GDPR

Information Clause on the Processing of Personal Data

In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ L 119, p. 1) – hereinafter referred to as “GDPR”, SOLIDEXPERT INNOVATION SP. Z O.O. with its registered office in Kraków (hereinafter referred to as the “Company”) informs about the principles of processing personal data of entities cooperating with the Company, in particular persons entering into agreements with the Company within the scope of their business activities, persons acting on behalf of business entities that are not natural persons entering into agreements with the Company, persons contacting the Company with the intention of establishing cooperation or designated for contact in connection with the performance of the aforementioned agreements, as well as persons sending correspondence to the Company and the rights of the aforementioned persons.
I. Personal Data Controller
The controller of personal data is SOLIDEXPERT INNOVATION SP. Z O.O. with its registered office in Kraków, at Gabrieli Zapolskiej 44, entered in the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under the number KRS: 7724238730, REGON: 368027904 (hereinafter also referred to as the “Controller”).
II. Contact with the Controller
For matters related to personal data, please contact us by traditional mail or email at the addresses below:
G. Zapolskiej 44; 30-126 Kraków email: biuro@innovation-se.com
III. Purposes and Legal Bases of Processing
When processing personal data, the Controller may rely on one or more of the following legal bases, depending on the circumstances:
a) Article 6(1)(b) GDPR – processing for the purposes of entering into and performing a contract or taking appropriate steps at the request of the data subject prior to entering into a contract,
b) Article 6(1)© GDPR – processing necessary for compliance with a legal obligation to which the Controller is subject, in particular the mandatory retention of accounting and tax documentation,
c) Article 6(1)(f) GDPR – processing necessary for the purposes of the legitimate interests pursued by the Controller, in particular: (i) for the purposes of cooperation or performance of the concluded contract, (ii) for the purposes of establishing and pursuing potential claims or defending against claims, (iii) for responding to inquiries, requests, and applications addressed to the Controller related to the Controller’s activities and conducting further correspondence in this regard,
d) Article 6(1)(a) GDPR – processing may also be based on the consent given by the data subject in all cases where such consent is required for the processing of personal data.
IV. Data Retention Period

  1. Personal data obtained in connection with the conclusion and performance of a contract will be processed by the Controller for the time necessary to perform the contract and will be retained for the period required by law regarding mandatory archiving and the time necessary to resolve any mutual claims (until the claim is time-barred or the dispute is resolved).
  2. Personal data obtained during negotiations, discussions, and talks preceding the conclusion of a contract – if the contract is not concluded – will be processed for the time necessary to achieve the purpose of processing.
  3. Data obtained in connection with correspondence will be processed for the time necessary to achieve the purpose of processing or for the time necessary to defend against claims / pursue claims – if the correspondence concerns claims made against / by the Controller.
  4. In the case of processing based on consent, the data will be retained until the consent is withdrawn, unless they become unnecessary for the purpose for which they were processed earlier.

V. Data Recipients
The anticipated recipients of personal data are:
a) the Controller’s external service providers to the extent necessary to achieve the purposes specified in point III, i.e., in particular entities providing accounting services, advisory services, legal services, external auditors, postal and courier companies (in connection with handling correspondence), providers of technical and organizational services (in particular providing technical support for IT systems);
b) entities authorized by law.
VI. Information on the Requirement/Voluntariness of Providing Data

  1. Providing personal data for the purposes of entering into or performing a contract is voluntary, but without providing the necessary data, it will not be possible to enter into or perform the contract.
  2. Providing personal data in connection with correspondence is voluntary, but failure to provide the necessary data to respond will exclude the possibility of providing a response.

VII. Monitoring
The Controller also informs that video surveillance is used in the public areas of the building where its headquarters are located and in its immediate surroundings to ensure the safety of persons and property. The controller of personal data in the scope of the image recorded by the surveillance is the property manager. The Controller does not process data from the surveillance.
VIII. Rights of Data Subjects
Persons whose data are processed by the Controller have the following rights:
a) the right to access their data and receive a copy of it – in accordance with Article 15 GDPR, b) the right to rectify (correct) their data or complete incomplete data – in accordance with Article 16 GDPR, c) the right to delete data – in accordance with Article 17 GDPR, d) the right to restrict data processing – in accordance with Article 18 GDPR, e) the right to data portability – in cases specified in Article 20 GDPR, f) the right to object to data processing – in accordance with Article 21 GDPR, g) the right to withdraw consent to processing, if processing is based on consent, with the withdrawal of consent not affecting the lawfulness of processing based on consent before its withdrawal, h) the right to lodge a complaint with the supervisory authority (President of the Personal Data Protection Office).
IX. Automated Decision-Making / Profiling
The Controller does not make decisions in an automated manner (without human involvement). Personal data is also not used for profiling without the prior consent of the data subject.
X. Transfer of Personal Data to a Third Country or International Organization
The Controller does not transfer personal data to recipients located outside the European Economic Area (EU countries and Iceland, Norway, and Liechtenstein).

Strona solidexpert.com zbiera dane użytkownika, personalizuje działania marketingowe z pomocą internetowych plików Cookies. Dowiedz się więcej