Protection of Personal Data – Ruscus Sp. z o.o.
What is the legal basis for the processing of your personal data?
Rules concerning the protection of personal data (hereinafter ODO) were defined, inter alia, in the Regulation 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data as well as the repeal of Directive 95/46/WE (General Data Protection Regulation, hereinafter RODO), the Act on personal data protection in Polish legal order and in special acts (lex specialis) also in Polish legal order.
Who is the Administrator of your personal data?
In accordance with the Article 12 and 13 of RODO, that is the right to be informed, we inform that the Administrator of your personal data is Ruscus Sp. z o.o. with registered office in Warsaw, 7 Cybernetyki Street, postcode 02-677, phone no: 22 188 16 00, mail: email@example.com
Who can you contact about the protection of your personal data?
For enquiries on the protection of personal data please send an email to: firstname.lastname@example.org.
For which purposes may your personal data be processed?
We inform that the personal data provided is, or may be processed in the following cases:
- a) sending business and marketing information with regard to own goods and services by electronic means or telephone. The legal basis for the processing of personal data is the consent of the data subject (Article 6 (1) (a) RODO), or the processing is necessary for the purposes of legitimate interersts pursued by the Administrator or the third party, except for cases where those interersts are overriden by the interests or rights and freedoms of the data subjects, requiring the protection of personal data, in particular, when the data subject is a child (Article 6 (1) (f) RODO). Legally justified purpose is the binding contract or business execution,
- b) for contact purposes, that is responding to your questions concerning our products and services,
- c) for the purposes related to the execution and performance of the contracts.
Is your personal data made available or entrusted?
We inform that your personal data may be transmitted to data recipients, public bodies or subjects under current legislation and may be entrusted for the processing pursuant to the Article 28 RODO (the Administrator entrusted the processing of personal data – the processing subject, alias procesor). The data Administrator shall cooperate only with subjects that meet the requirements of RODO and implemented appropriate technical and organisational measures to protect the entrusted personal data.
Transferring your personal data to a third country (that is outside EEA)
We inform that personal data shall not be transferred to a third country. In case of transferring personal data outside European Economic Area, such transmission shall only be conducted in accordance with the principles set out in the Article 46, Article 47 or 49 of RODO.
How long, in accordance with the rule of temporality, shall your personal data be processed?
We inform that:
- a) in case where the consent is given to receive business and marketing information with regard to own products and services by electronic means or by telephone, your personal data shall be processed for an indefinite period of time until raising any objections. The withdrawal of consent in case of receiving business and marketing information with regard to own products and services is possible at any given moment, without affecting the lawfulness of processing which was made on the basis of consent given before its withdrawal,
- b) in case of personal data left for contact purposes, your personal data shall be processed until you are provided with comprehensive information on the given questions,
- c) in case of implementing the contract provisions, personal data shall be processed for the contractural period and on the basis of current legislation.
Which rights apply to the data subject?
We inform that the data subject has the right to request the Administrator to access, correct, delete and limit the processing of the personal data, the right to raise the objections to the processing, and also the right to data portability.
Who is the supervisory body?
We inform about the right to lodge the complaint to the supervisory body, i.e. to the Inspector General for the Protection of Personal Data with registered office at Stawki 2 in Warszaw (with later changes i.e. to the Data Protection Authority).
Under which circumstances providing personal data is mandatory and when it is voluntary?
We inform that:
- a) in case of the processing of personal data for marketing purposes, the provision of personal data is voluntary in nature, however, the failure to provide personal data in order to receive business and marketing information with regard to own products and services by electronic means or/and by telephone shall result in no possibility of realising the objectives,
- b) in case of the processing of personal data for contact purposes, the provision of personal data is voluntary in nature, however, the failure to provide personal data will result in no possibility of providing you with feedback,
- c) in case of conclusion of the contract, the processing of personal data is contractural in nature and is necessary to conclude and implement the provisions of the contract. The failure to provide personal data shall result in no possibility of concluding the contract and implementing its provisions.
Information on automatic processing in this profiling.
We inform that cookie files or Google Analytics are installed on the Administrator’s website (information on profiling rules: https://www.google.com/analytics/terms/pl.html). We inform that, you shall not be subject of automatic decision making, including profiling. We inform that the aim of placing cookies on the Administrator’s website is to improve optimisation of the website’s navigation and shall not cause negative consequences for the person visiting the website.
What is the source of data?
Personal data is collected directly from the subject person. Where the personal data is not collected directly from the subject person, we shall inform about the source information.
How do we keep your personal data secure?
We inform that the data Administrator implemented the appropriate technical and organisational means in order to ensure the security of personal data processing.