Regulations

Personal Data Processing Regulations

Lubaz Sp. z o.o. Sp. k., (hereinafter referred to collectively as the “Company”) ensures that it processes personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union L.2016.119.1) (hereinafter referred to as “the GDPR”) and national laws.

The purpose of these Regulations is to explain the adopted principles of personal data processing and to discuss the basic rights related to the processing of data of the persons concerned by the Company.

[CONTROLLER]

The controller of personal data is Lubaz spółka z ograniczoną odpowiedzialnością spółka komandytowa with its registered office in Wieczfnia Kolonia12, 06-513 Wieczfnia Kościelna (hereinafter referred to collectively as: “Controller”).

The contact with the Controller is possible through the above-mentioned mailing address as well as via e-mail: info@lubas.com

[BASIC RULES OF THE PROCESSING]

CONTROLLER:

undertakes to review this document regularly and to modify it if necessary due to an update of the data protection legislation or guidelines of the state or European supervisory and control authorities or changes in the ways, purposes or legal basis for personal data processing.

shall not take decisions in individual cases in an automated manner (in particular does not use profiling),

shall not transfer personal data to third parties,

shall make every effort to select the entities cooperating with it, so that they can guarantee the security of the processing of personal data entrusted to them by the Controller,

shall ensure that data are collected only to the extent necessary to achieve the indicated purpose and processed only for the period of time necessary.

shall inform about the processing of the data at the time of their collection, except where it is not obliged to do so under separate regulations,

shall apply organisational and technical solutions to ensure that all personal data operations are secured properly,

has implemented the procedures that allow only authorised persons to access the personal data, and only to the extend that is necessary for the performance of their tasks,

shall endeavour to ensure the security, confidentiality and transparency of the processing of personal data,

[SCOPE, PERIOD AND PURPOSE OF PERSONAL DATA PROCESSING]

1. CONCLUSION AND PERFORMANCE OF THE CONTRACT FOR SERVICE PROVISION

Personal data storage period

The controller will process your personal data for the period necessary to achieve the purpose of the Contract. In the case of data processing on the basis of the Controller’s legitimate interest, data will be processed for the period necessary to perform such interest or to raise an effective objection to the data processing.

The period of processing may be extended within the limits of the law if the processing of personal data is necessary for the investigation or defence against claims. After the period of processing, the data will be deleted or made anonymous. current contact not related to the services provided to you or not connected with the performance of another agreement between you and the Controller in order to solve or finalise the case to which the correspondence relates (legal basis Art. 6 section 1(f) of the GDPR), conducting e-mail and traditional correspondence related to the Controller’s activities (legal basis Art. 6 section 1(f) of the GDPR).

The Controller has obtained your personal data directly from you or from the entity you represent, in which you are employed or with which you cooperate.

The data provision is voluntary.

Purposes of processing

The Controller processes your data for the following purposes:

Scope and source of data

The Controller processes your personal data within the following scope: name, surname, name of the employer/entity with which you cooperate or which you represent, position, e-mail address, correspondence address, telephone/fax number.

2. CORRESPONDENCE AND TELEPHONE CONTACT

Personal data storage period

The Controller will process the personal data for the period necessary to execute the order, and for the period required by the tax law. In the case of data processing on the basis of the Controller’s legitimate interest, data will be processed for the period necessary to perform such interest or to raise an effective objection to the data processing. The period of processing may be extended within the limits of the law if the processing of personal data is necessary for the investigation or defence against claims. After the period of processing, the data will be deleted or made anonymous.

The Controller has obtained your personal data directly from you or from the entity you represent, in which you are employed or with which you cooperate.

Purposes of processing

The Controller processes your data for the following purposes:

performing a contract to which you are a party or to act upon your request before concluding the contract (legal basis: Art. 6 section 1(b) of the GDPR),

conducting e-mail and traditional correspondence related to the order (legal basis: Art. 6 section 1(f) of the GDPR),

performing another legitimate interest related to the concluded contract for the provision of services, i.e. execution of an order covered by this contract or the assertion of claims or defense against claims (legal basis: Art. 6 section 1 (f) of the GDPR).

Scope and source of data

The Controller processes your personal data within the following scope: name, surname, name of the employer/entity with which you cooperate or which you represent, position, e-mail address, correspondence address, telephone/fax number and other data that the Ordering Party provided to the Controller for the purposes of Contract performance (e.g. (information on wages, NIP (Tax Identification Number), PESEL (Personal Identification Number)).

[DATA RECIPIENTS]

In connection with the Controller’s activities and to the necessary extent , personal data may be transferred to external entities, including in particular:

entities providing accounting services;

entities cooperating with the Controller on the basis of a service provision agreement, to the extent necessary for the performance of the agreement;

entities conducting postal or courier activities;

banks, when it is necessary to settle transactions;

entities responsible for operating IT systems and equipment,

state authorities or other entities entitled under the law to perform the Controller’s obligations (Tax Office, Chief Labour Inspectorate, Social Insurance Institution) and other entities to the extent to which the Controller will be obliged by law to transfer them

[DATA SUBJECTS’ RIGHTS]

Processing of personal data within the framework of providing information services is regulated by agreements between cooperating entities.

Subject to the situations included in the provisions of law, data subjects shall be entitled to:

access their data;

rectify inconsistencies or mistakes in the data processed or to supplement them;

information about the data processed, including the purposes and grounds for processing;

limit the processing of personal data;

withdraw consent at any time without affecting the lawfulness of the processing, provided that the processing is based on a consent;

transfer their personal data;

object to the processing for marketing purposes or, based on the Controller’s legitimate interest,

to complain to the supervisory authority, i.e. the President of the Personal Data Protection Office in case the processing of personal data is considered to violate the provisions of law, including the GDPR.

Motions concerning the performance of these rights should be submitted in writing or electronically to the addresses indicated above.

[CUSTOMER COMMITMENT]

The Ordering Party, acting on behalf of and for the Controller, undertakes to pass on the content of these Regulations to the natural persons whose contact details it provides to the Controller. It does.

  • Polski
  • English
  • Deutsch
  • Čeština
  • Русский
  • Español

Europejski Fundusz Rozwoju Regionalnego