We attach particular importance to personal data protection. This declaration defines the legal basis for the processing of personal data and the methods of their collection and use. Furthermore, it provides information about the rights of natural persons. We use personal data for the purposes specified in this document or other purposes indicated each time upon the reception of personal data.
Personal data means any information relating to an identified or identifiable natural person. We collect personal data for various purposes, indicated each time together with the basis of processing and the period of retention.
We attach utmost importance to the safety of all data we hold. We comply with the recognised international safety standards. We have implemented framework policies, procedures and training related to personal data protection, confidentiality and safety. We carry out regular controls of safety measures for their adequacy for the protection of data.
We process the personal data of business contacts (present and potential customers and/or natural persons related to them), using customer relationship management systems. We collect the personal data of contacts and enter them into our systems. Such personal data include the following: first and last name, name of the employer, position of the contact person, telephone/mobile number, email address and other official contact details. Furthermore, we collect data from the email system (first and last name of the sender, first and last name of the addressee, date and time) and the calendar (name/first and last name of the organiser, first and last names of the participants, date and time of the event), as well as data regarding finances and accounting (terms of payment, invoicing address, bank account number, etc.)
Sources of personal data:
We use personal data to obtain information about accounts, customers and services that may be interesting for you. Personal data may be used for the following purposes:
The personal data of our business contacts are processed based on the legitimate interest of the data controller or consent, if such consent was requested from the personal data subject. Our legitimate interest of the personal data controller involves the direct marketing of our services or provision of information that may, in our opinion, be interesting for our customers.
Personal data will be stored in the system for the period required to achieve the goal for which the data were necessary or until the end of existence of a claim (a maximum of 6 years).
In case we need to process personal data in order to provide professional services, we request our customers to provide us with information about the use of the data of data subjects. If necessary, customers may refer personal data subjects to this document. We collect solely personal data necessary to achieve the indicated goals. As a rule, we collect personal data from our customers or third parties in compliance with the instructions of a given customer. Personal data may include first and last name, the name of the employer, position, telephone/mobile number, email address and other official contact details.
Sources of personal data:
Personal data are used for the following purposes:
Personal data are processed for business purposes, including:
In case we are supposed to fulfil our obligations under regulations requiring personal data protection (e.g. in the scope of fulfilling fiscal obligations or proving/ documenting the provision of professional services), the legal basis for the processing of personal data of natural persons related to our corporate customers is the obligation resulting from such regulations. The personal data of natural persons related to our business customers may be processed also based on the legitimate interest of the data controller (e.g. providing services for the employer of the data subject) or consent, if such consent was requested from the personal data subject.
Personal data that we process are stored for the period deemed necessary to achieve to goal for which they were collected (including in accordance with binding laws and legal regulations).
If there are no specific legal, regulatory or contractual requirements, the basic period of storage for records and other documentary evidence prepared during the provision of services is a maximum of 6 years.
We collect personal data in case a natural person contacts us in order to make an inquiry, lodge a complaint or share comments or opinions with us (data such as first and last name, contact details and the content of the message).
Sources of personal data:
We use personal data solely for the purpose of answering a message and handling a case in a proper manner. The aforementioned personal data may include the following: first and last name, name of the employer, position of the person who has contacted us, telephone/mobile number, email address and other official contact details.
In case personal data are processed for purposes other than those specified above, we act based on legitimate interest or consent in case we requested such consent from the data subject.
Personal data that we process are stored for the period deemed necessary to achieve to goal for which they were collected.
Persons visiting our websites usually have control over the personal data they provide to us. To a limited extent, we may collect personal data by automated means through cookie files on our website.
We receive the following data from the visitors of our websites: first and last name, position, company address, email address and telephone number (for instance in case a person subscribes to a newsletter). Visitors may also send us an email through the website. Such messages indicate the user name and email address and additional information that the user wants to include. Please do not use the websites to provide information falling within special categories of personal data (such as information about racial or ethnic origin, religious or philosophical beliefs or trade union membership, information about mental and physical health, genetic data, biometric data, information about sexual life or sexual orientation or the criminal past). Providing such information for any reason will be equivalent to giving express consent for us to collect and use such information in the way specified in this document or in the location where the information was disclosed.
In case the visitor provides us with personal data, they are used for purposes specified upon their transfer (or if they are obvious in the context of data transfer). Personal data are collected usually for the following purposes:
Unless specified otherwise, we may also use data for contacting a user in order to provide him or her with information about our activity, services and events, and any other information that may be interesting for the user. The user may each time decide not to receive the foregoing information by following the instruction provided in communication addressed to that person or by contacting us by email at firstname.lastname@example.org
The personal data of visitors of our websites are processed based on the legitimate interest of the data controller or consent, if such consent was requested from the personal data subject.
Personal data collected through websites are stored for as long as necessary (e.g. throughout the period of our relationship with that person).
We have safety measures for protecting our own information and the information of our customers (including personal data). We collect and store personal data as part of procedures regarding contracts from our customers and their acceptance. As a professional entity, we are obliged to comply with legal requirements.
As a rule, we do not transfer any personal data outside the area of the EEA. If necessary, data will be transferred based on an agreement that provides for the EU requirements in the scope of the transfer of personal data outside the area of the EEA, such as standard contractual clauses approved by the European Commission. The clauses are available here.
We provide data to other entities in compliance with all personal data protection regulations and solely when necessary for the proper pursuit of the goal for which your data was collected.
We update our safety policy on a regular basis. It was last updated on: 01.07.2019
The controller of your personal data is:
Should you have any questions concerning this document or the methods and goals of personal data processing, contact us at:
Conlea sp. z o.o.
ul. Lęborska 3B
You have the right to access, rectify, erase and transfer your personal data, the right to restrict their processing of your data and the right to lodge a complaint. If processing is based on your consent, you have the right to withdraw the consent at any time without affecting the lawfulness of the processing based on the consent before withdrawal; Providing personal data is voluntary, but a failure to provide such data may make it impossible to execute the contract, provide services or participate in marketing actions and competitions, depending on the purpose for which we collect your data. Your personal data may be processed by automated means, including in the form of profiling. This allows us adjust our services to your needs. We will not, however, use the profiling to make decisions based solely on automated processing (e.g. profiling) that would give rise to legal consequences for you or would have a similar significant impact.
We hope that there will be no need to lodge any complaints regarding personal data protection but, otherwise, you may do so at the email address: email@example.com. Please provide as many details of the event in question as possible. You have also the right to lodge a complaint with the Personal Data Protection Office at ul. Stawki 2, 00-193 Warsaw.