Personal data protection policy

§1

  1. This policy defines the rules of protection of personal data that the users of garnuszewski.pl websites enter voluntarily to the IT system via data forms available at the aforesaid websites by means of the technical means available in the aforesaid forms.
  2. Philips & Garnuszewski Spółka Partnerska Adwokata i Radcy Prawnego seated in Poznan at al. Niepodleglosci 51/1, entered into the register of entrepreneurs of the National Court Register kept by the district court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Commercial Division of NCR, under the number of KRS 0000478110, with NIP (taxpayer ID number) PL 7831703848, REGON (business ID number) 302535351 is the administrator of personal data. The administrator of personal data can be contacted at the following telephone number: 61 855 20 44, by means of a form available at their Website, and by means of electronic mail: kancelaria@garnuszewski.pl
  3. Personal data protection referred to in this policy is based on the act of 29 August 1997 on personal data protection (Journal of Laws of the Republic of Poland of 1997, no. 133, item 883 as amended) in connection with processing of such data for purposes related to business operations conducted by the data administrator and for the purpose of gaining income, as well as for the purpose of sending commercial and marketing messages via electronic mail.

§2

  1. In view of this policy, personal data is considered to be all and any information concerning an identified natural person, or information that makes it possible to identify such person by establishing their identity in a direct or indirect way.
  2. Information that requires excessive costs, measures, or actions to establish the identity of a natural person is not considered to be information making it possible to establish the identity of a natural person.

§3

  1. Processing of data in a data set, understood in particular as collecting, recording, storage, development, and removal thereof, will be carried out mostly by means of the IT system of the data administrator.
  2. The IT system where personal data is processed is secured by means of implementation and application of appropriate technical and organizational measures aiming to prevent third parties and unauthorized parties from accessing this data.

§4

  1. Processing of personal data is allowed only upon consent of the person this data concerns. Provision of data for the purpose of processing thereof is purely voluntary.
  2. The act of removal of data from the database does not require the person whom the data concerns to agree to such act or to be notified of such fact.
  3. Personal data is processed only for the purpose of conducting business operations by the administrator and for the purpose of gaining income, as well as for the purpose of direct marketing communication involving promotion of own-only products and services addressed to persons making their personal data available, thus agreeing to have their data used for the abovementioned purposes.
  4. Data administrator is the recipient of personal data.
  5. A person making their personal data available has the right to access the content of their data and to modify or correct it. In order to do so, such person needs to contact the data administrator using the contact details provided above in §1.
  6. Personal data may be shared with third parties for the purpose related solely to conducting business operations by the data administrator and for the sole purpose of direct marketing communication involving promotion of the data administrator’s products and services after obtaining a separate consent thereto from the person making their data available.

§5

  1. Every person whose personal data is subject to processing has the right to request the data administrator to provide them with information about the purpose, scope, and manner of processing of their data, as well as about the term of processing of the data included in the database.
  2. Every person may request the data administrator to provide them with information about the way and scope in which their data is shared with other parties.
  3. Every person may request to have their data updated, supplemented, modified, corrected, excluded from processing – temporarily or permanently, or even removed from the database for good.
  4. Data administrator does not appoint a data security administrator.
  5. Personal data will be processed only be persons with appropriate authorization to do so, which is granted by the data administrator. Data administrator keeps a register of persons authorized to process personal data. Persons authorized to process personal data are obliged to keep the personal data they process and the ways the data is secured confidential.
  6. The database of personal data is registered in a register kept by GIODO – the Inspector General for Personal Data Protection.