The data protection law will change on 25 May 2018. On that day, the General Data Protection Regulation of 27 April 2016 (hereinafter referred to as "GDPR") will come into force. That is why we are providing our Clients and Leads with this notice that will inform you about the ways in which we process your personal data.
Transfer Multisort Elektronik Sp. z o.o. seated in Łódź at ul. Ustronna 41, 93-350 Łódź (hereinafter referred to as "TME") is the Data Controller of your personal data, therefore it determines the methods and goals of processing your personal data. Providing the personal data is voluntary, however it is also necessary for us to conclude contracts and perform services.
Obtaining information on processing of personal data
You can contact the Data Protection Officer on matters concerning the protection of your personal data via email at email@example.com or by sending a letter to our headquarters.
Data collection and the purpose of its processing
We process your personal data because it is necessary to perform a contract with you i.e. provide a service (compliant with Article 6 (1) (b) of GDPR) including:
- registering a user in the ordering system and ensuring proper user service, including providing the user with product offers and completing his or her orders (compliant with Article 6 (1) (b) of GDPR);
- processing claims and complaints (compliant with Article 6 (1) (c) of GDPR);
- pursuing claims related to a contract (compliant with Article 6 (1) (f) of GDPR) where the right to pursue claims is a legitimate interest;
- archiving purposes (compliant with Article 6 (1) (c) of GDPR);
- statistical purposes (compliant with Article 6 (1) (f) of GDPR) where having statistical information about our activities – letting us streamline our business – is a legitimate interest of the Data Controller.
In addition, we are required by law to process your personal data for tax and accounting purposes.
Furthermore, we may process your personal data for marketing purposes i.e. promoting our products and services. If we do this without using electronic means of communication, the legal basis for those activities is Article 6 (1) (f) of GDPR where conducting marketing activities is a legitimate interest of the Data Controller. However, if we use electronic means of communication for this purpose i.e. e-mail or phone, then due to other applicable laws we only process personal data with your consent (compliant with Article 6 (1) (a) of GDPR).
Your personal data may be transferred to other parties that will process your personal data on their own behalf, including but not limited to:
- parties conducting postal or courier activities;
- banks (for undue payment recovery purposes);
- government authorities or other entities entitled by law, for the purposes of performing our responsibilities (tax offices, law enforcement agencies, etc.);
- parties managing our IT systems (hosting companies, IT service providers);
- parties providing us with legal counsel, accounting, tax, and advisory services.
Retention periods of your personal data
We will retain your personal data for the duration of a contract (performance of services) and after its dissolution:
- Data included in contracts – stored until the limitation period for contract claims (up to 10 years from the date of contract completion);
- For the purposes required under applicable law, in particular the obligation to retain accounting documentation, issue invoices, etc.;
- Warranty and complaint-related documentation shall be stored for 1 year after the expiration of a warranty or clearing a complaint;
- Data used for marketing purposes:
- when processing data on the basis of consent – until withdrawal of consent;
- when processing data on the basis of legitimate purposes of TME – until objection;
- Data transferred via a contact form – for the limitation period of possible claims (up to 3 years).
Rights related to data processing
You have the right to access, correct and transfer your data, limit its processing, object to its processing, or withdraw your consent at any time without affecting the lawfulness of processing that was already performed on the basis of consent prior to its withdrawal (if the processing is consent-based).
Moreover, should you decide that our processing breaches the provisions of GDPR, you have the right to submit a complaint to a data protection authority.
Automated data processing (profiling)
Your personal data will be processed in an automated way (including profiling), however this will not cause any legal or other serious repercussions for you.
Profiling of personal data performed by TME means we process your data (including in an automated manner) and use it to assess some information, in particular to analyse or forecast personal preferences and interests.