Information on Personal Data Protection
In accordance with Article 13 of Regulation 2016/679 of the European Parliament and of the Council of the European Union of 27 April 2016 on the protection of individuals with regard to the processing of personal data (hereafter – GDPR), if you are my client, I am obliged to provide you with the following information:
1 The administrator of your personal data is Remedium Europa International Centre for European Training and Cooperation Konrad Cywka, firstname.lastname@example.org.
2. I process your personal data in order to take action at your request before concluding a contract or to perform a contract concluded between us or with the entity you represent.
3. The legal basis for processing your data is:
– Article 6.1.b) GDPR – the processing is necessary for the performance of a contract to which the data subject is a party or to take action at your request before concluding a contract,
– Article 6.1.c) GDPR – processing is necessary to fulfil the legal obligation of the administrator (e.g. to fulfil my tax obligations – if a contract has been concluded between us),
– Article 6.1.f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the administrator (e.g. self-marketing of my services or claiming damages – if a contract has been entered into between us).
4. I will keep your data until any claims between us become time-barred. If no contract has been entered into, I will delete your personal data at your request.
5. I will not process your personal data for purposes other than those stated in section 2 above.
6. I will not disclose your personal data to recipients referred to in article 4.9) of the GDPR, except to persons who I authorise to process personal data (e.g., office personnel) and persons to whom I entrust the processing of personal data (e.g., an accountancy office). These persons are obliged to maintain secrecy and to protect personal data which can only be processed on my instructions (Art. 29 GDPR). The recipients within the meaning of Art. 4.9) of the GDPR are not public bodies which can receive personal data as part of a specific legal procedure.
7. I do not use profiling, i.e. automated processing of your data in order to use them to assess certain characteristics of an individual.
8. You have the following powers under the GDPR:
-The right of access to your personal data (Article 15 of the GDPR),
– The right to rectify these data (Article 16 GDPR),
-The right to delete these data – the ‘right to be forgotten’ – in the situations referred to in Article 17 of the GDPR,
-The right to restrict the processing of these data in the situations referred to in Article 18 of the GDPR,
– If the processing is carried out by automated means pursuant to Article 6.1.a) or 6.1.b) – the right to data portability (Article 20 GDPR),
-If the processing is based solely on Article 6.1.e) or 6.1.f) of the GDPR, the right to object to the processing (Article 21 of the GDPR),
– If the processing is carried out solely on the basis of Article 6.1.a) – the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
-The right to make a complaint to the supervisory authority.
I attach particular importance to the protection of customers’ personal data. I am aware that this is the realisation of constitutional freedoms: the right to privacy (Article 47 of the Constitution) and the right to data protection (Article 51 of the Constitution). For these reasons, I ask for any comments or signals about possible disturbing developments in this area related to my business. Please send your comments to the address provided: email@example.com