§ 1. General Information
- Group of Holding 1 companies - means Companies related to HOLDING 1 Spółka Akcyjna Spółka komandytowa with its registered office in Cracow, hereinafter referred to as the "Group". The list of Group companies is available below.
- The Group puts a great effort to respect the privacy of Users visiting the Website.
Group companies are the personal data controller. Their access to the data is:
- Necessary for the proper functioning of the Website,
- Required to provide some of the website functionalities,
- A result of interest shown in products offered by a specific company from the Group,
- Necessary to allow selected companies to contact Users who have given their prior consent.
- Personal data collected by the Group via the Website is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), also referred to as the GDPR.
- The Group has appointed a Data Protection Officer, which can be contacted by phone number +48334861986 and e-mail address: firstname.lastname@example.org.
§ 2. Types of information collected
- Personal data is collected as a result of User’s interactions with the Website.
- Personal data submitted by the User via the Website contact forms might be a subject of processing. In particular, the User may use the contact form for potential job candidates to state their name, surname, telephone number, & email address. Submitted data can be processed based on the User's consent to the processing of this data by the Group companies (Article 6(1)(a) of the GDPR).
- When using the Website, contents of cookie files may be obtained as well as information about the IP address, browser, access time and operating system used by the User.
- These data are processed in order to customize the content to probable needs or interests of each User (profiling) and to monitor user visit activities, as well as to monitor and test the effectiveness of all website functionalities for the purpose of their continuous improvement.
- Navigational data may also be collected from Users, including information about links which they choose to click or other activities taken on the Website. The legal basis is the legitimate interest (Article 6(1)(f) of the GDPR) of facilitating the use of services provided electronically and improving the functionality of these services.
- The navigation data may be used to provide Users with better service, statistical data analysis and adaptation of the Website to Users' preferences, as well as the administration of the Website.
§ 3. The right to withdraw consent
- User has a right to withdraw the consent, that he has previously given for the Group or one of its companies.
- Withdrawal is effective instantly after its request.
- Withdrawal of consent does not affect the processing carried out by the Group in accordance with the law before its withdrawal.
- Withdrawal of consent does not entail any negative consequences for the User. However, some services or functionalities, that legally require this consent, might become unavailable since the company won’t be able to offer them.
§ 4. Right to object against data processing
- User has a right to object at any time - for reasons related to his specific situation - to the processing of his personal data, including profiling, if his data is processed on the basis of a legitimate interest of collecting statistics on the use of individual functionalities of the Website and facilitation of Website usage.
- If the User's objection turns out to be justified and there is no other legal basis for the processing, personal data, being the subject of an objection, will be removed.
§ 5. Right to erasure (“right to be forgotten”)
- User has the right to request erasure of all or some personal data.
User has the right to request erasure of data if:
- personal data are no longer necessary for the purposes for which they were collected or processed;
- user withdrew the specified consent to the extent in which the personal data were processed based on it;
- personal data are processed unlawfully;
- personal data must be removed in order to comply with the legal obligation,
- personal data has been collected for the purpose of providing Information Society services.
§ 6. The right to limit data processing
- User has the right to request limitation on the processing of his personal data. Submission of a request, until its consideration prevents the use of certain functionalities or services, the use of which would involve the processing of data covered by the request.
User has the right to request limitation on the processing of his personal data in the following cases:
- when User questions the correctness of his personal data - then the Group will limit their use for the period of time necessary for the verification process, but no longer than for 7 days;
- if the data processing is illegal, and instead of deleting the data, the User will demand to limit their use;
- when the personal data are no longer necessary for the purposes for which they were collected or used but are needed by the User to establish, assert or defend claims;
- when User objected to the use of his data - then the limitation occurs for the time needed to consider whether - due to the specific situation - protection of the User's interests, rights and freedoms outweighs the interests that are the purpose of processing
§ 7. The right of access to personal data
The User has the right to obtain confirmation that his personal data is processed, and if so, the User has the right to:
- gain access to his personal data;
- obtain information on the purposes of processing, categories of personal data being processed, the recipients or categories of recipients of this data, the intended period of User's data storage or criteria for determining this period (when it is not possible to determine the planned data processing period), the rights of the User under the GDPR and the right to complain to a national data protection supervisory authority, on the source of such data, on automated decision-making, including profiling and on safety measures applied when transferring these data outside the European Union;
- get a copy of User personal data.
§ 8. The right to rectify and transfer data
- User has the right to demand an immediate rectification of incorrect personal data. Taking into account the purposes of processing, the User has the right to request supplementation of incomplete personal data, particularly by submitting additional statements via an e-mail address of the Personal Data Inspector.
- The User has the right to receive his personal data, which he provided, and then send them to another personal data controller of his choice. The user also has the right to request that personal data be sent directly to the selected data controller, if it is technically possible.
§ 9. Complaints, inquiries, applications
- User may submit complaints, inquiries and requests regarding the processing of his personal data and the exercise of his rights through the Data Protection Inspector.
- User has the right to lodge a complaint to the President of the Personal Data Protection Office in the scope of violation of his rights in terms of protection of personal data or other rights granted by the GDPR.
§ 10. Data recipients
- User personal data may be accessed by companies from the Group, in the legitimate interest of the company and in order to effectively provide services offered by Group companies.
- User's personal data may be transferred to Group’s service providers involved in running the Website. These entities, depending on contractual arrangements and circumstances, are either subject to the instructions of the Group as of the purposes and methods of data processing (data processors) or independently determine the purposes and methods of their processing (data controllers).
§ 11. Data storage
- Data recipients are mostly based in Poland or the countries of European Economic Area (EEA).
User data is stored:
- For the data processed on a basis of user consent - for as long as User won’t revoke previously given consent. If a User revokes his consent, the data will still be processed for a period of limitation to claim remuneration - that might be filled either by or against company. Unless a special provision provides otherwise, the period of limitation is six years, and for claims for periodic benefits and claims related to running a business - three years.
- If the data processing is based on the execution of the contract - for as long as it is necessary to perform the contract After that time, the data will still be processed for a period of limitation to claim remuneration - that might be filled either by or against company. Unless a special provision provides otherwise, the period of limitation is six years, and for claims for periodic benefits and claims related to running a business - three years.
- In the case of processing data contained in cookies, information about the IP address, browser, access time, operating system used by the user and navigation data, these data will be processed for a period of one year. The legal basis for the processing of these data is art. 6 (1)(f) - Regulations - implementation of a justified interest in the form of running an Internet Service.
Holding1 Companies List