To fulfill the obligation to inform, imposed by the regulations of Regulation 2016/679 of the European Parliament and of the Council of the European Union of April 27, 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46 /WE (hereinafter referred to as “RODO”) GBS LOGISTIC Limited Liability Company (GBS LOGISTIC SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIAŁNOŚCIĄ) informs about the principles of processing personal data received in connection with the provision of services by it, as well as in connection with the use of the Service https ://fx-ats.group/ by users.
I. GENERAL CONCEPTS
Personal data administrator (“Administrator”) – Limited Liability Company Location at st. Lubartowska 71A, 20-123 Lublin, entered in the register of entrepreneurs of the State Judicial Register under number 0000841837, tax number 9731071108, number REGON [National Register of Economic Entities]: 38608108
Contact with the Administrator regarding the processing of personal data is carried out by email at: gbslogistic@gbslogistic.com.
User – any individual whose personal data is processed by the Administrator.
Personal data – any information about an identified or identifiable natural person (“data subject”); An identifiable natural person is a person who can be identified directly or indirectly, in particular by the use of an identifier such as a name, identification number, location data, online identifier or one or more factors specific to the physical, physiological, genetic , mental, economic, cultural or social identity of an individual.
RODO – Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/WE.
Service – an information technology solution posted on the website https://fx-ats.group/, containing, among other things, a range of services provided to Users in electronic form.
Processing of personal data – any operations performed with personal data, such as collection, recording, storage, processing, modification, distribution, destruction, including those carried out in computer systems.
A breach of personal data protection is a breach of security leading to accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data that is transmitted, stored or otherwise processed.
II. PROCESSING OF PERSONAL DATA AND INFORMATION ABOUT FORMS
1. Personal data of Service Users may be processed by the Data Administrator in the following cases:
a) with the consent of the User of the Service, provided in the forms placed on the Service, with the purpose of performing the actions for which these forms are intended (Article 6, Clause 1, letter a RODO),
b) when data processing is necessary for the performance of a contract to which the User of the Service is a party, or in order to perform actions at the request of the User before concluding the contract (Article 6, paragraph l, letter b RODO),
c) for the consideration of complaints – the legal basis for data processing is the necessity of such processing for the performance of the contract (Article 6, Clause 1, letter b RODO);
d) in order to fulfill the duties assigned to the Administrator by law (Article 6, Clause 1, letter c RODO),
e) for the purpose of possible formation, presentation or defense against claims – the legal basis for data processing is the Administrator’s legitimate interest in protecting his rights (Article 6, Clause 1, letter f RODO),
f) for the Administrator’s marketing purposes, which consist in informing the User about current offers and new functions of the Service – the legal basis for data processing is consent (Article 6, Clause 1, letter a RODO).
2. The administrator processes the personal data of the User of the Service to the extent necessary to achieve the goals specified in point 1 above, and during the time necessary to achieve such goals, or until the User of the Service withdraws his consent. Failure to provide data by the user may in some cases lead to the impossibility of achieving the goals for which such data is necessary.
3. The administrator can send e-mails of a commercial nature, provided that the User of the Service has agreed.
4. The administrator takes technical and organizational measures to ensure the protection of processed personal data.
5. The following personal data of the User of the Service may be collected with the help of forms placed on the Service, or for the purpose of fulfilling contracts that may be concluded through the Service: name, surname, e-mail address, telephone number.
6. The data provided to the Administrator by the User in the forms posted on the Service may be transferred by the Administrator to third parties cooperating with the Administrator in order to achieve the last goal stated in clause 1.
7. The third party having access to personal data processes them only on the basis of the agreement on the assignment of personal data processing and only at the request of the Administrator.
8. The data presented in the forms placed on the Service are processed for the purposes for which the corresponding form is assigned; in addition, they can be used by the Administrator for archiving and statistical purposes. The data subject’s consent is expressed by ticking the form field.
9. The user, if provided by the Service, may refuse or consent to receiving commercial information by means of electronic means of communication, by ticking the corresponding field of the registration form, in accordance with the law of July 18, 2002 on the provision of services by means of electronic means (Legislative Bulletin of 2002, No. 144, if the User of the Service has given consent to receive commercial information by electronic means, he has the right to withdraw such consent at any time by sending a corresponding request by e-mail to the Administrator in particular, by clicking on the deactivation link contained in each email sent to the User as part of this service.
III. USER RIGHTS
According to Art. 15 – 22 RODO every person whose data is processed has the following rights:
a) the right to information about the processing of personal data – the Administrator is obliged to provide, at the request of a person, information about the processing of his personal data, the purposes and legal grounds of their processing, the amount of stored data, the subjects to whom personal data are disclosed, and the planned date of their destruction. ;
b) the right to receive a copy of the data – the Administrator provides a copy of the data of the person processed by him at the request of such a person, if this is possible and does not violate the rights of third parties;
c) the right to clarify data – the User has the right to demand the correction of inconsistencies or errors concerning his processed personal data, as well as supplement or update them if they are incomplete or have changed;
d) the right to delete data – the User may request the deletion of data, the processing of which is no longer necessary for any of the purposes for which they were collected;
e) the right to limit processing – on this basis, the Administrator may terminate operations with personal data, with the exception of operations for which permission has been provided by the data subject, as well as their storage in accordance with accepted rules or until the reasons for limiting processing disappear ( for example, the decision of the supervisory authority allowing further processing);
f) the right to transfer data – on this basis, if the data is processed in connection with the concluded contract or the consent provided, the Administrator may publish the data provided by the data subject;
g) the right to object to the processing of data for marketing purposes – the data subject may at any time object to the processing of personal data for marketing purposes without the need to justify such an objection;
h) the right to object to the processing of data for other purposes – the data subject may object to the processing of personal data at any time. In this case, the objection must contain a justification and be evaluated by the Administrator;
i) the right to withdraw consent – if the data is processed on the basis of consent, the data subject has the right to withdraw it at any time, but this does not affect the legality of the processing carried out before the withdrawal of this consent;
j) the right to appeal – if the processing of personal data violates the provisions of RODO or the requirements of the second legislation on the protection of personal data, the data subject can file a complaint with the supervisory authority of the Chairman of the Office for the Protection of Personal Data (https://uodo.gov.pl/pl/ p/kontakt ).
The application for exercising the rights of the data subject can be submitted by e-mail to the address: gbslogistic@gbslogistic.com.
3. The answer to the application is provided within one month from the moment of its receipt. If it is necessary to extend this period, the Administrator will notify the applicant of his reasons.
4. The answer is provided to the email address from which the application was sent, and in the case of applications sent by mail – by registered letter to the address specified by the applicant, except for cases when it follows from the content of the application that the applicant wants correspondence to take place by e-mail ( in this case, the e-mail address must be specified in the application).
IV. SERVER LOGS.
1. Using the website involves sending requests to the server on which the website is stored. Each request made to the server is recorded in the server’s logs.
2. Logs include, among other things, the User’s IP address, the date and time the server was running, information about the Internet browser and the operating system used. Logs (logs) are recorded and stored on the server.
3. The data recorded in the server logs is not associated with specific individuals using the website and is not used by the Administrator to identify the User.
4. Server logs are only auxiliary materials for site administration and their contents are not disclosed to anyone except persons authorized to administer the server.
V. FINAL PROVISIONS
1. The privacy policy is constantly reviewed and updated as necessary.
2. The privacy policy is valid from 03/01/2024.