Menu

INFORMATION ON PERSONAL DATA PROCESSING

Information on Personal Data Processing

 

The purpose hereof is to present you with the information relating to processing of your personal data by Crist spółka akcyjna with registered office in Gdynia, ul. Czechosłowacka 3, (81-336) – performing in the scope determined below the role of the controller of your personal data (hereinafter: ‘Controller’, ‘CRIST S.A.’) in a simple, brief and transparent way. The set of the information communicated to you herein meets the requirements of Union Regulation (EU) 2016/679 of the European Parliament and of the Council, referred to as General Data Protection Regulation (hereinafter: ‘GDPR’).

 

This document is solely of informative character and does not require you to take any actions.

 

Purpose, scope and legal bases of processing of your personal data

 

CRIST S.A. processes your personal data mainly in order to perform the agreement concluded between you and CRIST S.A., provide services for you, or undertake actions necessary to conclude an agreement or start providing services (under art. 6 section 1b of the General Data Protection Regulation).

 

Additionally, CRIST S.A. can process your personal data to fulfil its legal obligations as Administrator  (art. 6 section 1c of the GDPR). From time to time, CRIST S.A. processes your personal data for the purposes based on the Administrator’s legitimate interest (art. 6 section 1f of the GDPR), e.g. in the scope of giving answers on the public authorities’ demand. In the remaining cases the basis for processing your data is your consent (art. 6 section 1a of the GDPR). 

 

Purposes for which CRIST S.A. can process the data due to a legitimate interest:

 

  • Correct performance of agreements with the contractors of the Company, including the provision of services for their realization;
  • Settlement of agreements with contractors;
  • For the purpose of the marketing of their own products and services. 
  • where applicable, for the purposes connected  with running opposition proceedings by CRIST S.A. and  proceedings before public authority bodies.

 

The provision of your personal data constitutes a contractual requirement necessary for the correct performance and conclusion of the agreement as well as providing services for you. In the scope of purposes resulting from the legal obligations, gathering data by CRIST S.A. is a statutory requirement. The data provided by you will be processed by CRIST S.A. only in the scope necessary for the realization of the purposes mentioned herein. If your data were not received directly from you, the source of these data, i.e. in particular name, surname, contact data such as an e-mail, or a phone number and other, necessary for the performance of the agreement, is the Contractor or other publicly available sources (KRS – National Court Register, CEIDG – Business Activity Central Register and Information Record, the Internet).

 

Personal data recipients

 

In the course of normal business activity, CRIST S.A. can transfer your personal data to external recipients (subject to all safety requirements resulting from the regulations concerning personal data protection), if it is necessary in business processes and to ensure high quality of provided services and meet the legal obligations of CRIST S.A. The above applies to the following categories of personal data recipients: 

 

  • contractors, clients, suppliers of CRIST S.A.,
  • public authorities,
  • entities supporting CRIST S.A. in running business activity, including group companies.

 

 

 

 

Data processing time

 

Your personal data is processed for the period that is necessary for realisation of the purposes described herein above, i.e. for the period of performance of the contract concluded between CRIST S.A. and the Contractor as well as after its expiry for the period required by the legal provisions or necessary for the pursuit of the legitimate interests of the Controller.

 

Your rights

 

In connection with protection of your personal data, you have a number of rights resulting from GDPR provisions. They include:

  1. right to data rectification if it turns out that the processed data is incorrect;
  2. right of access to your data, including obtaining of its copy, and to information on the processing;
  3. right to demand erasure of your personal data in the cases determined by GDPR provisions;
  4. right to demand restriction of data processing;
  5. right to portability of the data provided to CRIST S.A.;
  6. right to lodge a complaint to a competent supervisory authority (President of the Personal Data Protection Office) in case of ascertainment that personal data processing by CRIST S.A. violates the law.

 

In case of using of any of the rights vested to you, CRIST S.A. shall make all efforts and shall take all necessary actions in order to realise them.

 

We hope that the presented information has helped you to acquaint yourself with and understand the personal data processing by CRIST S.A. We make all efforts in order to ensure its compliance with the legal provisions and with the best standards guaranteeing protection of your privacy, rights and freedoms.

 

In case of any questions relating to your data, please contact:

 

Data Protection Officer

Ewelina Gulba

rodo@crist.com.pl



You can contact the Data Protection Officer on matters relating to the processing of personal data
via e-mail to the address: rodo@crist.com.pl or by a letter sent to our registered office address.