We would like to inform you that in accordance with the General Data Protection Regulation (hereinafter referred to as “GDPR”):
Data Controller
The data controller of your personal data is AFORMIC Polska Sp. z o.o. with its registered office in Gliwice, 113 Wyczółkowskiego Street, 44-109 KRS: 0001041734, NIP: 9691658467, REGON: 525570917 (hereinafter referred to as „Data Controller„).
Contact
For further information about the processing of your personal data, we encourage you to contact us by email at: prawnik@aformic.com or in writing to the registered office address indicated in the paragraph above.
Purposes and legal basis for processing
We will process your personal data in order to:
The provision of personal data is voluntary; however, the refusal to provide such data may result in the inability of the Data Controller to fulfil the purposes indicated above.
Rights in relation to processing
In accordance with the GDPR, you have the right to:
At any time, you have the right to object to the processing of data processed on the basis of Article 6(1)(f) GDPR indicated above (i.e. purposes and grounds for processing).
In addition, if you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa.
Please send requests in the aforementioned area to the e-mail address: prawnik@aformic.com. In order to ensure that you are eligible to make a request, we may ask you to provide additional information to authenticate your identity.
Data retention period
We will process the data for the period necessary for the aforementioned purposes, in particular for the duration of the cooperation, its finalisation and the period in which the data must be stored by law, as well as for the period necessary to secure possible claims – in accordance with the period of limitation of claims under the law.
Recipients of data
As a general rule, personal data will not be transferred outside the European Economic Area („EEA„). However, given the provision of services by our subcontractors in the provision of support for ICT services and IT infrastructure, the Data Controller may outsource certain activities or IT tasks to recognised subcontractors operating outside the EEA, which may result in the transfer of your data outside the EEA. In accordance with the European Commission’s decision, recipient countries outside the EEA shall ensure an adequate level of protection of personal data in accordance with EEA standards.
In the case of recipients in the territory of countries not covered by the European Commission’s decision, in order to ensure an adequate level of this protection, the Data Controller shall conclude agreements with recipients of personal data which are based on the standard contractual clauses issued by the European Commission in accordance with Article 46(2)(c) GDPR.
Automated decision-making
The Data Controller does not make decisions by automated means, including profiling as defined in Article 22 GDPR.