§1 General provisions
3. The overall objective of Next Technology at FlexDev spółka z ograniczoną odpowiedzialnością sp. k. is to guarantee the safety of personal data at the level required by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter called “GDPR”).
§2 The principles for collecting personal data
1. Your personal data:
a. will be processed in a lawful, fair and transparent manner in respect of the natural person concerned (“lawful, fair and transparent processing”),
b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (“purpose limitation”),
c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”),
d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”),
e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”),
f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).
§3 Information on personal data processing
Recruitment through the website
1. The controller of your personal data is Next Technology at FlexDev spółka z ograniczoną odpowiedzialnością sp.k. with its registered office in Poznań, ul. Baraniaka 6, 61–131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
2. In matters related to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: email@example.com or by calling the telephone number +48 570 996 993.
3. Your personal data to the extent specified in the provisions of the labour law (including Article 22(1) of the Labour Code, i.e. name(s) and surname, date of birth, contact details, educational background, professional qualifications, employment history) will be processed for the purpose of conducting the present recruitment proceedings (Article 6(1)(b) of the GDPR) (the said extent arises from the provisions of the labour law for persons applying for employment on the basis of an employment contract – Article 22(1) of the Labour Code), whereas other data, including contact details, will be processed on the basis of your consent (Article 6(1)(a) of the GDPR), which may be withdrawn at any time.
4. The Controller will process your personal data also during subsequent recruitments if you give your consent to this (Article 6(1)(a) of the GDPR), which may be withdrawn at any time.
5. If documents contain the data referred to in Article 9(1) of the GDPR (i.e. data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and genetic data, biometric data, data concerning health, sex life or sexual orientation), your consent to processing them will be necessary (Article 9(2)(a) of the GDPR), which may be withdrawn at any time.
6. Your personal data will be processed by the authorized employees and collaborators of the Controller. Personal data will also be processed by the entities cooperating with the Controller, including entities providing IT services, making available information systems, and rendering hosting services. Moreover, the company on whose project prospective employees/collaborators will be working, i.e. Next Holdings Limited, Desford Road, Enderby, LE19 4AT Leicester, will be the recipient of data.
7. Your personal data will not be transferred to third countries within the meaning of the GDPR.
8. Your data collected during the present recruitment process will be stored up until the end of the recruitment process. If you give your consent to personal data being used for the purposes of future recruitments, your data will be used for a period of 12 months.
9. If data are processed on the basis of your consent, you have the right to withdraw it at any time without affecting the activities carried out before the withdrawal.
10. You have the right of access to your data, to rectification, erasure, restriction of processing, the right to data portability, and the right to object.
11. You have the right to lodge a complaint with a supervisory authority, i.e. the President of the Personal Data Protection Office if you consider that the processing of data infringes the personal data protection regulations.
12. Providing your personal data such as name(s) and surname, date of birth, contact details, educational background, professional qualifications, and employment history is necessary for participating in the recruitment. Failing to provide the above data will make it impossible to participate in the recruitment being carried out. Providing other data is voluntary.
13. Giving consent to carrying out future recruitments is voluntary and has no effect on the recruitment carried out by the Controller at present.
14. Your data will not be used for the purposes of automated decision-making or profiling.
§4 General information on personal data processing (agreements, contractors)
1. The controller of your personal data is Next Technology at FlexDev spółka z ograniczoną odpowiedzialnością with its registered office in Poznań, ul. Baraniaka 6, 61–131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
2. In matters relating to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: firstname.lastname@example.org or by calling the telephone number +48 570 996 993.
3. Your personal data will be processed:
a. for the purposes of performing a contract – based on a contract entered into (Article 6(1)(b) GDPR),
b. for the purposes of compliance with legal obligations (including tax obligations) – based on a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR),
c. and may be processed for the purposes of pursuing claims resulting from the provisions of the civil law, if any such claims occur – based on a legitimate interest of the Controller (Article 6(1)(f) GDPR).
4. Your data will be processed by authorized employees and associates of the Controller. The personal data recipients will be the entities providing services to the Controller, including in particular IT, accounting services, hosting.
5. Your data will not be transferred to any third countries (i.e. countries that are not members of the European Union or the European Economic Area).
6. Your personal data will be processed during the term of the agreement and the period required by law, including the prescription period of claims (if any).
7. You have:
a. the right to access your personal data,
b. the right to rectify, erase, or restrict the processing of your data,
c. the right to object.
8. You have the right to file an objection with the supervisory authority, i.e. the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, if you believe that the processing of your data violates the personal data protection regulations.
9. Although the provision of personal data is voluntary, it is necessary to sign the agreement. It is not possible to execute the agreement unless such data is provided.
10. Your data will not be used for the purposes of automated decision-making or profiling.
If the Controller processes your data due to the fact that you are the representatives, employees/associates of its Customer/Contractor, and the data was provided to the Controller for the purposes of ongoing execution of a contract or a legal relationship between the parties in connection with a contract signed, please be informed that:
1. The Controller of your personal data is Next Technology at FlexDev spółka z ograniczoną odpowiedzialnością with its registered office in Poznań, ul. Baraniaka 6, 61-131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
2. In matters relating to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: email@example.com or by calling the telephone number +48 570 996 993.
3. Your personal data must be processed for the following purposes:
a. performance of the contract signed with your employer/customer – i.e. based on a contract signed (Article 6(1)(b) GDPR);
b. compliance with a legal obligation by the Controller – i.e. based on a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR);
c. pursuance of the legitimate interests by the Controller, such as protection against claims and collection of receivables, or internal administrative, analytical and statistical purposes (Article 6(1)(f) GDPR).
4. The Controller may also process personal data obtained in email correspondence. In such cases, the personal data will be processed for communication purposes – i.e. based on the Controller’s legitimate interest (Article 6(1)(f) GDPR) referred to herein. Such personal data will be processed throughout the prescription period of claims, if any, depending on the subject matter of the emails.
5. Your personal data will be transferred to the entities processing data on behalf of the Controller, which take part in the performance of the Controller’s tasks, including the operators and providers of IT systems and the providers of accounting and hosting services. Your data will also be made available to other controllers, including postal operators and couriers.
6. Your personal data will not be transferred to any third countries.
7. Your personal data will be processed throughout the term of the contract and the prescription period of claims (if any). In the event of a pending dispute or proceedings, in particular court proceedings, this period may be extended.
8. The Controller will collect your personal data from your employer/customer or directly from you.
9. The Controller may process in particular the following categories of personal data: name, correspondence address, telephone number.
10. You have the right to access your data, rectify it, erase, restrict its processing, or file an objection.
11. You have the right to file a complaint in connection with the processing of personal data by the Controller with a supervisory authority, i.e. the President of the Personal Data Protection Office.
12. The provision of your personal data is necessary for the performance of the contract between your employer/customer and the Controller.
13. Your personal data will not be used for the purposes of automated decision-making or profiling.
§5 Information clause for Fanpage users
The Controller of your personal data is Next Technology at FlexDev spółka z ograniczoną odpowiedzialnością with its registered office in Poznań, ul. Baraniaka 6, 61-131 Poznań, entered in the Business Register of the National Court Register under number KRS 0000759865, whose registration documents are maintained by the District Court for Poznań – Nowe Miasto i Wilda in Poznań, 8th Business Department of the National Court Register.
In matters relating to personal data processing you may contact the Data Protection Officer appointed by the Controller at the following email address: firstname.lastname@example.org or by calling the telephone number +48 570 996 993.
Your personal data will be processed for the purpose of communication and promotion within the Administrator's fanpage available at the following addresses[DG1] :
Fanpage on Facebook: https://www.facebook.com/nextitpoznan
in particular, responses to reactions, comments and private messages, as well as for statistical and advertising purposes carried out through the tools provided by the application
The processing is carried out on the basis of the controller's legitimate interest, which is to ensure the continuity of business communication, marketing own products and taking care of the brand image (Article 6(1)(f) of the GDPR).
The recipients of your personal data may only be entities that are entitled to receive it under the provisions of law. In addition, your data is shared with Meta Platforms Ireland Limited (see below for details).
Your personal data will be stored until you object or the purposes of the processing cease to exist.
You have the right to request access to your personal data, as well as to rectify (correct) it. You also have the right to request the deletion or restriction of processing, as well as to object to processing, but this is only possible if further processing is not necessary for the Controller to comply with a legal obligation and there are no other overriding legal grounds for processing.
You have the right to lodge a complaint against the processing of your data carried out by the Controller to the President of the Personal Data Protection Office (uodo.gov.pl).
Providing data is voluntary and takes place through the use of the Administrator's Fanpage.
Joint Controller Notice with Meta Platforms Ireland Limited
The Controller and Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) are joint controllers of your data in accordance with Article 26 of the GDPR in the scope of data processing for statistical and advertising purposes.
Joint controllership includes aggregate data analysis in order to display statistics of the activity of the Administrator's Fanpage users.
Meta Platforms Ireland's responsibilities for the processing of your data for the following purposes:
have a legal basis for processing data for Page Insights;
ensuring the exercise of the rights of data subjects;
reporting breaches to the supervisory authority and notifying the affected persons about the incident;
ensuring appropriate technical and organizational measures to ensure the security of your data.
The scope of the Controller's responsibility for the processing of your data:
having a legal basis for the processing of data for statistical purposes;
fulfilment of information obligations within the scope of processing purposes pursued by the Controller.
Meta Platforms Ireland will make the essential content of the Page Insights addendum available to data subjects (Article 26(2) of the GDPR) through the data contained in the Page Insights Information, which can be accessed from all pages.
The main supervisory authority for joint processing is the Irish Data Protection Commission (notwithstanding Article 55(2) of the GDPR, where applicable).
Detailed information on mutual arrangements between administrators is available at: <https://www.facebook.com/legal/terms/page_controller_addendum>.
Meta Platforms Ireland's processing of your personal data is available at: <https://www.facebook.com/privacy/explanation>.
§6 Final provisions
§1 GENERAL PROVISIONS
1. what cookies and similar technologies are used on the website,
2. what kind of information is collected,
3. how and for what purposes this information is processed,
4. who has access to this information and to whom it is transferred;
5. how you can change the rules of operation of cookies and similar technologies on your device.
Cookies and similar technologies are usually not used to collect information about a specific, identifiable person. In some cases, however, the information they collect may constitute personal data. Therefore, you will also find information that is important from the point of view of the protection of your personal data.
§2 DEFINITION OF COOKIES
Cookies are IT data, in particular small text files, that are placed and stored on the device you use to view our website. They make using the website easier and more accessible. In addition to cookies, we may also use other technologies on our website to obtain information contained on your device, such as HMTL5 local storage, which consists in storing information permanently in a database that is part of your browser.
Cookies or similar technologies do not adversely affect the operation of the device on which they are used. Because of their use, there are no changes to the configuration of the device or to the software that is installed on the device.
§3 SCOPE OF PROCESSED INFORMATION
Cookies and similar technologies collect information about the device and browser through which you connect to our website. Each file contains its unique number, the name of the website (domain) from which it originated, as well as the length of time it is stored on the device by default.
The information that cookies and other technologies may collect and process also includes:
1. Device information: IP address, operating system, device model/type, unique device identifiers, MAC address, operating system version and device settings, language, screen resolution, browser version and type;
2. information about how the website is used: time of use, last visit, length of visit, type of pages and subpages visited, address of the website visited (URL), completed forms, recently viewed subpages, activities on the website in which the user participated;
3. location data: IP address, location data obtained through various positioning technologies – e.g. GPS, Wi-Fi access points (after location consent);
4. Other data: the source of the visit to the website, the links clicked on by the user, the number of clicks.
§4 TYPES OF COOKIES AND OTHER TECHNOLOGIES
Cookies and technologies used on this website are used for analytics and building statistics. They make it possible to collect information about how often a website is visited and how users use it. They allow us to improve the content and performance of the website. We use analytical solutions from third-party partners who access this information through cookies and similar analytical technologies. All of this information is aggregated so that users remain anonymous.
In addition to the above-mentioned files and technologies, we also use those that are necessary (technical). They enable essential features, such as setting your privacy preferences. Without them, our website cannot function properly.
Individual cookies and similar technologies that are used on this website are only first-party cookies (they are placed and used by us as the owner of the website).
Information obtained through cookies and similar technologies may be disclosed to the provider of data analytics solutions.
Below you will find detailed information about which cookies are used on our website, as well as the lifespan of each cookie.
Type (purpose of use)
Period of activity[DG2]
§5 COOKIES, TOOLS AND TECHNOLOGIES OF THIRD-PARTY PARTNERS
We use third-party services and tools on our website, which include, m.in, analytics tools.
We use Google Analytics, which collects anonymous information about visits to our website, e.g. subpages viewed, time spent on the website, transitions between subpages. This information is used to create anonymous statistics on the functioning of our website and to analyse the activity of users on our website in order to adapt our offer and website to the needs of users and recipients in the best possible way.
Details of the services and Google's privacy protection can be found at https://policies.google.com/technologies/cookies?gl=PL&hl=pl.
Users can also opt out of the tool being used on their device Google by means of Opt – out https://support.google.com/analytics/answer/181881?hl=pl.
DATA PROCESSING OUTSIDE THE EEA
1.countries for which the European Commission has issued a decision stating that they provide an adequate level of protection, or
2. in the absence of the above-mentioned decision – after appropriate safeguards are in place, and provided that the enforceable rights of data subjects and effective remedies apply, e.g. on the basis of concluding standard data protection clauses adopted by the European Commission with the entity to which the data is to be transferred, equipped with additional safeguards – if necessary.
The browser settings for the operation of cookies and other similar technologies may be changed, in particular, in such a way as to completely block the operation of cookies or to inform about each time cookies are placed on the user's device. You can also set your browser to only accept certain types of cookies or similar technologies. You can also set your browser to accept or block cookies from selected websites only.
However, some cookies are necessary for the website to function properly or to make it more convenient to use. Deleting or disabling certain cookies may therefore prevent you from using certain functions of the website or significantly reduce the quality of your experience.
Instructions on how to change the settings of popular browsers can be found at:
Microsoft Edge: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/pl/kb/ciasteczka?redirectlocale=en-US&redirectslug=Cookies
Google Chrome: https://support.google.com/chrome/answer/95647?hl=pl
Adobe (pliki cookie flash): http://www.adobe.com/privacy/policies/flash-player.html
Browser providers can change the access paths to the above-mentioned settings – in this case, you should search for them based on the above-mentioned passwords.
§7 PROFILING AND COOKIES
1. The Controller does not collect automatically any information other than information contained in cookies.
2. Cookies are data files, including in particular text files, which are stored on the terminal device of a Portal User for the purposes of using the websites making up the Portal. Cookies usually contain the name of the website from which they originate, the duration of their storage on the terminal device and a unique number.
3. Information from cookies is used for automatic identification of a specific User by the server, which on this basis may generate a website addressed to that User.
4. Actions that may be taken based on the information about a User include:
a. preparing statistics that will help to understand how the Portal Users use the websites in order to improve their structure and content;
b. defining a User’s profile in order to display personalized material on advertising networks, including in particular the Google network.
1. Two types of cookies are used by the Portal:
a. session cookies – these are temporary files which remain on the device until the website is exited or the browser closed, and are subsequently removed,
b. persistent cookies – these files are stored on the User’s device for a fixed period defined in the cookie parameters or until they disable themselves.
5. Web browsers usually by default allow the storing of cookies on the Users’ terminal devices. The Portal Users may change this by changing the settings. The browser makes it possible to remove cookies. A User may change his/her preferences relating to cookie settings or remove them completely at any time. To do this, the User should change the browser settings. Information on cookies is contained in software settings, i.e. the settings of browsers such as Chrome, Opera, Mozilla Firefox, or Internet Explorer.
8. Cookies may be used by advertising networks, including in particular the Google network, to display advertisements tailored to the manner of using the Portal by a particular user. For this purpose, they may store information on the user’s navigation path or the time spent on a particular website.
9. A User may view and edit information on his/her preferences accumulated by the Google advertising network in cookies using the following tool: https://www.google.com/ads/preferences/.
§8 GOOGLE ANALYTICS
1. The Portal uses Google Analytics, an analytical service provided by Google. Google Analytics is a system of statistics which provides the Controller with information about a User visiting the Controller’s website. Data about a User collected and processed by Google Analytics contain, e.g. information on how the User found the Shop, the region where the User is located, the system and software used by the User.
2. The legal basis for using Google Analytics is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest, which involves preparing statistics and making constant effort to improve the Shop and increase the comfort of using it.
3. Information about the User’s activities in the Shop generated by cookies may be sent to a Google server in the USA to be stored there. From the EU perspective, in the USA there is no “sufficient level of protection” with respect to personal data processing, which would match the European standards. The required protection level may, however, be confirmed at the level of the individual companies by the EU-US Privacy Shield certification. Google has a Privacy Shield compliance certificate.
4. The Portal uses Google Analytics with “_anonimizelp()” filename extension and therefore IP addresses are processed further in an abbreviated form only. The purpose is to make it impossible to assign an IP address directly to a person. As a result of activating the IP anonymization option on this website, a User’s IP address will be abbreviated by Google if the User is located in an EU Member State or another country which is a party to the Agreement on the European Economic Area. In exceptional cases, a full IP address is sent to a Google server in the USA and abbreviated there.
5. The IP address sent by your browser for Google Analytics is not combined with other Google data.
6. A User may use the solution described on https://tools.google.com/dlpage/gaoptout to prevent collecting data generated by cookies, which relate to using the website, as well as the processing of such data by Google.
7. In order to make changes to the volume of data provided, the User should check the settings of its browser. Some of the information is made available automatically, however, a User may change the scope of information sent at any time.
§9 FINAL PROVISIONS