Choose your role from the list below:
JOB APPLICANTS
If you are a job applicant, we process your data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Personnel recruitment – current recruitment processes |
Fulfilment of legal obligations imposed on us by legislation (in particular Article 221 of the Labour Code) – as far as the personal data provided for by the legislation is concerned |
Article 6(1)(c) |
Consent – for personal data not provided for by legislation |
Article 6(1)(a) |
|
Personnel recruitment – future recruitment processes |
Consent |
Article 6(1)(a) |
| Show Row 1 | |
| Purpose of processing | Personnel recruitment – current recruitment processes |
| Description of the legal basis | Fulfilment of legal obligations imposed on us by legislation (in particular Article 221 of the Labour Code) – as far as the personal data provided for by the legislation is concerned |
| GDPR provision | Article 6(1)(c) |
| Show Row 2 | |
| Purpose of processing | |
| Description of the legal basis | Consent – for personal data not provided for by legislation |
| GDPR provision | Article 6(1)(a) |
| Show Row 3 | |
| Purpose of processing | Personnel recruitment – future recruitment processes |
| Description of the legal basis | Consent |
| GDPR provision | Article 6(1)(a) |
Your data will be kept until the recruitment process to which you have applied has been completed. If you have consented to the processing of your personal data for future recruitment processes, until you revoke your consent, no longer than 2 years.
CUSTOMERS
If we provide you with our services or products and you are therefore our customer or a representative of our customer, we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Processing of customer data – for the purpose of fulfilling a contract with a customer or taking action prior to concluding a contract |
Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
Article 6(1)(b) |
Processing of customer's representative data – for the purpose of fulfilling a contract with a customer or taking action prior to concluding a contract |
Legitimate interest in being able to conclude and perform a contract between us and the customer |
Article 6(1)(f) |
Fulfilment of legal obligations related to the customer contract |
Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
Article 6(1)(c) |
Redressing or defending against possible claims |
Legitimate interest to establish, assert or defend against claims, including debt collection |
Article 6(1)(f) |
Processing of customer data – to handle complaints |
Necessity for the performance of a contract to which the data subject is party (as regards complaints) |
Article 6(1)(b) |
Processing of customer representative data – to handle complaints |
Legitimate interest in being able to perform the contract between us and the customer (as regards complaints) |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Processing of customer data – for the purpose of fulfilling a contract with a customer or taking action prior to concluding a contract |
| Description of the legal basis | Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
| GDPR provision | Article 6(1)(b) |
| Show Row 2 | |
| Purpose of processing | Processing of customer's representative data – for the purpose of fulfilling a contract with a customer or taking action prior to concluding a contract |
| Description of the legal basis | Legitimate interest in being able to conclude and perform a contract between us and the customer |
| GDPR provision | Article 6(1)(f) |
| Show Row 3 | |
| Purpose of processing | Fulfilment of legal obligations related to the customer contract |
| Description of the legal basis | Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
| GDPR provision | Article 6(1)(c) |
| Show Row 4 | |
| Purpose of processing | Redressing or defending against possible claims |
| Description of the legal basis | Legitimate interest to establish, assert or defend against claims, including debt collection |
| GDPR provision | Article 6(1)(f) |
| Show Row 5 | |
| Purpose of processing | Processing of customer data – to handle complaints |
| Description of the legal basis | Necessity for the performance of a contract to which the data subject is party (as regards complaints) |
| GDPR provision | Article 6(1)(b) |
| Show Row 6 | |
| Purpose of processing | Processing of customer representative data – to handle complaints |
| Description of the legal basis | Legitimate interest in being able to perform the contract between us and the customer (as regards complaints) |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the expiration of the statute of limitations for civil law claims and tax liabilities, and until the mandatory retention periods for accounting records have elapsed, as stipulated by civil, tax and accounting legislation.
CONTRACTORS
If you provide us with services or goods and are therefore our contractor or a representative of our contractor, we process your data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Contractor data processing – for the purpose of fulfilling a contract with a contractor or taking action prior to entering into a contract with a contractor |
Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
Article 6(1)(b) |
Processing of data of the contractor's representative – for the purpose of fulfilling the contract with the contractor or taking steps prior to its conclusion |
Legitimate interest in being able to conclude and perform a contract between us and a contractor |
Article 6(1)(f) |
Processing of data resulting from a medical certificate issued to a representative of a contractor who performs skilled work for us |
The processing is necessary for the fulfilment of obligations and the exercise of specific rights in the field of labour law, social security, and social protection |
Article 9(2)(b) |
Performance of legal obligations related to the contract with the contractor |
Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
Article 6(1)(c) |
Redressing or defending against possible claims |
Legitimate interest to establish, assert or defend against claims |
Article 6(1)(f) |
Creation of analyses of cooperation with the contractor |
Legitimate interest in producing analyses of cooperation with the contractor, including quality control |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Contractor data processing – for the purpose of fulfilling a contract with a contractor or taking action prior to entering into a contract with a contractor |
| Description of the legal basis | Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
| GDPR provision | Article 6(1)(b) |
| Show Row 2 | |
| Purpose of processing | Processing of data of the contractor's representative – for the purpose of fulfilling the contract with the contractor or taking steps prior to its conclusion |
| Description of the legal basis | Legitimate interest in being able to conclude and perform a contract between us and a contractor |
| GDPR provision | Article 6(1)(f) |
| Show Row 3 | |
| Purpose of processing | Processing of data resulting from a medical certificate issued to a representative of a contractor who performs skilled work for us |
| Description of the legal basis | The processing is necessary for the fulfilment of obligations and the exercise of specific rights in the field of labour law, social security, and social protection |
| GDPR provision | Article 9(2)(b) |
| Show Row 4 | |
| Purpose of processing | Performance of legal obligations related to the contract with the contractor |
| Description of the legal basis | Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
| GDPR provision | Article 6(1)(c) |
| Show Row 5 | |
| Purpose of processing | Redressing or defending against possible claims |
| Description of the legal basis | Legitimate interest to establish, assert or defend against claims |
| GDPR provision | Article 6(1)(f) |
| Show Row 6 | |
| Purpose of processing | Creation of analyses of cooperation with the contractor |
| Description of the legal basis | Legitimate interest in producing analyses of cooperation with the contractor, including quality control |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the expiration of statute of limitations for civil law claims and tax liabilities, and until the mandatory retention periods for accounting records have elapsed as stipulated by civil, tax and accounting legislation.
LESSEES / CONTRACTORS OF WORKS ON OUR SITE
If you lease land or premises from us on our premises, and are therefore our tenant or a representative of our tenant, or if you carry out work on our premises, and are therefore our contractor or a representative of our contractor, then we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Identity card management |
Ensuring security and order as well as protection of persons and property |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Identity card management |
| Description of the legal basis | Ensuring security and order as well as protection of persons and property |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the basis for entry to our premises has ceased.
PERSONS ENTERING / DRIVING ONTO OUR PREMISES
If you enter or drive onto our premises, we will process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Access control to the premises of the Arctic Paper Kostrzyn S.A. plant. |
Ensuring security and order as well as protection of persons and property |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Access control to the premises of the Arctic Paper Kostrzyn S.A. plant. |
| Description of the legal basis | Ensuring security and order as well as protection of persons and property |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the basis of your entry ceases to be valid or, if you have been entered in the guest book or key book, for a period of 12 months after the entry has been made.
PERSONS ON OUR SITE / VIDEO SURVEILLANCE
If you are a visitor to our premises, we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Video surveillance |
Ensuring security and order as well as protection of persons and property |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Video surveillance |
| Description of the legal basis | Ensuring security and order as well as protection of persons and property |
| GDPR provision | Article 6(1)(f) |
Your data will be retained for 60 days.
SUPPLIERS
If you are a supplier or a supplier's representative (driver), we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Handling of deliveries dispatched from our premises and received at our premises (in the case of an agreement with Arctic Paper Kostrzyn S.A.) |
Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
Article 6(1)(b) |
Processing of supplier representatives' data – to handle deliveries sent from our premises and received at our premises (in the case of an agreement with Arctic Paper Kostrzyn S.A.) |
Legitimate interest in being able to conclude and perform a contract between us and the supplier |
Article 6(1)(f) |
Processing of data related to suppliers or their representatives in order to handle deliveries sent to or received on our premises (in cases where a contract has not been concluded with Arctic Paper Kostrzyn S.A.). |
Legitimate interest in being able to conclude and perform |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Handling of deliveries dispatched from our premises and received at our premises (in the case of an agreement with Arctic Paper Kostrzyn S.A.) |
| Description of the legal basis | Necessity for the performance of a contract to which the data subject is party or for taking steps prior to entering into a contract |
| GDPR provision | Article 6(1)(b) |
| Show Row 2 | |
| Purpose of processing | Processing of supplier representatives' data – to handle deliveries sent from our premises and received at our premises (in the case of an agreement with Arctic Paper Kostrzyn S.A.) |
| Description of the legal basis | Legitimate interest in being able to conclude and perform a contract between us and the supplier |
| GDPR provision | Article 6(1)(f) |
| Show Row 3 | |
| Purpose of processing | Processing of data related to suppliers or their representatives in order to handle deliveries sent to or received on our premises (in cases where a contract has not been concluded with Arctic Paper Kostrzyn S.A.). |
| Description of the legal basis | Legitimate interest in being able to conclude and perform |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the expiration of the statute of limitations for civil law claims and tax liabilities, and until the mandatory retention periods for accounting records have elapsed as stipulated by civil, tax and accounting legislation.
SENDER / RECEIVER OF THE CORRESPONDENCE
If you correspond with us or we correspond with you, we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Correspondence management and documentation |
Legitimate interest to ensure continuity of business actions consisting of correspondence in connection with business activities |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Correspondence management and documentation |
| Description of the legal basis | Legitimate interest to ensure continuity of business actions consisting of correspondence in connection with business activities |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until the statute of limitations for claims expires.
PARTICIPANTS IN EVENTS AND WORKSHOPS
If you are a participant in any of the events or workshops that we organise, we process your personal data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Organisation of events and workshops |
Consent |
Article 6(1)(a) |
Documentation and dissemination of information about events and workshops organised |
Consent for image processing |
Article 6(1)(a) |
Websites (website www.arcticpaperkostrzyn.com, LinkedIn portal) and the printed newsletter "Kormoran" |
Consent for image processing |
Article 6(1)(a) |
Websites (websitewww.arcticpaperkostrzyn.com, LinkedIn portal) and the printed newsletter "Kormoran" |
Legitimate interest in being informed about the activities carried out by Arctic Paper Kostrzyn S.A. |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Organisation of events and workshops |
| Description of the legal basis | Consent |
| GDPR provision | Article 6(1)(a) |
| Show Row 2 | |
| Purpose of processing | Documentation and dissemination of information about events and workshops organised |
| Description of the legal basis | Consent for image processing |
| GDPR provision | Article 6(1)(a) |
| Show Row 3 | |
| Purpose of processing | Websites (website www.arcticpaperkostrzyn.com, LinkedIn portal) and the printed newsletter "Kormoran" |
| Description of the legal basis | Consent for image processing |
| GDPR provision | Article 6(1)(a) |
| Show Row 4 | |
| Purpose of processing | Websites (websitewww.arcticpaperkostrzyn.com, LinkedIn portal) and the printed newsletter "Kormoran" |
| Description of the legal basis | Legitimate interest in being informed about the activities carried out by Arctic Paper Kostrzyn S.A. |
| GDPR provision | Article 6(1)(f) |
Your data will be retained until you revoke your consent to its processing, or until your objection is raised and taken into account (if the processing is based on a legitimate interest).
CONTRACTORS UNDER AN EU PROJECT OR GRANT
If you provide us with services or goods and are therefore our contractor or representative of our contractor and the performance of the contract relates to an EU project or grant, we process your data as follows:
| Purpose of processing | Description of the legal basis | GDPR provision |
|---|---|---|
Contractor data processing – for the purpose of fulfilling a contract (concerning an EU project or grant) with the contractor or taking action prior to its conclusion |
Necessity for the performance of a contract (relating to an EU project or grant) to which the data subject is a party, or to take steps prior to entering into a contract |
Article 6(1)(b) |
Processing of the contractor's representative data – for the purpose of fulfilling a contract (concerning an EU project or grant) with the contractor or taking action prior to its conclusion |
Legitimate interest in being able to conclude and perform a contract (relating to an EU project or grant) between us and the contractor |
Article 6(1)(f) |
Performance of legal obligations relating to a contract (concerning an EU project or grant) with a contractor |
Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
Article 6(1)(c) |
Redressing or defending against possible claims |
Legitimate interest to establish, assert or defend against claims |
Article 6(1)(f) |
Oversight, evaluation, control, audit, evaluation of information and promotion activities, reception, evaluation, and financial settlement of the contract |
Legitimate interest in supervising, evaluating, inspecting, auditing, assessing information and promotion activities, acceptance, evaluation, and financial settlement of the contract |
Article 6(1)(f) |
| Show Row 1 | |
| Purpose of processing | Contractor data processing – for the purpose of fulfilling a contract (concerning an EU project or grant) with the contractor or taking action prior to its conclusion |
| Description of the legal basis | Necessity for the performance of a contract (relating to an EU project or grant) to which the data subject is a party, or to take steps prior to entering into a contract |
| GDPR provision | Article 6(1)(b) |
| Show Row 2 | |
| Purpose of processing | Processing of the contractor's representative data – for the purpose of fulfilling a contract (concerning an EU project or grant) with the contractor or taking action prior to its conclusion |
| Description of the legal basis | Legitimate interest in being able to conclude and perform a contract (relating to an EU project or grant) between us and the contractor |
| GDPR provision | Article 6(1)(f) |
| Show Row 3 | |
| Purpose of processing | Performance of legal obligations relating to a contract (concerning an EU project or grant) with a contractor |
| Description of the legal basis | Fulfilment of legal obligations imposed on us by law, in particular tax and accounting obligations |
| GDPR provision | Article 6(1)(c) |
| Show Row 4 | |
| Purpose of processing | Redressing or defending against possible claims |
| Description of the legal basis | Legitimate interest to establish, assert or defend against claims |
| GDPR provision | Article 6(1)(f) |
| Show Row 5 | |
| Purpose of processing | Oversight, evaluation, control, audit, evaluation of information and promotion activities, reception, evaluation, and financial settlement of the contract |
| Description of the legal basis | Legitimate interest in supervising, evaluating, inspecting, auditing, assessing information and promotion activities, acceptance, evaluation, and financial settlement of the contract |
| GDPR provision | Article 6(1)(f) |
Your data will be retained for the term of the contract execution, oversight of project execution, its evaluation, control, audit, evaluation of information and promotion activities, its receipt, evaluation and financial settlement and possible establishment, investigation or defence of claims, and thereafter your personal data will be retained for a period of ten years.
5. Skąd mamy Twoje dane osobowe?
W większości przypadków Twoje dane osobowe uzyskujemy bezpośrednio od Ciebie.
Jeżeli jednak jesteś przedstawicielem naszego kontrahenta, który dostarcza nam towary lub usługi, to od tego kontrahenta uzyskujemy takie dane osobowe jak:
- dane identyfikujące (np. imię, nazwisko),
- dane kontaktowe (np. adres e-mail, numer telefonu, numer faksu),
- dane dotyczące wykonywanego przez Ciebie zawodu lub prowadzonej działalności gospodarczej, Twojego udziału w spółce cywilnej, zatrudnienia u kontrahenta bądź współpracy z kontrahentem (np. nazwa firmy, stanowisko),
- dane dotyczące możliwości wykonywania przez Ciebie prac, w tym prac o szczególnych uwarunkowaniach prawnych takich jak: informacja o ważności i kategorii szkolenia BHP, informacja o ważności orzeczenia lekarza medycyny pracy, informacje oraz kategorie kwalifikacji prac o szczególnych uwarunkowaniach prawnych, jeśli zakres umowy między nami a kontrahentem tego dotyczy.
Jeżeli jesteś naszym klientem, przedstawicielem naszego klienta, naszym kontrahentem lub przedstawicielem naszego kontrahenta, to weryfikujemy (uzyskujemy) również dane zawarte w rejestrach publicznych, to znaczy w Centralnej Ewidencji i Informacji o Działalności Gospodarczej (CEIDG) i Krajowym Rejestrze Sądowym (KRS).
6. Komu przekazujemy Twoje dane osobowe, czyli kto będzie odbiorcą Twoich danych?
Odbiorcami Twoich danych osobowych mogą być:
- podmioty świadczące usługi na naszą rzecz, w szczególności podmioty świadczące usługi informatyczne, hostingu, ochrony, księgowe, rachunkowe, niszczenia dokumentów, naprawy sprzętu służbowego, agencyjne, pocztowe, przewozu, kurierskie, audytowe, prawne, doradcze,
- organy publiczne,
- ubezpieczyciele należności (w przypadkach, o których mowa w punkcie „Klienci” powyżej),
- dostawcy serwisów internetowych (w przypadkach, o których mowa w punkcie „Uczestnicy wydarzeń, imprez, warsztatów" powyżej),
- podmioty udzielające dotacji (w przypadkach, o których mowa w punkcie „Kontrahenci w zakresie projektu unijnego lub dotacji” powyżej).
7. Czy Twoje dane osobowe będą przekazywane do państwa trzeciego (tj. państwa spoza Europejskiego Obszaru Gospodarczego) lub organizacji międzynarodowej?
Staramy się przetwarzać Twoje dane na terenie Unii Europejskiej/Europejskiego Obszaru Gospodarczego. W przypadku niektórych usług świadczonych przez naszych podwykonawców Twoje dane osobowe mogą być przekazywane do kraju trzeciego.
Przekazując Twoje dane osobowe do kraju trzeciego, zapewnimy zastosowanie odpowiednich środków bezpieczeństwa. Takie środki bezpieczeństwa mogą obejmować standardowe klauzule umowne Komisji Europejskiej (SCC), wiążące reguły korporacyjne lub decyzję stwierdzającą odpowiedni stopień ochrony dla danego kraju. Ocenimy również, czy należy zastosować dodatkowe organizacyjne lub techniczne środki bezpieczeństwa w celu zapewnienia odpowiedniego poziomu ochrony danych osobowych przekazywanych do państwa trzeciego.
W związku z powyższym Twoje dane osobowe mogą być przekazywane do Wielkiej Brytanii, gdzie ma siedzibę jedna spółka z naszej grupy kapitałowej (to jest: Arctic Paper UK Limited). Komisja Europejska stwierdziła, że w Wielkiej Brytanii jest zapewniony odpowiedni stopień ochrony danych osobowych. Podstawą tego jest rozporządzenie wykonawcze (UE) 2021/1772 z dnia 28 czerwca 2021 r. wydane na podstawie RODO, stwierdzające odpowiedni stopień ochrony danych osobowych przez Zjednoczone Królestwo (notyfikowane jako dokument nr C(2021) 4800).
8. Jakie prawa Ci przysługują w związku z tym, że przetwarzamy Twoje dane osobowe?
Masz prawo do wniesienia, w dowolnym momencie, sprzeciwu wobec przetwarzania Twoich danych opartego na prawnie uzasadnionym interesie, z przyczyn związanych z Twoją szczególną sytuacją.
Oprócz tego przysługują Ci następujące prawa:
- prawo do żądania dostępu do Twoich danych osobowych oraz do otrzymania kopii swoich danych osobowych, które przetwarzamy, bez żadnych kosztów,
- prawo do żądania sprostowania Twoich danych osobowych, jeśli są one nieprawidłowe lub niekompletne,
- prawo do żądania usunięcia Twoich danych osobowych. Jesteśmy zobowiązani do usunięcia Twoich danych osobowych, jeśli nie mamy prawnie uzasadnionego interesu w ich przechowywaniu.
- prawo do żądania ograniczenia przetwarzania Twoich danych osobowych, w określonych okolicznościach, np. jeśli zażądałaś/eś sprostowania danych i musimy to kontrolować,
- prawo do przenoszenia danych, co oznacza, że masz prawo do przeniesienia swoich danych osobowych do innego administratora na żądanie.
Jeżeli przetwarzanie danych osobowych opiera się na Twojej zgodzie, to masz prawo do cofnięcia zgody w dowolnym momencie, bez wpływu na zgodność z prawem przetwarzania, którego dokonano przed jej cofnięciem.
Masz także prawo wnieść skargę do Prezesa Urzędu Ochrony Danych Osobowych.
9. Czy podanie danych osobowych jest dobrowolne?
Podanie danych osobowych jest konieczne do:
- realizacji zawartych umów lub podjęcia działań przed ich zawarciem,
- zapewnienia bezpieczeństwa i porządku oraz ochrony osób i mienia, lub
- informowania o działalności prowadzonej przez nas, lub
- prowadzenia korespondencji w związku z naszą działalnością gospodarczą, lub
- wypełniania przez nas obowiązków prawnych.
W przypadku niepodania danych, nie będzie można wykonać powyższych działań.
10. Co z automatycznym podejmowaniem decyzji?
Nie będziemy podejmować wobec Ciebie decyzji, które opierałyby się wyłącznie na zautomatyzowanym przetwarzaniu, w tym profilowaniu, i które wywoływałyby wobec Ciebie skutki prawne lub w inny podobny sposób istotnie na Ciebie wpływały.
11. Zmiany w tej Polityce prywatności
Ta Polityka prywatności będzie raz do roku weryfikowana i w razie potrzeby aktualizowana. W przypadku wprowadzenia jakichkolwiek istotnych aktualizacji dotyczących przetwarzania przez nas Twoich danych osobowych, powiadomimy Cię o takich zmianach i w razie potrzeby uzyskamy Twoją zgodę. Nieistotne zmiany zostaną odzwierciedlone w tej Polityce prywatności i zachęcamy do jej regularnego przeglądania. Ta Polityka prywatności została zaktualizowana w dniu 02.01.2025.