Privacy policy
- General information
In respecting the right to privacy and data protection of persons who provide us with their personal data, including customers, training participants, contractors and their employees, we inform that the data we obtain is processed in accordance with EU and national law and in conditions that guarantee its safety. The Privacy Policy developed by our experts is an expression of the principles recognized by the companies, which, taking into account the context of their operation, pay particular attention to personal data security. The administrator of personal data (hereinafter referred to as “APD”) collected on the website is:
- Szot Bieniek Buchman Szot Adwokaci Sp. p. [L.L.P] – SBBS, located at ul. Rynek 13, 33-300 Nowy Sącz, entered into the Register of Entrepreneurs kept by the District Court for Kraków Śródmieście in Kraków, 12th Commercial Division of the National Court Register, under number 0000409170, NIP (Tax Identification Number): 7343514469, REGON (National Business Registry Number): 122497180.
- Legal grounds for data processing
- The personal data collected by the APD shall be processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR“), the Act of 10 May 2018 on Personal Data Protection (Journal of Laws of 2018, item1000) and of the Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws of 2017, item 1219 as amended).
- APD shall process only the personal data that the User has provided in connection with the use of the website. The scope of data processing shall be as follows:
- conclusion and performance of the contract, including invoicing or billing and providing services (scope of data: name, surname, address, delivery address, e-mail) – Art. 6 (1)(b) of the GDPR,
- establishing cooperation (scope of data: name, surname, address, e-mail address, telephone number, other data provided by the candidate in the application form) – Art. 6 (1)(a) of the GDPR,
- claiming recovery (scope of data: name, surname, address, delivery address, e-mail, other data necessary to validate or defend the claim) – Art. 6 (1)(f) of GDPR,
- fulfilling legal obligations imposed on APD with regards to running a business (scope of data: any data obtained from the User) – Art. 6 (1)(c) of the GDPR,
- conducting independent marketing and promotional activities (scope of data: name, surname, address, e-mail address, telephone number) – Art. 6 (1)(f) of GDPR,
- conducting marketing and promotional activities based on consent obtained separately – Art. 6 1(a) of the GDPR,
- sending commercial information via electronic mail in accordance with Art. 10 (2) of the Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws of 2017, item 1219, as amended), Including sending a newsletter (scope of data: name, surname, address, delivery address, e-mail) – Art. 6 1(a) of the GDPR,
- using telecommunications end equipment and automated calling systems for direct marketing purposes in accordance with Art. 172 of the Telecommunications Law of 16 July 2004 (Journal of Laws of 2017, item 1907, as amended).
- What type of data does the APD collect?
- The APD collects or may collect the following personal data via the contact form available on the website or via direct contact initiated by the User (by e-mail or phone):
- identification details (including name, surname, date and place of birth),
- contact details (phone number, address, e-mail address),
- details on employment,
- other details provided by the User during their contact with the APD.
- After filling out the contact form or subscribing to the newsletter, the User obtains access to this Privacy Policy and information on the APD. Providing personal data is voluntary but necessary to contact the APD and to receive the newsletter.
- Browsing the content of the website does not require providing personal data other than the information automatically collected regarding the parameters of the connection.
- Profiling of data collected
The APD does not profile personal data of the users.
- The duration of personal data processing
- Personal Data will be processed for the period:
- necessary for the implementation of contracts concluded through the website, including after their implementation due to the parties’ right to exercise their rights under the contract, as well as due to the possible recovery of claims;
- ending when the purpose of data processing ends, i.e. until the completion of a given recruitment process, if consent to data processing concerned only a given recruitment process
- ending with the withdrawal of consent or making an objection to data processing – in cases of personal data processing on the basis of a separate consent;
- until the end of calendar year following the year in which the application was submitted, if the consent concerned the processing of personal data for the purpose of a larger number of recruitment processes organized by APD, including the ones that were launched after submission of application documents during the period indicated in this item;
- The APD stores personal data of users also when it is necessary to fulfill legal obligations imposed on the APD, resolve disputes, enforce obligations of the User, maintain security and prevent fraud and abuse. The data processing period in the cases described above is determined individually, but may not exceed 10 years from the implementation of the objectives described above.
- Rights of the User
- The APD allows users to implement the rights referred to in item 2 below. In order to exercise their rights, the User should send a request by e-mail to the following address: kancelaria@sbbs.com.pl or via post to the following address: SZOT BIENIEK BUCHMAN SZOT ADWOKACI Sp. p., ul. Rynek 13, 33-300 Nowy Sącz.
- The User has the right to:
- access their data,
- correct/update their data,
- erase their data,
- restrict the processing of their data,
- transfer their data,
- object to processing of their data,
- withdraw consent at any time, with withdrawal of the consent not affecting the lawfulness of the processing performed on the basis of consent made before the withdrawal,
- file an appeal to a supervisory body, i.e. the President of the Personal Data Protection Office.
- The APD shall address the requests submitted immediately, but not later than within one month of their receipt. However, if – due to the complexity of the request or the number of requests – the APD will not be able to process the User’s request within the indicated time, the User shall be informed about the intended extension of the deadline and indicate the date for the application to be responded to, which shall not exceed a two-month period.
- The APD shall inform any recipient to whom personal information has been disclosed about rectification or deletion of personal data or imposing restrictions regarding its processing which has been made in accordance with the User’s request, unless this proves impossible or involves a disproportionate effort.
- Disclosure of information
- In order to implement the contract, the APD may provide the collected data to entities including: employees, co-workers, delivery services, operators of online payment systems or entities providing us with IT services. In such cases the amount of processed data is limited to the very minimum. Personal data may be made available to competent public authorities if required by applicable law.
- For recipients not indicated above, personal data being processed shall be not made available to third parties in a form that would make it possible to identify users in any way.
- Technical Equipment
- The APD makes every effort to secure personal data and protect it against the actions of third parties, and also supervises the security of data throughout the processing of data in a manner that protects against unauthorized access by third parties, damage, distortion, destruction or loss.
- Transferring personal data outside the European Economic Area
- Personal data shall not be transferred to countries outside the EEA. The APD uses servers to store data located in EEA countries.
- Cookies
- Cookies used by the APD do not impose any security threat to the User’s device. In particular, it is not possible for any viruses or other unwanted software or malware to be transferred to the device via cookies. These files allow for the identification of the software used by the User and adjustment of the Service individually to each User. Cookies usually contain name of the domain from which they come, the period of storage on the device and the ascribed value.
- Types of cookies:
- session cookies: these are stored on the User’s device and remain there until the session of a given browser ends. The recorded information is then permanently removed from the memory of the Device. The session cookies mechanism does not allow for the collection of any personal data or any confidential information from the User’s device.
- permanent cookies: these are stored on the User’s Device and remain there until they are deleted. Ending a browser session or turning the Device off does not delete them from the User’s Device. The permanent cookies mechanism does not allow for the collection of any personal data or any confidential information from the User’s device.
- The User can limit or or block cookies’ access to their device. If the User uses this option, Website will still be usable, except for the functions that, by their nature, require cookies. It is recommended to use software with enabled cookies.
- The APD uses cookies for:
- website configuration
- identification of the User’s device and its location and displaying the site tailored to their individual needs;
- storing information of what pages were visited in order to recommend content;
- user authentication on the website and maintaining the User’s session;
- correct configuration of selected functionalities on the website, particularly for the purpose of verifying the authenticity of the browser session – ensuring security and reliability;
- optimizing and increasing the efficiency of the services provided;
- audience analysis and research.
- Changing privacy policy and cookies
- The APD has the right to change this document; the current Privacy Policy shall be made available on the website.
- This document does not limit any user rights in accordance with generally applicable laws.