• ul. Parkowa 4B, 44-362 Rogów
Contact

GDPR Information Obligation

The following information provides a concise, understandable, and transparent summary of the details presented in the Privacy Policy concerning the Data Controller, the purpose and method of personal data processing, and your rights related to this processing, in the format required to fulfill the GDPR information obligation. Further details on the processing method and the entities involved in this process are available in the aforementioned policy.

Who is the Data Controller?

The Personal Data Controller (hereinafter referred to as the Controller) is the company "KKS Polska sp.z o.o", operating at: ul. Parkowa 4B, 44-362 Rogów, with Tax Identification Number (NIP): 6472601804, providing electronic services via the Website.

How can you contact the Data Controller?

The Administrator can be contacted in one of the following ways:

  • Postal address - KKS Polska sp.z o.o, ul. Parkowa 4B, 44-362 Rogów

  • Email address - job@kks-group.eu

  • Telephone contact - +48 784 120 654

  • Contact form - available at: https://kks-group.eu/kontakt

Has the Controller appointed a Data Protection Officer?

Pursuant to Art. 37 of the GDPR, the Administrator has not appointed a Data Protection Officer.

For matters concerning data processing, including personal data, please contact the Administrator directly.

Where do we obtain personal data from, and what are its sources?

Data is obtained from the following sources:

  • from the data subjects themselves
  • from social media platforms, with the explicit and informed consent of the data subjects, when registering through these platforms

What is the scope of personal data we process?

The Website processes ordinary personal data, provided voluntarily by the data subjects.
(e.g., name and surname, login, email address, phone number, IP address, etc.)

The detailed scope of processed data is available in the Privacy Policy.

What are the purposes of our data processing?

Personal data voluntarily provided by Users is processed for one of the following purposes:

  • Provision of electronic services:
    • Communication between the Administrator and Users on matters related to the Service and data protection
    • Ensuring the Administrator's legally legitimate interest

    What are the legal bases for data processing?

    The Service collects and processes User data based on:

    • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
      • Art. 6(1)(a)
        the data subject has given consent to the processing of his or her personal data for one or more specific purposes
      • Art. 6(1)(b)
        processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
      • Art. 6(1)(f)
        processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
    • Act of May 10, 2018, on Personal Data Protection (Journal of Laws 2018, item 1000)
    • Act of July 16, 2004, Telecommunications Law (Journal of Laws 2004, No. 171, item 1800)
    • Act of February 4, 1994, on Copyright and Related Rights (Journal of Laws 1994, No. 24, item 83)

    What is the legitimate interest pursued by the Controller?

    • For the purpose of establishing, exercising, or defending against potential claims, the legal basis for processing is our legitimate interest (Art. 6(1)(f) GDPR), which consists of protecting our rights, including, but not limited to:
    • To assess the risk of potential clients
    • To evaluate planned marketing campaigns
    • To conduct direct marketing

    For how long do we process personal data?

    As a rule, the specified personal data is stored only for the duration of service provision within the website operated by the Controller. It is deleted or anonymized within 30 days from the end of service provision (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.).

    In exceptional situations, to protect the legitimate interest pursued by the Controller, this period may be extended. In such a case, the Controller will store the specified data, from the time of the User's deletion request, for no longer than 3 years in the event of a violation or suspected violation of the website's terms and conditions by the data subject.

    Who is the recipient of data, including personal data?

    As a rule, the sole recipient of data is the Controller.

    However, data processing may be entrusted to other entities providing services to the Controller to maintain the Website's operations.

    Such entities may include, but are not limited to:
    • Hosting companies providing hosting or related services to the Controller
    • Companies through which the Newsletter service is provided

    Will your personal data be transferred outside the European Union?

    Personal data will not be transferred outside the European Union, unless published as a result of an individual User action (e.g., entering a comment or post), which will make the data available to anyone visiting the service.

    Will personal data be the basis for automated decision-making?

    Personal data will not be used for automated decision-making (profiling).

    What are your rights related to personal data processing?

    • Right of access to personal data
      Users have the right to obtain access to their personal data, exercised upon request submitted to the Administrator.

    • Right to rectification of personal data
      Users have the right to request from the Administrator the immediate rectification of personal data that is inaccurate and/or the completion of incomplete personal data, exercised upon request submitted to the Administrator.

    • Right to erasure of personal data
      Users have the right to request the immediate erasure of personal data from the Controller, exercised upon a request submitted to the Controller.

      For user accounts, data erasure involves the anonymization of data that allows user identification.

      For the Newsletter service, the User can independently delete their personal data by using the link provided in each email sent.

    • Right to restriction of processing of personal data
      Users have the right to restrict the processing of personal data in cases specified in Article 18 of the GDPR, including, but not limited to, contesting the accuracy of personal data, exercised upon request submitted to the Administrator.

    • Right to data portability
      Users have the right to receive from the Administrator their personal data in a structured, commonly used, machine-readable format, exercised upon request submitted to the Administrator.

    • Right to object to the processing of personal data
      Users have the right to object to the processing of their personal data in cases specified in Article 21 of the GDPR, exercised upon request submitted to the Administrator.

    • Right to lodge a complaint
      Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection.

    Menu

    Menu