2. What personal data of the Users are processed.
The subject of processing are personal data that are collected as part of the Users' activity on the website, including those saved in cookies, which are installed on the Controller's website, and personal data provided in the contact form. These include in particular the name, address, e-mail address, telephone number as well as the data left by the Users in the so-called cookies. As part of the recruitment procedure, the Controller processes the following personal data:
1) first name (names) and surname;
2) date of birth;
3) contact details indicated by that person;
5) professional qualifications;
6) course of previous employment.
The Controller requests the provision of personal data referred to in points 4-6 when it is necessary for the performance of a specific type of work or for working on a specific position.
3. Personal Data Controller.
The Personal Data Controller is PETRALANA S.A. with its registerred office in Katowice, at ul. Mazowiecka 11, 40-735 Katowice, registered in the Register of Entrepreneurs kept by the District Court of Katowice-Wschód in Katowice, 8th Commercial Division of the National Court Register under the KRS number 0000446719, NIP 6342814619, REGON 243147108 (hereinafter referred to as the "Controller").
4. Purpose and basis of the processing of personal data.
The Controller processes your personal data for the following purposes:
a) marketing and informational objectives pursued by the Controller and to the extent specified in the content of the consent to the processing of personal data, including the sending of the newsletter. The basis for the processing of the User's data is the their consent to the processing of personal data, i.e. Article 6 sec. 1 point a of the GDPR;
b) contacting the User with regard to sending an inquiry through the contact form available on the website. The basis for the processing of your personal data is the legitimate interest of the Controller, i.e. Art. 6 sec. 1 point f. of the GDPR;
c) recruitment of employees conducted by the Controller. The basis for processing is Art. 6 sec. 1 point b of the GDPR in conjunction with Art. 221 Section 1 of the Act of 26 June 1974 Labour Code; however, the Controller may demand from the candidate other data than those indicated above in the scope of recruitment with the consent of the User (candidate) - i.e. Art. 6 sec.1 point a of the GDPR.
5. Period of processing of personal data.
Data will be processed:
a) for marketing and information purposes until the withdrawal of the consent for processing;
b) for the purposes of contacting the User in connection with sending an inquiry via the contact form on the website - for the time necessary to respond to the inquiry and the necessary period after providing the response, but not longer than 14 days, unless further processing is necessary for other purposes;
Candidates' data will be stored until the completion and, in justified cases, after the completion of the recruitment process, for the period necessary to consider potential claims (i.e. until the expiry of the limitation period).
6. Requirement to provide data.
The provision of personal data is voluntary. In the case of lack of consent to the processing of personal data left by the Users within the framework of using the website, including those saved in cookies, the Users' personal data will not be processed for this purpose.
The provision of data by the candidates in the recruitment process is necessary to achieve the goals for which they were collected, and failure to provide the data will result in the lack of possibility to consider the candidate's offer submitted in the recruitment process.
7. Entities to whom we can provide the data.
Entities processing data on behalf of the data controller (e.g. IT service providers) – where such entities process data on the basis of an agreement with the Controller and exclusively in accordance with the Controller's instructions, and entities entitled to obtain data under the applicable law (e.g. law enforcement authorities for the purposes of ongoing criminal proceedings).
8. Transfer of data to third countries.
Users' data are not transferred to third countries.
9. Rights relating to the processing of personal data.
Users have the following rights related to the processing of personal data:
a) the right to access data, including obtaining a copy of the data,
b) the right to request a rectification,
c) the right to delete data (in certain circumstances),
d) the right to lodge a complaint with the data protection supervisory authority,
e) the right to limit the processing of data.
In so far as the Users' data are processed on the basis of their consent, the Users have additional rights:
a) the right to withdraw the consent to the extent that they are processed on that basis. The withdrawal of the consent does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
b) the right to transfer personal data, i.e. to receive the User's personal data from the Controller, in a structured, commonly used machine-readable format.
In order to exercise the above rights, please contact the Controller at the following e-mail address: email@example.com
10. Users have the right to complain to a supervisory authority.
Users have the right to lodge a complaint with the President of the Personal Data Protection Office.
a) The Controller's website uses "cookies".
b) The installation of "cookies" is necessary for the proper provision of services on the website. "Cookies" contain information necessary for the proper functioning of the website, in particular those requiring authorisation.
c) The website uses the following types of "cookies":
· "Session cookies" are temporary files that are stored on the User's device until logging out (leaving the website).
· "Persistent cookies" are stored in the User's device for a period of time specified in the cookies parameters or until they are deleted by the User.
· "Analytical cookies" enable a better understanding of the User's interaction with the content of the website and improve the organisation of its layout. "Analytical cookies" collect information about the way the website is used by the Users, the type of website from which the User has been redirected, the number of visits and the duration of the User's visit to the website. This information does not collect specific personal data of the User, but serves to compile statistics concerning the website usage.
d) The user has the right to control and manage cookies on their computer by prior selection in the browser window. Detailed information about the possibilities and methods of managing "cookies" is available in the software (browser) settings.
12. Safety rules.
a) The website User should ensure the safety of their devices that have access to the Internet. The device should have an antivirus program with a current virus definition database, a current and secure version of the web browser and a "firewall" enabled.
b) It is recommended to enable anti-phishing filters (tools) in the web browser, which check whether the website displayed is authentic and is not used for phishing purposes, e.g. by impersonating an institution or a given economic entity.
c) Caution is recommended when opening attachments or clicking on links in e-mails that the User did not expect, for example from unknown senders. In case of doubt, it is worth contacting the sender, e.g. by phone.
d) Files should only be downloaded from trusted sites. It is highly risky to install software from unverified sources.
e) A website User using a home Wi-Fi network should set a secure and difficult-to-crack network access password. It is also recommended to use the highest possible standards of wireless Wi-Fi network encryption which can be run on your equipment, such as WPA2.
13. Final provisions.
a) The Controller shall apply technical and organisational measures ensuring protection of the processed personal data relevant to the risks and categories of protected data, and in particular, they shall protect data against unauthorised disclosure or taking them away by an unauthorised person.
c) Any changes will be immediately made available on the website.