Privacy policy
1. PERSONAL DATA PROTECTION POLICY
This Privacy Policy is a set of rules designed to inform you about all aspects of the process relating to the collection, processing and protection of your personal data.
This policy specifies how and for what purposes your personal data will be processed, how they will be protected and what your rights will be. Barlinek processes personal data for different purposes, and different collection methods, legal grounds for processing, use, disclosure and storage periods may apply depending on the purpose.
The protection of personal data is especially important to us, and we give priority to the security of all data held by us. The guarantee of applying the highest standards and principles of personal data processing security are the policies, procedures and trainings implemented by us, including data protection, confidentiality and security, as well as appropriate IT systems, including independent certificates (SSL certificate). Regular checks on the measures taken to ensure their adequacy in order to secure the data held and the principle of minimising the processing thereof guarantee the security and transparency of the processes conducted.
Personal data are processed on the basis of the applicable provisions of the law, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter referred to as the GDPR) and the Act on Personal Data Protection.
We hope that this Privacy Policy will help you understand the principles, purposes and ways in which we collect personal information we provide, both through the website and in connection with our business activities with our customers, contractors and their employees, and marketing, including training, contests and loyalty programmes.
2. PERSONAL DATA CONTROLLER
The Controller of your personal data is Barlinek S.A. with its registered office in Kielce (25-323), Al. Solidarności 36, KRS 0000018891, NIP 959-08-21-486 (hereinafter referred to as: Barlinek / the Controller) If you have any questions regarding the processing of your data, please contact us via e-mail daneosobowe.bsa@barlinek.com
3. PROCESSING OPERATIONS
4. LEGAL BASIS FOR THE PROCESSING
Barlinek will only process your personal data in accordance with the applicable provisions of the law. The legal basis for the processing of personal data in each process is specified in the relevant tab above.
Barlinek processes your personal data taking into account not only the legitimate interest of the Controller, but, above all, respecting your rights under the provisions on personal data protection and their impact on the activities undertaken in selected areas of activity.
5. DATA TRANSFER
Barlinek transfers personal data to other entities, including state authorities, exclusively on the basis of the provisions of the law.
In connection with its business activity which requires protection of many administrative and technical elements, Barlinek entrusts the processing of personal data to external entities. We make every effort to provide services of the highest quality with the support of external entities. The concluded and appropriate outsourcing agreements guarantee the highest standard of protection and confidentiality and security of personal data, as well as their use only for the purpose of performing the contractual or legal obligation of the Controller.
Personal data processed by us may be transferred to:
- the entities belonging to the Barlinek Capital Group. Information on other Barlinek companies can be found here.
- to external entities, providing services commissioned by Barlinek which are necessary for the purposes for which we process your personal data, including, but not limited to, services related to customer service (e.g. complaints), services related to the handling of the recruitment process, debt collection, logistics, postal and courier services, marketing and advertising, customs, accounting, hotel, technical.
- IT systems security providers, providers of information technology, software, hosting and website management services, backup and data analysis services
- law enforcement authorities, regulatory authorities and other state authorities or third parties, where required by applicable provisions of the law (in a manner consistent with such provisions).
Barlinek hereby reserves the right to disclose selected information concerning the data subject to the competent authorities or third parties who request such information, on an appropriate legal basis and in accordance with applicable provisions of the law.
The transfer of personal data outside the EEA to a country which, in the opinion of the European Commission, does not guarantee an adequate level of protection of personal data, takes place on the basis of an agreement which takes into account the EU requirements regarding the transfer of personal data outside the EEA, with appropriate clauses ensuring the security of processing. The transfer of personal data to the United States is based on the Transatlantic Data Privacy Framework to organizations that are listed in the “List of Data Protection Frameworks”.
Automatic processing of personal data
Your personal data are not processed using tools based on automated decision-making (including in the form of profiling) in such a way that as a result of such automated processing, any decisions could be made that would produce legal effects or would similarly affect any effects. towards clients, contractors, their employees or associates, as well as the administrator’s employees or associates or job candidates
6. RIGHTS OF NATURAL PERSONS
You have the following rights in connection with the processing of personal data:
- the right of access to processed personal data – on this basis, the Controller, at the request of the data subject, provides information about the processing of personal data concerning the subject, including, first of all, the purposes and legal bases of the processing, the scope of the possessed data, the entities to whom the personal data are disclosed and the planned date of their deletion;
- the right of data rectification – on this basis, the Controller, at the request of the data subject, removes possible incompatibilities or errors concerning the processed personal data, and supplements or updates them, if they are incomplete or have been changed;
- the right to delete the data – on this basis, the Controller shall, at the request of the data subject, removes the data the processing of which is no longer necessary for the performance of any of the purposes for which the data were collected, the consent for their processing was withdrawn or an objection was lodged and it is not required for the determination, pursuit or defence of the Controller’s claims;
- the right to limit and transfer the processing – on this basis, the Controller, at the request of the data subject, ceases to perform operations on these personal data, to the extent permitted by law, and also issues these personal data in a format allowing their reading by a computer;
- the right to lodge a complaint – by exercising this right, the person who deems their personal data as being processed in breach of the applicable law, may file a complaint with the President of the Office for Personal Data Protection:
- the right of objection – the data subject may at any time object to the processing of personal data for the purposes for which they were collected;
- the right to withdraw consent – if we process personal data on the basis of the granted consent, the data subject may withdraw such consent at any time. Withdrawal of the consent shall not render the processing of personal data until that moment illegal; the withdrawal of the consent shall not affect the lawfulness of the existing processing, however, shall cause the personal data to be no longer used for such purposes.
An application to exercise the rights described above may be submitted by post to the following address: Al. Solidarności 36, 25-323 Kielce or via e-mail daneosobowe.bsa@barlinek.com
The application should, as far as possible, precisely indicate to what it pertains, i.e. in particular the addressee of the application and which of the above mentioned rights the applicant wishes to use. If the Controller is unable to determine the content of the application or identify the applicant on its basis, the Controller shall request additional information from the applicant.
The notification will be answered without delay, not later than one month after its receipt. If it is necessary to extend this time limit, the Controller shall inform the applicant of the reasons for the extension. The reply shall be given in writing unless the application is submitted by e-mail or providing the response electronically was requested.
7. REVISION
To the extent not regulated by this Privacy Policy, the provisions of the Personal Data Protection Act and the GDPR shall apply.
The Policy is reviewed on an ongoing basis and updated as necessary.
We reserve the right to change individual provisions of our Privacy Policy without prior notice. Please check our Privacy Policy each time before using our offer in order to get acquainted with its current version in case of possible changes and updates.
8. COOKIE FILES
Information about cookies can be found at the link: Cookies Policy
9. QUESTIONS AND CONTACT
The Controller stores correspondence with the Customer for statistical purposes and the best and quickest possible response to inquiries, including the request to remove data or exercising the right of objection, the data collected in this manner will not be used for purposes other than execution of the application.
If you have any questions regarding the processing of your personal data, please contact us by post at the following address: Al. Solidarności 36, 25-323 Kielce or by e-mail to daneosobowe.bsa@barlinek.com