERSONAL DATA?
The period of data processing depends on the purpose of processing. As a rule, data is processed for the duration of the service or performance of the contract, until the consent is withdrawn or effective objection to data processing is raised in cases where the legal basis for data processing is the legitimate interest of the controller.
The data processing period may be extended if the processing is necessary to establish and assert any claims or defend against them, and after that time only if and to the extent required by law. After the processing period is completed, data is irreversibly deleted or anonymized.
Digital Fingerprints S.A. ul. Żeliwna 38, 40-599 Katowice. KRS: 0000543443, Sąd Rejonowy Katowice-Wschód, VIII Wydział Gospodarczy, Kapitał zakładowy: 1 128 828,76 zł – opłacony w całości, NIP: 525-260-93-29
Biuro Informacji Kredytowej S.A., ul. Zygmunta Modzelewskiego 77a, 02-679 Warszawa. Numer KRS: 0000110015, Sąd Rejonowy m.st. Warszawy, XIII Wydział Gospodarczy, kapitał zakładowy 15.550.000 zł opłacony w całości, NIP: 951-177-86-33, REGON: 012845863.
Biuro Informacji Gospodarczej InfoMonitor S.A., ul. Zygmunta Modzelewskiego 77a, 02-679 Warszawa. Numer KRS: 0000201192, Sąd Rejonowy m.st. Warszawy, XIII Wydział Gospodarczy, kapitał zakładowy 7.105.000 zł opłacony w całości, NIP: 526-274-43-07, REGON: 015625240.