Personal data processing rules
The purpose of this document is to outline the rules and actions regarding the collection, processing and protection of personal data collected by Marmite sp. z o.o. with its registered office in Zakrzewo, in particular through our website (www.marmite.eu).
We assure that we apply technical and organizational measures with the utmost care so that your personal data are protected in the best possible way. In particular, we protect your data against unauthorized access, as well as other cases of disclosure, loss or unauthorized modification.
- PURPOSES AND GROUNDS FOR PERSONAL DATA PROCESSING
- RECIPIENTS OF PERSONAL DATA
- TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS
- PERIOD OF DATA STORAGE
- YOUR RIGHTS
- INFORMATION ON SOURCE OF DATA / VOLUNTARY PROVISON OF DATA
- INFORMATION ABOUT AUTOMATED DECISION MAKING
I. PERSONAL DATA PROTECTION
The Controller of your personal data is Marmite sp. z o.o. with its registered office in Zakrzewo at ul. Przemysłowa 4, 62-070 Dopiewo, KRS number: 0000581685, e-mail: firstname.lastname@example.org (hereinafter referred to as: the “Controller”).
2. PURPOSES AND GROUNDS FOR PERSONAL DATA PROCESSING
We process your personal data in order to:
- respond to inquiries or notifications sent to us via the contact form on our website or in another form, which is our legitimate interest (article 6 clause 1 point f of GDPR),
- conclude and perform contracts, including keeping correspondence related to the performance of the contract (article 6 clause 1 point b of GDPR),
- handle complaints and any claims you may have lodged, i.e. for the purpose necessary to fulfil legal obligation imposed on us (article 6 clause 1 point c of GDPR),
- perform contracts concluded with the entity that indicated you as a contact person (in which case we only process data regarding your name, surname, e-mail address and telephone number), which is our legitimate interest (article 6 clause 1 point f of GDPR),
- conduct direct marketing of our products using electronic means of communication (sending newsletter, commercial information, invitations to trade fairs or holiday cards to you) – based on your consent (article 6 clause 1 point a of GDPR) or in connection with the contract concluded with youe), or with an entity that indicated you as a contact person (which is our legitimate interest – article 6 clause 1 point f of GDPR),
- conduct direct marketing of our products without using electronic means of communication, to promote our activity, which is our legitimate interest (article 6 clause 1 point f of GDPR),
- ursue claims related to the concluded contract, i.e. conduct debt collection proceedings, including court and execution proceedings, which is our legitimate interest (article 6 clause 1 point f of GDPR),
- recruit – based on applicable legal regulations and your consent (article 6 clause 1 point c and a of GDPR),
- archive documentation (contracts and settlement documents), for the purpose necessary to fulfil legal obligation imposed on us (article 6 clause 1 point c of GDPR),
- keep statistics in order to improve our operations, which is our legitimate interest (article 6 clause 1 point f of GDPR).
3. RECIPIENTS OF PERSONAL DATA
We may share your personal data with the following categories of recipients:
- entities rendering accounting and tax services for our company,
- entities providing legal services for our company,
- entities servicing and managing our IT system,
- entities providing courier or postal services for our company,
- banks – if it is necessary to make settlements,
- insurance companies which adjust claims,
- state authorities or other entities authorized under legal regulations – to perform duties imposed on us,
- in the case of data obtained in connection with direct marketing – marketing agencies.
4. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS
We do not transfer your personal data to third countries (outside the EEA) or to international organizations.
5. PERIOD OF DATA STORAGE
We process your data obtained in connection with an inquiry or an application addressed to us until the processing of your inquiry has been finalized by us.
Your data obtained in connection with the performance of the contract (including the performance of the contract concluded with the entity that indicated you as a contact person) or with handling a complaint are processed until the end of the period of limitation for claims which may potentially result from this, and in the case of data required by tax law – for the period resulting from applicable legal regulations.
We process your data obtained by us for the purposes of direct marketing using electronic means of communication until you revoke your consent.
We store your data obtained by us in connection with the recruitment process until the end of the recruitment procedure, or until you revoke your consent.
We store data which we process in relation to our legitimate interest until you file an objection.
6. YOUR RIGHTS
In connection with the processing of your personal data by us, you have the following rights:
- the right to information about personal data processing
- ou have the right to obtain from us, in particular, information about the purposes and grounds for personal data processing, the scope of data stored, entities to which they are transferred, and the planned date of data erasure,
- the right to access your data and receive their copy
- you have the right to receive a copy of the data processed which concern you,
- the right to rectify (correct) personal data
- you have the right to request that we remove incompatibilities or errors regarding your data, and demand them to be supplemented or updated – if they turn out to be incomplete or out-of-date,
- the right to restrict processing of personal data
- you have the right to demand that we cease to perform certain operations on your personal data,
- the right to erase personal data
- you have the right to demand that we erase data whose processing is no longer necessary for the purposes for which they have been collected (the so-called “right to be forgotten”),
- the right to data portability
- you have the right to obtain from us personal data concerning you which you provided to us on the basis of a contract or your consent, in a structured, commonly used machine-readable format,
- you can request us to forward your data directly to another controller (if it is technically possible),
- the right to object to the processing of personal data
- “marketing” objection – you have the right to object to the processing of your data in order to conduct direct marketing; if you exercise this right – we will stop processing data for this purpose,
- objection in a specific case – you also have the right to object to the processing of your data based on a legitimate interest for purposes other than direct marketing, and when processing is necessary for us to perform a task carried out in the public interest or to exercise public authority entrusted to us. In this case, you should indicate to us your specific situation which in your view justifies the cessation of processing covered by the objection. We will stop processing your data for these purposes, unless we demonstrate that the basis for processing of your data is superior to your rights, or that your data are necessary to us to establish, exercise or defend claims,
- the right to revoke consent to the processing of personal data
- if personal data are processed on the basis of your consent, you have the right to revoke your consent at any time (revocation of your consent will not affect the lawfulness of the processing carried out prior to the revocation of your consent).
In order to exercise your rights referred to in points a) to (h) hereinabove, all correspondence should be sent via post or e-mail to the following address: Marmite sp. z o.o., Zakrzewo, ul. Przemysłowa 4, 62-070 Dopiewo, e-mail: email@example.com. In addition, you can revoke your consent via the revocation form available on our website.
Your application should, if possible, precisely indicate the subject of the request. If we are not able to identify the person submitting the application or determine the content of the request, we will ask the applicant for additional information.
Before complying with your rights, we will have to ensure that you are really you, i.e. identify you accordingly.
An application will be answered within one month of its receipt. If it becomes necessary to extend this deadline, we will inform you of the reasons for such an extension.
If you believe that we are processing your personal data in violation of the provisions of the GDPR or other legal acts regulating personal data protection, you have the right to lodge a complaint to the President of the Office for Personal Data Protection.
7. INFORMATION ON SOURCE OF DATA / VOLUNTARY PROVISON OF DATA
Providing personal data by you is voluntary. However, if you do not provide the data which are necessary, for example, to render certain services by us or provide you with a response to your request, it may prevent us from taking specific actions.
In addition, if you raise objection regarding our direct marketing, you will not be informed about our marketing activities.
In the situation described in point 2 d) hereinabove, we obtained your data from our contractor who indicated you as a contact person and provided us with data regarding your name, surname, e-mail address and telephone number. If we have obtained your data from another source, we will provide you with relevant additional information in this regard.
8. INFORMATION ABOUT AUTOMATED DECISION MAKING
Your personal data will not be processed in an automated manner and will not be profiled.