SCM bussines food solution.

Wszechstronne podejście, najwyższa jakość

Poznaj nasze możliwości i korzystaj z nich każdego dnia!

General information

This privacy policy (hereinafter referred to as the „Policy„) of the website http://www.new.scmpoland.ncse.pl/ (hereinafter referred to as the „Website„) is intended for users of the Website who are natural persons (hereinafter referred to as „Users„) and contains information on the processing of users’ personal data in connection with the use of the Website to the extent required by Art. 13 of Regulation 2016/679 of the European Parliament and of the Council of the European Union of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter referred to as „GDPR„), as well as on cookies used by the website controller to the extent required by Article 173 of the Act of 16 July 2004. – Telecommunications Law.

 

  1. Who is the controller of the personal data of http://www.new.scmpoland.ncse.pl/ website users?

The controller of the personal data of the users of the http://www.new.scmpoland.ncse.pl/ website (hereinafter referred to as the „Controller„) within the meaning of Article 4(7) of the GDPR, i.e. the entity which decides on the purposes and methods of the processing of Users’ personal data, is SCM Spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, al. Jana Pawła II 11, 00 – 828 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw XII Economic Division of the National Court Register under KRS number: 0000218960, NIP: 5361772695, REGON: 015807691.

 

The Controller has implemented internal procedures in accordance with the requirements of the GDPR, which ensure effective protection of Users’ personal data.

 

  1. Purposes and legal basis of personal data processing

The Controller processes Users’ personal data for the following purposes:

 

  1. Receipt of recruitment applications sent to the address indicated on the Website

In order to process the recruitment applications of Users sent to the e-mail address rekrutacja@scmpoland.pl made available on the Site in the „Career” tab, and then to conduct the recruitment process with selected candidates. The legal basis for the processing of User data for this purpose is Article 6(1)(a) GDPR, i.e. the User’s consent to the processing of his/her personal data for the purposes of the recruitment process conducted by the Controller.

 

  1. Contacting the User via the contact email addresses indicated on the Website

In order to reply to the User’s message addressed to the Controller via e-mail, the Controller may process the User’s personal data contained in the e-mail message. The legal basis for the processing of the User’s data for this purpose is Article 6(1)(a) GDPR, i.e. the User’s consent to the processing of his/her data in order to reply to the User’s message.

 

  1. Keeping statistics on the use of the Website’s functionalities

The Controller may process the User’s personal data in order to keep statistics on the use of the various functionalities of the Website, to facilitate the use of the Website and to ensure the IT security of the Website. Personal data concerning the User’s activity on the Website and the amount of time spent on each of the subpages on the Website, the User’s search history, location, IP address, device ID, browser data and the User’s operating system are then processed. The basis for the processing of User data in such a case is Article 6(1)(f) GDPR, i.e. the Controller’s legitimate legal interest in processing the User’s personal data.

 

  • What data is downloaded automatically when a website is accessed?

A: (server)

The IT system used by the website automatically collects data related to the device used by the User in logs. This data is only collected for statistical purposes and relates to: the User’s IP number, the address of the website files downloaded or the output address and is only used for diagnostic purposes.

 

This data is never combined with the data referred to in Section II and is only used for statistical analysis and system error correction mechanisms.

 

B: (cookies)

The website uses „cookie” technology, i.e. text files placed on the User’s device, for technical session handling purposes.

 

If the User does not agree to the placement of cookies on his/her device, he/she can block their placement by configuring his/her web browser accordingly. Information on how to do this can be found in the help files of the web browser used by the User. However, if cookies from the Website are blocked, the Controller cannot guarantee its correct functioning.

 

If the User agrees to the placement of cookies on his/her device, but would like to delete them after visiting the website, information in this regard can be found in the help files of the Internet browser used by the User.

 

C: Google Analytics (cookies)

Google Analytics uses the technology of „cookies”, which are text files placed on your device, in order to enable the Controller to analyse the sources of traffic and the way in which visitors use it.

 

Google collects the data obtained from the placement of cookies on your device on its servers and uses this information to create reports and provide other services related to the traffic and use of the Internet.

 

Google may also transfer this information to third parties if it is obliged to do so by law or if these parties process such information on behalf of Google.

 

This data is never merged with the data provided referred to in Section II of the Policy and only constitutes material for statistical analysis and system error correction mechanisms.

 

If the User does not agree to the placement of cookies on his/her device, he/she can block their placement by configuring his/her web browser accordingly. Information on how to do this can be found in the help files of the web browser used by the User. However, if cookies from the Website are blocked, the Controller cannot guarantee its correct operation.

 

If the User agrees to the placement of cookies on his/her device, but would like to delete them after visiting the website, information in this regard can be found in the help files of the Internet browser used by the User.

 

D: Google AdWords (cookies)

Google AdWords uses „cookies”, which are text files placed on your device, to enable the website to evaluate the correctness and effectiveness of its advertising activities using the AdWords network.

 

Google collects the data obtained from the placement of cookies on your device on its servers and uses this information to create reports and provide other services related to the traffic and use of the Internet.

 

Google may also transfer this information to third parties if it is obliged to do so by law or if these parties process such information on behalf of Google.

 

This data is never combined with the data provided in Section II of the Policy and is only used for statistical analysis and system error correction mechanisms.

 

If the User does not agree to the placement of cookies on his/her device, he/she can block their placement by configuring his/her web browser accordingly. Information on how to do this can be found in the help files of the web browser used by the User. However, if cookies from the Website are blocked, the Controller cannot guarantee its correct operation.

 

If the User agrees to the placement of cookies on his/her device, but would like to delete them after visiting the site, information in this regard is contained in the help files of the Internet browser used by the User.

 

  1. Recipients of Users’ personal data

 

The Users’ personal data may be transferred to the providers of services used by the Controller in the conduct of its business. These service providers process the personal data entrusted to them by the Controller only to the extent and for the purpose strictly indicated by the Controller. These include, for example, suppliers providing IT services to the Controller. The Controller may also, in justified cases, transfer personal data to entities with personal or capital relations with the Controller, if this proves necessary for the Controller to be able to perform the service requested by the User.

 

The Controller ensures that with all the above-mentioned entities appropriate agreements for the entrustment of the processing of the Users’ personal data have been or will be concluded, specifying the obligations of the service providers when processing the Users’ personal data.

 

In specific situations in which the applicable law requires the Controller to make the collected User data available to authorized public authorities, the Controller shall provide such data to the extent necessary and justified by the request of the authority.

 

At the same time, the Controller guarantees that the Users’ personal data will not be transferred to countries outside the European Economic Area or to international organisations.

 

  1. Storage period of User data

 

The User’s personal data processed for the purpose of receiving recruitment applications and conducting recruitment, will be processed no longer than until the end of the recruitment process conducted with the participation of the User, unless the User voluntarily agrees to the processing of his/her personal data also for the purpose of future recruitment.

 

The User’s personal data processed for the purpose of replying to the User’s message sent via the contact form or e-mail does not have a specific period of retention by the Controller, but will not be processed for longer than is necessary for the purposes for which it was collected.

 

Personal data derived from cookies stored on the User’s terminal device will be stored for a period corresponding to the life cycle of the cookies stored on the User’s terminal device or until they are deleted from the device by the User.

 

  1. Users’ rights in relation to the processing of their personal data

 

  1. Right to withdraw consent

The User has the right to withdraw the consent given for the processing of his/her personal data at any time, if that consent constitutes the legal basis for the processing of his/her personal data (Article 6(1)(a) of GDPR). The withdrawal of the consent to data processing can be done by sending the Controller a declaration indicating such a wish, e.g. in the form of an e-mail message. The withdrawal of the consent has effect from the moment of receipt of the above declaration of withdrawal of consent by the Controller and does not affect the legality of the processing of the User’s personal data performed by the Controller before its withdrawal.

Legal basis: Article 7(3) of GDPR

 

  1. Right to request access to data

The User has the right to obtain confirmation from the Controller as to whether his/her personal data is being processed and, if so, the right to:

  • obtain access to your personal data;
  • obtain information about: the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients of that data, the intended period of storage of the User’s data or the criteria for determining that period, the User’s rights under the GDPR and the right to lodge a complaint with a supervisory authority, the source of that data, automated decision-making, including profiling, and the safeguards applied in connection with the transfer of that data outside the European Economic Area;
  • to obtain a copy of his/her personal data free of charge, whereby for each subsequent copy of the User’s personal data, the Controller may request a fee reflecting the costs of its preparation.

Legal basis: Article 15 of GDPR

 

  1. Right to rectification of data

The User has the right to rectify and complete the personal data he/she has provided. The User may do so by submitting a request to rectify such data (if incorrect) or to complete it (if incomplete).

Legal basis: Article 16 of GDPR

 

  1. Right to erasure („right to be forgotten”)

You have the right to request the erasure of all or some of the data concerning you.

 

The User may request the erasure of his/her personal data if:

  • the User’s personal data are no longer necessary for the purposes for which they were collected or for which they were processed;
  • b) the User’s personal data are processed unlawfully;
  • to object to the processing, if it is based on a legitimate legal interest of the Controller;
  • d) personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State to which the Controller is subject;
  • the personal data were collected in connection with the offering of information society services.

 

Despite the request for erasure of personal data in connection with the lodging of an objection (point c) above), the Controller may continue to process your personal data to the extent necessary for the purposes of establishing, asserting or defending claims, and to the extent necessary to comply with a legal obligation requiring processing under Union law or the law of a Member State to which the Controller is subject.

Legal basis: Article 17 of GDPR

 

  1. Right to restrict processing

You have the right to request the Controller to restrict the processing of your personal data, i.e. not to undertake any processing of your personal data beyond the mere storage thereof, in the following cases:

(a) where he or she disputes the correctness of his or her personal data – for a period of time allowing him or her to verify the correctness of the data;

  1. b) when the processing is unlawful, but the User objects to the erasure of the data, requesting instead the restriction of the processing;
  2. c) when the User’s personal data are no longer necessary for the purposes for which they were collected or used, but are needed for the establishment, investigation or defence of claims;
  3. d) when the User has objected to the use of his/her data, in which case the restriction shall be for the time necessary to consider whether the protection of the User’s interests, rights and freedoms outweighs the interests pursued by the Controller in processing his/her personal data.

Legal basis: Article 18 of GDPR

 

  1. Right to data portability to another controller

Where the User’s personal data are processed by the Controller on the basis of the consent given by the User or for the purpose of entering into a contract with the User (Article 6(1)(a) and (b) of GDPR), the User has the right to receive in a structured, commonly used readable format the personal data he or she has provided to the Controller, and has the right to send this personal data to another controller without hindrance from the Controller, provided that this is technically possible.

Legal basis: Article 20 of GDPR

 

  1. Right to object to processing

The User has the right to object at any time to the processing of his/her personal data where the processing is based on the legitimate legal interest of the Controller (Article 6(1)(f) of GDPR). If the User’s objection proves to be well-founded and the Controller has no other legitimate legal basis for processing the User’s personal data, as well as a basis for establishing, asserting or defending his/her claims, the Controller will delete the User’s personal data against the use of which the User has raised an objection.

Legal basis: Article 21 of GDPR

 

If, in the exercise of the aforementioned rights described in items A-G), the User makes a request to the Controller, the fulfilment or refusal of the request will take place without delay, but no later than one month after receipt of the request. However, if, due to the complexity of the request or the number of requests, the User is unable to comply with the User’s request within one month, it will be complied with within a maximum of a further two months after informing the User of the need to extend this period.

 

  1. Right to lodge a complaint with a supervisory authority

If the User considers that the right to personal data protection or other rights granted to the User under the GDPR have been violated, the User has the right to lodge a complaint to the supervisory authority, which in Poland is the President of the Office for Personal Data Protection.

Legal basis: Article 77 of GDPR

 

VII.       Voluntary provision of personal data

 

The provision of personal data by the User is voluntary at all times, although necessary for:

–           the Controller’s ability to recruit;

–           contact with the Controller by e-mail.

 

The consequence of the User’s failure to provide the data required for the aforementioned purposes will be the Controller’s inability to perform the aforementioned activities.

 

  • Possibility of profiling of Users’ personal data by the Controller

As a rule, the Users’ personal data shall not be subject to profiling or the basis for automated decision-making in any other manner.

 

  1. Change of privacy policy

If there is a need to update the information contained in this Privacy Policy or if it is necessary to ensure its compliance with the applicable laws or technological conditions of operation of the Website, this Privacy Policy may be amended. Users will be informed of all changes to the Privacy Policy through a notice displayed on the Website.

 

  1. Contact with the Controller

If Users have any questions or concerns about the privacy policy and security of their personal data, wish to update or delete their personal data, or exercise any other rights set forth in Section VI of the Policy, they may contact the Controller by e-mail at: ochrona.danych@scmpoland.pl or in writing at: al. Jana Pawła II 11, 00 – 828 Warsaw.