Privacy Policy
 

INTEGRIGO Sp.z o.o. Privacy Policy
Information on the processing of personal data.

 

Table of  Contents:

  1. Data controller
  2. Information for LINKWAY Users
  3. Information for customers (natural persons conducting business activity)
  4. Information for service providers
  5. Information for representatives of contractors
  6. Information for the persons communicating and using contact form
  7. Information for job candidates
  8. Information for website users
  9. Your rights
  10. Changes to the Privacy Policy

1. Data controller

INTEGRIGO Sp. z o.o.Spółka z ograniczoną odpowiedzialnością, located in Poznań (61-894), at plac Andersa 7, entered into the Register of Entrepreneurs, kept by the District Court for Poznań Nowe Miasto i Wilda, 9th Commercial Division of the National Court Register, under the number KRS 0000746118 (NIP: 5961759473, REGON: 38110874) is the controller of the Customer’s data (the “Company” or “Controller”).

The Administrator can be contacted in all matters regarding the processing of personal data by INTEGRIGO and the exercise of rights related to the processing of personal data. You can contact the administrator via the e-mail address: office@linkway.pl or in writing to the address of the registered office.


2. Information for LINKWAY Users

The User means natural persons who do not conduct business, acting on behalf of and on behalf of the Customer, to whom the Customer, at his own risk, allows the use of functionalities and services offered by INTEGRIGO as part of the Agreement concluded with the Customer on a server made available to him as part of the Linkway Services.

2.1 The purpose of and legal basis for processing

Purpose of processing Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Ensuring system security – detecting and combating fraud (keeping event log – system logs) The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) consisting in caring for the quality of services provided and preventing security incidents. until filing an effective objection to processing / requesting to erase the data
Establishing, redressing or defending against possible claims The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – establishing, redressing or defending against any reported claims as part of the measures taken before the initiation of proceedings, during court or enforcement proceedings, or in front of others authorities. until the limitation of claims

2.2 Data recipients

The controller can transfer your data, to fulfil the obligations of the Company, only to trusted recipients, such as state authorities or other entities empowered by law, the providers of IT services, e-mail hosting, information systems, to entities providing insurance, postal, courier, transport, forwarding and financial services as well as legal and economic consultants (who provide services to the Company).

2.3 Data retention period

In so far as the Customer’s data is processed to pursue the legitimate interests of the Company – establishing, redressing or defending against any claims reported in court or enforcement proceedings, or before other state authorities – the Customer’s data can be stored by the Company until the limitation of possible claims.

2.4 The obligation to provide data

You are free to provide your personal data, but it is necessary to establish and maintain an account in our system.


3. Information for Customers (INTEGRIGO clients)

3.1 The purpose of and legal basis for processing

Purpose of processing Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Establishing trade relations The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – pursuing the sales of services. until filing an effective objection to processing / requesting to erase the data
Establishing legal relationship and performing the contract between the INTEGRIGO and the Customer, including the use of Linkway Services on the principles set out in the Regulations The processing is necessary for the performance of a contract or in order to take steps before entering into a contract (Article 6.1(b) of GDPR). until the termination of the contract
Accounting and tax record keeping The processing is necessary for compliance with a legal obligation (Article 6.1(c) of GDPR) in conjunction with Article 74 of the Accounting Act. 5 years from the beginning of the year following the fiscal year
Conducting conventional marketing activities for own services The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests and good reputation of the Company, promoting its activities. until filing an effective objection to processing / requesting to erase the data
Conducting conventional marketing activities for partners’ services The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting and selling partners’ services. until filing an effective objection to processing / requesting to erase the data
Conducting marketing activities with the use of electronic means of communication The processing is based on consent (in conjunction with the Act of 18 July 2002 on Electronic Services and the Act of 16 July 2004 the Telecommunication Law). until the withdrawal of consent or objection
Analysis and statistics of sales, use of LINKWAY Services The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – improve service quality. until filing an effective objection to processing / requesting to erase the data
Examination of complaints and requests The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests and good reputation of the Company. until the limitation of claims
Debt collection The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests of the Company, material liquidity support. until full settlement
Establishing, redressing or defending against possible claims The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – establishing, redressing or defending against any reported claims as part of the measures taken before the initiation of proceedings, during court or enforcement proceedings, or in front of others authorities. until the limitation of claims

3.2 Data recipients

The controller can transfer your data, to fulfil the obligations of the Company, only to trusted recipients, such as state authorities or other entities empowered by law, the providers of IT services, e-mail hosting, information systems, to entities providing insurance, postal, courier, transport, forwarding and financial services as well as legal and economic consultants (who provide services to the Company).

3.3 Data retention period

The controller is obliged to store documents containing personal data of the Customer throughout the contract and for the mandatory documentation retention period related to the above objectives, determined under separate regulations. In so far as the Customer’s personal data is processed based on consent – until its withdrawal. In so far as the Customer’s data is processed to pursue the legitimate interests of the Company – establishing, redressing or defending against any claims reported in court or enforcement proceedings, or before other state authorities – the Customer’s data can be stored by the Company until the limitation of possible claims. In so far as the Customer’s data is processed to pursue the legitimate interests of the Company – conducting marketing activities to promote its activities – the Customer’s data can be stored by the Company until the objection to the processing is submitted.

3.4 The obligation to provide data

Providing personal data is voluntary, but necessary for contact in order to provide commercial information and maintain relationships with the customer.


4. Information for service providers

4.1 The purpose of and legal basis for processing

Purpose of processing Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Establishing legal relationship and the performance of the contract The processing is necessary for the performance of a contract or in order to take steps before entering into a contract (Article 6.1(b) of GDPR). until the termination of the contract
Accounting and tax record keeping The processing is necessary for compliance with a legal obligation (Article 6.1(c) of GDPR) in conjunction with Article 74 of the Accounting Act. 5 years from the beginning of the year following the fiscal year
Establishing, redressing or defending against possible claims The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – establishing, redressing or defending against any reported claims as part of the measures taken before the initiation of proceedings, during court or enforcement proceedings, or in front of others authorities. until the limitation of claims

4.2 Data recipients

The controller can transfer your data, to perform the obligations of the Company, only to trusted recipients such as state authorities or other entities empowered by law, the providers of IT services, e-mail hosting, information systems, to entities providing postal, courier, transport, forwarding and financial services as well as legal consultants.

4.3 Data retention period

The controller is obliged to store documents containing personal data of throughout the contract and for the mandatory documentation retention period related to the above objectives, determined under separate regulations. In so far as your data is processed for the implementation of legitimate interests of the Company, your data can be stored by the Company until the limitation of possible claims.

4.4 The obligation to provide data

You are free to provide your personal data, but it is necessary to conclude the contract, perform the contract and settle the operations. Failing to provide personal data will result in failure to conclude or perform the contract.


5. Information for representatives of contractors

5.1 The purpose of and legal basis for processing

Purpose of processing Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Establishing business relationships with an entity which represents the person The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – pursuing the sales of services. until filing an effective objection to processing / requesting to erase the data
Establishing legal relationship and the performance of the contract with the entity which represents a person The processing is necessary for the performance of a contract or in order to take steps before entering into a contract (Article 6.1(b) of GDPR). until the termination of the contract
Accounting and tax record keeping if the contract relates to business The processing is necessary for compliance with a legal obligation (Article 6.1(c) of GDPR) in conjunction with Article 74 of the Accounting Act. 5 years from the beginning of the year following the fiscal year
Examination of complaints and requests The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests and good reputation of the Company. until the limitation of claims
Debt collection The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests of the Company, material liquidity support. until full settlement
Insurance coverage and reporting damage The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – promoting the interests of the Company in the event of damage, the right to insurance coverage and loss adjustment. 3 years after the date of the event
Establishing, redressing or defending against possible claims The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – establishing, redressing or defending against any reported claims as part of the measures taken before the initiation of proceedings, during court or enforcement proceedings, or in front of others authorities. until the limitation of claims

5.2 Data recipients

The controller can transfer your data, to fulfil the obligations of the Company, only to trusted recipients, such as state authorities or other entities empowered by law, the providers of IT services, e-mail hosting, information systems, to entities providing insurance, postal, courier, transport, forwarding and financial services as well as legal and economic consultants (who provide services to the Company).

5.3 Data retention period

The controller is obliged to store documents containing personal data with the details of the contractor’s representative throughout the contract and for the mandatory documentation retention period related to the above objectives, determined under separate regulations. In so far as the contractor’s representative data is processed to pursue the legitimate interests of the Company – establishing, redressing or defending against any claims reported in court or enforcement proceedings, or before other state authorities – the Customer’s data can be stored by the Company until the limitation of possible claims.

5.4 The obligation to provide data

You are free to provide your personal data, but it is necessary to establish, build, change or terminate legal relationship between the Company and the contractor, to perform the contract between the Company and the contractor, and to settle the Company’s business. Failing to provide your personal data will result in failure to establish, build, change or terminate legal relationship between the Company and the contractor, to perform the contract between the Company and the contractor, and to settle the Company’s business.


6. Information for the persons communicating and using contact form

6.1 The purpose of and legal basis for processing

Purpose of processing Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Electronic correspondence The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR – to conduct correspondence in connection with business operations and solve any issues described in the correspondence. 6 years from giving or receiving correspondence
Establishing, redressing or defending against possible claims The processing is necessary for the purposes of the legitimate interests of the controller (Article 6.1(f) of GDPR) – establishing, redressing or defending against any reported claims as part of the measures taken before the initiation of proceedings, during court or enforcement proceedings, or in front of others authorities. until the limitation of claims

6.2 Data recipients

The controller can transfer your data, to perform the obligations of the Company, only to trusted recipients such as state authorities or other entities empowered by law, the providers of IT services, e-mail hosting, information systems, to entities providing postal, courier, transport, and forwarding services as well as legal and economic consultants (who provide services to the Company). The data is also transferred to companies related personally and financially.

6.3 Data retention period

After completion of the communication, we will retain data in order to defend against possible claims and to assert any claims until the limitation period (about 6 years).

6.4 The obligation to provide data

You are free to provide your personal data, but it is necessary to conduct the correspondence. Failing to provide personal data will result in failure to conduct the correspondence.


7. Information for job candidates

7.1 Consent to data processing

By clicking the “Apply”, “Apply Now” button or otherwise sending a recruitment notification to the Company*, you grant your consent to the processing of your personal data in order to carry out the recruitment process for the position for which you applied.

If you want your personal data to be used by the Company also in the FUTURE RECRUITMENT PROCESSES, please include in your CV the following clause: “I hereby grant my consent to process my personal data provided in the recruitment application for the purposes of recruitment processes conducted by INTEGRIGO Sp. z o.o.”

7.2 Information on the processing of your personal data

7.2.1 The objectives, legal basis, data retention period

Purpose of processing The scope of data Legal basis for processing under the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). Retention period
Conducting the recruitment process for the position for which you are applying The scope of the data provided for in Article 22 of the Act of 26 June 1974 Labour Code (Journal of Laws, item 917, as amended) and § 1 of the Regulation of the Minister of Labour and Social Policy of 28 May 1996 on the scope of conduct by documentation of employers in matters relating to employment and the conduct of the employee’s personal files (Journal of Laws of 2017, item 894, as amended); The processing is necessary for the performance of a contract or in order to take steps before entering into a contract (Article 6.1(b) of GDPR). until filing objection to processing / requesting to erase the data / 6 months after the end of the recruitment process
Other data given by you, including contact details The legal basis of data processing will be your consent (Article 6.1(a) of GDPR). until the withdrawal of consent / 6 months after the end of the recruitment process
Conducting future recruitment, if you granted your consent to the processing of personal data for this purpose All data given by you, including contact details. The legal basis of data processing will be your consent (Article 6.1(a) of GDPR). until the withdrawal of consent, no longer than a year
Establishing, redressing or defending against possible claims After erasing the application documents: Full name, the recruiter’s notes, the history of the recruitment relationship: the date of the scheduled meetings and discussions held. The processing is necessary for the purposes resulting from the legitimate interests of the controller (Article 6.1(f) of GDPR) – determining, investigating or defending against claims reported within the framework of the measures taken before the initiation of proceedings, in court or enforcement proceedings, or in front of others authorities. until the limitation of claims, no longer than 3 years

The Company will process your personal data in the scope indicated by the provisions of the labour law in order to carry out the recruitment process for the position to which you apply (Article 6.1(b) of GDPR), while additional data, including contact details, on the basis of consent (Article 6.1(a) of GDPR), which may be revoked at any time. The application documents sent will be removed six months after the completion of the recruitment process. In the event you consented to the processing of personal data for the purpose of future recruitment, the data will be processed until you withdraw your consent, no longer than one year from the end of the recruitment process. The Company will process your data within a minimized scope in order to establish, redress or defend against legal claims (Article 6.1(f) of GDPR) for a period of limitation of possible claims, but no longer than 3 years, unless during this time the Company receives information about the claims.

7.2.2 Data recipients

The data will be made available to the law firm providing legal services and entrusted to providers and hosting services.

7.2.3 Your rights

You have the right to access your personal data, request their rectification, erasure, restriction of processing, object to processing, and the right to data portability (for the date processed based on consent). In so far as the processing of personal data is based on consent, you have the right to withdraw your consent at any time without affecting the lawfulness of the processing conducted before the withdrawal of consent. If the processing of personal data by the Company is deemed to violate the provisions of GDPR, you have the right to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office).

Providing personal information to the extent specified in the provisions of the Labour Code and implementing acts is necessary for the recruitment process and has been prescribed by law. Failing to provide such data will lead to the failure to examine your candidacy in the ongoing recruitment process. You are free to provide additional personal data. You can withdraw your consent at any time. To do so, please send an e-mail to office@linkway.pl.


8. Information for website users

INTEGRIGO Sp. z o.o.Spółka z ograniczoną odpowiedzialnością, located in Poznań (61-894), at plac Andersa 7, entered into the Register of Entrepreneurs, kept by the District Court for Poznań Nowe Miasto i Wilda, 9th Commercial Division of the National Court Register, under the number KRS 0000746118 (NIP: 5961759473, REGON: 38110874), hereinafter referred to as the Controller, is the website owner and the personal data controller.

The Controller takes special care to respect the Users’ privacy.

8.1 Type of data processed, objectives and legal basis

  1. The Controller collects information about individuals engaged in legal activity not directly related to their activities, individuals engaged on their own behalf or professional businesses and individuals representing legal persons or entities other than legal persons, which the law recognizes the legal capacity, leading in his own name trade or profession, hereinafter collectively referred Users.
  2. Users’ personal data is collected when:
    Using the contact form on the Website, to perform the contract provided electronically.
  3. If you use the recruitment form, you provide the following information:
    1.) e-mail address;
    2.) full name;
    3.) Message content
  4. When using the Website, additional information may be requested, in particular: the IP address assigned to the User’s computer or external IP address of ISP, domain name, browser type, time of access, the type of operating system. The User may need to provide navigation data, including information about links and references, if they decide to click or other activities undertaken in our Website.
  5. Legal basis – the legitimate interests (Article 6.1(f) of GDPR) – facilitating the use of electronic services and striving to improve the functionality of these services
  6. We will store data to defend against possible claims and to assert possible claims until they expire (about 6 years).

8.2 Cookies, IP address

  1. The Website uses small files called cookies. They are stored by the Controller on the terminal equipment of the person visiting the Website, if the browser allows it. A cookie typically contains the name of the domain from which it comes, their “expiration time” and the individual random number that identifies the file. The information collected by cookies helps to adjust the products offered by the Controller to customize products to individual preferences and the actual needs of visitors to the Website. They also give the chance to develop the overall statistics of visits the products presented on the Website.
  2. The Controller uses two types of cookies:
    1) Session cookies: after the session on a given browser or after turning off the computer, the stored information is deleted from the device memory. The mechanism of session cookies does not allow retrieving any personal data or any confidential information from the User’s computer.
    2)Persistent cookies: stored in the user terminal device and remain there until they are erased or expire. The mechanism of persistent cookies does not allow retrieving any personal data or any confidential information from the User’s computer.
  3. The Controller uses internal cookies to:
    Analyse, research and audit the audience, and in particular to create anonymous statistics that help to understand how users use the Website, which enables the improvement of its structure and content.
  4. The controller uses external cookies to:
    Present multimedia content on the Website that is downloaded from an external website of www.youtube.com (external cookies controller: Google Inc., based in the US); Analyse, research and audit the audience, and in particular to create anonymous statistics that help to understand how users use the Website, which enables the improvement of its structure and content.
  5. The cookies mechanism is safe for the Website User’s computer. In particular, no viruses or other unwanted software or malware can penetrate the User’s computer. However, in their browsers, the Users can limit or disable access of cookies to their computers. If you use this option, the use of the Website will be possible, except for functions which, by their nature, require cookies.
  6. The Controller may collect IP addresses of Users. The IP address is a number assigned to the computer of the person visiting the Website by the ISP. IP number allows accessing the Internet. In most cases, it is assigned to the computer dynamically, i.e. it changes each time you connect to the Internet and for this reason, it is widely regarded as non-personally identifying information. The IP address is used by the Controller to diagnose technical problems with the server, creating a statistical analysis (e.g. determine from which regions we note the most visits), as information useful for the administration and improving the Website, as well as for security purposes and the possible identification of aggravating server unwanted automatic programs to browse the contents of the Website.
  7. The Website includes links to other websites. The Controller is not responsible for their applicable privacy policies.

8.3 Data recipients

The Controller uses the providers who process personal data only on instructions from the controller. These include, among others, hosting providers, accounting services, marketing systems providers, systems for the analysis of traffic on the Website, systems to analyse the effectiveness of marketing campaigns.


9. Your rights in order to the processing of personal data

In view of the fact that the Company processes your personal data, you have the right of access to and rectification or erasure of your personal data (in case your data are incorrect) or restriction of processing or to object to processing as well as the right to data portability (for data to which processing the Customer has consented or which are processed based on contract). In so far as the processing of personal data is based on consent, the Customer has the right to withdraw consent at any time, without affecting the lawfulness of processing. If the processing of personal data by the Company is deemed to violate the provisions of GDPR, you have the right to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office in Poland).

You have the right to object to the processing, the aim of which is the legitimate interest of the controller (Article 6.1(f) of GDPR). Each request to exercise the Customer’s rights will be assessed and verified by the Company. The answer to the request will be provided immediately.


10. Changes to the Privacy Policy

Privacy Policy is continuously reviewed and updated as necessary.

The current version of the Policy (01.2019) was adopted on July 25, 2019.