1. PERSONAL DATA PROTECTION POLICY
This policy specifies how and for what purposes your personal data will be processed, how they will be protected and what your rights will be. Barlinek processes personal data for different purposes, and different collection methods, legal grounds for processing, use, disclosure and storage periods may apply depending on the purpose.
The protection of personal data is especially important to us, and we give priority to the security of all data held by us. The guarantee of applying the highest standards and principles of personal data processing security are the policies, procedures and trainings implemented by us, including data protection, confidentiality and security, as well as appropriate IT systems, including independent certificates (SSL certificate). Regular checks on the measures taken to ensure their adequacy in order to secure the data held and the principle of minimising the processing thereof guarantee the security and transparency of the processes conducted.
Personal data are processed on the basis of the applicable provisions of the law, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter referred to as the GDPR) and the Act on Personal Data Protection.
2. PERSONAL DATA CONTROLLER
The Controller of your personal data is Barlinek S.A. with its registered office in Kielce (25-323), Al. Solidarności 36, KRS 0000018891, NIP 959-08-21-486 (hereinafter referred to as: Barlinek / the Controller) If you have any questions regarding the processing of your data, please contact us via e-mail firstname.lastname@example.org
3. PROCESSING OPERATIONS
– CONTRACTORS AND SERVICE PROVIDERS
4. LEGAL BASIS FOR THE PROCESSING
Barlinek will only process your personal data in accordance with the applicable provisions of the law. The legal basis for the processing of personal data in each process is specified in the relevant tab above.
Barlinek processes your personal data taking into account not only the legitimate interest of the Controller, but, above all, respecting your rights under the provisions on personal data protection and their impact on the activities undertaken in selected areas of activity.
5. DATA TRANSFER
Barlinek transfers personal data to other entities, including state authorities, exclusively on the basis of the provisions of the law.
In connection with its business activity which requires protection of many administrative and technical elements, Barlinek entrusts the processing of personal data to external entities. We make every effort to provide services of the highest quality with the support of external entities. The concluded and appropriate outsourcing agreements guarantee the highest standard of protection and confidentiality and security of personal data, as well as their use only for the purpose of performing the contractual or legal obligation of the Controller.
Personal data processed by us may be transferred to:
- the entities belonging to the Barlinek Capital Group. Information on other Barlinek companies can be found here.
- to external entities, providing services commissioned by Barlinek which are necessary for the purposes for which we process your personal data, including, but not limited to, services related to customer service (e.g. complaints), services related to the handling of the recruitment process, debt collection, logistics, postal and courier services, marketing and advertising, customs, accounting, hotel, technical.
- IT systems security providers, providers of information technology, software, hosting and website management services, backup and data analysis services
- law enforcement authorities, regulatory authorities and other state authorities or third parties, where required by applicable provisions of the law (in a manner consistent with such provisions).
Barlinek hereby reserves the right to disclose selected information concerning the data subject to the competent authorities or third parties who request such information, on an appropriate legal basis and in accordance with applicable provisions of the law.
Due to the international nature of the Controller’s business, personal data may be transferred outside the European Economic Area.
The transfer of personal data outside the EEA to a country which, in the opinion of the European Commission, does not guarantee an adequate level of protection of personal data, takes place on the basis of an agreement which takes into account the EU requirements regarding the transfer of personal data outside the EEA, with appropriate clauses ensuring the security of processing. These clauses are available here.
6. RIGHTS OF NATURAL PERSONS
You have the following rights in connection with the processing of personal data:
- the right of access to processed personal data – on this basis, the Controller, at the request of the data subject, provides information about the processing of personal data concerning the subject, including, first of all, the purposes and legal bases of the processing, the scope of the possessed data, the entities to whom the personal data are disclosed and the planned date of their deletion;
- the right of data rectification – on this basis, the Controller, at the request of the data subject, removes possible incompatibilities or errors concerning the processed personal data, and supplements or updates them, if they are incomplete or have been changed;
- the right to delete the data – on this basis, the Controller shall, at the request of the data subject, removes the data the processing of which is no longer necessary for the performance of any of the purposes for which the data were collected, the consent for their processing was withdrawn or an objection was lodged and it is not required for the determination, pursuit or defence of the Controller’s claims;
- the right to limit and transfer the processing – on this basis, the Controller, at the request of the data subject, ceases to perform operations on these personal data, to the extent permitted by law, and also issues these personal data in a format allowing their reading by a computer;
- the right to lodge a complaint – by exercising this right, the person who deems their personal data as being processed in breach of the applicable law, may file a complaint with the President of the Office for Personal Data Protection:
- the right of objection – the data subject may at any time object to the processing of personal data for the purposes for which they were collected;
- the right to withdraw consent – if we process personal data on the basis of the granted consent, the data subject may withdraw such consent at any time. Withdrawal of the consent shall not render the processing of personal data until that moment illegal; the withdrawal of the consent shall not affect the lawfulness of the existing processing, however, shall cause the personal data to be no longer used for such purposes.
An application to exercise the rights described above may be submitted by post to the following address: Al. Solidarności 36, 25-323 Kielce or via e-mail email@example.com
The application should, as far as possible, precisely indicate to what it pertains, i.e. in particular the addressee of the application and which of the above mentioned rights the applicant wishes to use. If the Controller is unable to determine the content of the application or identify the applicant on its basis, the Controller shall request additional information from the applicant.
The notification will be answered without delay, not later than one month after its receipt. If it is necessary to extend this time limit, the Controller shall inform the applicant of the reasons for the extension. The reply shall be given in writing unless the application is submitted by e-mail or providing the response electronically was requested.
The Policy is reviewed on an ongoing basis and updated as necessary.
8. COOKIE FILES
Barlinek uses cookie files which are small text information, stored on the end device of the User (e.g. computer, tablet, smartphone) and similar technologies, i.a., in order to adapt the service to the needs of users and for statistical purposes. Cookies can be read by the Barlinek IT system.
Barlinek also points out that the cookie files can be deleted by the User after they had been saved by Barlinek via appropriate functions of the web browser, dedicated programmes or by using the appropriate tools, available in the operating system of the User. Information regarding how to delete cookies in the most popular web browsers is available under the following links:
- Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored,
- Opera: https://www.opera.com/help/tutorials/security/privacy/,
- Internet Explorer: https://support.microsoft.com/en-us/help/278835/how-to-delete-cookie-files-in-internet-explorer,
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
Barlinek also informs the Users that the change in the configuration of the web browser which prevents or limits the storage of cookie files on the end device of the User can cause the limitation of functionality of the provided services. Deleting the cookie files when the service is being provided can have similar results. This may interrupt the session after logging in.
THE WEBSITE uses the following cookies:
- _utma – file saved on the computer during the first visit to the website. The file contains a unique identification number by means of which the analytical tool shall be able to identify a unique and new user,
- _utmb – a _utmb cookie file is responsible for storing information about a given visit,
- _utmc – a cookie which works with _utmb to determine whether to start tracking new visits or to include the collected data in existing visits,
- _utmz – a cookie containing information about the sources of visits. Thanks to this file it is possible to calculate, i.a., visits from search engines,
- PHPSESSID – a cookie which holds the current session ID between the server on which the website is installed and the User’s device through which the User communicates with the server and the website
9. QUESTIONS AND CONTACT
The Controller stores correspondence with the Customer for statistical purposes and the best and quickest possible response to inquiries, including the request to remove data or exercising the right of objection, the data collected in this manner will not be used for purposes other than execution of the application.
If you have any questions regarding the processing of your personal data, please contact us by post at the following address: Al. Solidarności 36, 25-323 Kielce or by e-mail to firstname.lastname@example.org