...

Privacy Policy

The purpose of this Privacy Policy is to provide information on the processing of personal data and to inform data subjects of their rights. We therefore encourage you to review this document carefully.

 

General Information

 

  1. The Privacy Policy contains information about the processing of personal data by IT Connect Sp. z o.o., with its registered office in Warsaw at 80 Marszałkowska Street, postal code 00-517 Warsaw, and its office at 51 Chłodna Street, Warsaw 00-867, hereinafter referred to as the Administrator.
  2. The Administrator ensures the confidentiality, security, and protection of personal data in accordance with applicable laws, including the provisions of the EU General Data Protection Regulation (GDPR).
  3. The Administrator may be contacted:
    1. by email – at the address: biuro@itconnect.pl
    2. in writing – at the address: 00-867 Warsaw, 51 Chłodna Street.
  4. The Administrator has appointed a Data Protection Officer (DPO), who may be contacted regarding matters related to personal data processing:
    1. by email – at the address: iod@itconnect.pl
    2. in writing – at the Administrator’s registered office address, with the note “Personal Data.”

 

Categories of Individuals, Purposes and Legal Basis for Processing

Categories of IndividualsPurposes of ProcessingLegal Basis for Processing
Individuals who initiate contact

Conducting communication with those interested in collaboration through:

  • email and traditional correspondence,
  • telephone contact,
  • handling the “Contact” section on the website.
Article 6(1)(f) GDPR – the legitimate interest of the Administrator in conducting correspondence addressed to it and responding to telephone inquiries in connection with its business activities
Representatives of the contractor or contact personsAnalyzing offers, concluding, executing, and settling contracts

Article 6(1)(b) GDPR – the conclusion and performance of a contract, as well as taking steps necessary to enter into a contract;

Article 6(1)(c) GDPR – documenting the concluded contract and its settlement, based on the provisions of tax and accounting law;
Internal reporting and statistical purposesArticle 6(1)(f) GDPR – the legitimate interest of the Administrator
Establishment, pursuit, or defense against potential claims
Handling complaints and claims, if submitted, regarding the performance of the contract between the Parties
Individuals designated as contact persons for contract executionContract executionArticle 6(1)(f) GDPR – the legitimate interest of the Administrator in executing the contract. The legitimate interest of the Administrator includes facilitating communication related to the conclusion and execution of the contract, receiving and conveying declarations of intent between the parties, directing potential complaints and claims, and, after the contract has ended, the necessity of establishing, pursuing, or defending against potential claims.
Representatives of the contractor or contact personsDirect marketingArticle 6(1)(f) GDPR – the legitimate interest of the Administrator in promoting its brand and personalizing its offerings, subject to obtaining prior consent in accordance with the provisions of the Act on Providing Services by Electronic Means and telecommunications law.
Individuals interested in employmentRecruitmentArticle 6(1)(b) GDPR – the necessity of processing for the conclusion and performance of a contract and taking steps necessary to enter into a contract;
Article 6(1)(c) GDPR – the fulfillment of legal obligations incumbent upon the Administrator, including those arising from labor law provisions;
Article 6(1)(a) GDPR – consent, in cases where the data provided exceeds the legal bases specified above.
Providing data is voluntary, but necessary to achieve the above purposes, with the exception that failure to provide data for direct marketing purposes does not negatively impact the achievement of other purposes.

 

Recipients of Personal Data

 

The recipients of personal data may primarily include:

  • entities cooperating with the Administrator;
  • authorized entities, such as the Social Insurance Institution, the National Tax Administration, the Police, courts;
  • banks, payroll consulting firms;
  • IT service providers;
  • courier companies, postal operators;
  • legal and advisory service providers (law firms, debt collection agencies).

Retention Period for Personal Data

 

The retention period for personal data depends on the purpose of processing and is as follows:

  1. For the execution of a contract – for the duration of the contract, and thereafter until the expiration of any legal obligations;
  2. For the pursuit or defense of claims related to the contract – until the limitation period for claims, i.e., up to 3 years;
  3. For communication with potential clients – for 60 days from the last communication or until the expiration of the offer, whichever occurs later, unless a longer period is required by law;
  4. For direct marketing – until an objection is raised or relevant consent is withdrawn;
  5. For the fulfillment of legal obligations – until the expiration of the legal obligation.

 

Information on the Processing of Personal Data on Social Media

 

  1. The Administrator maintains profiles on LinkedIn, Instagram, and Facebook, with links available on the Administrator’s website.
  2. The Administrator processes personal data of users who follow these profiles. Additionally, the administrators of social media data are:
    1. LinkedIn – LinkedIn Ireland Unlimited Company;
    2. Facebook and Instagram – Meta Platforms Ireland Limited.
  3. Personal data of social media users are processed for the following purposes: a) informing users about the Administrator’s activities (Article 6(1)(f) GDPR – the legitimate interest in promoting its business); b) responding to inquiries (Article 6(1)(f) GDPR – the legitimate interest in communicating with social media users).
  4. Personal data will be retained for as long as the user follows our social media profile, and in the case of an inquiry, for the duration of providing a response and until the limitation period for claims.

Rights of Data Subjects

 

In connection with the processing of personal data by the Administrator, data subjects are entitled to the following rights:

  • the right to access personal data;
  • the right to rectify personal data;
  • the right to erase personal data;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object to the processing of data based on the legitimate interest of the data controller.

Where processing is based on consent given under GDPR, data subjects have the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.

Every data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.

To exercise these rights, please contact:

  • The Administrator via email at: biuro@itconnect.pl or by writing to the registered office address;
  • The Data Protection Officer via email at: iod@itconnect.pl.

Additionally, the Administrator, in accordance with Article 12(3) GDPR, has one month to respond to any requests regarding the exercise of rights from the date they are received.

Updates to the Privacy Policy

The Privacy Policy is regularly reviewed and updated as necessary.

The current version of the Privacy Policy is effective as of August 2024.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.