Privacy Policy

This privacy policy sets out the principles for the processing and protection of personal data. This document also aims to explain the reasons why we collect and process personal data as part of our business operations:

1. WHAT IS PERSONAL DATA?

This is any information that allows one person to be distinguished from others without significant effort. It may relate directly to that person (such as their first and last name, identification number, and sometimes even an email address or online account), as well as information that does not describe them directly. For example, it can concern their characteristics, health status, opinions, place of residence, addictions, race, or religion.

2. WHAT PERSONAL DATA ARE WE REFERRING TO IN OUR CASE?

This is the data provided to us by our Clients, Contractors, Associates, and Employees in connection with their use of our services, cooperation with us, or employment with us. This data is processed by us.

3. WHAT DOES DATA PROCESSING MEAN?

Data processing encompasses any activities we can perform with personal data – both those involving active use, such as collecting, downloading, recording, combining, modifying, or sharing, as well as passive actions, such as storing, restricting, erasing, or destroying.

4. WHO IS THE DATA CONTROLLER (I.E., WHO HAS INFLUENCE OVER ITS PROCESSING AND SECURITY)?

The controller of your data is UNISYSTEM Sp. z o.o., ul. Nowy Świat 36, 80-299 Gdańsk, represented by the President of the Management Board.
The Data Controller has appointed a Data Protection Coordinator – Mr. Edward DYBOWSKI, who can be contacted via email at: iod@unisystem.com and/or iod@polsignal.pl.
Contact regarding Personal Data Protection matters is also possible by traditional mail at the address: UNISYSTEM Sp. z o.o., ul. Nowy Świat 36, 80-299 Gdańsk.

5. ON WHAT LEGAL BASIS AND FOR WHAT PURPOSE DO WE PROCESS YOUR DATA?

All processing of your data must be based on a proper legal basis, in accordance with applicable regulations. Such a basis may be your consent to the processing of data or other legal provisions allowing it, contained in the Act of 10 May 2018 on the Protection of Personal Data and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (referred to as “GDPR”).
Your data may be processed by us for several different purposes, for example:

• If you are our Client, or a person interested in using the services or products we provide (also offered in the online store), your personal data will be processed on the basis of Art. 6(1)(b) of the GDPR – processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract. By expressing the intention to conclude a contract, you know what personal data will be needed to sign it, and after signing it, you are aware of what data you have provided or will provide for this purpose at a later date.
• If you are interested in working for us, the data contained in your application or CV is processed in paper or electronic form. The legal basis here is the fulfillment of the legal obligations incumbent on the Controller arising from Art. 22¹ § 1 and § 3 of the Labour Code of 26 June 1974, and it takes place in accordance with Art. 6(1)(c) of the GDPR – processing is necessary for compliance with a legal obligation to which the controller is subject, and for the purpose of taking steps at the request before concluding an employment contract – in accordance with Art. 6(1)(b) of the GDPR. Your personal data, other than those listed in Art. 22¹ § 1 and § 3 of the Labour Code of 26 June 1974, may be processed in accordance with Art. 6(1)(a) of the GDPR on the basis of your consent, which you can withdraw at any time. In such a case, your candidacy will not be considered by us and we will immediately delete all the data you have provided. However, upon employment with us, the further rules for processing your data and the mandatory scope of its provision and further processing by us are determined by labour law regulations.
• If you file a complaint or claim related to a contract – we process the data on the basis of Art. 6(1)(b) of the GDPR – processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
• If you use our contact form – we process your data based on your consent – Art. 6(1)(a) of the GDPR.
• If you use our online store and create a user account in it – we process your data on the basis of Art. 6(1)(b) – processing is necessary for the performance of a contract to which the data subject is a party, or to take action at the request of the data subject before concluding a contract, and Art. 6(1)(c) of the GDPR – processing is necessary to comply with a legal obligation incumbent on the controller.
• If you use our website and its subpages where cookies are used, including Google Analytics cookies, Facebook Pixel – this is our legitimate interest, and we process the data on the basis of Art. 6(1)(f) of the GDPR.
• If you use and/or interact with our social media profiles on Facebook, YouTube, LinkedIn, GitHub – the data is processed in accordance with Art. 6(1)(b) of the GDPR for the purpose of providing services, i.e., an agreement for the provision of electronic services in accordance with the relevant terms of service, and in accordance with Art. 6(1)(f) of the GDPR – the legitimate interest of the Controller and users, which consists of the need to ensure contact with users, and the processing of this data does not violate the rights and freedoms of users.
• We process your data in connection with the need to ensure the security of persons and property or the security of the network and information. This is our legitimate interest, and we process the data on the basis of Art. 6(1)(f) of the GDPR. For this purpose, video monitoring is used – you are informed about this in the form of appropriate information signs and pictograms.
• We process your data in connection with the creation of registers resulting from separate legal provisions – on the basis of Art. 6(1)(c) of the GDPR (obligation arising from legal provisions) and Art. 6(1)(f) of the GDPR (legitimate interest of the controller).
• In order to improve the quality of our services, we may process statistical data regarding the use of the website, including information about the session, IP number, amount of time spent on individual pages and subpages, use of particular service functionalities, and information about the device and web browser. The Controller uses cookies or other similar technologies and statistical tools. This data is processed in accordance with Art. 6(1)(f) of the GDPR in the legitimate interest of the Controller, which consists in facilitating the use of the Website, improving the quality and functionality of the services provided, and the processing of this data does not violate the rights and freedoms of users. Information about users is not used for any additional purposes, and due to the specifics of the website service, adapting the way the page content is displayed, facilitating the use of the site, and improving the quality of services on the website is not only a market standard but also an expectation of users towards website providers. Moreover, the user can withdraw their consent at any time by changing the web browser settings regarding the admissibility of using cookies or other similar technologies. This data is processed as part of the Controller’s ongoing activities, but for no longer than 60 days from receiving the information. After this time, the controller may continue to process general statistical data, which will be deprived of any information concerning individual users. However, the period of availability of statistical data in the tools may be longer than 60 days, but this remains outside the controller’s decision-making scope. The controller will no longer use them but will have potential access to them until they are deleted by the provider of the aforementioned tool.
• Posting marketing information about its products or services on its website. The display of this content is carried out by the controller in accordance with Art. 6(1)(f) of the GDPR, in line with the legitimate interest of the Controller, which consists in publishing content related to the services provided and promotional content of campaigns in which the controller is involved. At the same time, this action does not violate the rights and freedoms of users; users expect to receive content of a similar nature, and sometimes even expect it, or it is their direct purpose for visiting the site.
• Posting marketing information regarding the products or services of its contractors with whom it has concluded a marketing cooperation agreement. The display of this content is carried out by the controller in accordance with Art. 6(1)(f) of the GDPR, in line with the legitimate interest of the controller, which consists in marketing activities for the products or services of its contractors.

6. WHO DO WE TRANSFER YOUR DATA TO?

In accordance with applicable law, we may transfer your data to entities that process it on our behalf, e.g., hosting companies where we maintain this website or subcontractors for the services we offer. We are also obliged to make it available upon request to entities authorized to do so under other legal provisions, e.g., ZUS (Social Insurance Institution), the Tax Office (US), and courts or law enforcement agencies.
In some cases, however, disclosure will only take place if they submit a request to us, indicating the law that allows them to make such a request.
As a rule, the Controller does not foresee transferring data to third countries outside the European Economic Area. However, due to the use of Google and Facebook services on our websites and social media channels, User Data may be transferred outside the European Union, to third countries, and if such a situation occurs, they will be transferred solely on the basis of standard contractual clauses issued by the European Commission in accordance with Art. 46(2)(c) of the GDPR.
Detailed information is available in the privacy policy of each of these service providers, available on their websites.

Przykładowo:

For example:                         https://policies.google.com/privacy?hl=pl

Facebook Ireland Ltd.:        https://www.facebook.com/privacy/explanation

Currently, the services offered by Google and Facebook are mainly provided by entities located in the European Union. However, you should always read the privacy policy of these providers to receive up-to-date information regarding the protection of personal data.
Within the European Union, in all member countries, thanks to the GDPR, the text of which is available at:

http://eur-lex.europa.eu/legal-content/PL/TXT/?uri=OJ:L:2016:119:TOC

you are guaranteed an identical level of protection for your data.

7. HOW LONG WILL WE PROCESS YOUR DATA?

We pay great attention to limiting the scope of the data we collect, as well as the time of its processing, to the necessary minimum. For this purpose, we conduct systematic reviews of our paper and electronic documents, removing unnecessary data whose usefulness has expired. Remember that the processing time of your data, depending on the basis on which we obtained it, may be determined by separate legal regulations – independent of us – which may impose on us an obligation to store your data, regardless of your will or desire. Examples include labour law, social security law, or accounting regulations.
If the data we hold were to be used for a purpose other than that for which it was obtained, you will always be informed by us and will be able to object to it.

8. WHAT ARE YOUR RIGHTS IN RELATION TO YOUR DATA?

If we process your personal data, you always have the right to:

• request access to the data – within the limits of Art. 15 of the GDPR,
• its rectification – within the limits of Art. 16 of the GDPR,
• request erasure – within the limits of Art. 17 of the GDPR,
• or restriction of processing activities – within the limits of Art. 18 of the GDPR,
• object to the processing of data – within the limits of Art. 21 of the GDPR,
• data portability, including obtaining a copy of it – within the limits of Art. 20 of the GDPR. All these rights are discussed in detail in Articles 15 to 21 of the GDPR, the text of which is available at the address indicated above.

You can also withdraw your consent to the processing of personal data. In such a case, we will immediately delete your personal data, provided there is no legal obligation requiring us to continue processing it. For example, if you request the deletion of your account with access to your child’s electronic grade book, we will immediately remove that data from the database. However, if your child attended or graduated from our school, we will continue to hold the data related to their education in our documentation for the period specified by the requirements of the Act of 14 July 1983 on the national archival resource and archives.
If you believe that we have in any way – which of course we do not want – violated your rights or failed to ensure the security of your personal data, you have the right to lodge a complaint with the supervisory authority, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warsaw.

9. AUTOMATED DECISION-MAKING AND INFORMATION ON PROFILING.

Based on your data, we do not make any decisions that would be automated, meaning they would take place without human intervention. We also do not take any actions that would aim to profile you.
Please remember that our website may contain links to other websites. They will open in a new browser window or in the same window. We are not responsible for the content provided by these sites, and you, as a User, are obliged to familiarize yourself with the privacy policy or terms of use of these sites.

10. HOW DO WE PROTECT YOUR DATA?

To ensure the security of your data, we apply legally required organizational and technical measures. We have installed the necessary physical security measures at our headquarters to prevent unauthorized access to data. Our employees have the required authorizations and may process data in a limited manner, i.e., only to the extent necessary for the proper performance of their duties. The security of your data transmitted electronically is ensured by the 128-bit SSL security protocol we use. Its graphic symbol is a green padlock displayed in the web browser next to our website’s address. Thanks to its encryption before transmission, you can be sure that you are entering our site, which has not been modified in any way while it was traveling to you over the Internet. Remember that you, as a User, should also exercise due diligence in securing your personal data transmitted over the Internet, in particular by not disclosing your login details to third parties, using antivirus protection, and keeping your software updated.

11. THE CONTROLLER USES THE FOLLOWING ON ITS WEBSITES:

Online Store Account Creation Form – this requires you to provide your first and last name, home address, and e-mail address in the appropriate fields, and optionally your company name and NIP (Tax Identification Number). These fields are mandatory. Then, the User must confirm the creation of the account in the store by confirming the message received by e-mail. The data obtained in this way is added to the list of store users. Account creation takes place on the principles set out in the sales regulations and is a service provided electronically. The rules for maintaining the account and its possible deletion are contained in the store’s regulations.

Contact Form – this requires you to provide your name, e-mail address, and your own message in the appropriate fields. These fields are mandatory. The user may also provide their last name (optional). Then, in order to send us their inquiry, the User must consent to the processing of the provided data and confirm that they have read the content of this data protection policy. The data sent in this way is used by us to contact the user.

12. DISCLAIMER AND COPYRIGHT

Our website includes, among other things, materials of an informational and educational nature. Under no circumstances can it replace professional consultation with a specialist in a given field of activity or reliance on the relevant interpretation of applicable law. The authors are not responsible for its content to any extent, and in particular for any damage caused by its application, misapplication, or failure to apply it. In the guide, we share only personal experiences, acquired knowledge, and resources that can be found in generally available sources or publications. The content on the website expresses the views of the authors, who reserve the right to change them at any time. Using this content does not create a legally binding contractual relationship.

Our website https://unisystem.com/ also contains links to other websites, videos, and information that we consider valuable or interesting. However, we are not responsible for the content on these sites, any changes to them, and we are not responsible for the privacy protection policy applied by their current or future owners. All content on our website https://unisystem.com/ is subject to the copyright of specific persons and/or the Controller (e.g., photos, texts, videos, free materials, etc.). The Controller does not consent to the copying of this content in whole or in part without its express prior consent.

13. POSSIBILITY OF AMENDING THE POLICY

The Data Controller reserves the right to make changes to this privacy policy in accordance with applicable law. The reason for the changes may be changes related to the development of internet technology, changes in universally applicable law, or the development of the Website through new administrative tools.