Pursuant to Art. 13 section 1 and section 2 of the General Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Regulation on the protection data) we inform you that:
1. The administrator of personal data in accordance with Art. 4 points 7 GDPR is KMS KICKA MINIEWSKI spółka komandytowa, ul. Legnicka 46a 53-674 Wrocław, NIP: 894-302-37-57, REGON: 021537790, KRS: 0000607679.
2. Providing your personal data is voluntary, however, failure to provide data qualified as necessary for the performance of the contract to which the data subject is a party makes it impossible to conclude and perform the contract and, consequently, to provide the desired service.
3. The administrator obtains and processes the following personal data:
a) name and surname
b) correspondence address
c) telephone number
d) e-mail address
e) company name – (if applicable)
f) NIP number – (if applicable)
g) business address – (if applicable)
4. Personal data was obtained from the contact form, during conversations, telephone contacts, e-mail correspondence, during meetings and will be processed for the purposes of:
a) provision of services, including the execution of the concluded contract and the sale of products,
b) current contact resulting from the concluded contract or actions taken to conclude it,
c) enabling the provision of services electronically, including handling notifications,
d) ongoing contact resulting from the concluded contract or actions taken to conclude it,
e) direct marketing and promotion of own products and services,
f) answering sent questions, conducting correspondence,
g) fulfilling the legal obligations of the Data Administrator in connection with the need to store accounting evidence,
h) defending against claims and pursuing claims for the legitimate interest of the Data Administrator, until the claims period expires in accordance with the Civil Code.
Legal basis: art. 6 section 1 GDPR
5. The administrator processes data in accordance with the law, collects it for specified, lawful purposes and does not subject it to further processing that is inconsistent with these purposes. Data is collected only to the extent adequate, necessary and necessary in relation to the purposes for which it is processed. The administrator does not process special categories of personal data. Providing data is voluntary, but necessary to provide services.
6. Your personal data will not be transferred to third countries or international organizations.
7. The recipients of your personal data are:
a) persons authorized by the Administrator and entities providing services to the Administrator,
b) entities whose data processing is necessary for the performance of the concluded contract or its conclusion,
c) entities to which the Administrator entrusted the processing of personal data (processing entities) on the basis of concluded contracts,
d) entities authorized to receive them under mandatory provisions of law.
8. The Administrator makes every effort to protect the personal data of customers and users against unauthorized access by third parties and, in this respect, applies organizational and technical security measures corresponding to the given risk of personal data processing. The administrator does not share personal data with any unauthorized recipients.
9. The Administrator stores personal data for the period necessary to achieve the purposes of processing and the contract and no longer than the period specified in the applicable legal provisions and no longer than necessary for the purposes arising from the legitimate interests pursued by the Administrator. In connection with the marketing of products and services offered by the Administrator, this data is stored until consent is withdrawn.
10. In connection with the processing of your personal data, you have the right to:
a) access to the content of the processed data (Article 15 of the GDPR),
b) rectification of processed data (Article 16 of the GDPR),
c) deletion of processed data (Article 17 of the GDPR),
d) restrictions on data processing (Article 18 of the GDPR),
e) transfer of processed data (Article 20 of the GDPR),
f) objection to data processing (Article 21 of the GDPR),
g) submit a complaint regarding the processing of personal data by the Administrator to the Personal Data Protection Office (PUODO (Article 77 of the GDPR).
11. The data provided to us is stored and processed by us in accordance with appropriate security measures that meet the requirements of Polish law. All our employees are required to comply with our Confidentiality, Security and Privacy Policies and procedures.
12. If you have any questions regarding this Privacy Policy or your personal data, you can contact us by writing to: info@km-sc.pl