Privacy policy

Privacy policy

Dear All,

in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal EU L 119 of 04.05.2016, p. 1), (hereinafter referred to as GDPR), as part of this Privacy Policy, we provide information on the details of personal data processing in connection with the processing activities that take place within the website:
https://goldmanrecruitment.pl/
(hereinafter referred to as the Website), as well as within the framework of our business activities.

For the sake of greater accessibility of this document, we have allowed ourselves direct expressions in its further parts.

If you have any further questions about how we use your personal information, please do not hesitate to write to us at the following email address:
[email protected]

General information

We process your personal data as:

  1. A person visiting our Website,
  2. A person using the contact form,
  3. A customer or their representative/contact person,
  4. A potential customer or their representative/contact person,
  5. A provider of the service or goods or their representative/contact person,
  6. A job candidate taking part in our internal recruitment processes,
  7. A job candidate taking part in recruitment processes carried out for our clients,
  8. A person visiting our social media profiles (Facebook and LinkedIn).

In addition, as part of the last section of the Privacy Policy, we have described the rules for the use of cookies and other technologies on our Website – for more information, see the Cookies section.

Controller

The controller of personal data is Goldman Recruitment Poland sp. z o.o., with its registered office at Wiejska Street 17, 00-480 Warsaw, entered into the Register of Entrepreneurs kept under KRS number: 0000948987, NIP: 7011071556, REGON: 52107151900000 (hereinafter referred to as the Controller).

Data Protection Officer and Contact Point

The Controller has appointed a personal data protection officer who can be contacted (if you have any questions regarding the processing of personal data and your rights) via:

  1. e-mail box [email protected] or
  2. by post to the following address: Wiejska Street 17, 00-480 Warsaw.

Person visiting our Website

Purposes of processing

We process your personal data in order to enable you to use the functionalities of the Website, to develop statistics related to the use of individual functionalities of the Website, to adapt the content of the Website in accordance with your preferences and for marketing purposes, to ensure the IT security of the Website and to establish, pursue and defend against claims for damage caused by unlawful use of the Website.

We use cookies and other technologies for this purpose – see Cookies for more information.

Legal basis for processing

  1. Your consent (Article 6(1)(a) of the GDPR) in the case of cookies and other technologies that are not necessary for the proper use and functioning of the Website, and are used to develop statistics related to the use of individual functionalities of the Website or to adapt the content of the Website in accordance with your preferences and for marketing purposes (cookies and other technologies related to the following areas: preferences, statistics, marketing),
  2. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in enabling you to use the functionalities of the Website and ensuring the IT security of the Website, as well as in establishing, pursuing and defending against claims for damage caused by unlawful use of the Website.

Recipients of personal data

  1. IT software,
  2. Hosting services,
  3. IT support and IT services,
  4. Services ensuring the security of the Website,
  5. Legal advisory services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

We process your personal data for no longer than 3 years from the date you stop using the Website.

Obligation to provide data

Providing your personal data is a condition for the correct use of the Website’s functionalities and ensuring the IT security of the Website. In the case of cookies and other technologies that are not necessary for the proper use and functioning of the Website, providing your personal data is voluntary.

Person using the contact form

Purposes of processing

We process your personal data in order to consider and handle the matter described by you in the contact form and to answer your questions.

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in considering and handling the matter described by you in the contact form and answering the questions asked by you.

Recipients of personal data

We share your personal data with suppliers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and IT services,
  5. Services ensuring the security of the Website.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

We process your personal data until the matter described by you in the contact form is considered and resolved and the questions asked by you are answered, no longer than for 3 years from sending the message via the contact form.

Obligation to provide data

Providing your personal data is voluntary, but a condition for the correct use of the Website’s functionalities, i.e. sending a contact form to the Controller, as well as considering and handling the matter/receiving answers to your questions.

Customer or their representative/contact person

Purposes of processing

We process your personal data for the purpose of: concluding and performing a contract and providing services, performing legal obligations under tax and accounting law, debt collection and establishing, investigating or defending against claims resulting from non-performance or improper performance of a contract.

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. The processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract (applies to contracts where our customers are natural persons) (Article 6(1)(b) of the GDPR),
  2. The processing is necessary to comply with a legal obligation resulting from the provisions of tax and accounting law and to which the Controller is subject (Article 6(1)(c) of the GDPR),
  3. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in the establishment and performance of a contract, the provision of services to customers who act through their representatives/proxies and contact persons, the recovery of receivables resulting from contracts and the pursuit or defence against claims arising from non-performance or improper performance of the contract.

Source of data and categories of personal data

If we have not obtained the data directly from you, it means that the source of your personal data is your employer or the entity you represent as a representative/contact person. We then process the following personal data: name and surname, business e-mail address and telephone number, as well as place of work and name of the position held.

Recipients of personal data

We share your personal data with suppliers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and T services,
  5. Accounting and bookkeeping services,
  6. Postal and courier services,
  7. Banking services,
  8. Legal advisory services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

In principle, we process your personal data for no longer than 3 years from the date of expiry or termination of the contract, however, in certain cases we may process your personal data for purposes related to the fulfilment of tax and accounting obligations.

Obligation to provide data

If you are the source of your data, then providing your personal data is a condition for concluding a contract and proper provision of services, as well as correct settlement of services provided by us.

Potential customer or their representative/contact person

Purposes of processing

We process your personal data in order to establish business contacts with potential customers and respond to their inquiries and present our services, as well as to establish, pursue or defend against claims.

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. The processing is necessary to take action at the request of the data subject prior to the conclusion of the contract (applies to contracts whose potential customers are natural persons) (Article 6(1)(b) of the GDPR),
  2. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in acquiring new customers who act through their representatives/proxies and contact persons, and responding to received inquiries and presenting our services, as well as establishing, investigating or defending against claims.

Source of data and categories of personal data

If we have not obtained the data directly from you, it means that the source of your personal data is your employer or the entity you represent as a representative/contact person. We then process the following personal data: name and surname, business e-mail address and telephone number, as well as place of work and name of the position held.

Recipients of personal data

We share your personal data with suppliers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and IT services,
  5. Postal and courier services,
  6. Legal advisory services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

In principle, we process your personal data for no longer than 3 years from the date of termination of contact.

Obligation to provide data

If you are the source of your data, providing your personal data is voluntary, but required to respond to your inquiry and to present our services.

Provider of services and goods

Purposes of processing

We process your personal data for the purpose of: concluding and performing a contract, performing legal obligations resulting from the provisions of tax and accounting law, establishing, pursuing or defending against claims resulting from non-performance or improper performance of a contract.

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. The processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to the conclusion of a contract (applies to contracts whose suppliers of services and goods are natural persons) (Article 6(1)(b) of the GDPR),
  2. The processing is necessary to comply with a legal obligation resulting from the provisions of tax and accounting law to which the Controller is subject (Article 6(1)(c) of the GDPR),
  3. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in entering into and performing a contract with suppliers of services and goods who act through their representatives/proxies and contact persons, and in pursuing or defending against claims resulting from non-performance or improper performance of the contract.

Source of data and categories of personal data

If we have not obtained the data directly from you, it means that the source of your personal data is your employer or the entity you represent as a representative/contact person. We then process the following personal data: name and surname, business e-mail address and telephone number, as well as place of work and name of the position held.

Recipients of personal data

We share your personal data with service providers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and IT services,
  5. Accounting and bookkeeping services,
  6. Postal and courier services,
  7. Legal advisory services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

In principle, we process your personal data for no longer than 3 years from the date of expiry or termination of the contract, however, in certain cases we may process your personal data for purposes related to the fulfilment of tax and accounting obligations.

Obligation to provide data

If you are the source of your data, providing your personal data is a condition for concluding a contract and proper provision of services, as well as correct settlement of the services provided.

Job candidate taking part in our internal recruitment processes

Purposes of processing

We process your personal data in order to carry out the recruitment process for a position in our organization, as well as to join the database of job candidates in order to participate in future recruitment processes (if you have given your consent to it).

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. Your consent (Article 6(1)(a) of the GDPR) in the case of providing redundant data that is not necessary to carry out the recruitment process for a position in our organization (data exceeding the personal data indicated in Article 221 of the Labor Code), as well as joining the database of job candidates in order to participate in future recruitment processes,
  2. The processing is necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject prior to entering into a contract (applies to civil law contracts) (Article 6(1)(b) of the GDPR),
  3. Your consent (Article 9(2)(a) of the GDPR) in relation to special categories of personal data (including data on health or disability).

Recipients of personal data

We share your personal data with suppliers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and IT services,
  5. Postal and courier services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

We process your personal data generally until the end of the recruitment process for a position in our organization. If you have agreed to join the database of job candidates in order to participate in future recruitment processes, we process your data for 5 years from the date of consent or until you withdraw your consent.

Obligation to provide data

Providing your personal data necessary to participate in the recruitment process (i.e. those referred to in Article 221 of the Labour Code) is necessary to participate in the recruitment process. Refusal to provide data may result in the omission of the candidacy. Providing other personal data, not indicated in Article 221 of the Labour Code, is voluntary and does not affect the recruitment process.

Job candidate taking part in recruitment processes carried out for our clients

Purposes of processing

We process your personal data in order to provide our recruitment services, as well as to join the database of job candidates in order to participate in future recruitment processes (if you have expressed such a willingness).

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. Your consent (Article 6(1)(a) of the GDPR) in the case of providing redundant data that is not necessary for us to provide recruitment services (e.g. image, information about your interests or hobbies),
  2. The processing is necessary for the performance of a contract to which the data subject is a party or to take action at the request of the data subject prior to the conclusion of the contract (provision of recruitment services in accordance with the provisions of the Terms and Conditions) (Article 6(1)(b) of the GDPR),
  3. The processing is necessary for the purposes of the legitimate interests pursued by the controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in pursuing or defending against claims resulting from non-performance or improper performance of the contract.
  4. Your consent (Article 9(2)(a) of the GDPR) in relation to special categories of personal data.

Recipients of personal data

We share your personal data with suppliers:

  1. IT software,
  2. Hosting services,
  3. E-mail services,
  4. IT support and IT services,
  5. Postal and courier services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

We process your personal data generally for 12 months from the end of the recruitment process for a job position. If you have expressed your willingness to join the database of job candidates in order to participate in future recruitment processes, we process your data for 5 years from the date of joining.

Obligation to provide data

Providing your personal data necessary to participate in the recruitment process for a job position (marked with an asterisk in the application form) is necessary for us to provide recruitment services to you. Refusal to provide this data results in the inability to send the application form and the refusal to provide recruitment services by us. Providing other personal data is voluntary and does not affect the provision of recruitment services.

A person visiting our social media profiles (Facebook and LinkedIn)

Purposes of processing

We process your personal data in order to send you the management of our social media profiles, including to ensure the order of discussion participants on our profiles, to correspond with you related to the matters you ask us about, to market our services, statistics and to analyse the activity of users of our profiles, including to collect data on the number of likes, comments and shares of our profile or content posted on it.

Legal basis for processing

Your personal data is processed on the following legal bases:

  1. The processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) – where the legitimate interest consists in managing our social media profiles, including to ensure the order of participants in discussions on our profiles, to correspond with you related to the topics you ask us about (questions about our projects), marketing and promotion of our services, statistics and analysis of the activity of users of our profiles, including the collection of data on the number of likes, comments and shares of our profile or content posted on it.

Recipients of personal data

We share your personal data with suppliers:

  1. Social media,
  2. E-mail services,
  3. IT support and IT services.

In cases provided for by law, we may also make your personal data available to authorized state authorities, in particular the prosecutor’s office or the police.

Transfer of personal data outside the EEA

Personal data, as a rule, will not be transferred outside the European Economic Area or made available to international organizations. However, some of our IT solution providers are based outside the European Economic Area. As a result, personal data is transferred outside the EEA.

However, if the Controller uses IT solution providers from outside the EEA, the transfer of personal data outside the EEA is based on a decision of the European Commission stating an adequate level of protection of personal data or, in the absence of an applicable decision, on the basis of standard contractual clauses adopted by the European Commission Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

A copy of the standard contractual clauses and the transfer security measures used can be obtained from the Controller via the following e-mail address: [email protected].

Period of storage of personal data

We process your personal data for the period of operation of our social media profiles, unless you object to the processing of your personal data, which will be taken into account.

Obligation to provide data

Providing your personal data is voluntary, but necessary to conduct correspondence with you related to the matters you ask us to address (questions about our projects) and if you are active: liking, commenting and sharing our profile or content posted on it.

Additional information

The controllers of personal data are also the social media providers under which we run our profiles:

  1. Facebook – Meta Platform Ireland Limited, which processes your personal data on the terms set out in its Privacy Policy and the Terms and Conditions (https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0).
  2. LinkedIn – LinkedIn Ireland Unlimited Company, which processes your personal data on the terms set out in its Privacy Policy and the Terms and Conditions indicated by it (https://pl.linkedin.com/legal/privacy-policy?).

As mentioned above, we process your personal data on the activity on our profiles for the purpose of statistics and analysis. In this respect, there is joint control of your data between us and social media providers. You can find more information by clicking on the appropriate link:

  1. Facebook – more information at the link: https://www.facebook.com/legal/terms/page_controller_addendum
  2. LinkedIn – more information at the link: https://www.linkedin.com/help/linkedin/answer/a1338708

Rights of the data subject

The right to withdraw consent – Article 7 of the GDPR

You have the right to withdraw your consent if we process your personal data on the basis of consent. The withdrawal of consent only works for the future and does not affect the processing carried out by us in accordance with the law before its withdrawal.

Right of access – Article 15 of the GDPR

You have the right to obtain confirmation from the Controller as to whether your personal data is being processed. If this is the case, you are entitled to access them and the following information: the purposes of the processing, the categories of personal data processed, information about the recipients or categories of recipients, the planned period for which the personal data will be stored, and if this is not possible, the criteria for determining this period, information about your rights under the GDPR, any available information about the source of the personal data, information about automated decision-making, including profiling, information about appropriate safeguards in the event of transfer of personal data outside the EEA. In addition, you have the right to obtain a copy of the personal data subject to processing.

Right of rectification – Article 16 of the GDPR

You have the right to request the Controller to rectify your personal data that is incorrect. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by providing an additional statement.

Right to erasure (“right to be forgotten”) – Article 17 of the GDPR

You have the right to request the Controller to delete your personal data if one of the following circumstances occurs:

  1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
  2. you have withdrawn your consent on which the processing is based,
  3. personal data has been processed unlawfully,
  4. you have objected to the use of your data for marketing purposes,
  5. you have objected to the processing of your data based on our legitimate interest and the objection has been found to be justified.

Right to restriction of processing – Article 18 of the GDPR

You have the right to request the Controller to restrict processing in the following cases:

  1. you question the accuracy of the personal data – for a period allowing the controller to verify the correctness of this data,
  2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  3. the controller no longer needs the personal data for the purposes of processing, but you need them to establish, pursue or defend claims,
  4. you have objected to the use of your data for purposes other than marketing purposes – until it is determined whether the legitimate grounds on the part of the controller override the grounds for the objection of the data subject.

Right to data portability – Article 20 of the GDPR

You have the right to receive your personal data that you have provided to the Controller in a structured, commonly used and machine-readable format and you have the right to transmit this personal data to another controller without hindrance from the Controller to whom the personal data has been provided, if the processing is based on your consent or on the basis of a contract and the processing is carried out by automated means. You have the right to request that the Controller send your personal data directly to another controller, if it is technically possible.

Right to object – Article 21 of the GDPR

You have the right to object at any time – on grounds relating to your particular situation – to the processing of personal data concerning you based on our legitimate interest.

If you have objected to the processing of your data for marketing purposes, we will stop processing it for these purposes. The same applies to objecting to the processing of your data for purposes other than marketing purposes, if the objection proves to be justified and we have no other legal basis for further processing of your personal data.

Right to lodge a complaint with a supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if he or she considers that the processing of personal data concerning him or her infringes the GDPR.

In the case of Polish, the supervisory authority is the President of the Office for Personal Data Protection (address: 2 Stawki Street, 00-193 Warsaw, link: https://uodo.gov.pl/pl).

You can submit all requests and requests via

  1. email box [email protected] or
  2. by post to the following address: Wiejska Street 17, 00-480 Warsaw.

Automated decision-making, including profiling

With regard to personal data, automated decision-making processes, including profiling, will not be carried out.

Cookies

General information

Cookies are small text files that can be used by websites to make the user experience more efficient.

Types of cookies

Division by the management structure:

  1. First-party cookies – cookies belonging to the visited website,
  2. Third-party cookies.

Division by the purpose:

  1. Necessary cookies – these cookies contribute to the usability of a website by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  2. Preference cookies – allow a website to remember information that changes the look or feel of the website, such as your preferred language or the region you are in.
  3. Statistics cookies – help website owners understand how different users behave on the website by collecting and reporting anonymous information.
  4. Marketing cookies – are used to track users on websites. The goal is to display ads that are relevant and interesting to individual users and thus more valuable to publishers and third-party advertisers.

Division by the retention period:

  1. Session cookies – are deleted when you close your browser.
  2. Persistent cookies – these are stored on the user’s computer and are not automatically deleted when the browser is closed.

Detailed information on the cookie

Cookie name Management structure Purpose Retention period
CookieConsent
(Stores the user’s cookie consent state for the current domain.)		 Cookiebot (https://www.cookiebot.com/goto/privacy-policy/) Necessary 1 year
1.gif
(Used to count the number of sessions on the website, necessary to optimize the delivery of CMP products.)		 Cookiebot (https://www.cookiebot.com/goto/privacy-policy/) Necessary Session
__/wp-json/appmanager/v1/autocomplete/location?lang=en__data Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=en__data__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=en__protocol Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=en__protocol__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=en__thumbprint Own

 

 Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=en__thumbprint__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__data Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__data__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__protocol Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__protocol__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__thumbprint Own

 

 Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/location?lang=pl__thumbprint__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__data Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__data__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__protocol Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__protocol__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__thumbprint Own

 

 Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=en__thumbprint__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__data Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__data__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__protocol Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__protocol__ttl__ Own Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__thumbprint Own

 

 Necessary Fixed
__/wp-json/appmanager/v1/autocomplete/specialization?lang=pl__thumbprint__ttl__ Own Necessary Fixed
__cf_bm
(This cookie is used to distinguish humans from bots. It is beneficial for the website to make correct reports on the use of their website.)		 Own Necessary 1 day
appm-source Own Necessary Session
seenAdvert Own Necessary 1 day
wpEmojiSettingsSupports
(This cookie is part of a package of cookies that are used to deliver and present content. Cookies maintain the proper state of fonts, blog/image sliders, color themes, and other site settings.)		 Own Necessary Session
maps/gen_204
(Used in the context of sitemap integration. The cookie stores the user’s interactions with the map in order to optimize its functionality.)		 Google (https://business.safety.google/privacy/) Preferences Session
p.gif
(Tracks special fonts used on a website for internal analysis purposes. The cookie does not record any visitor data.)		 Adobe Inc. (https://www.adobe.com/privacy.html) Statistics Session
_ga
(Records a unique identifier that is used to generate statistical data about how the visitor uses the website.)		 Google (https://business.safety.google/privacy/) Statistics 2 years
_ga_#(
Used by Google Analytics to collect data on the number of times a user visits a website, as well as the dates of the first and last visit.)		 Google (https://business.safety.google/privacy/) Statistics 2 years
_hjCookieTest
(Collects data about your navigation and behaviour on the website. This is used to create statistical reports and heatmaps for the website owner.)		 Hotjar (https://www.hotjar.com/legal/policies/privacy/) Statistics Session
_hjSession_#(
Collects statistics about the user’s visits to the site, such as the number of visits, average time spent on the site, and pages read.)		 Hotjar (https://www.hotjar.com/legal/policies/privacy/) Statistics 1 day
_hjSessionUser_#
(Collects statistics about the user’s visits to the site, such as the number of visits, average time spent on the site, and pages read.)		 Hotjar (https://www.hotjar.com/legal/policies/privacy/) Statistics 1 year

Managing cookies

Deleting cookies

All cookies on your device can be deleted by clearing your browser’s browsing history. This deletes all cookies from all pages you have visited.

Managing cookies

You have the option to specify the conditions for storing or accessing cookies by configuring the service on our Site (icon in the bottom left corner). This allows you to adjust (including revoking) your consent to the use of cookies.

You can prevent cookies from being placed on your device using most modern browsers, but you may need to set your preferences anew each time you visit a website. Some services and features may not work properly.