Last update: 25 June 2024

Fulfilling the information obligation resulting from art. 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (“GDPR”), we indicate that:

The Controller of your personal data is Transition Technologies PSC S.A. with its registered office in University Business Park, Building B, Wolczanska Street 180, 90-530 Lodz, entered in the register of entrepreneurs of the National Court Register (KRS) under number 0000930989, tax ID number (NIP): 7292712388, statistical registration number (REGON): 365249538, with the share capital of PLN 1,468,800.00, whose registration files are kept by the District Court for Łódź-Śródmieście in Łódź, Business Division XX for National Court Register (is referred to as TT PSC).

  1. You can contact the Data Controller by way of:
    1. traditional mail at: University Business Park, Building B, Wolczanska Street 180, 90-530 Lodz;
    2. electronic mail at: contact@ttpsc.com;
    3. telephone at: +48 661 799 553;
    4. the Data Protection Inspector:  gdpr@ttpsc.com;
    5. the e-mail address indicated in point d above, for the purposes of obtaining a copy of the information on safeguards used for processing of data outside the EEA or of information regarding the places where they are made available.
  2. Your data will be processed for the following purposes:
    1. conclusion and performance of the contract concluded between you and the Data Controller (legal basis: Article 6.1.b of the GDPR);
    2. determining or pursuing any claims or defending against them, which is the legitimate interest of the Data Controller (legal basis: Article 6.1.f of the GDPR);
    3. fulfilling the obligations arising from the provisions of law, in particular the Accounting Act of September 29, 1994 (legal basis: Article 6.1.c of the GDPR);
    4. building relationships and image, including maintaining contact with suppliers and providing the public or third parties with information about the cooperation of the Data Controller with the supplier – the basis for processing is the legitimate interest of Data Controller consisting in the implementation of PR activities and building the brand of the Data Controller on the market (legal basis: Article 6.1.f of the GDPR);
    5. sending inquiries to inform about the potential possibility of establishing cooperation with the Data Controller in the future – the basis for processing is the legitimate interest of the Data Controller, which is the search for contractors interested in providing services to TTPSC (legal basis: Article 6.1.f of the GDPR).
  3. Your data will be processed for the period of:
    1. performance of the contract or until the legitimate interests of Data Controller constituting the basis for processing are fulfilled or until you object to such processing,
    2. until the statute of limitations for any claims expires or until the rights and obligations arising from legal provisions are exercised, including tax and accounting regulations.
  4. You have the right to:
    1. access, rectify, request erasure of your data, as well as the right to restrict processing of your data, the right to data portability, and the right to object to the processing of your data,
    2. withdraw your consent at any time without such withdrawal affecting the lawfulness of the processing carried out on the basis of said consent prior to its withdrawal, insofar as the processing is carried out on the basis of Article 6.1.a or Article 9.2.a GDPR- if you provide the data listed in Art. 9 sec. 1 GDPR,
    3. lodge a complaint with the President of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), st. Stawki 2, 00-193 Warsaw, if in your opinion your personal data are processed in violation of the rules on personal data protection.
  5. No automated decision-making, including profiling, will be carried out in connection with the processing of your personal data.
  6. Your personal data may be transferred to:
    1. companies from the Transition Technologies capital group, if it is necessary for the performance of the contract,
    2. business partners and subcontractors,
    3. providers of IT systems (including: analytical services) and hosting services for the TTPSC,
    4. entities providing accounting services and financial and legal advisors.
  7. Since the Company conducts business internationally, it may be necessary to transfer your personal data outside the European Economic Area.

    This situation may occur when:
    1. other companies from the capital group of Transition Technologies,  with their registered office outside the EEA will be involved in the performance of the contract,
    2. the contract will be performed together with a business partner or subcontractor based outside the EEA,
    3. in connection with the provision of services, the services of Microsoft Corporation and its affiliates will be used, i.e. Office 365, Windows, MDM InTune or other software that processes data outside the EEA.

Each and every instance of transferring of your data outside the European Economic Area will involve the implementation of certain measures by the Company, aimed at protecting your rights and freedoms, in particular in the event that such transfer of data is made to the United States of America, in the light of to the ruling of the judgment of the Court of Justice of the European Union of July 16, 2020 in Case C-311/18 (Data Protection Commissioner v. Facebook Ireland Limited and Maximilian Schrems), which has found that the U.S. does not meet an adequate level of protection.

The transfer will be carried out in line with the safeguards permitted under the GDPR, that is:

  • to a country with regard to which the European Commission has issued a decision affirming the adequacy of safeguards applied in the area of personal data protection (Article 45.1 of the GDPR), or
  • pursuant to the standard contractual clauses referred to in Article 46.2.c of the GDPR.
  1. Providing your personal data is voluntary, but the consequence of not providing data is the inability to conclude and implement the contract or other purposes indicated in point II.
  2. Should the Data Controller plan to process your personal data for any purpose other than the purposes defined in Section II above, you will be informed in advance of any such other purpose and any relevant information regarding such processing by placing the appropriate information on the Website of Data Controller.