Information concerning processing of personal data at Walcownia Metali “Dziedzice” S.A.
GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/WE.
Personal data – information regarding an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be directly or indirectly identified, in particular by an identifier such as a person’s name, id number, location, internet handle, as well as one or more specific features regarding a person’s physical, physiological, genetic, psychological, economic, cultural or social identity.
Processing – an operation or a set of operations performed on personal data or sets of personal data, whether or not by automatic means, such as collecting, recording, organising, sorting, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning or combining, restricting, erasing or disposal.
Data Controller: Walcownia Metali „Dziedzice” S.A. with its registered office in Czechowice-Dziedzice (43-502), Poland, 3 Kaniowska St., NIP [Tax Identification Number]: 652-11-67-160, REGON [National Official Business Register] 273074410, KRS [National Court Register] 0000084770.
The Data Controller may be contacted via the following address:
- e-mail: firstname.lastname@example.org
- telephone: +48 32 714 30 00
Declaration on Personal Data Security
The Data Controller pays particular attention to the protection of personal data. The safeguards in place are designed to ensure the confidentiality, integrity and availability of personal data.
The Data Controller declares that the implemented data protection system shall be subject to continuous improvement. The scope of management includes all key processes for personal data processing. The purpose of the data protection system is to ensure an organisational and technical level at all times, so that:
- it guarantees an adequate level of data security, regardless of its form,
- it maximally reduces, as far as possible, the occurrence of information security threats,
- it ensures that the rights of the data subjects are executed.
The Background and Purposes of Personal Data Processing
Personal data are processed in the context and for the purposes of the activities carried out, i.e.:
- Manufacture of non-ferrous metal products and semi-finished products,
- Employment and recruitment of employees,
- Financial accounts and business accounting,
- Video surveillance for production control and property protection,
- Marketing and promotion,
The possibility to exercise specific rights:
the right to request access to your personal data, the right to rectify, erase, restrict the processing, the right to data portability, to object to data processing – depends on the legal basis on which the specific processing is based, as well as the purpose and the manner of data processing. The Data Controller shall not be obliged to exercise the rights in each case to the same extent.
You have the right to request the exercise of your right; please reach out to the following address in order to do so: email@example.com
The Right to Lodge a Complaint with the Supervisory Authority
You also have the right to lodge a complaint with the supervisory data protection authority of the Member State of your habitual residence, place of work or place where the alleged infringement has been committed.
President of the Personal Data Protection Office
Address: 2 Stawki, 00-193 Warsaw
Phone: +48 22 860 70 86
Recipients or Categories of Recipients of the Data
Your personal data is provided to:
- entities processing personal data on behalf of the Data Controller in the scope of technical, organizational, legal support. Entities are entered into entrustment agreements pursuant to Article 28 of the GDPR,
- Your data may also be transferred to entities which have the right to obtain them under applicable laws.
Data Retention Period
The data shall be processed for the period necessary to fulfil the purposes for which they were collected, including the fulfilment of legal obligations regarding archiving, until the execution of contracts and the expiry of claims, the end of recruitment, until the withdrawal of consent in cases of data processing based on consent.
Information Regarding the Voluntary or Mandatory Provision of the Data
Provision of personal data in cases defined by law, in particular:
- concluding and implementing agreements,
- issuing invoices,
- public law settlements,
- issuance of the power of attorney,
- debt collection,
is mandatory, in other cases it is voluntary.