AFORMIC Polska Sp. z o.o. with its registered office in Gliwice, 113 Wyczółkowskiego Street, 44-109 Gliwice, KRS: 0001041734, NIP: 9691658467, REGON: 525570917 (hereinafter “Data Controller”), which can be contacted as follows:
The Data Controller reserves the right to make changes to this Policy, and each User of the Website is obliged to know the provisions of the current Policy. The most common reasons for changes may be, in particular, the development of Internet technology, changes in generally applicable law, or the development of the Website through the implementation of new functionalities by Data Controller. The change will be communicated to the Users of the Website by posting the updated version on the Website or in the manner customarily adopted by the Data Controller in dealing with the Users, including, in particular, by e-mail.
In connection with the User’s use of the Website, the Data Controller collects data to the extent necessary to provide the particular services offered. Detailed rules and purposes for processing Personal Data collected during the User’s use of the Website are described below.
Purpose of personal data processing | Legal basis and term of the processing period |
Undertaking the steps necessary to conclude and implement the contract | Legal basis: Article 6(1)(b) GDPR – performance of a contract.
Processing period: for the duration of the contract and for the period resulting from the provisions of the law relating to the obligation to keep accounting documents, as well as for the period of limitation of possible claims. |
Fulfilment of the Data Controller’s obligations under the law, in particular those related to bookkeeping and accounting records | Legal basis: Article 6(1)(c) GDPR – legal obligation.
Processing period: The data are processed for the period resulting from the applicable legal regulations. In the case of accounting and accounting records, as a rule, the period is 5 years calculated from the end of the year in which the event occurred for which the accounting document was issued. |
Conducting correspondence, as part of the handling of the case, including answering questions via the contact telephone number and e-mail address of the Data Controller provided on the Website | Legal basis: art. 6(1)(f) GDPR – legitimate interest of the Data Controller.
Processing period: no longer than necessary to respond and/or resolve the matter, with the proviso that thereafter the data may be processed for the period of limitation of possible claims. |
Analysing web traffic, ensuring security on the Website and customizing content for Users | Legal basis: Article 6(1)(f) GDPR – legitimate interest of the Data Controller.
Processing period: Data related to web traffic analysis collected through cookies and similar technologies may be stored until the cookie expires. Some cookies never expire, so the duration of data storage will be equivalent to the time necessary for the Data Controller to fulfil the purposes of data collection, such as ensuring security and analysing historical data related to website traffic. |
Determination, investigation and defence against claims | Legal basis: Article 6(1)(f) GDPR – legitimate interest of the Data Controller.
Processing period: within the statute of limitations for possible legal claims. |
Voluntariness of providing data:
The transfer of data is voluntary, but necessary for the performance of a contract and other purposes of the Data Controller indicated above. Refusal to provide data may result in the inability to perform the contract and other processing purposes indicated above.
Profiling
The Data Controller will not use the acquired data of the Users of the Website to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 GDPR.
Recipients of data
The Data Controller may share the processed data of the Users of the Website:
Transfer of data to third countries
Users’ personal data, as a rule, will not be transferred outside the European Economic Area (hereinafter „EEA„). However, taking into account the provision of services by our subcontractors in the implementation of support for ICT services and IT infrastructure, the Data Controller may outsource certain activities or IT tasks to recognized subcontractors operating outside the EEA, which may ultimately result in the transfer of Users’ data outside the EEA.
States of recipients outside the EEA, in accordance with the decision of the European Commission, shall ensure an adequate degree of protection of personal data in accordance with EEA standards. For recipients in the territory of countries not covered by the European Commission’s decision, in order to ensure an adequate degree of such protection, the Data Controller or an entity acting on behalf of the Data Controller shall conclude agreements with the recipients of your personal data, based on the based on the standard contractual clauses issued by the European Commission, or the Data Controller shall apply other adequate and appropriate safeguards required by data protection legislation.
Rights relating to the data processing
The GDPR specifies certain rights that individuals have in connection with the processing of their personal data by Data Controllers. Accordingly, Users of the Website are entitled to the following:
In order to exercise your rights, you should contact the Data Controller at e-mail address: prawnik@aformic.com or by mail to the registered office address indicated above.
We would like to inform you that the rights indicated above are not absolute and do not apply in every case of Website User data processing by the Data Controller. Before exercising the above-mentioned rights, the Data Controller is required to verify the person making the request as the subject of the personal data covered by the request.
2. PROCESSING OF PERSONAL DATA THROUGH SOCIAL NETWORKS
In connection with the User’s use of Social Networks, such as:
The Data Controller processes personal data of Users.
The following describes the specific principles and purposes of the processing of personal data collected during the use of Social Networks by the User.
Purpose of personal data processing | Legal basis and data storage and processing period |
Effectively maintaining profiles on Social Networks, in particular by providing Users with information about products, initiatives and other activities related to the promotion of various events, services and products | Legal basis: Article 6(1)(f) GDPR – legitimate interest of the Data Controller. Processing period: no longer than necessary to respond and/or resolve the matter, with the proviso that thereafter the data may be processed for the period of the statute of limitations for possible claims. It is also possible to process until an objection is made (or the user’s account on the Social Network is deleted). |
Enabling activity on the Data Controller’s profiles, in particular, through correspondence through the services offered by the providers of the Social Networking Sites used, (including but not limited to: private messages, comments, etc.), as part of the handling of the matter, including answering the questions asked | Legal basis: art. 6(1)(f) GDPR – legitimate interest of the Data Controller. Processing period: until an objection is raised (or the user’s Social Network account is deleted). |
Determination, investigation and defence against claims | Legal basis: Article 6(1)(f) GDPR – legitimate interest of the Data Controller. Processing period: until the statute of limitations for possible legal claims. |
Voluntariness of providing data:
The transfer of data is voluntary, but necessary for the performance of a contract and other purposes of the Data Controller indicated above. Refusal to provide data may result in the inability to perform processing purposes indicated above.
Profiling
The Data Controller will not use the acquired data of the Users to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 GDPR.
Recipients of data
The catalogue of recipients of personal data processed by the Data Controller depends mainly on the products and services used by the user of a given Social Network, as well as the user’s consent or provisions of applicable law. The Data Controller may make the processed data of Users available to, among others:
Transfer of data to third countries
Users’ personal data, as a rule, will not be transferred outside the European Economic Area (hereinafter „EEA„). However, taking into account the provision of services by our subcontractors in the implementation of support for ICT services and IT infrastructure, the Data Controller may outsource certain activities or IT tasks to recognized subcontractors operating outside the EEA, which may ultimately result in the transfer of Users’ data outside the EEA.
States of recipients outside the EEA, in accordance with the decision of the European Commission, shall ensure an adequate degree of protection of personal data in accordance with EEA standards. For recipients in the territory of countries not covered by the European Commission’s decision, in order to ensure an adequate degree of such protection, the Data Controller or an entity acting on behalf of the Data Controller shall conclude agreements with the recipients of your personal data, based on the based on the standard contractual clauses issued by the European Commission, or the Data Controller shall apply other adequate and appropriate safeguards required by data protection legislation.
Rights vested in connection with the processing
The GDPR specifies certain rights that individuals have in connection with the processing of their personal data by Data Controllers. Accordingly, Users are entitled to the following:
In order to exercise your rights, you should contact the Data Controller at e-mail address: prawnik@aformic.com or by mail to the registered office address indicated above.
We would like to inform you that the rights indicated above are not absolute and do not apply in every case of User data processing by the Data Controller. Before exercising the above-mentioned rights, the Data Controller is required to verify the person making the request as the subject of the personal data covered by the request.
Co-administration of data of users of Social Networks
The Data Controller may process the personal data of Users visiting the Data Controller’s company profiles maintained on Social Networks (i.e. Facebook, X, YouTube, LinkedIn), in order to analyse users’ use of the Data Controller’s company profile and related content (including observing or stopping observing the Data Controller’s company profile maintained on a given Social Network, recommending the company profile in a post, reaction to the Data Controller’s publications, etc.) (legal basis Article 6(1)(f) GDPR, namely the Data Controller’s legitimate interest in conducting statistics). In this case, the Data Controller together with the owner of the respective Social Network are joint controllers of users’ personal data.
Details of the processing of users’ personal data under this processing are indicated:
It is the responsibility of the owner of a given Social Network to notify Users who use the products and services of a given Social Network about the processing of data for statistical purposes and to enable them to exercise their rights in accordance with the GDPR.
3. THE USE OF COOKIES
Cookies are computer data stored on the Users’ terminal equipment, intended for the use of the websites.
The Website allows the collection of information about the User through cookies and similar technologies, the use of which most often involves the installation of this tool on the User’s device (computer, smartphone, etc.). This information is used to remember the decisions of the User of the Website (including choice of font, contrast, acceptance of the Policy), to maintain the session of the User (e.g. after logging in), to remember the password (with consent), to collect information about the User’s device and his/her visit for security purposes, but also to analyse visits and to adjust the content.
The Data Controller uses cookies for the following purposes:
The Website uses the following types of cookies:
The Website does not automatically collect any information except that contained in cookies. These include: IP address, domain name, browser type, operating system type, as well as data on the User’s navigation path and the time spent on specific pages.
For details on how cookies are handled, please refer to your browser settings. By means of these settings, it is possible to determine the extent of the User’s consent to the placement of these types of files on his/her browser. However, restricting the use or preventing the use of cookies may affect some of the Website’s functionalities. The User of the Website also has the possibility to use the Website in the so-called incognito mode, which blocks the collection of data about his/her visit.
Cookies placed on your terminal equipment may also be used by advertisers and partners cooperating with the Website operator.
The Data Controller informs that the introduction of restrictions on the use of cookies may affect some of the functionalities available on the Website. Additional information on the cookies policy can be obtained by contacting the Data Controller, at the e-mail address: prawnik@aformic.com.