Our goal is to provide you with a sense of security in our Website. Therefore, please carefully read the summary below, informing you how our Website works. You can be sure that your data will be processed in a transparent and fair manner, and that we will make every effort to ensure that your data is treated with caution and responsibility.
For the purposes of this Policy, we use the following terms. The terms used in this Policy shall have the following meaning:
- Controller (Us) - Smart Work spółka z ograniczoną odpowiedzialnością [limited liability company] based in Świdnica, Rynek 1a, entered in the Register of Entrepreneurs of the National Court Register by the District Court for Wrocław-Fabryczna in Wrocław, 9th Commercial Department of the National Court Register under KRS number 0000550541, NIP [Tax ID No.]: 8842754100, or the subject which, according to the GDPR, decides on the methods and purposes of processing of your personal data.
- Personal data - all information about a physical person identified or identifiable by one or more specific factors determining the physical, physiological, genetic, psychological, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technology.
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC.
- Website – the website run by us at www.smartwork.pl with all subpages.
- User, Customer (You) – any natural person visiting the Website or, depending on the context and situation, intending to use or using the services and functionalities offered on the Website.
3. The scope of processing of your personal data.
We collect and process your personal data only to the extent necessary to guarantee the presented functionality of the Website, for example, when you use our contact forms to ask us a question, get an offer or make contact.
Security of your personal data is extremely important to us. Therefore, we take technical and organisational measures to ensure protection of your stored data, in order to effectively prevent its loss and misuse by third parties. Our employees dealing with the processing of personal data are in particular bound by the obligation to keep the data confidential.
Your personal data is protected by ensuring that it is sent in encrypted form; e.g. when communicating with your web browser, we use SSL (Secure Sockets Layer). Your browser will display a padlock symbol so that you can see when an SSL connection has been established. In order to ensure the protection of your data at all times, technical security measures are subject to regular reviews and are adapted to new technological standards as necessary. These rules also apply to companies to whom we order processing and use of data in accordance with our instructions.
We would like to point out that we do not transfer, sell or use our personal data to other individuals or institutions, unless it is done with your express consent or at your request, in accordance with applicable law or at the request of a court, prosecutor, police or other authorised body in case of violation by other Users of the law.
4. Purpose of personal data processing.
We collect, process and use your personal data for the following purposes:
- Conclusion and performance of the contract in the scope of services provided by us.
- Replying the question, presenting the offer.
- Service for a potential client before entering into a contract, in the process of concluding a contract and after concluding a contract - in a telephone and electronic form.
- Promoting our brand through the use of social media.
5. Legal basis for data processing.
Your personal data may be processed based on the following legal principles:
- 1. Article 6 para. 1 (a) The GDPR constitutes the legal basis for processing activities for which we obtain your consent for a given processing purpose.
- 2. Article 6 para. 1 (b) The GDPR says that personal data may be processed to execute the contract. The same applies to any processing activities necessary to perform pre-contractual activities, such as handling inquiries about our services.
- 3. Article 6 para. 1 (f) The GDPR applies to our legitimate interests, in particular to promote our brand in social media. Our business is to provide reliable and universal information about our activities, scope and quality of services.
6. The right to provide data.
Providing personal data by you in the case of the will to conclude a contract is a contractual requirement - we are required to conclude a contract and execute it properly. Failure to provide data will prevent us from concluding a contract and executing it.
In the remaining scope, providing data is fully voluntary but necessary for us to answer your question.
7. Categories of personal data processed on the Website.
- Using contact forms. Obtaining information about our services before the conclusion of the contract, in connection with its conclusion and after its conclusion is possible via the contact forms available on the Website or via email message to the email address provided or via telephone using the telephone number provided. Using the abovementioned functionalities requires entering your name, email address, message content, and sometimes company name.
- Social media. We run company profiles on social media (Facebook, Instagram, Twitter, Vimeo). The data is processed only in connection with the maintenance of the profile, including to inform about our activity and to promote various types of events, services and products, as well as to communicate with users via the functionalities available in social media. Our goal is to promote our own brand and build and maintain a brand-related community.
8. Cookies and similar technologies.
9. . Period of data processing.
The processing time of your personal data depends on the type of service provided and the purpose of the processing. As a rule, your data is processed as long as the service is provided or the order is being processed, until the consent is withdrawn or the effective opposition to data processing is filed in cases where our legitimate interest is the legal basis for data processing.
The data processing period may be extended if the processing is necessary to establish and assert any claims or defend against them, and after that time only in the event and to the extent required by law. After the processing period has expired, the data is irreversibly deleted or anonymized.
As soon as the purpose ceases to apply or is implemented, your personal data will be deleted or its processing will be limited. If data processing is limited, such data will be deleted as soon as the periods of data retention imposed by law, company agreement or articles of association cease to prevent such deletion unless there is reason to assume that such deletion would endanger legitimate interests and provided that such deletion would not require a disproportionate effort due to the special nature of storage.
10. Your rights related to the protection of personal data.
In connection with the collection of your personal data, you have a number of rights resulting from the GDPR. If you want to use any of these rights free of charge, just send us a message. You can use the following contact details without incurring any costs other than those charged by your telecommunications service provider for providing the message:
- e-mail: firstname.lastname@example.org
- traditional mail: Smart Work sp. z o.o., Rynek 1A, Świdnica.
For your safety, we reserve the right to obtain further information when responding to an existing query in order to confirm your identity. If the identification proves impossible, we also reserve the right to refuse to respond to your request.
For the full realisation of your rights, we reserve the right to clarify your request, in particular when it is not clear enough for us.
11. Right to access the data.
You have the right to request information from us about your personal data stored by us. When submitting a request for access to your personal data, you will receive information about the processing of personal data, in particular about the purposes and legal basis for processing, the scope of data kept, entities to which personal data is disclosed and the planned date of its deletion.
12. Right to rectification
You have the right to promptly correct and/or supplement your personal data. It is our obligation to ensure that our mutual communication is based on real, complete and current data.
13. Right to limit the processing.
You have the right to demand that the processing of your personal data be limited if you question the accuracy of the data stored about you, if the processing is illegal and we no longer need the data, but you do not want that data to be deleted and you require it to report, execute or defend your rights under the law, or if you have submitted objections to their processing.
14. Right to deletion.
You have the right to request removal of your personal data stored by us, unless the maintenance of data is necessary to ensure freedom of speech, freedom of access to information, fulfilment of obligations under the law, because of public interest, to report or defend against claims or to claim rights under the law.
15. Right to information.
If you have submitted the right to rectify, delete or limit the processing of your data, we will notify all recipients of your personal data about the way of rectification, deletion or limitation of the processing of such data, unless this is impossible or involves a disproportionate effort.
16. Right to transfer the data.
You have right to obtain a copy of the data provided to us, which will be sent to you or a third party in a structured, standard format, readable by machine readers. If you are requesting this data to be transferred to another data controller, this will be done if it is technically possible.
17. Right to object.
JIf your personal data is processed on the basis of the legitimate interest, in line with art. 6 para. 1 (f) of the GDPR, you have the right to object to processing at any time, in accordance with art. 21 of the GDPR.
18. Right to withdraw consent.
If your data is processed on the basis of your consent, you have the right to withdraw it at any time, with future effect. This will not affect the data collected so far. We hope you understand that for technical reasons, processing your withdrawal of consent may require a certain amount of time, and that you can continue to receive messages from us in such a period.
19. Right to submit a complaint to the supervisory authority.
If the processing of your personal data violates data protection laws or if your data protection rights have been violated in any other way, you can submit a complaint to the supervisory authority. The supervisory authority competent in Poland is the President of the Office for Personal Data Protection in Warsaw.
20. Verification of the request.
If you send us a request for the execution of a given right, the answer will be given within one month of its receipt. If it is necessary to extend this deadline, we will inform you of the reasons for such extension.
Reply to your request will be provided to the email address from which you sent the request, and in the case of letters sent via traditional mail to the address indicated by you, unless the content of the letter indicates the desire to receive reply to the email address (in In this case, please provide your email address).
21. Transfer of personal data to third parties.
When transferring your personal data, we ensure that the level of security is always the highest possible, that is why your data is only transferred to partner companies carefully selected and bound with contractual obligations.
In connection with the services and products offered on our Website, your data may be entrusted or made available to entities supporting our activities without which we would not be able to fulfil our obligations.
Your personal data may be processed on our behalf by such entities as IT subcontractors dealing with data hosting services, email service provider, a company that manages our social media profiles.
Finally, we may transfer your data to third parties or public administration authorities in accordance with current data protection regulations, if required by law (e.g. on the basis of an order issued by a public administration body or court).
22. Data transmission outside the EEA.
Your data obtained through the Website is processed within the European Economic Area.
23. Personal data protection officer.
To increase the security of processing of your personal data, we have appointed a data protection officer. Contact with the inspector in matters relating to the processing of personal data is possible at the following email address: email@example.com or by phone: +48 730 330 760.
Version: April 2019.