PRIVACY POLICY OF GEWI SPÓŁKA
Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
WITH ITS REGISTERED SEAT IN SZCZECIN

Our privacy policy is structured as follows:

1. Data Information about us as the Personal Data Controller
2. Purposes and legal basis of the processing of personal data
3. Legitimate interests
4. The recipients of Personal Data/ Categories of recipients of personal data
5. Transfer of personal data to a third countries or an international organization
6. Period for which the personal data will be stored/ criteria for determining this period
7. Your Rights
8. Information on the requirement / conditions for providing personal data and the source of the data
9. Automated decision-making
10. Cookies
11. Log information
12. Policy amendments and updates

 

1. Data Information about us as the Personal Data Controller

Please be informed that Administrator of your personal data is: GEWI Sp. z o.o. with its registered office in Szczecin, 8 Rodła Square, 70-419 Szczecin, Poland, entered into the Register of Entrepreneurs under KRS number: 925130, REGON: 520175620, NIP: 5252880285, share capital: 13 200 000,00 PLN, contact details: e-mail address privacy@gewi.pl, contact telephone +48 571 53 51 54 [hereinafter: “Administrator”].

 

2. Purposes and legal basis of the processing of personal data

 

Your personal data shall  be processed:

1. in order to: perform contracts concluded with you or take steps (at your request) prior to the conclusion of such contracts, in accordance with Article 6 sec. 1 lit b (“processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”) of Regulation of the European Parliament and of the Council /UE/ 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (OJ EU L2016, No 119, p. 1) [hereinafter: “GDPR”];
2. in order to: perform contracts with the entity you are: a representative in contacts with the Administrator, an employee, a contractor or a further subcontractor, in accordance with Article 6 sec. 1 lit. f of GDPR; (“processing is  necessary  for  the  purposes  of  the  legitimate  interests  pursued  by  the  controller  or  by  a  third  party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”);
3. in order to: conduct promotional and marketing activities by the Administrator by means other than electronic, including: informing about the Administrator and its activities, sending information and invitations concerning events organised or co-organized by the Administrator, sending greeting cards in accordance with Article 6 sec. 1 lit. f of GDPR; (“processing is  necessary  for  the  purposes  of  the  legitimate  interests  pursued  by  the  controller  or  by  a  third  party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”);
4. in order to: maintain a history of the exchange of questions and answers between you and the Administrator and of orders/procurement carried out by the Administrator for the customer in accordance with Article 6 sec. 1 lit. a of GDPR (“the data subject has given consent to the processing of his or her personal data for one or more specific purposes”).

 

3. Legitimate interests

The legitimate interest pursued by the Administrator in processing your personal data is:

1. with reference to section II lit. b above – communication with the Administrator’s business partner/contractor and performance of the agreement concluded with him/her;
2. with reference to section II lit. c above – the Administrator’s marketing and promotional activity;
3. with reference to section II lit. d above – inventory management and the process of selling services and products, confirming contract performance, managing claims, processing enquiries and providing answers.

 

4. The recipients of Personal Data/ Categories of recipients of personal data

Your personal data may be transferred to: entities authorized under the law, entities authorised under agreements concluded by the Administrator, to the extent necessary to perform the aforementioned obligations / contracts, , as well as to you.

5. Transfer of personal data to a third countries or an international organization

The Controller does not intend to transfer your personal data to third countries or an international organizations.

6. Period for which the personal data will be stored/ criteria for determining this period

Your personal data processed during the use of our website will be deleted or blocked as soon as the purpose of the storage is no longer applicable, the deletion of the data does not conflict with the legal obligation to store the data and there is no other information on the individual processing procedures below.

Your personal data will be stored for the period of cooperation with you or the entity whose representative you are, and after its termination for the period of limitation of claims related to this cooperation or the period necessary for the Administrator to fulfil the obligations imposed on the Administrator by generally applicable laws.

7. Your Rights

The detailed scope of your rights as a data subject (“data subject”) are provided in Chapter III of the GDPR titled “Rights of the data subject”.

At any time, you are entitled to:

1. request access to your personal data relating to you (Article 15 GDPR);
2. request the rectification of your personal data relating to you (Article 16 GDPR);
3. request the erasure of your personal data, except when the processing is necessary for: i) compliance with a legal obligation requiring processing under Union law or the law of the Member State to which the Controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the Controller, ii) archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right referred to in this section is likely to render impossible or seriously impair the achievement of the objectives of that processing, iii) the establishment, exercise or defense of legal claims (Article 17 GDPR);
4. request that the processing of your personal be restricted, relating to you (Article 18 GDPR);
5. object to the processing of your personal data, which is performed on the basis of point II lit. b), II lit. c), II lit. d), above, (Article 21 GDPR);
6. request the transfer of your personal data which is performed on the basis of point II lit a), above provided that the processing is carried out by automated means (Article 22 GPDR);
7. lodge a complaint to the Supervisory Authority (in Poland it is the President of the Office for Personal Data Protection, „Prezes Urzędu Ochrony Danych Osobowych“) (Article 77 GDPR);
8. to the extent that processing is based on your consent – withdraw consent on processing of your personal data at any time without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal.

 

8. Information on the requirement / conditions for providing personal data and the source of the data

With regard to the case under pt. II lit. a) above, provision of personal data is not a statutory requirement, but is a condition for the conclusion or performance of a contract. Failure to provide data will result in refusal to conclude or perform a contract with you.

With regard to the case under pt. II lit. b) above, providing personal data is not a statutory requirement, but failure to provide such data may prevent the performance of the contract with the entity you represent in contacts with the Administrator.

If in the case of pt.  II. lit. b) your data have not been provided directly by you, their source is the entity you represent in contacts with the Administrator or they have been obtained by the Administrator from publicly available sources. In such cases the Administrator processes data concerning your contact details: name, surname, telephone number, e-mail address, the organisation you are representing and the function performed in it (the so-called categories of relevant personal data).

With regard to the case under pt. II lit. c) above, the provision of personal data is not a statutory requirement and is not a condition for the conclusion of a contract. You are not obliged to provide them, but failure to do so will prevent the Administrator from contacting you.

With regard to the case under pt. II. lit. d) above, providing personal data is not a statutory requirement and does not constitute a condition to conclude a contract.

9. Automated decision-making

Your personal data may be processed by an automated or partially automated means.

Your personal data will not, however, be used to make decisions that are based solely on automated processing (including profiling) and have legal effects on you or in a similar way significantly affect you.

 

10. Cookies

Our website uses cookies. We use cookies on our website to personalise content and advertising, provide social media features and analyse traffic to our website. We also share information about the use of our website with our social media, advertising, analysis and IT partners. Our partners may combine this information with other data that you have provided or that they have collected in the course of your use of the Services. You agree to our cookies when you continue to use our website.

Cookies are small text files or other recording technologies that are uploaded and stored on your device by the web browser you are using. These cookies are used to process certain information about you on an individual basis. Thanks to such processing, our website becomes more user-friendly, more effective and safer.

Our website uses different types of cookies. Some cookies are placed by third parties that access our sites. Cookies may be stored on your device if they are strictly necessary for the operation of this website. We need your consent for all other types of cookies. You may change or withdraw your consent at any time in the Borlabs cookie consent tool.

You can change your cookie settings at any time here:Go to cookie settings

The cookies we use are categorised as follows:

1. Relevant
2. Statistics
3. External media

You can prevent or restrict the installation of cookies through the settings of your web browser. You can also delete already saved cookies at any time. The steps and measures required for this, however, depend on the particular web browser you are using. If you have any questions, please refer to your browser’s support function or documentation, or contact your browser’s manufacturer or technical support.

However, if you prevent or restrict the installation of cookies, this may result in not all features of our website being fully usable.

Cookie consent tool from borlabs.io – Borlabs Cookie (Essential)

Our website uses a cookie consent tool with technology from Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter “Borlabs”).

 

When visiting our website, the following personal data is transferred to Borlabs:

 

• Your consent (consents) or withdrawal of consent (consents),
• IP address,
• information about the browser,
• information about your device,
• time of your visit to the website.

 

In addition, Borlabs saves a cookie in your browser (category “Essential”) in order to be able to attribute to you the consent (consents) given or its withdrawal. The data collected in this way are stored until you request their deletion, delete the Borlabs cookie yourself or until the purpose of storing the data ceases. Mandatory statutory data storage obligations remain unchanged.

 

This data processing is carried out in accordance with Article 6 sec. 1 lit. f) of the GDPR on the basis of our legitimate interest in the lawful, user-specific and user-friendly management of cookie consent and thus in the lawful design of our website.

 

A further legal basis for the described data processing is Article 6 sec. 1 lit. c) of the GDPR. As the responsible party, we are under a legal obligation to make the use of technically unnecessary cookies conditional on your consent.

 

Here you can find more details on the cookies used: Go to cookie settings

 

For more information on Borlabs’ use of your data, please see Borlabs’ privacy policy at https://de.borlabs.io/datenschutz/.

 

Borlabs Privacy Policy available at the above address is available in German and English, in case you have any doubts after reading it, please contact us.

Matomo / Matomo Cookie

We use Matomo (formerly: “PIWIK”) on our website. This is an open source software that allows us to analyze the use of our website. Your IP address, the website(s) you visit on our website, the website from which you linked to our website (referrer URL), the time you spend on our website and the frequency with which you visit one of our websites are processed.

To collect this data, Matomo stores a cookie (“Statistics” category) on your terminal device via your Internet browser. Go to cookie settings

We use Matomo to analyze the usage behavior of our website, provided that you have given us your consent for this by agreeing to the use of the corresponding Matomo cookies (statistics) viaour cookie banner. The legal basis for processing the personal data concerning you for this specific purpose is then Art. 6 sec. 1 lit. a) GDPR Go to cookie settings

In accordance with Art. 7 (3) GDPR, you can revoke your consent to the use of the relevant cookies at any time with effect for the future. To do so, you only need to inform us of your revocation by editing your consent in the cookie banner (category “Statistics”) accordingly: Go to cookie settings

We have taken steps to ensure adequate protection of their data as much as possible. We use Matomo with the anonymization function “Automatically Anonymize Visitor IPs”. This anonymization function shortens your IP address by two bytes, so that an assignment to you or to the Internet connection you are using is impossible.

11. Log information

 For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted by your browser to us or to our web space provider and saved in log files (server log files). These so-called server log files contain the type and version of your web browser, your operating system, the website from which you accessed our website (url), the web pages of our website which you visit, the date and time of the respective access, the IP address of the Internet connection which you use to access our website, as well as the amount of data transferred and the requesting provider.

The data collected in this way is temporarily stored, but it is not stored with other data about you.

The data is stored on the legal basis of Article 6 sec. 1 lit. f) of the GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

After seven days at the latest, the data shall be deleted again, unless their continued storage is necessary for evidential purposes. Otherwise, the data shall be exempted from deletion in whole or in part until the incident is finally clarified.

12. Policy amendments and updates

The Administrator  reserves the right to amend this policy and update it, from time to time.