PRIVACY POLICY IN UTAL SP. Z O.O.
1. UTAL Sp. z o.o. with headquarters in Poznań-Gruszczyn, ul. Katarzyńska 9, 62-006 Kobylnica is the administrator of personal data (hereinafter referred to as “Administrator”) processed as part of the company’s operations. In order to increase the level of data protection in the enterprise, the administrator has appointed a DPO, i.e. the Data Protection Officer, which is performed by Małgorzata Blige.
2. The personal data administrator as part of business processes personal data of employed persons, data of contractors and data of persons applying to work in the Administrator’s enterprise as well as data of persons who agreed to receive commercial information.
3. The data marked in point 2 are processed in accordance with art. 6 paragraph 1 lit. a, b and c of the Regulation of the European Parliament and the Council of the EU 2016/679 solely for the purposes of:
a. preparation of offers related to business cooperation;
b. employment;
c. issuing an invoice, invoice or conducting financial reporting;
d. related to the provision of services under civil law contracts to the Administrator;
e. provision of services by the Administrator;
f. sending commercial information.
4. Personal data marked in point 2 are obtained by the Administrator using:
a. direct transfer by the contractor;
b. direct transfer by the employee or candidate;
c. sending via e-mail;
d. taken from public registers.
5. Each entity providing personal data to the Administrator is obliged to submit only its personal data that is true, correct, current and complete. The transfer of personal data to the Administrator or its authorized employee (another employee at Utal Sp. z o.o.) will be considered as tantamount to reading this document and accepting the indicated one.
6. Each data submitter is solely responsible for making available, obsolete, incorrect, untrue, incomplete or obtained in violation of personal data.
7. Access to personal data processed by the Administrator is only employed in Utal Sp. z o.o. with appropriate authorization. The administrator keeps records of employees authorized to process personal data.
8. The administrator of personal data declares that he processes only personal data adequate to the purposes of their processing. If by submitting, submits personal data that goes beyond the scope necessary to achieve the purpose of the processing (i.e. unnecessary data), the Administrator removes all unnecessary data unless the processing of the indicated data is justified on the basis of applicable legal regulations.
9. The administrator of personal data indicates that he applies technical and organizational measures ensuring the highest possible level of protection of personal data processed, adequate to the threat and categories of data protected, in particular, protects data against unauthorized access, taking away by unauthorized persons, processing in violation of the Act and change, loss, damage or destruction.
10. The administrator processes the data until the purpose of their processing (performance of the service, duration of employment, recruitment process) and after that time he processes only data of entities indicated in point 2, archiving is necessary, due to the provisions of the Accounting Act and other applicable legal acts. In the case of data processing for marketing purposes, the Administrator may process them until the person withdraws from the marketing database to receive commercial information.
11. The entrusting of personal data by the Administrator to an authorized third party takes place only on the basis of entrustment agreements or relevant agreements containing the entrustment clause. The administrator keeps records of entrustment processing agreements. Recipients of data marked in point 2 may be state authorities as well as courier companies and Poczta Polska.
12. Each entity designated in point 2 transferring their personal data has the right to request the Administrator of personal data to provide information regarding personal data (in particular, the scope and purpose of the data processed) of the indicated entity processed by the Administrator. The application in order to enable the Administrator to deal with the application more efficiently should be made in writing, personally signed by the authorized person and sent to the Administrator. This application should be sent to the address of the Administrator’s office or in the form of a scan to the electronic address show email address .
13. The administrator will respond to the request within one month of receiving the request for information. In addition to responding to the request, the Administrator will provide the applicant with one copy of all data that the processes as part of his business. The applicant has the right to request the submission of more than one copy, with the Administrator having the right to make the issuance of a copy conditional on the payment. This application should be sent to the address of the Administrator’s office or the electronic address show email address .
14. Every entity whose data is processed by the Administrator of personal data has the right to request correction, update, deletion of personal data, and if it is legally justified, request processing restrictions, obtain their data in a structured format and provide the designated personal data format to the one indicated by administrator, as well as the right to request the deletion of data. The application should be sent electronically to the address show email address .
15. The administrator is obliged to respond to requests of persons whose data is processed and without undue delay, and in any case within one month. If the nature of the request is complicated, the deadline may be extended by another two months. The administrator sends the answer in electronic form unless the person requesting the request in writing. The administrator informs the applicant about the need to extend the deadline for reply.
16. The Administrator declares that all personal data that the processes in his collections are properly secured in the event that unauthorized third parties try to obtain them.
17. https://utal.pl/ website uses cookies (“cookies”). They identify the visitor’s browser and improve the operation of the website. In the browser settings, you can choose to reject cookies, but some website functions may not work properly. Cookies do not contain any personal data.
18. In addition, our website collects anonymous data on the websites visited (https://utal.pl/), such as number of visits, country, browser, time of visit, etc. We analyze collected data using the external provider’s solution. Basically, we use Google Analytics. The tool works based on the so-called cookies and does not provide personally identifiable information. Please read the details of Google Analytics privacy policy. We also use supplementary tools and their names can be asked by the DPO at show email address .
19. The supervisory body regarding the protection of personal data to which complaints may be addressed is the President of the Office of Personal Data Protection.
UTAL © 2024
Created by B-MIND
ISO 9001:2015
ISO 27001:2017
ISO 14001:2015