Information clause of PROGNETICS Sp. z o.o.
By Article 13(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (hereinafter GDPR), PROGNETICS Sp. z o.o. informs you that:
Concerning our processing of your data, please read the following details of the processing.
1. Who is the controller of your personal data?
The Administrator of the personal data which you have provided to us is PROGNETICS Sp. z o.o. (hereinafter referred to as the Administrator). You can contact the Personal Data Administrator:
In writing by addressing correspondence to: Grzybowska 87, 00-844 Warsaw;
By e-mail at the address: firstname.lastname@example.org.
2. For what purpose will we process your personal data?
We will process your personal data to:
- entering into a contract with you,
- performance by us of obligations arising from the contract upon its conclusion,
- fulfil the obligations imposed on us by law in the field of: archiving and accounting.
- to pursue payment for our services, if payment for the services is not made, and to defend ourselves against claims by others (according to Article 6(1)(f) of the GDPR).
- for marketing purposes, after you have given your consent to marketing (consent can be given or not on our website, or by contacting the administrator) by the Act of 18 July 2002 on the provision of services by IT means. Giving such consent is voluntary.
3. What is the legal basis for processing?
- For the conclusion of the contract and its implementation, the basis for processing will be Article 6(1)(b) GDPR allowing the processing of data when it is necessary for the performance of the contract between the parties.
- For the processing of data in order to claim payment for our services in case payment for the services has not been made and to defend against possible claims, the basis for processing shall be the legitimate interests pursued by the Administrator (by Article 6(1)(f) of the GDPR).
4. To which recipients may personal data be transferred?
While respecting the nature of your data, including using mechanisms that minimize the number of data transferred and limit the possibility of transferring data about, your data may be transferred to:
- external entities that conduct auditing/control, legal, financial and accounting activities in relation to the Administrator,
- to external entities, including hosting companies in the scope of Administrator’s data collection on external servers,
- insurance companies in the event of claims being filed against the Administrator,
- data may be made available to entities authorized by law,
- entities cooperating with the Administrator on the basis of B2B agreements.
5. Can the data be transferred outside the European Economic Area?
The Administrator will not transfer your personal data to recipients located in countries outside the European Economic Area.
6. What are your rights related to the processing of your personal data?
You have the right to:
- access to your personal data and the right to request rectification, erasure or restriction of processing;
- to object to the processing of your personal data – to the extent that these personal data are processed bases on the legitimate interests of the controller;
- rectify the processed personal data – to the extent in which the indicated data are incompatible with the actual state of affairs. The above does not apply to collected medical data;
- the right to personal data portability;
- to lodge a complaint to the supervisory body responsible for personal data protection which is the President of the Office for Personal Data Protection;
- in the scope in which the basis of processing your personal data is consent, you have the right to withdraw consent, but this will not affect the legality of the processing, which was performed based on consent before its withdrawal.