Privacy policy

Target Poland 9 Privacy policy

PRINCIPLES OF PERSONAL DATA PROCESSING IN Target Solutions Poland (NIP 9452005880, REGON 529713176)

Who processes the data:

The data administrator is Target Solutions Poland (NIP 9452005880, REGON 529713176) (hereinafter referred to as “We” or “Target Solutions”).

Our activities include:

1. Consulting: In which we create, among other things, address lists for contractors looking for business partners (clients, distributors, manufacturers) in Poland. We create business partner lists based on information from publicly available and official sources (e.g., CEIDG, KRS, GUS, official websites of companies and public administration units). We do not collect data that is not made public.
2. Recruitment: As part of recruitment activities, we collect, store, and process personal data of candidates obtained from legal sources.

HOW CAN YOU CONTACT US?

The company has appointed a Data Protection Officer. You can contact the Data Protection Officer via email at iod@targetpoland.com or by post at Target Solutions Poland, ul. Mackiewicza 18/11, 31-214 Kraków.

What data we process, on what legal basis, for what purpose, and for how long

Below you will find detailed information on data in categories A, B, and C:

A) Personal data processed by the Administrator through the website www.targetpoland.com when a user uses the contact form
1. Personal data is processed by the Administrator when the user uses the contact form on www.targetpoland.com, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR, and the Personal Data Protection Act of 10 May 2018, to respond to user inquiries as the legitimate interest of the Administrator. The user’s consent to data processing can be revoked at any time, resulting in the personal data being deleted by the Administrator.
2. The Administrator processes the following categories of personal data of the user when using the contact form: – First and last name, – Telephone number, – Email address.
3. Users’ personal data are stored by the Administrator:
in cases where the basis for data processing is the performance of a contract, for as long as it is necessary to perform the contract, and thereafter for a period corresponding to the statute of limitations for claims. If no specific regulations state otherwise, the statute of limitations is six years, and for periodic claims and claims related to business activities – three years.
in cases where the basis for data processing is consent, for as long as the consent is not revoked, and after revocation for a period corresponding to the statute of limitations for claims that may be raised by the Administrator or against them. If no specific regulations state otherwise, the statute of limitations is six years, and for periodic claims and claims related to business activities – three years.
4. While using the website, additional information may be collected, in particular: the IP address assigned to the user’s computer or the external IP address of the Internet provider, domain name, browser type, access time, and type of operating system.
5. Users may also have navigation data collected, including information about links and references they choose to click on or other actions taken on the website. The legal basis for such activities is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting of facilitating the use of electronically provided services and improving the functionality of these services. Providing personal data by the user is voluntary.
6. Personal data of users of www.targetpoland.com will not be processed automatically in the form of profiling.
7. The Administrator takes particular care to protect the interests of the persons whose data is processed, and in particular, ensures that the data collected by them: – is processed in accordance with the law, – is collected for specific, lawful purposes and not subjected to further processing that is inconsistent with those purposes, – is factually correct and adequate in relation to the purposes for which it is processed and stored in a form that allows for the identification of the persons to whom it relates, no longer than is necessary to achieve the purpose of the processing.
8. Personal data of users of www.targetpoland.com is transferred to service providers used by the Administrator in running the website. The service providers to whom personal data is transferred, depending on contractual arrangements and circumstances, either follow the Administrator’s instructions regarding the purposes and methods of processing this data (processors) or independently determine the purposes and methods of processing (controllers).
9. Personal data of users is stored exclusively within the European Economic Area (EEA).

B) Personal data processed by the Administrator as part of consulting activities:

As part of consulting activities, the Administrator processes the following categories of personal data: – First and last name of the company’s president or owner, or contact person, – Telephone number, – Email address: this data is obtained from official sources (KRS, CEIDG, official company websites).

This data is obtained from publicly available, legal, and official sources and is processed based on the legitimate interest of the data controller, i.e., Article 6(1)(f) of the GDPR. The individuals whose data is processed are informed of this in accordance with the information obligation, Article 14 of the GDPR, via email. Obtaining data from publicly available sources (KRS, CEIDG) is compliant with GDPR, provided that this data is processed for purposes arising from legitimate interests (Article 6(1)(f)). Personal data of business partners (distributors, clients, etc.) collected in consulting services, obtained from publicly available sources, will be processed as long as it is necessary to perform the contract and thereafter for a period corresponding to the statute of limitations for claims. If no specific regulations state otherwise, the statute of limitations is six years, and for periodic claims and claims related to business activities – three years. Business partner data processed in consulting activities, originating from publicly available sources, is shared with Target Solutions Poland (NIP 9452005880) clients for their business purposes, such as finding distributors for their products in Poland, assessing client credibility, etc.

C) Personal data of candidates processed by the Administrator as part of recruitment activities:

Variant I)
We process the personal data of candidates including: first name, last name, email address, telephone number, solely for the purpose of contacting the candidate and offering them a job opportunity.
We collect the above data from publicly available sources, including recruitment-focused social media (Linkedin, Xing etc.)), and the Internet.
The processing of this data is limited to its collection and the establishment of the first contact, during which potential candidates are informed that their data has been obtained via email or through a social media message, along with information on the option to opt-out of data processing by responding.

The legal basis for processing data belonging to Variant I of potential candidates is Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) – the necessity for the performance of a contract and to take action before entering into it.
The personal data of the candidate collected for contact purposes is either stored with their consent to facilitate further contact or marked as not wishing to be contacted, or deleted.

Variant II)
We process the personal data of the applicant including: first name, last name, email address, telephone number, place of residence, educational background, employment history, and any additional data voluntarily provided by the applicant. The purpose of processing this personal data is to carry out a recruitment project.
The legal basis for processing personal data for the purposes specified in this section is the candidate’s consent under Article 6(1)(a) of the GDPR.
Data covered by Variant II is processed during the recruitment process and until the candidate revokes consent, but no longer than three years after the recruitment process has concluded.

The legal basis for processing personal data in Variant II is the candidate’s consent under Article 6(1)(a) of the GDPR. Personal data processing of the candidate occurs after they provide written approval in accordance with the clause below:
“I consent to the processing of my personal data, which I have voluntarily provided, for the recruitment project by the Data Controller, i.e., Target Solutions Poland, headquartered in Kraków, ul. Mackiewicza 18/11, entered into CEIDG under NIP 9452005880, REGON 529713176, to conduct the recruitment project, based on Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR).”

Personal data in Variant II will be transferred to the potential employer for whom the recruitment process is being conducted. If the employer wishes to process the candidate’s personal data independently, they will contact the candidate directly for written consent. Before transferring the data, Target Solutions Poland (NIP 9452005880) signs a data transfer agreement with the potential employer for recruitment purposes in compliance with GDPR regulations.

Variant III
We process the personal data of applicants, including: name, surname, email address, telephone number, place of residence, education history, employment history, and any additional data provided voluntarily by the applicant. The purpose of processing this personal data is to manage future recruitment projects. The legal basis for processing personal data in Variant III for future recruitment projects is the applicant’s consent (legal basis: Article 6(1)(a) of the GDPR).
Personal data of applicants under Variant III may be shared with potential employers offering vacancies in future recruitment projects.

The data covered by this section will be processed during the period in which the administrator conducts recruitment projects that match the applicant’s qualifications and until the applicant withdraws consent, for a maximum of 5 years from the date of obtaining the applicant’s consent to process data based on the following clause signed by the applicant: “I consent to the processing of my personal data, which I have voluntarily provided in the recruitment project by the Data Controller, i.e., Target Solutions Poland, headquartered in Kraków, ul. Mackiewicza 18/11, entered into CEIDG under NIP 9452005880, REGON 529713176, for the purpose of conducting future recruitment projects, in accordance with Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (GDPR).”

Personal data in Variant III will be shared with potential future employers when relevant recruitment projects arise. If the employer wishes to process the candidate’s personal data independently, they will contact the applicant directly to request written consent. Before transferring data, Target Solutions Poland (NIP 9452005880) signs a data transfer agreement with the potential employer for recruitment purposes in accordance with GDPR regulations.

HOW DO WE PROCESS PERSONAL DATA?

We process personal data in accordance with applicable law, particularly the provisions of the Personal Data Protection Act and the General Data Protection Regulation (GDPR). We adhere to the following principles when processing your personal data:
1. Adequacy principle
We process only the data necessary to achieve the intended purpose of processing.
2. Transparency principle
This document, in which we provide the most comprehensive information possible about the rules for processing personal data, is a manifestation of the transparency principle we have implemented.
3. Accuracy principle
We make every effort to ensure that the personal data we process is up-to-date and accurate. If you find that any of your personal data is outdated or inaccurate, please inform us by email at iod@targetpoland.com or by post at Target Solutions Poland, ul. Mackiewicza 18/11, 31-214 Kraków.
4. Integrity and confidentiality principle
We apply the necessary measures to ensure the confidentiality and integrity of your personal data. We continuously improve these safeguards as technology and the environment evolve. The security measures include physical and technological safeguards that limit access to your data, as well as appropriate safeguards to prevent the loss of your data.
We use SSL/TLS encryption for communications.
Access control is enforced within the company.
We do not print documents containing personal data.
5. Accountability principle
We maintain records of personal data processing so that, in case of inquiry, we can provide you with full information on what actions we have taken concerning your data.

WHAT ARE YOUR RIGHTS?

The right to personal data protection gives you a range of rights that you can exercise at any time. As long as you do not abuse these rights (e.g., by making unjustified daily requests for information), exercising them will be free of charge and easy to implement.

Your rights include:
1. Right to free of charge access to your personal data
This right means that you can ask us to export the information we have about you from our databases and send it to you in one of the commonly used formats (e.g., XLSX, DOCX, etc.).
2. Right to free of charge rectification of data
If you find that the data we process is outdated, you have the right to ask us to correct it, and we are obligated to do so.
3. Right to free of charge restriction of data processing
If, despite us following the adequacy principle, you believe we are processing too broad a scope of your personal data, you have the right to request that we restrict this scope. As long as your request does not contradict legal requirements or make the performance of a contract impossible, we will update the scope of the data being processed.
4. Right to free of charge erasure of data
The right to erasure of data, also known as the right to be forgotten, means you can request that we remove all information containing your personal data from our databases and documentation. Please note that we may not be able to do this if we are legally obligated to continue processing your data (e.g., for tax purposes). However, in all cases, we will delete your personal data to the fullest extent possible, and where deletion is not possible, we will pseudonymize it so that your data, which we must retain under applicable law, will be accessible only to a very limited group of people within our company.
5. Right to free of charge data portability to another data controller
In accordance with the General Data Protection Regulation, you can ask us to export the data you have provided to us during all our contacts and cooperation to a separate file for transfer to another data controller.
6. Right to free of charge objection
We draw your particular attention to the right to object, which allows you to block or restrict further processing of your personal data in specific situations. You submit the right to object when you do not want us to process your personal data for a specific purpose. In such a case, we will continue to process your data for other processes (for other purposes), but not for the purpose you objected to, unless your request contradicts legal obligations imposed on us.
You can submit your objection via email to iod@targetpoland.com or by sending a letter to Target Solutions Poland, ul. Mackiewicza 18/11, 31-214 Kraków.
7. Right to free of charge withdrawal of consent
We draw your attention to the right to withdraw consent, which allows you to withdraw previously given consent for the processing of your personal data.

The legal bases for the rights listed above are as follows:

  • Access to data – Article 15 of the GDPR
  • Rectification of data – Article 16 of the GDPR
  • Erasure of data (right to be forgotten) – Article 17 of the GDPR
  • Restriction of processing – Article 18 of the GDPR
  • Data portability – Article 20 of the GDPR
  • Objection – Article 21 of the GDPR
  • Withdrawal of consent – Article 7(3) of the GDPR

You can exercise the rights mentioned above by contacting us via email at iod@targetpoland.com or by sending a letter to Target Solutions Poland, ul. Mackiewicza 18/11, 31-214 Kraków.

In the event that a user exercises their rights as described above, the Administrator will fulfill the request or refuse to fulfill it promptly, but no later than within one month of receiving the request. However, if – due to the complexity of the request or the number of requests – the Administrator is unable to fulfill the request within one month, they will fulfill it within the next two months, informing the user within the first month of receiving the request of the planned extension and its reasons.

You can contact us using the above communication channels if any actions or situations you encounter raise concerns about compliance with regulations or if you suspect a violation of your rights or freedoms. In such cases, we will promptly respond to your questions and concerns and address the issue at hand.
If you believe that we have violated the rules for processing your personal data in any way, you have the right to file a complaint directly with the supervisory authority (from 25 May 2018, this is the President of the Personal Data Protection Office). On our part, we encourage you to contact us first, and we are fully committed to working with users to resolve any issues internally before filing a complaint with the supervisory authority. When exercising this right, you should provide the President of the Personal Data Protection Office with a full description of the situation and specify which action you consider to have violated your rights or freedoms. The complaint should be submitted directly to the supervisory authority at the address: ul. Stawki 2, 00-193 Warsaw.

Cookie Policy

1. The Administrator’s website uses cookies.
2. Installing cookies is necessary for the proper provision of services on the website. The cookies contain information necessary for the proper functioning of the website, and they also allow for the preparation of general statistics on website visits.
3. The following types of cookies are used on the website:
Session cookies, which are temporary files stored on the user’s end device until they log out (leave the website).
Persistent cookies, which are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.
4. The Administrator uses their own cookies to better understand how users interact with the content of the website. The cookies collect information about how users use the website, the type of site from which the user was redirected, the number of visits, and the time spent on the website. This information does not record specific personal data of the user but is used to compile statistics on website usage.
5. The user has the right to decide on the access of cookies to their computer by selecting them in advance in their browser window. Detailed information about the possibilities and ways of handling cookies is available in the settings of the software (web browser).

Final Provisions

1. The Administrator uses technical and organizational measures that ensure the protection of the personal data being processed, appropriate to the risks and categories of data being protected, and in particular, secures the data against unauthorized disclosure, acquisition by an unauthorized person, processing in violation of applicable regulations, and alteration, loss, damage, or destruction.
2. The Administrator provides appropriate technical measures to prevent the acquisition and modification of personal data sent electronically by unauthorized persons.
3. All real estate offers presented, for sale or rent, are for informational purposes only and do not constitute a commercial offer within the meaning of Article 66 §1 of the Civil Code and other relevant legal provisions.
4. In matters not regulated by this Privacy Policy, the provisions of the GDPR and other applicable Polish laws apply accordingly.
In case of any ambiguity in interpretation or possible translation errors in the PRIVACY POLICY, the Polish language version of the document shall prevail.

15 + 5 =