_Information Clause of Transition Technologies PSC S.A. for employees, representatives and associates of Clients
Fulfilling the information obligation resulting from art. 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (“GDPR”), we indicate that:
The Controller of your personal data is Transition Technologies PSC S.A. with its registered office in Łódź at st. Piotrkowska 276, entered in the register of entrepreneurs of the National Court Register (KRS) under number 0000930989, tax ID number (NIP): 7292712388, statistical registration number (REGON): 365249538, with the share capital of PLN 1,468,800.00, whose registration files are kept by the District Court for Łódź-Śródmieście in Łódź, Business Division XX for National Court Register (is referred to as TTPSC).
You can contact the Data Controller by way of:
- traditional mail at: Piotrkowska 276 street, Łódź 90-361
- electronic mail at: firstname.lastname@example.org
- telephone at: +48 661 799 553
- the Data Protection Inspector: email@example.com
- the e-mail address indicated in point d above, for the purposes of obtaining a copy of the information on safeguards used for processing of data outside the EEA or of information regarding the places where they are made available.
- Your data has been made available to TT PSC by the company’s client whom you represent/you are an employee/co-worker/for whom you provide services or have been obtained from public registers (e.g. registers of entrepreneurs, court registers of the National Court Register/CEIDG) in connection with the performance of the Data Controller of the contract between the Data Controller and the entity you represent / whose employee / associate or for whom you provide services.
The Data Controller will process the following categories of your personal data:
- in the case of persons representing of Clients: name/names and surname, PESEL number, function in the representing body, position, e-mail address, telephone number,
- in the case of other persons: name and surname, position, e-mail address, telephone number.
Your data will be processed for the following purposes:
- conclusion and performance of a contract with a TTPSC’s client whom you represent or who is your employer or an entity cooperating with you – the basis for processing is the legitimate interest of Data Controller in conducting business activity (legal basis: Article 6(1)(f) of the GDPR);
- establishing or pursuing possible claims or defending against them – the basis for processing is the legitimate interest of Data Controller with the same content as the purpose of processing (legal basis: Article 6(1)(f) of the GDPR);
- fulfilling the obligations arising from the law, in particular the Accounting Act of September 29, 1994 – the basis for processing is necessary for compliance with a legal obligation to which the Data Controller is subject (legal basis: Article 6(1)(c) GDPR);
- maintaining business relations with the client through you, including in the field of direct marketing of own services – the basis for processing is the legitimate interest of Data Controller in conducting and developing TTPSC’s business (legal basis: Article 6(1)(f) of the GDPR).
Your data will be processed for the period of:
- performance of the contract or until the legal obligation incumbent on the Data Controller is fulfilled or the legitimate interests of Data Controller constituting the basis for processing or until you object to such processing,
- until the statute of limitations for any claims expires or until the rights and obligations arising from legal provisions are exercised, including tax and accounting regulations.
You have the right to:
- access, rectify, request erasure of your data, as well as the right to restrict processing of your data, the right to data portability, and the right to object to the processing of your data,
- withdraw your consent at any time without such withdrawal affecting the lawfulness of the processing carried out on the basis of said consent prior to its withdrawal, insofar as the processing is carried out on the basis of Article 6(1)(a) or Article 9 (2)(a) GDPR- if you provide the data listed in Art. 9 sec. 1 GDPR,
- lodge a complaint with the President of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), st. Stawki 2, 00-193 Warsaw, if in your opinion your personal data are processed in violation of the rules on personal data protection.
- No automated decision-making, including profiling, will be carried out in connection with the processing of your personal data.
Your personal data may be transferred to:
- companies from the Transition Technologies capital group, if it is necessary for the performance of the contract,
- providers of IT systems (including: analytical services) and hosting services for the TTPSC,
- business partners and subcontractors where it is necessary for the performance of the contract,
- entities providing accounting services and financial and legal advisors.
Since the Company conducts business internationally, it may be necessary to transfer your personal data outside the European Economic Area.
This situation may occur when:
- other companies from the capital group of Transition Technologies, with their registered office outside the EEA will be involved in the performance of the contract,
- the contract will be performed together with a business partner or subcontractor based outside the EEA,
- in connection with the provision of services, the services of Microsoft Corporation and its affiliates will be used, i.e. Office 365, Windows, MDM InTune or other software that processes data outside the EEA.
Each and every instance of transferring of your data outside the European Economic Area will involve the implementation of certain measures by the Company, aimed at protecting your rights and freedoms, in particular in the event that such transfer of data is made to the United States of America, in the light of to the ruling of the judgment of the Court of Justice of the European Union of July 16, 2020 in Case C-311/18 (Data Protection Commissioner v. Facebook Ireland Limited and Maximilian Schrems), which has found that the U.S. does not meet an adequate level of protection.
The transfer will be carried out in line with the safeguards permitted under the GDPR, that is:
- to a country with regard to which the European Commission has issued a decision affirming the adequacy of safeguards applied in the area of personal data protection (Article 45(1) of the GDPR), or
- pursuant to the standard contractual clauses referred to in Article 46(2)(c) of the GDPR.
- Should the Data Controller plan to process your personal data for any purpose other than the purposes defined in Section IV above, you will be informed in advance of any such other purpose and any relevant information regarding such processing by placing the appropriate information on the Website of Data Controller.