It is also a fulfilment of the information obligation arising from the:
Art. 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119 of 04.05.2016, p. 1) (hereinafter GDPR).
- Personal data – in accordance with the provisions of Art. 4(1) of GDPR – means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
PERSONAL DATA CONTROLLER
- The Controller of the personal data of the Website Users/collected via the Website is: DELTA TRANS LOGISTIK sp. z o.o., address as above.
Phone no. 32 77 27 601 (602)
- The Data Protection Officer is:
Ms Krystyna Wal, email: K.Wal@deltatrans.pl
GROUNDS, PURPOSE AND SCOPE OF THE PROCESSING
- The Data Controller represents that it processes the users' personal data in accordance with:
Art. 6(1), letter b) – i.e. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
Art. 6(1), letter a) – i.e. based on the consent of the data owner in other cases.
- The data controller shall process personal data for the purpose indicated in the relevant consent, i.e. to enable contact for the interested parties. The data controller shall process the data only to the extent necessary for these purposes and for the period necessary to achieve this purpose, or until the withdrawal of consent by the user of the website, or until the termination of the portal's activity.
- The following personal data is collected on the Administrator's Website at http://www.deltatrans.pl:
- for natural persons:
First name and surname;
Content of the enquiry
- for natural persons:
- The recipients (processors) of my entrusted personal data shall be: entities providing IT support for the Data Controller.
- Personal data of the Website Users is not made available to third parties, with the exception of a situation where making it available arises from legal regulations in force requiring the Personal Data Controller to transfer it to authorised entities.
- The Controller collects website logs (including IP addresses of computers accessing the site), but does not associate them with personal data in any way. Statistics can be generated based on the log files to assist in administration. The aggregate summaries in the form of such statistics do not contain any features identifying persons visiting the Website.
USERS' RIGHTS. RIGHT TO ACCESS THE DATA
In accordance with Art. 15 – 22 of GDPR, every user has the following rights:
- Right to access the data (Art. 15 of GDPR)
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.
In accordance with Article 15, the Controller shall provide the data subject with a copy of the personal data undergoing processing.
- Right to rectification (Art. 16 of GDPR)
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
- Right to erasure (‘right to be forgotten’) (Art. 16 of GDPR)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) the data subject withdraws consent on which the processing is based;
c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing.
- Right to restriction of processing (Art. 18 of GDPR)
The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
When the data is inaccurate – until it is corrected;
The data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
- Right to data portability (Art. 19 of GDPR)
- Right to object
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
- The User may exercise his or her rights by sending an appropriate request to firstname.lastname@example.org. To ensure correct identification, the request should be sent from the e-mail address from which the registration was completed. This implements Article 12(6) of GDPR. The request may also be submitted by mail – by sending a registered letter containing such a request to the correspondence address of the company run by the Controller.
- In accordance with the law, the Controller shall within a month give the person who has submitted the request an answer on the actions taken. If the Controller does not take such actions, it shall inform the person making the request thereof.
- You can lodge a complaint with the Supervisory Authority regarding the Controller's actions.
- The website is furnished with security measures aimed at protecting personal data under the Controller's control against loss, improper use and modification. The Controller also has the relevant documentation and has implemented appropriate procedures related to the protection of personal data in the company.
- The Controller guarantees that it protects all the disclosed information in accordance with applicable regulations and security standards, in particular:
a) In accordance with Art. 29 of GDPR, only authorized employees or associates of the Data Controller and authorised persons in charge of operating the Website to whom the appropriate authorisations have been granted have direct access to personal data collected by the Data Controller.
b) The Controller declares that when commissioning other entities to provide services, it requires that its partners, in accordance with the provisions of Article 28 of the GDPR, ensure appropriately high standards of protection of personal data entrusted to them, sign appropriate entrustment agreements in which the partners confirm the application of standards and grant the right to check the compliance of these entities with those standards.
c) In order to ensure proper protection of services provided by the Administrator of the Website by electronic means, the Administrator applies a high level of security measures, including cryptographic protection of the transmission of personal data (SSL protocol).
d) Due to the public nature of the Internet, the use of services provided by electronic means may entail risks, regardless of the Data Controller's exercise of due diligence.
COOKIES MECHANISM. REFERENCES TO OTHER WEBSITES
- The website uses "session" cookies (stored until you leave the website or close your browser) and permanent cookies (stored on your computer for a specified period of time).
- The users of the pages can change their settings in this respect. Your web browser will allow you to delete and block cookies. For details, refer to the help or documentation of your web browser.
- Disabling cookies will most often restrict or block certain features of the website.
- The Data Controller reserves the right to introduce changes, withdraw or modify the functions or properties of the pages of the Website, discontinue the Controller's operation, transfer the rights to the Website and to perform any legal actions permitted by the applicable law.
Prepared on: 09.05.2018
Prepared by: DOP