I. Data controller
The controller of Website User’s personal data is GRETOM Consulting Tomasz Greber based at ul. Żeńców 7, 52-230 Wrocław, hereinafter called „Controller”.
II.Data collecting and method of use
- The website lets the User remain anonymous because browsing its content does not require the User to enter personal data, except for certain cases.
- The access to certain services rendered by the Website may require the User to enter its personal data. This being the case, a failure to enter such personal data may limit the range of services.
- Method of collecting personal data:
- Information given by the User
- By using the contact form available on the Website, the User is able to contact the enterprise with regard to services rendered by entering its first name and e-mail address.
- Users may download a demo software from the Website. The User must enter the following: first and last name, company name and e-mail address. The personal data collected in this way are processed by the Controller for the actions related to the program ordered by the User.
- The User may open an account on the Website. The user must enter the following: first and last name, company name, e-mail address and password. The data entered during registration will be processed by the Controller in order to open the User’s account.
- Provided a separate consent is obtained, the User’s data may also be used for the purposes of marketing own products and services as well as sending commercial information by electronic means.
- Automatically collected information
When using the Website, only the data related to browsing the content of the Website by Users are collected automatically, that is number and source of visits, visit time, content browsed, number and type of subpages, referral, PC IP number. The Controller does not combine such data with the User’s personal data, and does not use them to identify the User. The data are collected solely for technical purposes (related to administration) and to collect general demography-related data (e.g. region from which IP connects with the portal).
- The Website uses information recorded in cookies files on final user’s devices for statistical purposes and for optimal management of the content so that the website can be adapted to user’s needs. Cookies files do not contain any personal data and may be stored until the browser is closed or until they are deleted from the browser.
- The pqfmea.com website uses two types of cookies:
2.1. performance (collecting information on how visitors use the website, e.g. the most visited pages or error messages, etc.),
2.2. functional (saving user settings, e.g. language, consents, etc.), such as:
• session cookies – these are temporary information stored in the browser’s memory until the end of the session, i.e. closing it.
- The User may always feel free to resign from cookies. Regardless of what Internet browser is used, the User may choose to disable cookies both in a specific web page and all websites. The information on how to use the aforesaid option can be found at the manufacturer’s of the browser used (Opera, Firefox, Internet Explorer, Chrome, Safari).
- For more details on cookies, please see: wszystkoociasteczkach.pl.
- Using pq-fmea.pl and any of its subpages without changes to the browser means that the User accepts the cookies files.
IV.Handing and disclosing personal data
Any information about Users shall not be disclosed to third parties, except when the Controller is obligated to provide such data to authorized public authorities (e.g. court, prosecutor) in accordance with applicable rules of law and provided the User has given its explicit consent.
Our suppliers are located primarily in Poland and other countries of the European Economic Area (EEA), e.g. in Ireland. Some of our suppliers have their head offices out of EEA. As your data are disclosed outside the EEA, we have made sure our suppliers guarantee top-level protection of your personal data. These assurances are primarily based on the obligation to use standard contractual clauses adopted by the Commission (EU) or participation in the program entitled „Privacy Shield” established by way of the decision of the Commission (EU) 2016/1250 dated 12 July 2016 on adequacy of the protection assured by the EU-USA Privacy Shield.
V. Personal data protection
Any User’s personal data obtained via the website are processed in a way that assures their safety, in accordance with the applicable rules of law, in particular the resolution of the European Parliament and European Council (EU) 2016/679 dated 27 April 2016 on protection of natural persons due to processing their personal data and on free flow of such data and revocation of the directive 95/46/WE.
The data Controller keeps the information secret. The data are processed in accordance with organizational procedures and methods related to specific purposes.
VI.Data processing period
- The User’s personal data processed for the purposes of supporting queries shall be processed as long as the correspondence is exchanged, and then depending on what results will be – either become a part of the customer base in GRETOM Consulting Tomasz Greber and are processed for the purposes of the agreement, or are deleted if the cooperation cannot be established.
- If the User has its Account on the Website, the User’s personal data shall be stored as long as the User keeps the Account or until the termination of the agreement.
- If the User terminates talks explicitly for the Controller, the data shall be deleted immediately from working system bases and within 30 days from backup copies.
- In the event of lack of responses and unclear situation, the data shall be stored for 6 months after last message has been sent.
- The data processed on the basis of the consent, that is the data used to send marketing information shall be processed until the consent has been withdrawn. It is also necessary to add the period of 30 days required to delete them from backup copies.
VII. User’s rights
It is the User who decides about the scope and purpose of processing. The User shall have a right to do the following at any time:
- withdraw the consent. The User’s consent for processing data for marketing purposes is voluntary and may be withdrawn at any time. It is recommended that the User should send the message from the same e-mail address or telephone number used to receive marketing contents. The only consequence of such withdrawal shall be the fact that the User will not be able to receive any information on the offer and other marketing content from the enterprise.
- object to using data. The User has a right to object to using its personal data at any time if the User’s data are processed on the basis of the legally justified interest, e.g. product and services marketing. If the User resigns from receiving marketing messages concerning the products and services of the enterprise, the data Controller shall understand that the User objects to processing its personal data. If the User’s objection proves to be legitimate and there is no other legal basis for processing User’s personal data, the data Controller shall delete the User’s data from the Website.
- delete data („right to be forgotten”). The User shall have a right to demand deletion of all or certain personal data. The User shall have a right to demand deletion of personal data if:
a) it has withdrawn the consent to the extent to which personal data were processed on the basis of its consent;
b) User’s personal data ceased to be indispensable for the purposes they have been collected or in which they have been processed;
c) it has objected to using its data for marketing purposes;
d) User’s personal data are processed illegally.
Although the User demands deletion of personal data, due to objection or consent withdrawal, the Controller may keep certain personal data to the extent required to establish, pursue or defect claims.
- transfer data. The User has a right to receive its personal data it has provided via the Website, and then send them to other personal data controller it has chosen. The User has a right to require the Controller to send the personal data directly to other controller, if there are technical capabilities in this respect.
- limit data processing. The User has a right to demand limitation of its personal data processing. If the User makes such demand, the data Controller shall prevent the User from using specific services whose use will entail processing the data in question, until the demand has been considered.
- access data. The User has a right to obtain data Controller’s confirmation that the Controller processes its personal data, and if this is the case, the User shall have a right to:
a) gain access to its personal data:
b) obtain information on purposes of processing, personal data categories, recipients or data recipient categories, planned data storage period or period establishment criteria, on rights of the User on the basis of GDPR and a right to lodge complaint to the supervisory body, on the source of such data, on automatic decision-making process, on profiling and securing data due to the fact that they are sent out of the European Union;
c) obtain a copy of its personal data.
- correct data. The User shall have a right to correct and supplement its personal data. The User has a right to require the Controller to correct the data (if they are wrong) as well as to supplement them (if they are incomplete).
- Lodge the complaint to the supervisory body. The User shall have a right to lodge complaints, queries and petitions concerning personal data processing and its entitlements. The User shall have a right to lodge a complaint to GIODO [Inspector General for the Protection of Personal Data] with its registered office at ul. Stawki 2 in Warsaw or other supervisory body.
Any rights to the content of www.pq-fmea.pl are reserved. The User shall have a right to download and print entire pages or passages provided copyrights are not violated. None of the part of the website may be copied in its entirety or partly for commercial purposes, transmitted electronically or otherwise modified, linked or used without prior approval of GRETOM Consulting Tomasz Greber.
IX. Modifications to Privacy Protection Policy