GDPR information clause
From the 25th of May 2018, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 shall apply (GDPR). The most important goal of the GDPR is to strengthen the protection of personal data of individuals who are collected and processed by companies and institutions operating in the European Union.
Our company attaches great importance to meeting the requirements of the GDPR. Below, we present the necessary information for you regarding the application of the new regulations on the protection of personal data.
The administrator of your personal data is Malwina Macioł, conducting business activity under the company Elpast Malwina Macioł based in Łódź, 5/15 Brzezińska Street Łódź 92-103, NIP: 7251861766, CRO:100298812 (hereinafter: ‘ELPLAST’)
ELPLAST processes your personal data (i.e. collects, records, stores, deletes or destroys it). In connection with the service of contracts concluded by ELPLAST, or when performing the services provided, your data is processed not based on consent but due to the need to perform the concluded contract or fulfill the obligation arising from a legal provision (e.g. tax regulations).
ELPLAST may process your personal data e.g.:
in connection with a concluded sales contract, delivery contract with assembly or other contract related to the business of the company (Article 6, Paragraph 1, Letter ‘b’ of the GDPR),
when it fulfills the obligations arising from the provisions of generally applicable law, e.g. the provisions of the Tax Acts or the Accounting Act (Article 6, Paragraph 1, Letter ‘c’ of the GDPR), when it is necessary for the implementation of ELPLAST's legitimate interests (e.g. determination and recovery of claims from in connection with the business, including debt collection, enforcement of claims, as well as defence against claims (Article 6, Paragraph 1, Letter ‘f’ of the GDPR).
Personal data of the field for recording the limitation period for elective claims, i.e. for no more than 10 years (in accordance with Article 118 of the Civil Code) from the due date of a given claim.
The recipients of the personal data provided by you may be banks, courier companies or receivables insurers.
The purpose of the GDPR is to provide an opportunity to protect its rights and freedoms and to ensure control over the selection of data quality.
For this purpose you can exercise your rights:
the right to access data – a person whose advanced data has the right to receive information e.g. what ELPLAST data processes, in the scenarios they are related and obtaining their copies.
the right to choose data (the right to be forgotten) – a person whose program can indicate the scope and justify the requested data deletion e.g. the data is no longer necessary to achieve the purposes for which it was collected and not the correct basis for data evaluation, data is checked unlawfully.
the right to data portability – the person, whose last data has the right to be in a structured, normal, machine-readable format, personal data about him/her that they provided to ELPLAST.
the right to data processing – a person whose feedback that there is data in Article 18 of the GDPR for data processing of the aforementioned data e.g. ELPLAST does not apply to data, does not apply to data points to data points and the data date requests to suspend data operations or not to delete data.
the right to rectify data – at any time when the need arises, the person whose personal data regards, informs ELPLAST about the change of personal data.
objection – at any time, it is possible to make an objection to data processing in an automated manner including profiling, as well as opposition to the processing of initial data.
ELPLAST without undue delay – and in any case within one month from the date of receipt of the request – provides the data subject with information about any actions taken in connection with the implementation of the above-mentioned rights.
Under both the existing provisions of generally applicable law on the protection of personal data (the Personal Data Protection Act and the executive regulation to the Act) and in the light of new European regulations, ELPLAST processes your data using the appropriate technical and organisational measures necessary to ensure the security of this data.
Your personal data is the most valuable resource for our company. ELPLAST has, therefore, taken and takes the appropriate technical and organisational measures to protect the processing of personal data, particularly to protect data against unauthorised disclosure, removal by an unauthorised person, loss and alteration, damage or destruction. In addition, all information regarding the relationship between the customer and ELPLAST is legally protected.
As of the date of entry into force of the GDPR, ELPLAST has a Data Protection Officer who can be contacted by mail, by sending correspondence to the address: ELPLAST, 5/15 ul. Brzezińska Łódź 92-103, with the note ‘Data Protection Officer’, or to the appropriate e-mail address.
We would like to inform you that ELPLAST does not transfer your data to third countries and does not use tools based on customer profiling.