Privacy Policy

ELEKTROTIM S.A. Privacy Policy

This Privacy Policy explains who we are, the purposes for which we process your personal data, how we process it, and to whom we may entrust or disclose it. It also informs you about your rights and obligations.

I. Who is the Administrator of your personal data?

The administrator of your personal data is ELEKTROTIM S.A., headquartered in Wrocław.

II. How can you contact the personal data administrator?

You can do this in several ways: by writing to us, calling us, or visiting us in person.

ul. Stargardzka 8, 54-156 Wrocław

sekretariat@elektrotim.pl

(71) 38 82 480

III. Who can be contacted regarding the processing of your personal data?

ELEKTROTIM S.A. is not required to appoint a Data Protection Officer pursuant to Article 37(1) of the GDPR.

To ensure a high level of personal data protection, a Personal Data Processing Controller has been appointed, with whom you can contact regarding the processing of personal data: odo@elektrotim.pl

IV. For what purpose and on what legal basis do we process your personal data?

The personal data collected by ELEKTROTIM S.A. is processed on the basis of:

Article 6(1)(a) of the GDPR, i.e., based on your voluntarily given consent;

Article 6(1)(b) of the GDPR, when processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract;

Article 6(1)(c) of the GDPR, when processing is necessary for compliance with a legal obligation to which the Administrator is subject;

Article 6(1)(d) of the GDPR, when processing is necessary to protect the vital interests of the data subject or another natural person;

Article 6(1)(f) of the GDPR, when processing is necessary for purposes arising from the legitimate interests pursued by the Administrator or by a third party.

V. To whom may we transfer your personal data?

Your personal data may be transferred to entities processing personal data on behalf of the Administrator, including IT service providers—provided that such entities process the data based on a contract with the Administrator and solely in accordance with our instructions.

In such cases, we require third parties to maintain the confidentiality and security of information and we verify that they provide appropriate measures for the protection of personal data.

Your data may also be shared with entities authorized to obtain it under applicable law, such as law enforcement authorities. To the extent permitted by applicable legal regulations, we may also share your data with institutions engaged in debt collection and the trading of receivables.

Based on your voluntary consent to the processing (and, in some cases, on the legitimate interest of the data controller) of your personal data stored in cookies on your device and its cache (including data shared in your browsing history and data collected during your activity in services), as well as location data generated by your device—for marketing purposes (including automated analysis of your activity on websites and in applications to determine your potential interests for ad personalization), including placing web beacons (cookies, etc.) on your devices and reading such tags. You can learn more about cookies HERE

VI. How long will we process your data?

Personal data is stored for the period necessary to achieve the purposes of processing:

in the case of data processed based on voluntary consent, ELEKTROTIM S.A. processes personal data until the consent is withdrawn or the reason for which the data processing based on the obtained consent was necessary ceases to exist;

in the case of data processed for the purpose of concluding and performing a contract, ELEKTROTIM S.A. processes personal data until the expiration of the limitation period for claims arising from it under civil law;

in the case of processing data necessary to fulfill a legal obligation incumbent on the Controller, ELEKTROTIM S.A. processes personal data until the fulfillment of that obligation and the expiration of the limitation period for claims related to that obligation;

in the case of data processed for the purpose of fulfilling a legal obligation, the data processing period is determined by the provisions of law;

in the case of data processed for the purpose of pursuing a legitimate interest of ELEKTROTIM S.A. or a third party, the period of personal data retention depends on the specific purpose of processing.

VII. What are your rights?

1. Right of access to data:

You have the right to access your data, including the right to obtain a copy of your data, also in electronic form.

2. Right to rectification of data:

You have the right to request the correction of inaccurate personal data mentioned above. You also have the right to request the completion of incomplete personal data mentioned above.

3. Right to erasure of data:

You have the right to request that ELEKTROTIM S.A. delete your personal data in cases where:

the data are no longer necessary for the purposes for which they were collected or otherwise processed;

you object, due to your particular situation, to the processing of your personal data by ELEKTROTIM S.A. based on the legitimate interest of ELEKTROTIM S.A. or a third party, and there are no overriding legally justified grounds for the processing;

your personal data have been processed unlawfully;

personal data must be erased in order to comply with a legal obligation under European Union law or under Polish law to which TIM S.A. is subject.

ELEKTROTIM S.A. points out, however, that this right is subject to limitations. ELEKTROTIM S.A. will not be able to comply with your request if further processing is necessary for:

fulfilling a legal obligation requiring processing under European Union law or national law (e.g., the limitation period for tax liabilities related to a contract concluded between ELEKTROTIM S.A. and you has not yet expired, or the retention period for accounting documents issued in connection with a contract concluded between ELEKTROTIM S.A. and you has not yet expired);

establishing, pursuing, or defending against claims

4. Right to restriction of processing:

You have the right to request the restriction of processing if:

you contest the accuracy of personal data—for a period allowing ELEKTROTIM S.A. to verify the accuracy of the data;

the processing is unlawful, and you oppose the erasure of personal data, requesting instead the restriction of their use;

ELEKTROTIM S.A. no longer needs the personal data for processing purposes, but they are required by you to establish, pursue, or defend claims;

you have objected, due to your particular situation, to the processing of your personal data by ELEKTROTIM S.A. based on the legitimate interest of ELEKTROTIM S.A. or a third party—until it is determined whether the legally justified grounds on the part of ELEKTROTIM S.A. override the grounds for objection submitted by you.

5. Right to data portability:

You have the right to receive, in a commonly used file format readable by computer programs, the data you have provided that ELEKTROTIM S.A. processes in an automated manner based on a contract concluded with you. You also have the right to request that the aforementioned file be sent to another data controller, provided this is technically feasible.

6. Right to object:

You have the right to object at any time—for reasons related to your particular situation—to the processing of your personal data based on the legitimate interest of TIM S.A. or a third party.

ELEKTROTIM S.A. has the right to refuse to cease processing your data if it demonstrates:

the existence of valid legally justified grounds for processing that override your interests or rights and freedoms, or

the existence of grounds for establishing, pursuing, or defending claims.

7. Right to lodge a complaint with a supervisory authority:

You have the right to lodge a complaint with the supervisory authority, i.e., the President of the Personal Data Protection Office (at the address: Urząd Ochrony Danych Osobowych, Stawki 2, 00–193 Warsaw, Poland).

VIII. How do we ensure the security of your personal data?

We make every effort to ensure that your personal data is properly secured in our systems. We have implemented a range of measures to ensure the security of your data, including, among others:

data encryption, use of firewalls, and antivirus software;

monitoring of IT systems and implementation of security procedures;

implementation of a procedure in the event of a personal data breach.

We will inform you of any incident related to the processing of your data if we determine that it poses a high risk to your rights and freedoms.

IX. Why do we use video surveillance at our premises?

If you decide to visit us at our premises, please note that they are covered by a video surveillance system. The monitoring is conducted based on applicable law to protect property, ensure safety, and maintain the confidentiality of legally protected information. The source of the data is the recordings from the surveillance cameras, which are installed outside the building as well as in certain areas inside the company’s premises. Data from the surveillance system will be processed for the period and to the extent required by applicable law.

The recipients of the recorded personal data will be exclusively entities authorized to obtain personal data under legal provisions.

At the same time, we inform you that your right to access the content of your data is subject to limitations due to the risk of infringing the rights and freedoms of other individuals recorded by the surveillance cameras.

XI. How do we inform you about your rights and obligations?

The general information clause is available on the ELEKTROTIM S.A. website. Click HERE.

We also strive, in situations where you provide us with your personal data, to present a detailed information clause—we include it in letters, electronic correspondence, electronic forms, or in the provisions of contracts concluded by you.

If we obtain your personal data not directly from you, but it is provided to us, for example, by your employer, we oblige them, in the provisions of the concluded agreement, to present the appropriate information clause.

XI. Changes to the Privacy Policy.

The Policy is regularly reviewed and updated as necessary.

The current version of the Policy was adopted and has been in effect since 27 March 2023.