Privacy policy
General information
The Privacy Policy informs about the purposes, grounds and methods of processing personal data of the Website Users of www.dsk-kancelaria.pl (hereinafter: “Service“) given, among others, in contact forms, during the recruitment process or through any correspondence with the Administrator.
The processing of personal data is understood as all activities performed on personal data, in particular such as: collecting, recording, organizing, ordering, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, disseminating or otherwise making available, matching or linking, limiting, erasing or destroying.
Personal data administrator
Administrator of your personal data is DSK Depa Szmit Kuźmiak Jackowski spółka komandytowa with its registered office in Poznań (60-359) ul. Zbąszyńska 29, entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000792556, kept by the District Court for Poznań – Nowe Miasto and Wilda in Poznań, 8th Commercial Division of the National Court Register, with NIP: 7792437471, REGON: 36326812900000, e-mail address: office@dsk-kancelaria.pl (hereinafter: “Administrator“).
The Administrator pays special attention to maintaining the privacy of Users visiting the Website, as well as people with whom the Administrator conducts conversations or correspondence in any form (hereinafter: “Users“).
Personal data collected by the Administrator are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /WE (hereinafter: “GDPR“).
In all matters related to the protection of Users’ personal data, you can contact the Administrator by e-mail: office@dsk-kancelaria.pl or by traditional mail.
The administrator processes personal data for specified, lawful purposes and stores this data no longer than it is necessary to achieve the purposes of processing, in a manner that ensures adequate security.
Purposes and legal grounds for data processing
Users’ personal data are processed by the Administrator only for the purpose of:
- responding to any questions, notifications and complaints of Users and conducting related correspondence, via e-mail or other forms of communication with the Administrator (Article 6(1) point b of the GDPR if the communication is related to the performance of a contract to which the data subject is a party or is aimed at taking action at the request of the data subject before concluding the contract and Article 6(1)(f) of the GDPR in other cases of communication);
- concluding and implementing contracts concluded with the Administrator, including performing activities aimed at concluding a contract, e.g. preparation of an offer, execution of a payment transaction (Article 6(1)(b) of the GDPR);
- fulfillment of the legal obligations incumbent on the Administrator towards the competent authorities, in particular the implementation of tax and accounting obligations (Article 6(1)(c) of the GDPR);
- pursuing rights or defending against claims of Users and third parties (Article 6(1)(f) of the GDPR),
- sending marketing and commercial content via electronic messages, such as information about the Administrator’s products and services, as well as publishing marketing content on the Website on on the basis of the User’s voluntary consent (Article 6(1)(a) of the GDPR), or if the law allows it, on the basis of the Administrator’s legitimate interest in promoting its own brand (Article 6(1)(f) of the GDPR),
- to maintain ongoing contact with business partners, including customers and persons responsible on the part of the partner for the performance of the contract with the Administrator. The administrator processes the contact details of such persons for the purpose of ongoing communication with business partners and maintaining contacts with them for the purpose of proper and effective performance of the contract (Article 6(1)(f) of the GDPR),
- consideration of the candidate and conducting the recruitment process in connection with the submitted application (if personal data is required by law, the legal basis for processing is Article 6(1)(c) of the GDPR, and in the case of additional data, the provision of which is voluntary, the legal basis for processing is the candidate’s consent expressed by sending application documents by the candidate, Art. 6(1)(a) of the GDPR),
- consideration of the candidate in future recruitment processes based on a separate consent given by the candidate (Article 6(1)(a) of the GDPR).
The Administrator may also process personal data of Users who have interacted with social profiles maintained on popular social networking sites by the Administrator. These data are processed in order to enable the conduct and ongoing management of the Administrator’s profiles, including communication with the community and the organization of events on the terms set out in the functionalities of individual social media and their regulations. The data of users of a given community may also be processed for statistical and analytical purposes and may be processed to assert rights and defend against claims (Article 6(1)(f) of the GDPR). The above information does not apply to the processing of personal data by the administrators of these websites.
Scope of personal data processed
The Administrator may process the following data:
- name, surname, e-mail address, telephone number, name of the organization associated with the User and any other data that will be voluntarily provided when contacting the Administrator, including using electronic forms,
- name name, e-mail address, telephone number, name of the organization associated with the User, professional experience, education, image, address and all additional data sent to the Administrator included in the CV and the form in the recruitment process,
- name, surname, address, e-mail address, telephone number, bank account number, NIP number, REGON number, if the User is a current Customer, partner or associate of the Administrator.
The Administrator may also collect and process other personal data, if they are necessary to achieve the goals and have been provided by the User. If personal data have not been collected from the data subject, they have been obtained, for example, from customers, contractors, partners or associates of the Administrator, as well as from publicly available registers and online platforms.
Providing data is voluntary, however, it may be necessary to achieve the purposes of processing, including concluding a contract with the Administrator, receiving answers to questions or taking part in the recruitment process. Failure to provide them may result in failure to conclude a contract, inability to consider the User’s candidacy in the recruitment process and failure to obtain answers to submitted questions or complaints.
Users may also visit the Website anonymously.
Recipients of personal data
The recipients of Users’ personal data will be employees, associates and subcontractors of the Administrator, entities related personally to the Administrator, entities providing hosting of the Website, servers and e-mail providers, external entities providing ICT support services, entities providing payment brokerage services, accounting office, auditors , state authorities, entities providing courier and postal services, entities offering electronic communication tools and entities offering marketing and analytical tools.
Period of personal data processing
The period of personal data processing depends on the purpose and legal basis of processing.
Users’ personal data will be processed:
- for the duration of the cooperation between the User and the Administrator, and after this period for the time necessary to fulfill the Administrator’s legal obligations, but not longer than until the date of limitation of claims,
- until the consent is withdrawn or modified, if the processing takes place on on the basis of consent,
- until the transaction is completed and for the period of limitation of any claims arising from the transaction,
- until exhaustion of the User’s inquiry addressed to the Administrator in a comprehensive manner,
- until the end of current communication or until objections to processing are raised, but no longer than until the limitation of claims in accordance with applicable regulations,
- until the fulfillment of the legal obligation imposed on the Administrator, in particular the exhaustion of inquiries from competent state authorities, including law enforcement and tax and tax authorities,
- throughout the recruitment process, but not for longer than 3 months, and if a given candidate consents to the processing of data for the purposes of future recruitment, they will be stored until such consent is withdrawn, but not longer than for 12 months.
Personal data may be processed for no longer than the period required by applicable law or the period needed by the Administrator to protect against claims or pursue rights.
After the end of the processing period, the data is irreversibly deleted or anonymized.
Rights of persons whose personal data are processed
The User has the following rights regarding his personal data processed by the Administrator:
- The right to withdraw consent at any time, if it is the basis for processing. Withdrawal of consent does not affect the lawfulness of the processing that was made on the basis of consent before its withdrawal.
- The right to access your data, including the right to access information about these data, including purposes of processing, categories of data processed, recipients of data or periods of processing.
- The right to request rectification of personal data if the data is incorrect.
- The right to request the deletion of personal data, the processing of which is no longer necessary to achieve any of the purposes for which they were collected.
- The right to request restriction of personal data processing.
- The right to transfer personal data.
- The right to object to the processing of your personal data, which takes place on the basis of the Administrator’s legitimate interest – art. 6 sec. 1 lit. f) GDPR.
- The right to lodge a complaint with the competent supervisory authority. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.
Transfer of data to a third country or an international organization
The Administrator does not provide for the transfer of the User’s personal data to a third country (outside the European Economic Area) or an international organization, and if such transfer takes place in the future, it will take place on the terms consistent with the GDPR and the provisions of this Privacy Policy.
Automated decision-making, profiling
Users’ personal data will not be processed in an automated manner and will not be profiled.
Changes to the Privacy Policy
The Administrator may introduce changes to the Privacy Policy with the proviso that the introduction of changes will take place with the utmost care to maintain the security of personal data being processed, in particular by applying technical and organizational security measures adequate to the identified data security threats. The User should read the changed Privacy Policy.
The current Privacy Policy is effective from 1st December 2022.
The website may contain links to other websites. The Administrator encourages Users to read the privacy policy established there after going to other websites. This privacy policy applies only to the Website.