GDPR – PERSONAL DATA PROCESSING POLICY by LACTIMA Sp. z o.o.
Information required in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27/04/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (GDPR) .
Administrator: LACTIMA Sp. z o.o. with its registered office in Morąg (14-300) at 6 Kaszubska st., KRS: 0000111384, NIP: 584-025-10-89, REGON 001325098.
Data processing applies to every natural person whose personal data is processed by the Administrator, e.g. a person visiting the Administrator’s premises, website or sending an inquiry to him in the form of an e-mail.
DATA PROCESSING BY THE ADMINISTRATOR
In connection with its activities, the Administrator collects and processes personal data in accordance with the relevant provisions, in particular with the GDPR and the data processing rules provided for therein.
The administrator is obliged to ensure that the data is collected only to the extent necessary for the indicated purpose and processed only for the period in which it is necessary.
When processing data, the Administrator ensures their security and confidentiality as well as access to information about this processing for persons directly interested.
If, despite the security measures applied, there is a breach of personal data protection (eg “server hacking, loss), the Administrator informs the data subjects of such an event in a manner consistent with the provisions.
SECURITY OF PERSONAL DATA
In order to ensure the confidentiality of data, the Administrator has implemented procedures enabling access to personal data only to authorized persons and only to the extent that it is necessary due to the tasks performed by them. The administrator uses organizational and technical solutions to register and perform operations on personal data only by authorized persons.
The administrator also takes all necessary steps to ensure that other cooperating entities guarantee the application of appropriate security measures in each case when they process personal data at the request of the Administrator.
The administrator conducts an ongoing risk analysis and monitors the adequacy of the data security used to the identified threats. If necessary, the Administrator implements additional measures to increase security.
PURPOSES OF DATA PROCESSING BY THE ADMINISTRATOR
The personal data provided will be processed for the purpose of providing services, handling requests (e.g. via the contact form, e-mail) and answering requests.
Personal data may be collected in the event report form.
The categories of personal data include: name and surname, telephone number, e-mail address, address, data dedicated to the process / service / project / notification;
RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA
Pursuant to the General Data Protection Regulation, data subjects have the following rights:
- access to your data and the right to change, delete, limit processing,
- object to processing to the extent that the processing takes place on the basis of the legitimate interest of the Administrator,
- withdrawal of consent to data processing to the extent that the basis for processing is consent, withdrawal of consent does not affect the lawfulness of the processing which was made on the basis of consent before its withdrawal,
- lodging a complaint to the President of the Personal Data Protection Office regarding violation of the right to personal data protection or other rights granted under the GDPR.
AUTOMATED DECISION MAKING
The data provided by you will not be subject to automated decision making and profiling;
THE PROVISION OF DATA IS VOLUNTARY
Providing data is voluntary, but necessary to provide services or to contact the Administrator or to receive marketing messages from the administrator.
PERIOD OF PROCESSING OF PERSONAL DATA
Personal data will be stored for the duration of the legitimate interest of the administrator, unless you object to the processing of data;
After the expiry of the processing period, the data is irretrievably deleted.
TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
Personal data will not be transferred outside the European Economic Area, and will not be processed for the purpose of automated decision making, including profiling.
CHANGES TO THE PERSONAL DATA PROCESSING POLICY
The above Data Processing Policy applies from May 25, 2018 and will be reviewed on an ongoing basis and updated if necessary.
All correspondence on matters related to the processing of your personal data should be sent to the following address: email@example.com with the annotation “Personal data” or by post to the following address:
LACTIMA Sp. z o.o., ul. Kaszubska 6, 14-300 Morąg