INFORMATION CLAUSE GDPR FCG APPS sp. z o.o. (ltd.)
According to Article 13 paragraph 1 and 2 and Article 14 paragraph 1 and 2 of the General regulation on personal data protection as of 27th April 2016 (Official Journal of the European Union no L 119, 4.5.2016, referred hereinafter as “GDPR”), FCG APPS sp. z o.o. with its registeres office in Crakow, Poland, address: ul. Lipowa 3D, 30-702 Crakow, entered in the register of businesses maintained by the District Court Kraków- Śródmieście in Cracow, Poland, XI Division of the National Court Register, under the KRS number 0001105479, holding a Tax Identify Number (NIP) 6793299102 and Commercial Register number (REGON) 528634670, with the share capital in the amount of PLN 5.000 (hereinafter referred to as “FCG APPS” or “Administrator”) would like to inform about the ways in which the personal data of natural persons are processed by the Administrator. The personal data referred to below refer to natural persons who are current or potential clients, contractors of FCG APPS and its subcontractors, as well as to their employees, associates, partners, representatives, advisors and statutory representatives, as well as other persons designated for contact (hereinafter "Contractors").
1. The Administrator of the personal data
The Administrator of the Contractor's personal data is FCG APPS spółka z ograniczoną odpowiedzialnością z siedzibą w Krakowie: address: ul. Lipowa 3D, 30-702 Kraków, KRS 0001105479, a Tax Identify Number (NIP) 6793299102, Commercial Register number (REGON) 528634670. You may contact the Administrator by post to the address of the Administrator's registered office or by e-mail: rodo@fcgapps.tech.
2. urposes and legal basis for data processing
The Contractor's personal data shall be processed by the Administrator based on Article 6 paragraph 1 letter a), b), c) and f) GDPR, i.e., processing is made on the basis of the given consent, or it is necessary to fulfill the legal obligation of the Administrator. Processing is necessary for the purposes resulting from the legitimate interests pursued by the Administrator and for the purpose and to the extent necessary to perform tasks related to the implementation of the concluded Agreement, including the Administrator's pursuit of claims related to the concluded Agreements or defense against such claims and enabling the Administrator to send requests for quotations or present (submit) an offer.
3. Period of holding the personal data
The Administrator holds the personal data no longer than it is necessary, taking into account the purposes for which personal data are collected and processed, i.e. fulfillment of contractual obligations towards Contractors, implementation of legitimate interests or in accordance with statutory requirements regarding the storage of documentation and data related to the activities of FCG APPS. The personal data will be processed for the duration of the contract and for the limitation period of these claims related to the contract or until the expiry of legal obligations regarding the storage of documents, in the case of tax and accounting documents.
4. Type of the personal data and their source
The personal data processed by the Administrator was obtained directly from the Contractors or from a potential Contractor, as well as a third party who indicated the Contractor's data as a contact person - representing in connection with a negotiated or concluded agreement, or employees used by the Contractor. The personal data can also be obtained during the implementation of an agreement concluded with the Contractor, in which a third party (not directly related to the concluded Agreement) participates. The following personal data will be processed:
a. name and surname or business name; b. job title; c. telephone number; d. e-mail address; e. other data provided to the Administrator also as a result of the implementation of Agreements concluded with the Contractors, including data of third parties such as their first name, last name (name/pseudonym/login), telephone number, e-mail address, image, voice and others.
Providing the personal data is voluntary, although necessary for the implementation of the purposes listed in point 2, including in particular to ensure the possibility of contact with the Contractor as part of the service performed or negotiations and the possibility of proper provision of services by the Administrator. Failure to provide the personal data of persons authorized to represent will result in the impossibility of concluding the agreement, the lack of possibility of contact, and will also prevent the implementation of the agreement.
5. The personal data receivers
Access to the personal data processed by the Administrator will be granted exclusively to:
a. authorized employees and associates of FCG APPS, who are obliged to use the data in accordance with the purposes explained in this clause;b. entities with which FCG APPS cooperates in connection with its business activities, e.g.: providers of legal advice, IT, financial, advisory, accounting, courier and postal services, auditors, auditors, banks, insurance companies and other Contractors, if the provision of such data is necessary for the proper performance of the Administrator's obligations;c. entities authorized under the relevant regulations, such as public authorities, courts, prosecutor's offices or the Police in the event of an appropriate legal basis. The provision of the Contractor's personal data described above will take place in accordance with the regulations while maintaining the principles of data security.
6. Rights of the owner of the personal data related to the data processing
a. the right to receive information - upon a request, the Administrator shall provide the Contractor with information on the processing of data, including in particular the purposes and legal basis of processing, the scope of personal data held, entities to whom the data has been disclosed, methods of securing data in the event of transfer outside the EEA and the planned date of deletion of personal data;b. the right to access to a copy of the personal data - upon request, the Administrator shall provide a copy of the Contractor's personal data;c. the right to rectify or supplement the personal data - upon receiving such a request, in some cases the Administrator is obliged to remove inconsistencies or errors in the personal data and supplement them if they are incomplete;d. the right to be forgotten - on this basis, the Contractor may request the deletion of their personal data, the processing of which is no longer necessary to achieve any of the purposes for which the personal data was collected;e. the right to restrict processing – on this basis, the Contractor may submit such a request in order to stop the Administrator from performing operations on personal data (except for operations to which the Contractor has consented) and to store personal data in accordance with the adopted retention principles or until the reasons for limiting data processing cease to exist (e.g. a decision of the supervisory authority is issued permitting further data processing); f. the right to transfer personal data – the Contractor may request that the Administrator provide their personal data in a structured, commonly used electronic format. The Contractor may transfer this data to another data controller; g. the right to object to other purposes of data processing – at any time, the Contractor may object, for reasons related to a specific situation, to the processing of personal data, which is carried out on the basis of the legitimate interest of the Administrator. Such an objection should contain a justification;h. the right to withdraw consent - if personal data are processed on the basis of consent granted, the Contractor has the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before its withdrawal; i. the right to lodge a complaint with the President of the Personal Data Protection Office – if it is found that the processing of the Contractor's personal data violates the provisions of the GDPR or other provisions regarding the protection of personal data, the Contractor may lodge a complaint with the authority supervising the processing of personal data, competent for the Contractor's habitual residence, place of employment or place where the alleged infringement occurred.
7. Profiling
FCG APPS does not use the personal data of Contractors for profiling purposes.
8. Transfer of the personal data to third countries
FCG APPS generally does not transfer the collected personal data to third countries located outside the European Economic Area, unless it is necessary for the proper implementation of a given service. The legal basis for the transfer of this data will then be the need to transfer it as part of the implementation of the contract concluded with the Contractor. The personal data referred to in this clause may be transferred to other countries, including those located outside the European Economic Area, in particular if such transfer is required by the concluded contract or if the transfer is related to the use of IT systems or cloud solutions by the Administrator. In the event of transfer of contractor's data outside the European Economic Area, the transfer will take place together with data security and in accordance with the provisions adopted by the European Commission, such as data protection clauses (Articles 46, 47 and 49 paragraph 1 subparagraph 2 of the GDPR).