- 1 Definitions
- Data Controller –an entity deciding on the nature, scope and purposes of personal data processing – Transition Technologies PSC S.A. with its registered office in Łódź, at 276 Piotrkowska St., 90-361 Łódź, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for Łódź Śródmieście in Łódź, XX Commercial Division of the National Court Register under number 0000930989, Tax ID Number 7292712388, Statistical ID Number: 365249538, share capital in the amount of PLN 1,468,800.00, paid in full.
- Cookies – means IT data, in particular small text files, saved and stored on devices through which the User uses the Services available on the Website. A detailed description of the cookies used can be found in the Cookies Policy, at https://ttpsc.com/en/cookies-policy/,
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Website – a website managed and maintained by the Service Provider at https://ttpsc.com/en/,
- User – an adult natural person using the Website.
- 2 Data Controller
- The Data Controller of data collected during the use of the Website is Transition Technologies PSC S.A.
- Contact with the Data Controller is possible via:
- Postal address: Transition Technologies PSC S.A. 276 Piotrkowska St., 90-361 Łódź
- Email address: email@example.com
- phone number: +48 661 799 553
- Data Protection Officer: firstname.lastname@example.org
in each case when you use the Data Controller ’s Website as well as in any other case when you contact the Data Controller.
The Data Controller declares that in its current activity it uses and selects the tools with the utmost care, the latest technical knowledge and the principles of professional excellence, with the aim of protecting personal data and other information obtained from the User.
- 4 Data collected
- In the course of using the Website, the following data is collected: IP addresses or other identifiers and information collected through cookies or other similar technologies.
- When the User completes the contact form and/or when subscribing to the Newsletter service, we collect the following personal data that have been provided there:
- last name
- company name
- email address
- telephone number*
- industry (in which the User works)*
(*-data to be provided except for letters from a to e- in the extended, general contact form on the Contact page)
- Persons visiting the Data Controller ’s Website may browse it without providing personal data referred to in section 2 above.
- 5 Purpose and legal basis of data processing
- The data collected are used:
- to provide the Contact Form Service, based on the necessity of data processing for the performance of the contract (Article 6(1)(b) of the GDPR);
- to provide the Newsletter service; the basis for processing is the consent of the person whose data is processed (legal basis Article 6(1)(a) of the GDPR);
- for marketing purposes, including sending commercial information to an email address (verification/telephone information may appear, when it is necessary to send an offer or provide a service) on the basis of the legitimate interest of the Data Controller (Article 6 (1)(f) of the GDPR), which is marketing of own services and brand promotion;
- for statistical and technical purposes related to the administration of the Website on the basis of the legitimate interest of the Data Controller (Article 6 (1)(f) of the GDPR), which is to ensure the proper operation of the Website, its updating and adaptation to the needs of Users;
- in order to determine and pursue possible claims based on the legitimate interest of the Data Controller (Article 6 (1)(f) of the GDPR), which is the protection of the Data Controller ’s rights;
- in order to maintain the Data Controller’s profiles in social media (e.g., Linkedin, Facebook) on the basis of the Data Controller’s legitimate interest (Article 6 (1)(f) of the GDPR), which is to inform Users about the Data Controller’s activity, promoting events, services, or products.
- Providing personal data is voluntary, but necessary to provide the Contact Form Service and/or Newsletter.
- 6 Rights and obligations of the User in connection with the processing of personal data
- By providing data, the User is obliged to indicate complete, current and true data.
- The User should not provide the Data Controller with personal data of third parties. If, however, they provide such data, they declare each time that they have the appropriate consent of third parties to transfer data to the Data Controller.
- Each User whose personal data is processed by the Data Controller has the right to:
- a) access to the content of their data,
b) rectify them,
c) delete them,
d) restrict their processing,
e) transfer data,
f) object to the processing of data.
- The exercise of the rights specified in the section above may be carried out by sending the relevant request with the name and email address of the user to the Data Controller ’s email address: email@example.com.
- In addition, the User has the right to lodge a complaint with the supervisory body – the President of the Office for Personal Data Protection (address: 2 Stawki St., 00-193 Warsaw), if they consider that the processing of their personal data violates the provisions of the GDPR.
- 7 Do we transfer personal data and to whom?
- The data may be made available to entities authorized to receive them under applicable law, including competent judicial authorities.
- Personal data may be transferred to entities processing them at the request of the Data Controller, i.e., partners providing technical services (development and maintenance of IT systems and websites), entities providing accounting services, or companies from the capital group.
- 8 Transfer of data outside the European Economic Area
As the Data Controller operates internationally, it may be necessary to transfer your personal data outside the European Economic Area, in particular to companies from the capital group. Due to the fact that entities located outside the European Economic Area do not always ensure a level of personal data protection that meets European standards, in a situation where the transfer of your data turns out to be necessary, the Data Controller shall implement appropriate solutions to protect your rights and freedoms.
The transfer shall take place on the basis of safeguards permitted under the GDPR, i.e.:
- to a country for which the European Commission has issued a decision on an adequate level of security in the area of personal data protection (Article 45(1) of the GDPR),
- using standard contractual clauses referred to in Article 46(2)(c) of the GDPR.
- 9 Security of data collected by the Data Controller
- The Data Controller has applied all technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data protected, and in particular secured the data against unauthorized access, removal by an unauthorized person, processing in violation of regulations and change, loss, damage or destruction, in accordance with the provisions of the GDPR.
- Personal data shall not be processed in an automated manner by the Data Controller.
- After the end of the processing period, the data are irreversibly deleted or anonymized.
- 10 Duration of personal data retention
- The data shall be stored only for the period necessary to achieve the purpose for which they were collected, and after its expiry, for the period necessary to secure or pursue possible claims or fulfill the Data Controller ’s legal obligation (e.g., resulting from tax or accounting regulations). Details are given in the relevant information clauses.
- Personal data processed for the purpose of the Data Controller ’s legitimate interest consisting in the marketing of own products or services shall be stored for the period until the User objects.
- 11 Information clauses
Information on the processing of personal data, depending on the nature of the relationship between the User and the Data Controller, has been presented in accordance with Article 13 or 14 of the GDPR in the relevant information clauses, which are available at: https://ttpsc.com/en/gdpr/.
- 12 Final provisions