ABOUT THE PROCESSING OF PERSONAL DATA
IN ACCORDANCE TO THE GENERAL DATA PROTECTION REGULATION
Dear Sir or Madam,
In connection with the implementation of the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation, hereinafter: Regulation), TECH-PROJECT informs about the principles of personal data processing:
The administrator of your personal data is TECH-PROJECT Limited Liability Company based in Radom, 26-600 Radom ul. Inwestycyjna 4, registered at the District Court for the capital city of Warsaw in Warsaw, XIV Economic Department of the National Court Register under the number KRS 0000518003, NIP 9482601664, REGON 147357159, contact phone: 48 609 425 898, email: firstname.lastname@example.org , hereinafter referred to as the “Administrator”.
II. Categories of personal data
The information relates to personal data obtained in a different way than from the person whose data is being processed. The administrator processes the following categories of data: identification data, address data and contact details.
III. The purposes and legal basis for processing personal data
Personal data may be processed by the Administrator for the following purposes:
IV.Information on periods of personal data processing
The administrator will store your personal data:
The administrator uses video monitoring to protect property and ensure the safety of persons staying in the monitored area. The basis for processing is the Administrator’s legitimate interest, i.e. art. 6 clause 1 lit. f of the GDPR. Records from monitoring will be kept for up to 3 months. A person registered by the monitoring system has the right to access the recording through an authorized entity, e.g. the Police, based on applicable law. A person registered by the monitoring system has the right to lodge a complaint with the Office for Personal Data Protection.
VI. Information on recipients of personal data
The data is intended for the Administrator and can be forwarded to the following recipients:
VII. Automated decision making, including profiling
Profiling should be understood as any form of automated processing of personal data that involves the use of personal data to assess certain characteristics of a person, in particular to analyze or forecast aspects of the person’s work, his economic situation, health, personal preferences, interests, credibility, behavior, location or movement. Considering the above, TECH-PROJECT Limited Company informs that it does not conduct profiling of data subjects.
VIII. The rights of the person whose data is being processed
You have the right to access your personal data, including obtaining a copy of it, the right to request rectification, deletion (right to be forgotten), restriction of processing on the terms resulting from the GDPR.
To the extent that the basis for the processing of your personal data is the premise of the legitimate interest of the Administrator, you have the right to object to the processing of your personal data.
To the extent that the basis for the processing of your personal data is consent, you have the right to withdraw consent. Withdrawal of consent does not affect the compliance of the processing that was carried out on the basis of consent before its withdrawal.
To the extent that your personal data is processed for the purpose of conclusion and performance of the contract or processed on the basis of consent – you also have the right to transfer personal data, i.e. the right to receive your personal data from the Administrator in a structured, a commonly used, machine-readable format (you can send this data to another Administrator) and the right to request a direct transfer of your data by TECH-PROJECT Limited Liability Company to another Administrator, if it is technically possible.
To the extent that your personal data is processed for the purpose of promotion and marketing of the Administrator’s activities – you have the right to object at any time to the processing of your data for the purposes of the promotion and marketing of the activities carried out by the Administrator, including profiling, to the extent that the processing is related to the promotion and marketing of the activities carried out by TECH-PROJECT Limited Liability Company, you also have the right to lodge a complaint with the body supervising compliance with the the GDPR, i.e. the President of the Office for Personal Data Protection in a situation where it exists suspicion that the processing of your personal data violates the provisions on the protection of personal data.
IX.Source of data origin
The information relates to personal data obtained in a different way than from the person whose data is being processed.
Your data may come from the principal (in the case of a power of attorney), statutory representative, as well as publicly available sources (e.g. databases and registers: REGON, Central Business Register (CEIDG), National Court Register).
X.Transfer of personal data to a third country
Your personal data may be transferred outside the European Economic Area as part of the Administrator’s use of the services of entities providing solutions and IT systems, which entities may store personal data on servers located outside this area (including in the United States) or as part of the provision by Administrator of services related to business operations – to the extent necessary to perform them.
The basis for such a transfer may be a decision of the European Commission stating the appropriate level of protection or the use of appropriate legal safeguards, which are in particular standard contractual clauses for the protection of personal data, approved by the European Commission. In particular, in the case of transferring personal data to the United States, the appropriate level of protection for such data, including through the use of appropriate safeguards, is ensured by the EU-US Privacy Shield established by the European Commission implementing decision as a set of rules guaranteeing adequate protection of privacy.
If the European Commission fails to issue a decision stating an adequate level of protection or if adequate legal safeguards are not provided, personal data may be transferred to a third country on the basis of one of the conditions listed in art. 49 paragraph 1 GDPR, including in particular based on your explicit consent. You have the right to obtain a copy of personal data transferred to a third country.
XI. Obligation to provide personal data
Providing your personal data is voluntary, however, it is a condition for the conclusion and performance of the contract and statutory rights and obligations of the Administrator related to the implementation of the objectives referred to above. If personal data are not provided, the Administrator is forced to refuse to conclude a contract. To the extent that personal data is collected based on your consent, providing personal data is voluntary.