This privacy policy specifies the rules of collecting, processing and using personal data. Data is collected by P.H.P. Export-Import W. Kawczyński.
1. Data processing is conducted in accordance with the General Data Protection Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive) – hereinafter called the “GDPR.”
2. You have the right to: request access to your personal data, rectify, erase or restrict its processing, object its processing, as well as data transfer.
3. When processing is conducted based on your approval – you can withdraw it anytime, informing us about it, with no impact on the compliance with the right to process, which was performed earlier.
4. You can also lodge a complaint to the President of the Personal Data Protection Office.
Personal data contained in e-mails:
1. Processing is conducted for the purpose of fulfilment of legally justified interests of the Controller – i.e. exchange of e-mails in accordance with art. 6 sec. 1 letter f of the GDPR.
2. The following data is processed: e-mail, first name and surname and all other data that is provided in e-mail.
3. Data can be stored on an external mail server. It can be also accessed by outside IT companies, in the scope of servicing and delivery of software and IT equipment. In addition, data will not be revealed (disclosed) to other entities, with the exception of cases stipulated in regulations that are currently in force.
4. Data will not be transferred to third countries or international organizations.
5. Data will be stored for a period of 10 years – due to the current tax regulations and time limits for filing claims.
Personal data shown on invoices and other accounting documents:
1. Processing is performed for the purpose of fulfilment of legal obligations imposed upon the Controller (bookkeeping) and performance of legally justified interests of the Controller (possible recovery of claims or protection against claims), in accordance with art. 6 sec. 1 letter c and f of the GDPR.
2. The following data is processed: name and address of seller and buyer, NIP numbers, possible data of the signatory and other data shown on invoices and other accounting documents.
3. The Controller can assign processing of your data to outside accounting companies and law firms. It can be also accessed by outside IT companies, in the scope of servicing and delivery of software and IT equipment, as well as postal and overnight dispatch service companies, in the case of sending mail. Your data, in the case of payment processing, will be transferred to banks. In the remaining extent, it will not be revealed (disclosed) to other entities, with the exception of cases provided in regulations that are currently in force.
4. Data will not be transferred to third countries or international organizations.
5. Data will be stored for a period of 10 years, according to the current tax regulations and time limits for filing claims.
6. Data will be acquired from you and public registers (CEIDG, KRS).
Personal data contained in recruitment processes (CV, cover letters):
1. Processing is conducted based on an approval, in accordance with art. 6 sec. 1 letter a of the GDPR.
2. Data is provided voluntarily, not required by any regulations, but refusal to provide such data will disable participation in recruitment process.
3. Data provided by you in application is processed.
4. Data can be accessed by outside IT companies, in the scope of servicing and delivery of software and IT equipment. In addition, data will not be revealed (disclosed) to other entities, with the exception of cases stipulated in regulations that are currently in force.
5. Data will not be transferred to third countries or international organizations.
6. Data will be stored during recruitment and up to six months later, unless a candidate withdraws his/her approval to data processing.
Personal data of drivers in transport and forwarding processes:
1. Processing takes place for the purpose of performance of legally justified interests of the Controller (business trip service, organization of transport and forwarding activities), in accordance with art. 6 sec. 1 letter f of the GDPR.
2. The following data can be processed: driver’s first name and surname, his contact number, registration numbers of vehicles, item and route traveled, and other data related to transport and forwarding orders.
3. The Controller can share data with customers and contracting parties, in the scope related to handling of transport and forwarding orders (other transport and forwarding companies, loaders and unloaders, ferry operators, hotels, etc.). It can be also accessed by outside IT companies, in the scope of servicing and delivery of software and IT equipment, as well as outside accounting companies and law firms. In the remaining scope, data will not be revealed (disclosed) to other entities, with the exception of cases stipulated in regulations that are currently in force.
4. Some customers and contracting parties of the Controller may have their places of business outside European Union countries – then they can receive driver’s personal data in the scope and based on the principles specified in sec. 3 above. Regulations on personal data protection that are in force in those countries can be less restrictive than EU laws. In addition, data will not be transferred to third countries or international organizations.
5. Data will be stored for a period of 5 years, according to the current tax regulations and time limits for filing claims.
6. Data is collected directly from drivers or transport and forwarding companies cooperating with us.
Personal data collected within the activity of video monitoring:
1. Processing takes place for the purpose of performance of legally justified interests of the Controller – to ensure safety of workers and protect the employer, in accordance with art. 6 sec. 1 letter f of the GDPR, in compliance with art. 222 of the Labor Code.
2. The following data is processed: image of persons on the premises under surveillance.
3. Data can be disclosed to appropriate services in the event of recording a crime or destruction of property. In addition, data will not be revealed (disclosed) to other entities, with the exception of cases stipulated in regulations that are currently in force.
4. Data will not be transferred to third countries or international organizations.
5. Data will be stored for a period of 3 months. When image recordings serve as evidence in legal proceedings or the employer found out that they can serve as evidence in legal proceedings, the above mentioned period can be extended until the formal completion of legal proceedings.
Cookies:
1. In order to ensure the highest comfort of using our website during browsing, small files, known as cookies, are recorded on your device. These files make possible adjustment of the service content to your needs and interests. Thanks to their recording on your device, it is possible to display the website in the way that is most suitable to a specific user. Cookies allow us to collect statistical data, thanks to which we can develop our website in accordance with preferences of our users.
2. Any user can anytime block or restrict the possibility of recording cookies on his or her device, but there is a risk that this operation will make it difficult to use the website.
Summary:
1. All personal data processed by us is protected in accordance with the requirements of the GDPR. We spare no efforts in order to protect your personal data and safeguard it against third party activities.
2. We reserve the right to update and change this privacy policy by publication of its new version on this website.
3. If you have any doubts or additional questions regarding protection of privacy, please contact us.