Privacy policy
PRIVACY POLICY
INFORMATION CLAUSE REGARDING THE PROCESSING OF PERSONAL DATA
The controller of the personal data of individuals using the website cvgs.pl (hereinafter referred to as the “website”) – hereinafter referred to as “Users” or each individually as “User” – is CVGS PRO limited liability company limited partnership based in Tychy (43-109) at Przejazdowa Street 99, entered into the register of entrepreneurs of the National Court Register under number 0000620818, having a tax identification number (NIP) 6462596119 and REGON number 278053370, hereinafter referred to as the “Controller”.
Users can contact the Controller via email at biuro@cvgs.pl or by traditional mail to the correspondence address Przejazdowa Street 99, 43-100 Tychy, or using the contact form available on the website.
User’s personal data will be processed for the following purposes:
- Voluntary entry of data by the User into contact forms which are forwarded to the Controller’s email server due to the User’s consent based on Article 6(1)(a) of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “GDPR”, as well as for the performance of the electronic service agreement (digital service) based on Article 6(1)(b) GDPR;
- Fulfilling legal obligations incumbent on the Controller in connection with concluded electronic service agreements (digital services) based on Article 6(1)(c) GDPR;
- Pursuing claims and defending against claims in connection with concluded electronic service agreements (digital services) due to the legitimate interest of the Controller based on Article 6(1)(f) GDPR;
- Conducting marketing and promoting the Controller’s services, including using social media platforms such as LinkedIn, Facebook, and Instagram, due to the legitimate interest of the Controller based on Article 6(1)(f) GDPR;
- Contacting the User if they reach out to the Controller with an inquiry due to the legitimate interest of the Controller based on Article 6(1)(f) GDPR;
- Saving cookies on the User’s end devices due to the User’s consent based on Article 6(1)(a) GDPR and, in terms of cookies necessary for the website’s functioning, based on Article 6(1)(f) GDPR;
- Conducting website statistics based on Article 6(1)(a) GDPR and Article 6(1)(f) GDPR.
Providing personal data to the Controller by the User is voluntary, however, providing the indicated data is necessary for the achievement of the purposes specified in point 3 of the information clause.
Regarding the personal data processed on the basis of the Controller’s legitimate interest, the User may object to this type of data processing at any time in accordance with GDPR provisions (by contacting as indicated in point 2 of the information clause). As for the personal data processed based on consent, Users may withdraw their consent to the processing of their personal data at any time, but the withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
The Controller may share User’s personal data with entities cooperating with the Controller to improve User service quality, perform the concluded electronic service agreement (digital service), fulfill the Controller’s obligations, pursue claims and defend against claims, as well as for conducting marketing and promoting services. These entities will strive to protect the received data in accordance with the Controller’s privacy policy. Subject to the above, the Controller does not share any data provided by the User with third parties unless the Controller is obliged to do so based on a public authority order such as a court or prosecutor’s order issued in accordance with applicable law.
Personal data provided by the User in connection with the use of the website or sent directly to the Controller via email are not subject to trade.
User’s personal data are not subject to automated decision-making, including profiling.
User’s personal data are not transferred by the Controller to countries outside the European Economic Area, however, the Controller has no influence on whether Google as a cookies provider uses servers outside the European Economic Area.
User’s personal data will be processed for the necessary duration to achieve the purposes for which they are collected (as specified in point 3 of the information clause):
- In the case of personal data processed for the purpose of concluding and performing electronic service agreements (digital services), for the duration of the concluded agreement;
- In the case of personal data collected for pursuing claims and defending against claims, until the statute of limitations for these claims;
- In the case of fulfilling legal obligations, until their fulfillment and the expiration of related claims;
- In the case of conducting marketing and promoting services, until the User objects in this regard or the business purpose ceases;
- In the case of personal data processed for contacting the User, for the necessary duration to achieve the Controller’s legitimate interest, i.e., until the resolution of issues raised by the User with the Controller and for securing potential claims (until their statute of limitations resulting from legal provisions) or until the User objects in this regard.
The User has the right to:
- Access their personal data and receive a copy of them;
- Rectify their personal data;
- Delete their personal data (if there are no grounds for their processing by the Controller);
- Object to the processing of their personal data (regarding data processing based on the Controller’s legitimate interest);
- Withdraw consent to the processing of their personal data;
- Restrict the processing of their personal data;
- Transfer their personal data;
- Lodge a complaint with the President of the Personal Data Protection Office (if they believe that the processing of their personal data violates applicable law).
The exercise of the User’s rights should not adversely affect the rights and freedoms of others (including intellectual property rights or trade secrets). The scope of each of these rights and the situations in which they can be exercised are specified by law – Articles 15-21 GDPR. The right the User will be able to exercise depends, for example, on the legal basis for using the User’s personal data and the purpose of their processing – the User’s rights are not absolute and do not apply to all processing activities, except for lodging a complaint with PUODO.
In case of doubts regarding the rights, purposes of processing, or the legal basis for processing specific data or processing activities, please contact the Controller as indicated in point 2 of the information clause.