Vector Synergy – Privacy Policy

PRIVACY POLICY AND COOKIES POLICY ON VECTORSYNERGY.COM

GENERAL PROVISIONS

This Privacy Policy of a website available at https://www.vectorsynergy.com (hereinafter “the Website”) is for information purposes and does not give rise to any obligations for the Website users. The Privacy policy sets out the rules of processing personal data by the Website administrator, including the purpose and scope of such processing, the rights of data subjects and information about the use of cookie files and analytical tools.

The controller of personal data collected via the Website is VECTOR SYNERGY SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ seated in Poznań, entered into the register of entrepreneurs of the National Court Register under no KRS 0000369575; registration court which keeps the Company’s documents: District Court (Sąd Rejonowy) in Poznań – Nowe Miasto i Wilda in Poznań, 8th Economic Division of the National Court Register; share capital of: PLN 60,375.00, having registered and correspondence address at ul. Marcelińska 90, 60-324 Poznań, NIP (tax identification number): 7811857270, business identification number (REGON): 30157574, e-mail address: info@vectorsynergy.com, phone number: +48 61 667 07 44, fax +48 61 622 95 04 (charges according to the Operator’s tariff) (hereinafter: “Vector Synergy“, “the Owner” or “the Administrator“).

The Controller processes personal data on the Website in accordance with the applicable provisions of law, including but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “the GDPR“. The official text of the GDPR: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679

You use the Website voluntarily. Using the Website does not require from you any personal data, unless you want to use the contact form available on the website – in that case you must provide your contact details (contractual requirement) in the scope specified in the Website’s Terms of Use (signature and e-mail address) and failure to provide the data makes it impossible to send the contact form.

The Administrator exercises due diligence to protect the interest of data subjects, in particular the Controller is responsible for and ensures that the data it collects are: (1) processed lawfully; (2) collected for specific, lawful purposes and are not further processed in a way incompatible with those purposes; (3) adequate, relevant in relation to the purposes for which they are processed; (4) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed, and (5) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Considering the nature, extent, context and purpose of the processing and the risk of infringing the rights or freedom of a natural person of varied probability and varied scale of threat, the Administrator implements adequate technical and organisational measures to process data in compliance with this regulation and be  be able to demonstrate it. The measures are subject to review and update if needed. The Administrator applies technical measures to protect electronically sent data from unauthorized access and modification.

CONTACT DETAILS

The Administrator’s contact details:

VECTOR SYNERGY spółka z ograniczoną odpowiedzialnością
ul. Marcelińska 90, 60-324 Poznań
e-mail: info@vectorsynergy.com,
telephone: +48 61,667 07 44
fax +48 61,622 95 04

Contact details of the personal data inspector appointed by the Administrator:

Arnold Paszta
Correspondence address: ul. Marcelińska 90, 60-324 Poznań
e-mail: rodo@vectorsynergy.com

BASIS FOR THE PROCESSING

The Administrator may process personal data if and to the extent that at least one of the following applies: (1) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; (2) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (3) processing is necessary for compliance with a legal obligation to which the Administrator is subject; (4) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Each processing of personal data by the Administrator requires the occurrence of at least one of the above grounds. Specific grounds for the Administrator’s processing of the personal data of Website users are indicated in the subsequent paragraph of the Privacy Policy – with reference to a given purpose of processing.

PURPOSE, BASIS, DURATION AND SCOPE OF DATA PROCESSING ON THE WEBSITE

In each case the purpose, basis, duration and scope as well as the recipients of personal data processed by the Administrator depends on the user’s activity on the Website. The Administrator may process personal data on the Website for the following purposes, on the following grounds and in the following scope:

Purpose of data processingLegal basis for the processing and retention period Scope of data processing
Reply to a question asked via contact formDepending on the purpose of the contact:

  • 1) Article 6(1)(b) GDPR (performance of a contract or taking steps at the request of the data subject prior to entering into a contract) or
  • 2) Article 6(1)(f) GDPR (legitimate interests pursued by the controller)

The retention of data depends on the legal basis – respectively:

  • 1) for the period necessary to take steps at the request of the data subject prior to entering into a contract and if the contract is concluded, for the period necessary to perform the contract, until its termination or other expiry of the contract; or
  • 2) for the duration of the legitimate interest pursued by the Administrator however no longer than for the period of limitation of the claims against the data subject with respect to the Administrator’s business activity. Periods of limitation are prescribed in the provisions of law, including but not limited to the Civil Code (the basic period of limitation of claims arising from business activity is three years).
Maximum scope: name and surname, e-mail address.
Responding to a recruitment application, recruitment procedure Depending on the purpose of the contacting:

  • 1) Article 6(1)(a) GDPR  (consent of the data subject), or
  • 2) Article 6(1)(b) GDPR (performance of a contract or taking steps at the request of the data subject prior to entering into a contract) or

The retention of data depends on the legal basis – respectively:

  • 1) in the case of the consent – until it is withdrawn;
  • 2) for the period necessary to take steps at the request of the data subject prior to entering into a contract and if the contract is concluded, for the period necessary to perform the contract, until its termination or other expiry of the contract; or
Maximum scope: name and surname, e-mail address, other data provided by the data subject, if any, in their CV or cover letter.

DATA RECIPIENTS ON THE WEBSITE

For the Website to work properly the Administrator must use  services of external providers (such as a hosting company, etc.). The Administrator uses services provided only by such processing operators who provide sufficient guarantee to implement appropriate technical and organisational measures, so that the processing meets the GDPR requirements and protects the rights of the data subject. Personal data is not transferred to any third country or to any international organisation.

The transfer of personal data by the Administrator is not done each time and is not done to all recipient or categories of recipients indicated in the Privacy Policy – the Administrator transfers data only if the Administrator has the data and if it is necessary to carry out the purpose of data processing and only in the scope necessary to carry it out.

Personal data of the Website users may be transferred to the following recipients or categories of recipients: service operators providing technical, organisational and IT solutions to the Administrator, enabling the Administrator to operate its business activity, including the Website and services offered thereon (including in particular providers of software for the Website, e-mail operators and web hosting providers). The Administrator shares the collected personal data of the user to a selected provider operating at the Administrator’s order only if and only to the extent to which it is necessary to carry out the purpose of data processing in compliance herewith.

RIGHTS OF THE DATA SUBJECT

  1. Right to access, rectify, restrict, delete or transfer – the data subject may demand from the Administrator to have access to their personal data, to rectify it, to delete it (“the right to be forgotten”) or to restrict the processing thereof, may make an objection against the processing and may transfer their data. Detailed terms and conditions of exercising the above rights are set out in Art. 15-21 of the GDPR.
  2. Right to withdraw the consent at any time – the data subject whose data is processed by the Administrator on the basis of their consent (according to Art. 6 (1)(a) or Art. 9(2)(a) of the GDPR) may withdraw their consent at any time and this will not affect the lawfulness of the processing done prior to the withdrawal.
  3. The right to make a complaint to a supervisory authority – the data subject may file a complaint to a supervisory authority in the manner laid down in the GDPR and in the provisions of Polish law, including but not limited to the Personal Data Protection Act.  The supervisory authority in Poland is the President of the Personal Data Protection Office.
  4. Right to object – the data subject has a right to object at any time – on the grounds related to their specific situation – against the processing of their data on the basis of Art. 6 (1)(e) (public tasks or interest) or Art. 6 (1)(f) (legitimate interest of the controller), including profiling on the basis of the same provisions. In such case the Administrator may no longer process such personal data unless the Administrator demonstrates that there are valid legitimate grounds for processing which overrides the interests, rights and freedoms of the data subject or for establishing, pursuing or defending a claim.
  5. Right to object against direct marketing
    – if personal data is processed for the purpose of direct marketing, the data subject may at any time object against the processing of their data for such purpose, including the profiling, to the extent that the processing is linked to such direct marketing.

To exercise the rights referred to in this section of the Privacy Policy you may contact the Administrator by sending relevant message in writing or by e-mail to the Administrator’s address or to the address of the data protection inspector appointed hereinabove, or by using the contact form on the Website.

COOKIES ON THE WEBSITE

Cookies are small pieces of text information in the form of text files sent through the server and saved on the device of the Website visitor (e.g. on the hard drive of a computer, laptop or smartphone’s memory card – depending on the device used by the Website visitor). Detailed information on cookie files with their history and origin is available at https://en.wikipedia.org/wiki/HTTP_cookie

When a visitor uses the Website, the Administrator may process data contained in the cookie files for the following purposes: (1) provide basic functionalities of the Website such as session continuity, storage of dynamic data such as statistics, summaries, and (2) adjusting the content of the Website to the Customer’s personal preferences (e.g. language of the site).

Typically the majority of available web browsers automatically accept cookies by default. Each user may define in their browser’s settings how cookies are to be used. This means you can e.g. partially limit (e.g. for a certain period of time) or completely block saving cookies – in the latter case this may affect some functionalities of the Website (for example it may become impossible to remember what language you have selected on the Website).

Browser’s cookie settings are significant when it comes to a consent for using cookie files by the Website and its Administrator – according to the provisions of law, the consent may also be expressed by the browser’s settings. If you refuse to give such consent, you should also change your browser’s cookie setting accordingly.

Detailed information on how to change cookie settings and how to delete them in the most popular web browsers is available in Help section of your web browsers and at the following links (click to view):

MISCELLANEOUS

The Website may contain links to other websites. The Administrator recommends to read privacy policy of the other website upon visiting. This Privacy Policy applies only to the Administrator’s Website.