Privacy policy

Home / Privacy policy

ARTICLE 1
GENERAL PROVISIONS

  1. The controller of personal data collected through the website www.tsc.com.pl is TSC Spółka z ograniczoną odpowiedzialnością entered in the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw in Warsaw, 13th Economic Division of the National Court Register under KRS no. 0000121437, place of business and correspondence address:
    ul. J.P. Dziekońskiego 3, 00-728 Warszawa, VAT ID: 5222508977, REGON: 016203311, BDO: 000013145, hereinafter referred to as the ‘Controller’.
  2. The Controller has appointed a Data Protection Officer who can be contacted via email at: iod@tsc.com.pl. The Data Protection Officer is Ms. Agnieszka Radtke.
  3. Personal data collected by the Controller through the website is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).

ARTICLE 2
TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION

  1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes personal data via the website www.tsc.com.pl when the user uses the contact form. Personal data is processed based on the legitimate interest of the business, pursuant to Article 6(1)(f) of the GDPR.
  2. TYPE OF PERSONAL DATA PROCESSED. Through the contact form, the user provides the following data:
    1. first and last name,
    2. email address,
    3. phone number.
  3. RETENTION PERIOD OF PERSONAL DATA. Personal data of the users is stored by the Controller:
    1. in cases where the basis for data processing is the performance of a contract – for as long as necessary to fulfil the contract, and thereafter for a period corresponding to the statute of limitations for any potential claims. Unless a specific provision states otherwise, the general limitation period is six years, and for claims related to periodic performance or business activity – three years;
    2. in cases where the basis for data processing is consent – until the consent is withdrawn, and after withdrawal, for a period corresponding to the statute of limitations for any claims that may be raised by or against the Controller. Unless a specific provision states otherwise, the general limitation period is six years, and for claims related to periodic performance or business activity – three years.
  4. While using the website, additional information may be collected, in particular: the IP address assigned to the user’s computer or the external IP address of the Internet service provider, domain name, browser type, access time, and type of operating system.
  5. Navigational data may also be collected from users, including information about links and references they choose to click on or other actions taken on the website. The legal basis for such processing is the Controller’s legitimate interest (Article 6(1)(f) of the GDPR), which consists in facilitating the use of electronically provided services and improving their functionality.
  6. Providing personal data by the user is voluntary.
  7. The Controller takes particular care to protect the interests of data subjects and, in particular, ensures that the data collected is:
    1. processed lawfully,
    2. collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes,
    3. factually correct and adequate in relation to the purposes for which it is processed, and stored in a form that allows identification of the data subjects for no longer than necessary to achieve the purpose of the processing.

ARTICLE 3
DISCLOSURE OF PERSONAL DATA

  1. Personal data of the users is shared with service providers used by the Controller in connection with the operation of the website. Depending on contractual arrangements and the circumstances, these service providers either act on behalf of the Controller with respect to the purposes and means of processing (processors) or determine the purposes and means of processing independently (controllers).
  2. Personal data of the users is stored exclusively within the European Economic Area (EEA).

ARTICLE 4
RIGHT TO CONTROL, ACCESS, AND RECTIFY PERSONAL DATA

  1. The data subject has the right to access their personal data, as well as the right to rectify, erase, or restrict the processing of such data, the right to data portability, the right to object to processing, and the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  2. Legal basis for the user’s request:
    1. Access to data – Article 15 of the GDPR
    2. Rectification of data – Article 16 of the GDPR
    3. Erasure of data (the so-called ‘right to be forgotten’) – Article 17 of the GDPR
    4. Restriction of processing – Article 18 of the GDPR
    5. Data portability – Article 20 of the GDPR
    6. Objection to processing – Article 21 of the GDPR
    7. Withdrawal of consent – Article 7(3) of the GDPR.
  3. To exercise the rights referred to in point 2, a relevant email may be sent to: iod@tsc.com.pl.
  4. When a user exercises one of the above-mentioned rights, the Controller shall fulfil the request or refuse to do so without undue delay, and no later than within one month of receiving the request. If, due to the complexity of the request or the number of requests, the Controller is unable to fulfil it within one month, the Controller shall fulfil it within the following two months, having first informed the user within one month of receiving the request about the intended extension and the reasons for the delay.
  5. If it is determined that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Personal Data Protection Office.

ARTICLE 5
COOKIES

  1. The Controller’s website uses cookies.
  2. The installation of cookies is necessary for the proper provision of services on the website. Cookies contain information essential for the correct functioning of the site and also enable the generation of general statistics on website visits.
  3. The website uses two types of cookies: ‘session’ cookies and ‘persistent’ cookies.
    1. ‘Session’ cookies are temporary files that are stored on the user’s end device until they log out (leave the website).
    2. ‘Persistent’ cookies are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.
  4. The Controller uses its own cookies to better understand how users interact with the website content. These cookies collect information about how users use the website, the type of website from which the user was redirected, the number of visits, and the duration of the user’s visit to the site. This information does not record specific personal data of the user but is used to compile usage statistics for the website.
  5. The user has the right to determine the extent to which cookies can access their computer by selecting the appropriate settings in their web browser. Detailed information on the options and methods for handling cookies is available in the settings of the browser software.

ARTICLE 6
FINAL PROVISIONS

  1. The Controller applies technical and organisational measures to ensure the protection of processed personal data appropriate to the risks and the categories of data being protected, in particular safeguarding the data against unauthorised access, acquisition by an unauthorised person, processing in violation of applicable laws, as well as alteration, loss, damage, or destruction.
  2. The Controller provides appropriate technical measures to prevent unauthorised persons from acquiring or modifying personal data transmitted electronically.
  3. To matters not stipulated hereby, the provisions of the GDPR and other applicable Polish laws shall apply accordingly.