Tenex Sp. z o.o. with its registered office in Puchały (05-090) at ul. Żwirowa 65, entered in the register of entrepreneurs maintained by the District Court for the Capital City of Warsaw, 14th Commercial Division of the National Court Register under the number KRS 0000176695, Tax Identification Number NIP 534-224-10-63. Personal data are obtained and processed in a manner and under the terms specified in this Policy.
We take care to ensure that your data are processed in accordance with the provisions of the General Data Protection Regulation 2016/679/EC (hereinafter referred to as the “GDPR”), the Act
on Personal Data Protection, and special provisions (included inter alia in the Labor Law or the Accounting Act).
Our company is the personal data controller as specified by Article 4.7 of the GDPR, we also use the services of processors referred to in Article 4.8 of the GDPR – they process personal data on behalf of the controller (they include e.g. accounting and IT companies).
We apply appropriate technical and organizational measures to ensure the level of security corresponding to the potential risks to the rights and freedoms of natural persons of varying likelihood and severity.
What are your personal data used for
Contact details obtained from counterparties (e.g. their employees) are used to reply to the questions asked as well as to conclude and effectively perform agreements. As an employer, we process data of the employees and persons who cooperate with us on other basis than employment relationship. We also conduct marketing activity and, within the framework thereof, seek to reach a group of interested parties in order to provide them with current information on our products and services.
Your data are made available to third parties with your consent and also when we are required to do so by virtue of the law.
Under what terms and on what grounds your data are processed
We exercise due care to protect the interests of data subjects, and ensure in particular that the data are:
- processed in accordance with the law, in a manner that is reliable and transparent to data subjects;
- collected for specific, clear and legitimate purposes and further processed in a manner consistent with such purposes;
- adequate, appropriate and limited to what is necessary for the purposes for which they are processed;
- correct and updated, if necessary; we take steps to ensure that personal data that are incorrect in the light of purposes for which they are processed, are immediately deleted or rectified;
- stored in the form that allows to identify the data subject, for a period not longer than necessary for the purposes;
- processed in a manner that ensures appropriate personal data security, including protection against unauthorized or unlawful processing or accidental loss, destruction.
Your data are usually processed on the basis of consent which may be withdrawn at any time. The withdrawal of consent for processing shall not affect the lawfulness of processing based on the consent before its withdrawal. A different situation takes place when the processing of your data is necessary to perform an agreement that you are a party to or to take actions upon your request before concluding an agreement.
In certain situations the processing is necessary to meet a legal obligation imposed on the controller. Such obligations result e.g. from the Labor Law or the Accounting Act.
The processing may also be necessary for purposes resulting from our legitimate interests, an example of which is enforcement of claims resulting from our business activity.
What rights do you have
We take appropriate measures to provide you with any relevant information and communicate with you with respect to the processing of your personal data in connection with the exercise of your right to:
- • information provided when the personal data are obtained,
- • information provided upon request – relating to whether the data are processed and other issues specified in Article 15 of the GDPR, including the right to copies of such data,
- be forgotten;
- restriction of processing;
- data portability;
- communication of data breach.
If you wish to exercise a given right, please send an e-mail to firstname.lastname@example.org. You have the right to lodge a complaint with the supervisory authority responsible for compliance with the personal data protection provisions.
How will we contact you
The information is provided in writing or with the use of other methods, and when appropriate – in electronic form. Upon your request, we may provide information orally, if we confirm your identity with the use of other methods. If you submit your request by electronic means, the information will be provided by electronic means, if practicable, unless you specify a preferable form of communication.
Within what time limit will your request be met
We strive to provide the information without undue delay – as a rule, within a month from receipt of a request. If necessary, the time limit may be extended by further two months because of a complex nature of the request or number of requests. In each case, however, within a month of receipt of the request, we inform you of the steps taken and (if applicable) of the time limit extension, including reasons for the delay.
If we cooperate with entities which process the personal data on our behalf, we use the services of processors which provide sufficient guarantees of applying appropriate technical and organizational measures in order to ensure that the processing meets the requirements of the GDPR and protects the rights of data subjects.
We store the personal data in a form which does not permit identification of data subjects, for a period not longer than necessary for the purposes for which the data are processed. After the expiry of such period, the data are anonymized (they are deprived of features which permit identification of a given person) or deleted.
The data processing period is first of all determined on the basis of the law (e.g. the storage period of employee documentation, accounting documents) as well as justified interests of the controller (e.g. marketing activity). The retention policy covers both data processed in paper and electronic form.
We ensure that any person acting upon our authorization who has access to your personal data processes them only at our instructions, unless other requirements are specified by the law of the European Union or a member state.
Cookie files are small files placed on your computer that stores settings and other information used on the sites visited by you. Cookie files may include website settings or be used to analyze user interactions with the website. We use cookie files to adapt the content of our sites to your preferences and optimize the use of our sites, memorize the data entered by the user in connection with using the service, as well as conduct statistical analysis concerning the users and visitors to the site for site administrator purposes.
Data sent in cookie files are safe for the user and do not affect in any manner whatsoever the operation of the user device. You can individually configure the browser on your device to automatically accept the cookie files received and also to notify the user each time of the cookie files sent to the user device or to completely block the cookie files received.