Privacy Policy

The purpose of this privacy policy (hereinafter referred to as the Policy) is to set out the terms and conditions for the processing of personal data from natural persons (hereinafter referred to as the User or you) who are users of our website, as well as personal data of other persons (including our business partners and persons who represent them, job applicants and persons who contact us on other matters), submitted by post, e-mail, telephone, in person at the Administrator’s premises or by any other means.

The Policy also contains information regarding the rights of individuals with respect to the processing of their personal data.

Personal data controller

The Administrator of your personal data is PMICOMBERA Ltd. with its registered office in Warsaw at Wiertnicza 39 A, 02-952 Warsaw, entered in the Register of Entrepreneurs kept by the District Court for the City of Warsaw in Warsaw, XIII Commercial Division of the National Court Register under KRS number 0000050276, NIP 9520013172, REGON 010982840 (Administrator or we). Please be informed that we have appointed a Data Protection Inspector. You can contact us and, in particular, our Data Protection Officer via the website www.pmi.pl under „Contact” or by letter to our address. We process your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation; OJ EU.L.2016.119.1; hereinafter RODO).

Cooperation with our business partners

If you are part of a contract with us or intend to enter into a contract with us, the data we process about you constitutes contact data and other data necessary for entering into and performing the contract. This data is collected directly from you. We may obtain or verify your data also through publicly available registers (e.g. CEIDG, KRS).

We process your data for the following purposes and based on the following legal bases:

1. to establish cooperation and conclude and perform the contract between us (Article 6(1)(b) of the RODO),
2. to maintain the Administrator’s accounting records concerning the cooperation, in accordance with the Administrator’s legal obligation (Article 6(1)(c) of the RODO), resulting in particular from the Tax Ordinance Act of 29 August 1997, the Accounting Act of 29 September 1994 and the Value Added Tax Act of 11 March 2004,
3. to realize the legitimate interest of the Administrator (Article 6(1)(f) RODO), consisting in:
4. conducting activities that streamline and coordinate the Administrator’s work, including maintaining internal registers (e.g. correspondence filing),
5. the determination, investigation and defense of claims.

The provision of data is a condition for the conclusion of the contract, and their failure will result in inability to conclude and perform it.

Personal data shall be stored for the period necessary for the performance and settlement of existing cooperation or establishment of future cooperation, as well as until the expiry of periods resulting from applicable laws (i.e. the statute of limitations for tax obligations relating to accounting records), which may, where applicable, be extended by the statute of limitations for civil law claims.

Representatives, contact persons, employees and agents of our customers or business partners

We process your contact information and data related to your function or relationship with the entity on whose behalf you are acting (typically your name, surname, position, place of work, business email address and business telephone number, and possibly information indicating your authority to represent the entity). We have obtained this information directly from you or received it from the entity on whose behalf you are acting. We may also obtain or verify your data through publicly available registers (e.g. KRS).

We process your data for the following purposes and based on the following legal bases:

1. realization of the legitimate interest of the Administrator (Article 6(1)(f) RODO), consisting in:

1. to provide information and contacts necessary for the conduct of our business, including entering into and performing business with the entity on whose behalf you are acting, as well as the handling and performance of activities undertaken by you,
2. carrying out activities that make the Administrator’s work more efficient and coordinated, including keeping internal registers (e.g. correspondence records),
3. the determination, investigation and defense of claims.
4. fulfillment of our legal obligations (Article 6(1)(c) of the RODO), including the obligation to keep accounting records concerning cooperation with the entity on whose behalf you act, in accordance with the Tax Ordinance Act of 29 August 1997, the Accounting Act of 29 September 1994 and the Value Added Tax Act of 11 March 2004

Providing data is voluntary, however, failure to do so will result in the inability to perform cooperation with the entity on whose behalf you are acting.

Personal data shall be stored for the period necessary for the performance and settlement of existing cooperation or establishment of future cooperation, as well as until the expiry of periods resulting from applicable laws (i.e. the statute of limitations for tax obligations relating to accounting records), which may, where applicable, be extended by the statute of limitations for civil law claims.

Participation in recruitment

Personal data shall be processed in order to conduct the recruitment process for the offered position and to select a suitable person for employment in the position specified in the job offer, including the assessment of qualifications, abilities and skills of the candidate for the job.

Depending on whether the recruitment process leads to the conclusion of a contract covered by the employment relationship and thus the provisions of the Labour Code, or whether it leads to the conclusion of a civil law contract or a contract for the provision of services, the legal basis for the processing of personal data is different:

1. In the case of recruitment for positions for which contracts covered by the employment relationship and thus the provisions of the Labour Code are envisaged, the legal basis for the processing of personal data is:

1. to the extent arising from Article 22(1) of the Labour Code, the legal basis is a legal obligation incumbent on the Administrator (Article 6(1)(c) of the RODO). This applies to data such as: first name(s) and surname, date of birth and contact details indicated by the job candidate. If this is necessary for the performance of a specific type of work or position, this also applies to information on education, professional qualifications and previous employment history. The Administrator’s legal obligation also covers the data necessary to fulfill the right or obligation arising from the law.
2. in the case of providing personal data in a broader scope than specified in the provisions of the labour law, the legal basis for processing them for the above-mentioned purpose is consent (Article 6(1)(a) of the RODO). This applies to the results of competence tests, as well as any data included in the curriculum vitae (CV), cover letter or provided during job interviews. We do not request that you provide us with the above data, but we treat the provision of such data as equivalent to your consent to its processing.

We would like to point out that providing personal data by the candidate as indicated in point I a) above is obligatory in the light of the binding provisions of the labour law. Failure to provide such data will result in the inability to participate in the recruitment process. Providing personal data by the candidate indicated in point I. b) above is voluntary. We declare that the failure to provide such data cannot be the basis for unfavourable treatment of the person applying for employment, and cannot cause any negative consequences towards him, in particular cannot constitute a reason justifying the refusal to employ him.

1. In the case of recruitment for positions for which civil law contracts or service contracts are envisaged, the legal basis for processing personal data is consent (Article 6(1)(a) of the RODO). This applies to any data included in the curriculum vitae (CV), cover letter or provided during interviews.

We would like to point out that the provision of personal data by you for the conclusion of the aforementioned contracts is voluntary, as such voluntary provision is presupposed by your consent. However, we would like to point out that your consent for us to process your personal data such as name(s), date of birth and contact details as well as – for certain positions – information about your education, professional qualifications and previous employment history is necessary for your application to be considered for the recruitment process.

In case of currently conducted recruitment, personal data will be processed until the end of the recruitment process. In the case of consent to process data for future recruitment, the data will be processed for a period of 2 years.

Participation in a contest or lottery

The principles of processing your personal data, including the purpose and legal basis of their processing as well as the period for which the personal data are stored are specified each time with reference to a given action. Details can be found in the regulations of the action or another document specifying the principles of its execution.

Using our social media sites

Because we want to stay in touch with you, we have social media accounts where you can visit us and interact with us (e.g. leave a comment, like or share a post). In this case, your personal data is processed. You can find detailed rules for the processing of your personal data in the Social Media Policy published on our social networks:

• https://www.facebook.com/PMICombera-1989254751375169
• https://pl.linkedin.com/company/pmi-combera

Exercising your rights under the RODO

We process the data provided by you in order to process your request, as well as the data held by us necessary to process your request.

We process your data for the following purposes and based on the following legal bases:

1. Process a request for personal data in accordance with the Administrator’s legal obligation (Article 6(1)(c) of the RODO) under the RODO, including carrying out a verification of your identity,
2. the realization of the legitimate interest of the Administrator (Article 6(1)(f) RODO), consisting of the establishment, investigation and defense against claims, as well as the service of possible administrative proceedings related to the exercise of the rights of data subjects.

Provision of data is necessary to process your application and failure to do so will result in your application not being processed.

The data shall be stored until the expiration of the period of limitation of claims of data subjects resulting from the exercise of their rights under Articles 12-22 of the RODO (i.e. the period of limitation of claims for infringement of personal rights), as well as for the period necessary to handle any administrative proceedings related to the exercise of data subjects’ rights.

Contact with the Administrator in other matters

If you just want to contact us, the data we process about you are contact data and data resulting from your message. We have obtained this data directly from you.

We process your personal data in order to pursue our legitimate interests in handling your message and, if necessary, in answering any questions that may arise from it.

The legal basis for the processing of your personal data is our legitimate interest (Article 6(1)(f) RODO) as described above.

Providing personal information is voluntary, but it is necessary for us to handle your message. Refusal to provide personal information will result in our inability to handle your message and therefore its deletion.

Data is stored for the time necessary to process your message to us.

Your rights under RODO

You have the right to:

• request access to your personal data, rectification, erasure or restriction of processing, as well as the right to data portability,
• where processing is based on our legitimate interests, the right to object at any time to the processing of your personal data on grounds relating to your particular situation,
• where the basis for the processing of personal data is our legitimate interest consisting in direct marketing, the right to object at any time to the processing of personal data for the purposes of marketing activities.

If you have given your consent to the processing of your personal data or to the receipt of information from us (e.g. commercial information), you also have the right to withdraw your consent without affecting the lawfulness of the processing or communication carried out on the basis of your consent before its withdrawal. Where we intend to process your data on the basis of your consent, we will inform you in advance and take steps to ensure that you have the opportunity to give your consent; your consent is always voluntary and there are no negative consequences for not giving your consent.

To exercise your rights, please fill out the form on the website under „Contact Us”.

I want to exercise my rights under RODO

You also have the right to lodge a complaint to the supervisory authority – the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw.

Recipients of personal data

Data may be transferred to recipients, specifically:

• Service providers to the extent necessary to fulfill the purposes described above, e.g. accounting services, IT service and support providers, legal and tax consultants, banking, financial and insurance services, postal and telecommunications operators, document destruction and archiving services, marketing services, security and safety, printers, translators, compliance verification (audits), whereby these entities will have access to the data only for the purpose of performing their duties and to the extent necessary to do so,
• other controllers when and to the extent necessary to fulfill the purposes described above, including affiliated companies,
• law enforcement agencies and state authorities, when it results from the applicable laws, including tax offices in connection with the implementation of tasks concerning tax liabilities.

We may transfer personal data to related entities based outside the European Economic Area (EEA), i.e. to the United Kingdom which is the home of the ASL Group, where the transfer is necessary for the purposes of processing personal data as indicated in the Policy. Transfers of personal data outside the EEA are made with the appropriate level of data protection as required by the provisions of the RODO, primarily by entering into partnerships with entities that process personal data in countries for which an appropriate level of protection has been granted by the European Commission.

Use of personal data to make automated decisions, including profiling

Your personal information will not be used to make automated decisions, including profiling.

Security

We protect your personal data from unauthorized access, interception of data by unauthorized persons, destruction, loss, damage or alteration, and processing of personal data in a manner inconsistent with the provisions of the RODO.

In order to secure the data, we use technical and organizational measures that meet the requirements of the RODO, in particular the measures listed in Article 24 and Article 32 of the RODO, to ensure the confidentiality, integrity and availability of the processing services of the personal data provided.

Our affiliates, our trusted partners, and third-party service providers have agreed to process data in accordance with our security and privacy requirements.

Use of cookies

Background Information:

What are cookies and what are they used for?

Cookies are files sent by a web server to the user’s browser and stored on the user’s computer. These files help us analyse web traffic and recognise which part of our website has been visited. Our website also uses such files in order to be able to address each User individually, tailoring activities to the needs of specific Users by collecting and remembering information about preferences and to enable account login This information is only used for statistical data analysis purposes and is then deleted from our systems.

Cookies do not allow us to access the User’s computer or any information about the User, except for information about how the User uses our website and any personal data that the User decides to share with us (including personal data that the User shares with us due to the User’s browser settings).

In order to monitor and improve our website, we collect aggregate information about Users as they browse our pages, including, but not limited to: details of the operating system, browser version, domain name, IP address, the URL from which Users arrive at our website and to which they go, and which subpages of our websites they visit. We may keep general statistics, collect website traffic data and information about related sites and share this aggregate data with third parties for marketing, advertising or other promotional purposes, however this aggregate data does not contain any personal data. For the same reasons, we may collect information about how Users use the Internet by using cookies stored on the hard drive of their computers. Cookies contain information that is transferred to the hard drive of the Users’ computers. This helps us improve our Website and offer better and more personalised services.

What cookies do we use?

We use the following cookies:

Necessary (essential) cookies. These types of cookies are necessary in order to navigate and use our website, by providing – for example – access to secure areas of the website.

Other information

Our website will display a message before any information in the form of cookies is saved on the User’s computer. We also use pop-ups or banners so that the User can manage the User’s cookies.  Cookies can be managed through the settings of the User’s browser (which allows to disable acceptance of all or some cookies). The browser may request confirmation of the changed settings. Please note that if the blocking of all cookies is activated, the User may not be able to access certain parts of our Website.  Please note that third parties may also use cookies to analyse how their websites are used, of which we have no control.

How can we independently regulate cookies while browsing the website?

1. Google Chrome – click on the menu and select „Settings” > „Show advanced settings”. In the „Privacy” section, click the „Content Settings” button. In the „Cookies” section the following cookie settings can be changed:
   – delete cookies
   – block cookies by default
   – allow cookies by default
   – keep cookies and website data by default until the browser is closed.

2. Internet Explorer – From the browser menu select: „Tools” > „Internet Options” > „Privacy”, „Sites” button. Use the slider too set the level, then confirm the change with the „OK” button.

3. Mozilla FireFox – From the browser menu select: „Tools” > „Options” > „Privacy”. Activate the box : FireFox „will use user settings”.
   Cookies treatment is determined by selecting (clicking) or leaving empty the „Accept cookies” box.

4. Opera – From the browser menu select: „Tool” > „Preferences” > „Advanced”.
   Cookies treatment is determined by selecting (clicking) or leaving empty the “Cookies” box.

Policy Changes

We review the Policy regularly, and we reserve the right to make changes to it. If you notice that the Policy needs to be updated, please let us know.

Date of last policy update: 26.10.2023.