Protection of personal data
Personal data means any information about a natural person identified or identifiable based on one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity, including an image, voice recording, contact details, location details, information contained in correspondence, information collected through recording equipment or other similar technology.
The controller of your personal data is GAZ-SYSTEM with its seat in Warsaw at Mszczonowska 4, 02-337 Warszawa.
Contact with the Data Controller is possible at the above address or by email at: rodo@gaz-system.pl.
Contact with the Data Controller is possible at the above address or by email at: rodo@gaz-system.pl.
In connection with its business activity, the Controller collects and processes personal data in accordance with the applicable regulations, including in particular the GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) and the principles of data processing provided for therein.
The Controller shall ensure transparency of data processing, and in particular shall always provide information on data processing at the time of their collection, including the purpose and legal basis of the processing, e.g. when concluding a contract for the sale of goods or services. The Controller shall ensure that data are collected only to the extent necessary for the stated purpose, and are processed only for as long as required.
When processing data, the Controller shall ensure its security and confidentiality, and that data subjects have access to information about the processing. Should a breach of personal data protection (e.g. data "leakage" or data loss) occur despite the security measures in place, the Controller shall inform the affected data subjects of such an event as required under the applicable regulations.
The Controller shall ensure transparency of data processing, and in particular shall always provide information on data processing at the time of their collection, including the purpose and legal basis of the processing, e.g. when concluding a contract for the sale of goods or services. The Controller shall ensure that data are collected only to the extent necessary for the stated purpose, and are processed only for as long as required.
When processing data, the Controller shall ensure its security and confidentiality, and that data subjects have access to information about the processing. Should a breach of personal data protection (e.g. data "leakage" or data loss) occur despite the security measures in place, the Controller shall inform the affected data subjects of such an event as required under the applicable regulations.
GAZ-SYSTEM ensures the possibility for data subjects to exercise their rights under the GDPR.
The data subjects have the following rights:
The data subjects have the following rights:
- right to information about the processing of personal data – on this basis the person submitting the request is provided by the Controller with information on data processing, including in particular the purposes and legal basis of the processing, the scope of the data held, the parties to whom they are disclosed and the planned deletion date,
- right to obtain a copy of data – on this basis the Controller provides a copy of the data which is subject to processing in respect of the person who submits such request,
- right to rectification – the Controller is obliged to remove any inconsistencies or errors in the processed personal data, and to supplement them if they are incomplete,
- right to erasure – on this basis, the Controller may demand the erasure of data, the processing of which is no longer necessary for any of the purposes for which they were collected,
- right to the restriction of processing – when such a demand is submitted, the Controller discontinues any operations performed on personal data - with the exception of operations for which the data subject gave his/her consent - and their storage, in accordance with the adopted principles of data retention, or until the reasons for the restriction of data processing cease to exist (e.g. the decision of a supervisory authority authorizing further processing of the data is issued),
- right to data portability – on this basis, to the extent that the data are processed in relation to the concluded contract or the consent given, the Controller delivers the data provided by the data subject in a computer readable format. It is also possible to request that the data be sent to another party, provided that both the Controller and the other party have the necessary technical capabilities,
- right to object to processing for marketing purposes – the data subject may at any time object to the processing of personal data for marketing purposes, without having to justify such objection,
- right to object to processing for other purposes – the data subject may at any time object to the processing of personal data which is carried out on the basis of a legitimate interest of the Controller (e.g. for analytical or statistical purposes, or for reasons of property protection); reasons should be given for any objection in this respect,
- right to withdraw consent – where data are processed on the basis of a previously expressed consent, the data subject has the right to withdraw the consent at any time, which does not affect the lawfulness of processing carried out prior to the withdrawal of the consent,
- right to lodge a complaint – if the processing of personal data is considered to breach the provisions of the GDPR or other data protection regulations, the data subject may lodge a complaint with the President of the Office for Personal Data Protection. In order to exercise the above rights, please contact the Data Controller using the contact details indicated above.