Privacy policy

Table of contents:

1. Preliminary information
2. Glossary of terms
3. Information about the Data Controller
4.Legal basis for the processing
5. Rights of data subjects
6. Web site security
7. Cookies
8. Final provisions

1.Preliminary information

With a view to ensuring the highest standards of security of the processing of personal data, Omecon Sp. z o.o. wishes to inform you that this Privacy Policy meets the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, as well as complies with the applicable standards established by the national legislation.

The information provided in the Policy will allow you to get acquainted with the rules of processing personal data as part of the contact with Omecon Sp. z o.o. and the use of the Web site

2.Glossary of terms

Data Controller : The administrator of your personal data and the entity deciding on the purposes and means of processing your personal data – Omecon Sp. z o.o., ul. Zeusa 47 lok. U1, 01-497 Warszawa, Poland

Personal data: Any information about an identified or identifiable natural person (“data subject”). An “identifiable natural person” is a person who can be directly or indirectly identified.

EEA: The European Economic Area; the free trade area and the common market comprising of the countries of the European Union and of the European Free Trade Association (EFTA), with the exception of Switzerland. This is the area where the free movement of personal data takes. place.

Data recipient: A natural or legal person, an organizational unit without legal personality (so-called “imperfect legal person”), public authority, entity or other subject to which personal data are disclosed, whether or not the data recipient is a “third party”

Third countries:Countries other than members of the EEA

Cookies: Small pieces of information sent us by Web sites that we visit, stored on the end device (computer, laptop, smartphone) that we use while browsing the Web.

President of the Office: The President of the Office for Personal Data Protection, the supervisory authority in the meaning of the GDPR, who oversees compliance with the law on the protection of personal data in Poland.

Profiling: Any form of automated processing of personal data, which consists in the use of personal data enabling personal attributes of a natural person to be assessed, in particular any analysis or prediction of aspects relating to the work of the natural person, their economic situation, health, personal preferences, interests, reliability, behavior, location or movement, provided that such action produces legal effects on, or similarly significantly affects, the person.

SSL protocol: The network protocol used for secure online connections, adopted as the standard for encryption on Web pages. The SSL certificate ensures confidentiality of data transmission over the Internet.

Processing: Any operation or set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collection, recording, organization, sorting, storage, adaptation, modification, retrieval, viewing, use or disclosure by transmission, dissemination or otherwise making available, matching or combining, restricting, deleting or destroying.

Policy: The Privacy Policy of Omecon Sp. z o.o.

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and on the repeal of Directive 95/46/EC.

3. Information about the Data Controller

The Controller of your personal data is Omecon Sp. z o.o. with registered office at ul. Zeusa 47 lok. U1, 01-497 Warszawa, Poland, NIP: 5252599720, KRS: 0000530990 (the “Controller”).

The Controller can be contacted by e-mail: iod@omecon.pl.

The Controller has appointed a Data Protection Officer: Mr. Przemysław Przydatek.

4. Legal basis for the processing

Processing purpose: To reply to your message sent using the contact form and e-mail

Legal basis:Art. 6(1)(f) concerning the Controller’s legitimate interest in handling correspondence
Data recipients: IT service providers, Internet providers, hosting providers
Processing time:For the period necessary to process the subject matter of your message
Processing purpose: Marketing activities related to the presentation of a commercial offer based on previously expressed marketing consent

Legal basis:Art. 6(1)(f) concerning the Controller’s legitimate interest in acquiring and retaining the client
Data recipients:  IT service providers, Internet providers, hosting providers
Processing time: Until an objection is raised
Processing purpose: To seek the conclusion and performance of the contract

Legal basis: Art. 6(1)(b) of the GDPR concerning measures necessary to conclude contracts with clients and suppliers
Data recipients: IT service providers, Internet providers, hosting providers, payment service providers, law firms and legal advisers
Processing time: For the duration of the contract, its termination and until the expiry of the deadline for the submission of potential claims
Processing purpose: Conducting recruitment (employees and contractors)

Legal basis: Art. 6(1)(a) and (c) of the GDPR – to the extent indicated by the labor law, the Controller is obliged to process a specific catalogue of data of job candidates.

For data going beyond the catalog indicated in the labor law, the consent of the candidate is the legal basis for the processing of the candidate’s personal data (art. 6(1)(a) of the GDPR).

Data recipients: IT Service Providers (including Just Join IT), Internet providers, hosting providers
Processing time: Until the recruitment process is complete
Processing purpose: Conducting recruitment (collaborators)

Legal basis: Art. 6(1)(b) – the legal basis is the pursuit of contracts with persons on their own business
Data recipients: IT service providers, Internet providers, hosting providers
Processing time: Until the recruitment process is complete
Processing purpose: Acceptance and processing of the request based on the GDPR

Legal basis: Art. 6(1)(c) – the obligation under the GDPR to provide the data subject with information on the actions taken in connection with the request
Data recipients: IT service providers, Internet providers, hosting providers, law firms and legal advisors
Processing time: Until the claims are time-barred
Processing purpose: Keeping statistics and profiling

Legal basis: Art. 6(1)(f) concerning the Controller’s legitimate interest in collecting and using statistics to improve the scope and quality of the services offered
Data recipients: IT service providers, Internet providers, hosting providers, providers of statistics testing tools (e.g. Google)
Processing time: Until an objection is raised

5. Rights of data subjects

Each data subject has a number of rights under the GDPR.

The right to request access to your personal data
Each data subject is entitled to obtain confirmation from the Controller whether the personal data concerning the data subject being processed and, if so, the data subject is entitled to access the data and a number of data records.

We will provide free the first copy of the personal data to be processed to the data subject on his/her request. For any subsequent copy requested by the data subject, we may charge a reasonable handling fee. If you request a copy electronically, and unless otherwise stated, we will provide you with the information in a commonly used electronic form.

The right to rectification
You have the right to request us to rectify without delay your personal data that is incorrect. You also have the right to request the completion of incomplete personal data, also by submitting an additional statement.

The right to request data removal
You have the right to request that we delete your data without delay and we are obliged to do so if one of the following circumstances occurs:

  • Your personal data is no longer necessary for the purposes for which it has been collected or otherwise processed
  • You have withdrawn your consent on which the processing is based and there is no other legal basis for further processing
  • You have objected to the processing and there are no overriding legitimate grounds for the processing
  • Your personal data has been unlawfully processed
  • Your personal data must be erased in order to comply with a legal obligation under the law of the European Union or of the Member State to which the Controller is subject
  • Your personal data has been collected in connection with the provision of information society services

According to the GDPR, your data, despite the request made and the above conditions, may not be deleted if their processing is necessary:

  • To use the right of freedom of expression and information
  • To fulfill a legal obligation requiring data processing under the law of the European Union or of the Member State to which the Controller is subject or to perform a task carried out in the public interest or in the exercise of public authority entrusted to the controller
  • For reasons of public interest in the field of public health
  • For archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes, provided that the right to the erasure is likely to prevent or seriously impede the achievement of the purposes of such processing
  • To establish, pursue or defend claims

The right of demand to restrict the processing
You have the right to demand the Controller to restrict the processing in the following cases:

  • You question accuracy of your personal data – for a period of time allowing the Controller to verify accuracy of the personal data
  • The processing is unlawful and you object to the deletion of your personal data by demanding, instead, a restriction of its use
  • The controller no longer needs your personal data for the purposes of the processing but it is needed by you to establish, assert or defend claims
  • You object to the processing – until it is clear whether the legitimate grounds on the part of the Controller override the grounds for your objection

The right to object
You have the right at any time to object, for reasons relating to a particular situation, to the processing based on the legitimate interest of the Controller or the processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority entrusted to the Controller, which includes the profiling based on these provisions.

In the event of an objection, we may no longer process your personal data unless we demonstrate the existence of valid and legitimate grounds for the processing, overriding the interests, rights and freedoms of the data subject or grounds for establishing, pursuing or defending claims.

Right to data portability
You have the right to receive your personal data provided to us in a structured, commonly used machine-readable format and you have the right to transfer this personal data to another controller without hindrance on our part if the processing is done:

  • based on your consent or based on a contract, and
  • by automated means.

The possibility of exercising the right to data portability and to the sending it by the Controller directly to another controller will be exercised if technically possible.

According to the GDPR, the exercise of your rights must not adversely affect the rights and freedoms of others.

The right to withdraw your consent
If your data is processed based on your consent, you have the right to withdraw the consent at any time. The withdrawal does not affect the lawfulness of the processing based on the consent before its withdrawal.

If you withdraw your consent, we have the right to further process the data if necessary:

  • For using the right to freedom of expression and information
  • For the fulfillment of a legal obligation requiring the processing under the law of the European Union or of the Member State to which the Controller is subject or for the performance of a task in the public interest or in the exercise of public authority entrusted to the Controller
  • For reasons of public interest in the field of public health
  • For archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes, provided that the right to the erasure is likely to prevent or seriously impede the achievement of the purposes of the processing
  • to establish, pursue or defend claims

The right to lodge a complaint
You have the right to lodge a complaint with the President of the Office for Personal Data Protection. As indicated by the President of the Office, since the President is the body controlling compliance with the provisions on the protection of personal data by the Controller, the claimant should first turn to the Controller in order to exercise the claimant’s rights.

Direct link to the Web site of the Office for Personal Data Protection in order to lodge a complaint: https://uodo.gov.pl/pl/p/skargi

6. Web site security

Please note that Omecon Sp. z o.o. applies adequate technical and organizational measures aimed at ensuring the maximum level of protection for persons using the company’s Web site and submitting their personal data using the contact form.

In order to guarantee the highest level of security, the Web site it is protected by an SSL code.

The Web site may contain relevant links to other Web (www) sites or other media (radio, television, press, spatial advertising, etc.). Accordingly, the Controller is not responsible for the privacy practices followed by such pages or media. Also, the Controller is not responsible for the availability of any services or goods through any Web sites or other means of communication to which links may provided on the Web site.

The Controller disclaims any liability for any loss or damage arising out of, or that may result from, the use of any such Web site or medium.

7. Cookies

By using the Web site, https://omecon.pl/, you accept cookies that allow you to operate the Web site of Omecon Sp. z o.o. The cookies we use are a part of the Google Analytics solution. The data collected by the indicated service is processed in the country of the product supplier, that is, the United States. For details on the solution you are using, please click on the following link: https://support.google.com/analytics/answer/6004245.

We use cookies for the following purposes:

  • To maintain, and ensure correct operation of, the Web site
  • To keep statistics of users visiting the Web site

Google will use this information to compile a report on […]

Google LLC is headquartered in the USA.

You can configure your browser to receive information about the use of cookies and be able to decide whether to accept or reject them in certain cases or always. If you do not accept the use of certain cookies, the content of our Web site may not be displayed correctly.

See below for instructions on how to configure each browser.

Internet Explorer
Microsoft Edge
Mozilla Firefox
Chrome
Opera
Safari

8. Final provisions

The use of the https://omecon.pl/ Web site and the submission of your personal data in the relevant forms is entirely voluntary. In some cases, providing certain data may be necessary for a specific purpose.

Omecon Sp. z o.o. reserves the right to change the Policy at any time due to the scope of the services offered or to comply with the law, as amended. In any case, if possible, we will try to inform you about each update of the Policy before it comes into effect.

Last update of Privacy Policy: 08/02/2021