1)     first name and surname / company name;

2)     residential address / registered office address;

3)     PESEL number [Polish personal identification number] / National Court Register (KRS) number;

4)     Tax Identification Number (NIP);

5)     e-mail address;

6)     telephone number.

Article 6(1)(b) of the GDPR

(processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract)

The provision of the above personal data is a condition for concluding and performing a contract for the provision of services (the provision of such data is voluntary; however, failure to provide them will prevent the conclusion and performance of the contract).

The Controller will process the above personal data until the expiry of the limitation period for claims arising from the contract for the provision of services.

1)     first name;

2)     surname;

3)     date of birth;

4)     contact details provided by the candidate (e.g., residential address, e-mail address, telephone number);

5)     education;

6)     professional qualifications;

7)     employment history.

Article 6(1)(c) of the GDPR

(processing is necessary for compliance with a legal obligations applicable to the Controller, in this case the obligations related to employee recruitment as set out in Article 22(1) § 1 of the Labour Code)

and

Article 6(1)(a) of the GDPR

(personal data is processed on the basis of the consent granted)

The provision of the above personal data is mandatory and necessary for conducting the recruitment process.

The Controller will process the above personal data until the recruitment process is completed or the candidate withdraws from the recruitment process, unless the candidate grants consent for the processing of their personal data also for the purposes of potential future recruitment processes.

1)     first name;

2)     surname;

3)     date of birth;

4)     contact details provided by the candidate (e.g., residential address, e-mail address, telephone number);

5)     education;

6)     professional qualifications;

7)     employment history.

Article 6(1)(f) of the GDPR

(processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case the proper conduct of the recruitment process)

The provision of the above personal data is voluntary but necessary for the recruitment of contractors (failure to provide such data will prevent participation in the recruitment process).

The Controller will process the above personal data until the recruitment process is completed or the candidate withdraws their application, unless the candidate grants consent for the processing of their personal data also for the purposes of potential future recruitment processes.

1)     first name and surname;

2)     email address;

3)     telephone number – optional;

4)     other data contained in the message to the Controller.

Article 6(1)(f) of the GDPR

(The processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case, responding message submitted via contact form)

The provision of the above-mentioned personal data is voluntary but necessary in order to receive a response to the message you have submitted (failure to provide such data will make it impossible to provide a response).

The Controller will process the above-mentioned personal data until a valid objection is lodged or the purpose of the processing has been achieved.

1)     the name of your profile;

2)     data you have placed on your profile as “public”;

3)     your image (if it is displayed in photos available on your profile as “public”);

4)     personal data you have included in comments under content published on the Controller’s profile or sent in a private message to the Controller’s profile;

5)     statistical and advertising data collected by the social media platform;

Article 6(1)(f) of the GDPR

(the processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case, maintaining profiles on the Platforms)

The provision of the above-mentioned personal data is voluntary but necessary in order for you to use the Controller’s profile on the given Platform (failure to provide such data will make it impossible to use the Controller’s profile).

The Controller will process the above-mentioned personal data until a valid objection is lodged or the purpose of the processing has been achieved.

The Controller hereby informs you that, with regard to statistical and advertising data, the joint controller of the personal data is the entity responsible for operating the given Platform, namely:

1.     Meta Platforms Ireland Limited – with regard to Facebook and Instagram;

2.     LinkedIn Ireland Unlimited Company  – with regard to LinkedIn;

3.     Google LLC – with regard to YouTube.

Detailed information regarding the mutual arrangements between the Controller and the above-mentioned entities, as well as the processing of personal data by these entities, can be found in the privacy policies and other documents published on the Platforms.

Any questions and claims arising from your use of the Platforms should be addressed directly to the above-mentioned entities.

1)     first name and surname;

2)     email address;

3)     other contact details – optional;

4)     details of the organisation you belong to;

5)     responses to questions included in the registration form.

Article 6(1)(b) of the GDPR

(the processing is necessary for the performance of a contract for participation in the event concluded with the data subject or in order to take steps to conclude such a contract)

The provision of the above-mentioned personal data is a condition for concluding and performing the contract for participation in the event (the provision of such data is voluntary; however, failure to provide them will make it impossible to take part in the event).

The Controller will process the above-mentioned personal data until the expiry of the limitation period for claims arising from the contract for participation in the event.

Article 6(1)(b) of the GDPR

(the processing is necessary for the performance of a contract for the supply of a digital product free of charge concluded with the data subject or in order to take steps to conclude such a contract)

The provision of the above-mentioned personal data is a condition for concluding and performing the contract for the supply of a digital product free of charge (the provision of such data is voluntary; however, failure to provide them will make it impossible to conclude and perform the contract for the supply of a digital product free of charge).

The Controller will process the above-mentioned personal data until the expiry of the limitation period for claims arising from the contract for the supply of a digital product free of charge.

Article 6(1)(b) of the GDPR

(the processing is necessary for the performance of the contract for the provision of the Newsletter concluded with the data subject or in order to take steps to conclude such a contract)

and

Article 6(1)(f) of the GDPR

(the processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case, providing information about updates and promotions)

The provision of the above-mentioned personal data is voluntary but necessary in order to receive the Newsletter (failure to provide such data will make it impossible to receive the Newsletter).

The Controller will process the above-mentioned personal data until a valid objection is lodged or the purpose of the processing has been achieved, or until the expiry of the limitation period for claims arising from the contract for the provision of the Newsletter (whichever occurs first).

1)     first name and surname

2)     email address

Article 6(1)(c) of the GDPR

(the processing is necessary for compliance with a legal obligation applicable to which the Controller is subject, in this case the obligations to:

–      provide a response to a complaint – Article 7a of the Consumer Rights Act;

–      respect the Customer’s rights arising from the provisions on the Controller’s liability in the event of non-conformity of the digital content with the relevant contract)

The provision of the above-mentioned personal data is a condition for receiving a response to a complaint or for exercising the Customer’s rights arising from the provisions on the Controller’s liability in the event of non-conformity of the digital content with the relevant contract (the provision of such data is voluntary; however, failure to provide them will make it impossible to receive a response to a complaint and to exercise the above-mentioned rights).

The Controller will process the above-mentioned personal data for the duration of the complaint procedure, and in the case of exercising the above-mentioned Customer’s rights – until the expiry of the limitation period for such rights.

1)     first name and surname / company name;

2)     email address;

3)     residential / registered office address;

4)     PESEL number [Polish personal identification number] / National Court Register (KRS) number;

5)     Tax Identification Number (NIP).

Article 6(1)(f) of the GDPR

(the processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case the establishment, exercise or defence of legal claims that may arise in connection with the provision of services or the use of the Website)

The provision of the above-mentioned personal data is voluntary but necessary for the establishment, exercise or defence of legal claims that may arise in connection with the provision of services or the use of the Website (failure to provide such data will make it impossible for the Controller to take the above-mentioned actions)

The Controller will process the above-mentioned personal data until the expiry of the limitation periods for claims that may arise in connection with the provision of services or the use of the Website.

1)     date and time of visit;

2)     IP address of the device;

3)     type of operating system of the device;

4)     approximate location;

5)     type of web browser;

6)     time spent on the Website;

7)     subpages visited and other actions taken within the Website.

Article 6(1)(f) of the GDPR

(the processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case obtaining information about your activity on the Website)

The provision of the above-mentioned personal data is voluntary but necessary for the Controller to obtain information about your activity on the Website (failure to provide such data will make it impossible for the Controller to obtain the above-mentioned information).

The Controller will process the above-mentioned personal data until a valid objection is lodged or the purpose of the processing has been achieved.

1)     IP address;

2)     server date and time;

3)     information about the web browser;

4)     information about the operating system.

The above-mentioned data are recorded automatically in so-called server logs each time the Website is used (it would not be possible to manage such data without the use of server logs and automatic recording).

Article 6(1)(f) of the GDPR

(the processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case ensuring the proper functioning of the Website)

The provision of the above-mentioned personal data is voluntary but necessary to ensure the proper functioning of the Website (failure to provide such data will make it impossible for the Website to function properly).

The Controller will process the above-mentioned personal data until a valid objection is lodged or the purpose of the processing has been achieved.