The following document constitutes implementation of information policy of BIPROJEKT Ltd. towards the users of website service www.biprojekt.pl (hereinafter referred to as ‘Service’) regarding all aspects of personal data processing and protection. We wish to stress we place great emphasis on protection, collection, processing and use of your personal data in accordance with the binding regulations.
I. Information on the Administrator and the collection of personal data
1.1. The controller of your personal data under REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the Regulation) is Biuro Inżynieryjno-Projektowe BIPROJEKT Sp. z o.o. Brukowa 12, 91-341 Łódź entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Łódź Śródmieścia in Łódź, XX Commercial Department of the National Court Register under KRS: 0000346636, REGON: 100823626, NIP: 7252017908.
1.2. The Controller processes the personal data provided in the contact form for the purposes of providing the service via e-mail. For these purposes, the Controller collects your personal data such as e-mail address, first name and surname. It is necessary to provide your email address in order to receive a reply to your inquiry made via online contact form and the data processing takes place pursuant to art 6 (1) point b) of the Regulation.
1.3. The Controller also uses the information provided in the cookie files, which provide data regarding users’ activity in the Service. The use of cookie files takes place upon your consent. You may turn off cookie files in your browser at any time. For more details concerning the use of cookie files, see Cookie Files Policy.
1.4. The Controller declares that the data subject shall not be subject to automated processing, including profiling under the Regulation.
1.5. The Controller stores the provided personal data for the period which is necessary for the purposes of processing. Upon expiration of the period, your personal data shall be deleted.
II. Rights of the data subject
2.1. You have the right to receive confirmation from the Controller as to whether your personal data is processed, to gain access to the data and request information from the Controller regarding the purposes of data processing, categories of the processed personal data, the recipients or categories of recipients of the data, the storage period for the personal data, the source of the data if collected from a third party as well as whether the Controller uses automated processing of the personal data, including profiling. You also have the right to obtain a copy of the data.
2.2. Furthermore, you have the right to demand to rectify, delete, restrict the processing of and transfer the data. You also have the right to object to the processing of the data. These rights apply:
2.2.1. regarding the demand to rectify the data: if your personal data are incorrect or incomplete
2.2.2. regarding the demand to delete the data: if your personal data are not necessary for the purposes for which they were collected by the Controller; if you withdraw your consent to the processing of the data; if you raise an objection to the processing of your data; if your data are not processed in accordance with the law; if your data should be deleted pursuant to legal regulations or if your data were collected in connection with the Information Society services provision.
2.2.3. Regarding the restriction of processing of the data: if your personal data are incorrect, you have the right to restrict processing for the period which allows the Controller to verify the correctness of the data in question; if processing of your personal data is not in compliance with the law, but you do not wish to delete them; if your personal data are not needed by the Controller, but you will need them to determine, pursue or defend claims; if you have raised an objection to the processing of your personal data until it is determined whether legally founded grounds on the Controller’s end override the grounds for the objection;
2.2.4. regarding the demand to transfer the data: if the processing of your personal data takes place based on your consent or agreement and if the processing of the data is automated.
2.2.5. Regarding the right to raise an objection: if the processing of your personal data takes place with a legitimate interest and your objection is justified in light of your special circumstances as well as if your personal data are processed for the purposes of direct marketing, including profiling.
2.3. You also have the right to lodge a complaint with a supervisory authority should you feel the processing of your personal data infringes the provisions of the Regulation.
2.4. Due to the implemented security procedures, you may be asked to confirm your identity prior to exercising your rights
III. Consent to the processing of personal data
3.1. If the Controller processes your personal data which are not necessary to provide the service, you always provide this data voluntarily upon giving consent to process the data provided.
3.3. You may withdraw your consent at any time by sending the Controller a statement regarding withdrawal of your consent in a way specified in point 7 hereof.
3.4. The withdrawal of consent does not affect the legality of processing of the data which was done prior to withdrawing it.
IV. Information on recipients / categories of recipients of personal data
4.1. The controller partially uses the services of external providers, e.g. hosting, postal, accounting and IT service providers, who on behalf of the controller process personal data. Transfer of personal data may serve only rendering their services. The controller employs the services of entities which provide sufficient guarantees in terms of data protection.The processing of personal data by these entities takes place under written agreements signed with the Controller. The entities concerned comply with the Controller’s guidelines and are subject to audits conducted by the Controller.
V. Security of personal data
5.1. The controller processes personal data pursuant to the Regulation, employing the appropriate technical and organizational measures to ensure the security, confidentiality and integrity of personal data, including protection against unauthorized access, unauthorized change, unauthorized disclosure or deletion of the personal data.
VI. Contact details
All and any claims, requests, notifications and inquiries regarding personal data processing shall be made via e-mail a firstname.lastname@example.org or in writing at Biuro Inżynieryjno – Projektowe BIPROJEKT Sp. z o.o. ul. Brukowa 12, 91-341 Łódź.