Privacy and cookie policy

This Privacy and Cookie Policy sets out the principles of personal data processing by Larget sp. z o. o., hereinafter referred to as the "Controller", as well as the rights of persons whose data are processed.


The Administrator ensures the protection of privacy and security of personal data, processing them in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as "GDPR".


I. Personal data administrator

The personal data controller is Larget sp. z o. o. with its registered office in Tomaszów Mazowiecki (97-200), ul. Ks. J. Popiełuszki 71.


In matters relating to the protection of personal data, you can contact the Administrator:

  • by mail to the address of the Administrator's registered office indicated in the preceding sentence;
  • electronically to the following e-mail address: rodo@larget.pl.


II. Principles of personal data processing

This Policy applies to persons visiting the Administrator's websites, persons contacting the Administrator, as well as persons using (including those representing entities using) the services provided by the Administrator.


Providing data is voluntary, but in some cases, failure to provide it may make it impossible to achieve a specific purpose, including establishing cooperation, concluding a contract, or responding to an inquiry.


The Administrator ensures that data processing is carried out in a fair, transparent manner and in accordance with the principle of data minimization, so data is collected only to the extent necessary to achieve specific purposes and is not processed longer than necessary.


Each processing is carried out for specific purposes and the Administrator guarantees that it does not collect or process personal data incompatible with these purposes.

The Administrator exercises the rights of data subjects in accordance with the law and responds immediately to each notification.


In order to protect personal data, the Administrator uses appropriate technical and organizational measures to ensure the security of personal data and protection against accidental loss of personal data.


Only individuals duly authorized by the Administrator have access to data. The Administrator protects personal data against unauthorized disclosure and against processing in violation of applicable law.


The Controller does not make decisions solely by automated means that could produce legal effects or otherwise significantly affect data subjects.


III. Basics of personal data processing

The Administrator may process personal data for the following purposes:

1) carrying out activities related to the conclusion and performance of the contract, in particular:

  • providing the service to the extent consistent with the concluded contract;
  • contacting you within the scope related to the service provided;
  • taking action before concluding a contract, in particular providing an offer at the request of the data subject.

Legal basis: Article 6(1)(b) GDPR.


Data storage period: duration of the contract.


2) establishing business relationships, including providing answers to questions asked in connection with the contact of data subjects, as part of the legitimate interests of the Controller consisting in responding to submitted inquiries.


Legal basis: Article 6(1)(f) GDPR.


Data storage period: until the effective objection to data processing is expressed, but no longer than until the last day of the calendar year following the expiry of 3 years from the moment the Controller provides a response.


3) conducting a recruitment process to employ a new employee.


Legal basis: labor law; in the case of providing data not specified in labor law – consent under Article 6(1)(a) of the GDPR, which may be withdrawn at any time; in the case of special categories of data – consent under Article 9(2)(a) of the GDPR, which may be withdrawn at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.


Data storage period: duration of the recruitment process.


4) fulfillment of tax and accounting obligations in connection with the relevant tax and accounting regulations.


Legal basis: tax and accounting regulations, Article 6(1)(c) of the GDPR.


Data retention period: duration of the legal obligation.


5) pursuing or securing possible claims and handling complaints, as part of the legitimate interests of the Administrator regarding the protection of the rights of the Administrator and persons whose rights they concern.


Legal basis: Article 6(1)(f) GDPR.


Data retention period: limitation period for the claim in question.


6) marketing of own services in connection with the implementation of the legally justified interests of the Administrator consisting in taking care of the interests of the Administrator and promoting services.


Legal basis: Article 6(1)(f) GDPR.


Data storage period: until the consent to receive messages or information is withdrawn under the provisions of the Act on the provision of electronic services and the electronic communications law) or until an effective objection to data processing is raised.


IV. Recipients of personal data

Personal data may be transferred to entities authorized to receive them under applicable law, including competent state authorities, in particular judicial authorities.


Personal data may also be transferred to recipients receiving them at the request of the Controller, such as: an entity providing accounting and bookkeeping services, partners providing technical services (development and maintenance of IT systems and websites).


The Controller ensures that these entities process data in accordance with applicable regulations, and if data processing is carried out at the Controller's request, appropriate data entrustment agreements are concluded.


V. Transfer of data outside the European Economic Area (EEA)

Personal data is not transferred outside the EEA.


If data transfer outside the EEA is required, personal data will be transferred to recipients in third countries (outside the EEA) on the basis of an adequacy decision made by the European Commission or on the basis of standard contractual clauses in accordance with a decision of the European Commission or on the basis of the express consent of the data subject.


VI. Rights of data subjects

Data subjects have the following rights:

  • access to data and obtain a copy thereof;
  • rectification of data;
  • request deletion of data;
  • restrictions on the processing of personal data;
  • data transfer;
  • object to the processing of data based on the legitimate interest of the Controller or to processing for direct marketing purposes;
  • withdrawal of consent if the processing is based on consent, which, however, will not affect the lawfulness of the previous processing of personal data;
  • lodging a complaint with the supervisory authority.


In order to exercise the above rights, you can contact the Administrator in the manner indicated in point I.


VII. Cookies and Similar Tracking Technologies

The Administrator uses cookies or other similar technologies (hereinafter collectively referred to as "cookies") as part of its websites. Cookies are small text files stored on the user's device that, among other things, facilitate the use of the website.


As part of the use of cookies, the Administrator may process data about the user's device, its location, activities performed on the website (e.g., time of visit), and other data depending on the cookie used (e.g., interest in a selected advertisement). Cookies, as a rule, are not personal data, but by combining them with other information, they may, to some extent, create personal data.


VIII. Types of cookies used

The Administrator uses cookies – based on their storage duration – "session" and "persistent." Session cookies are stored until the session ends, i.e., by closing the browser or logging out, while persistent cookies are stored depending on their parameters and can be manually deleted by the user.


The Administrator uses cookies—due to the owner—both its own and third-party cookies. First-party cookies are sent directly by the website, while third-party cookies are created by external entities.


Due to the purpose of their use, the Administrator may use, in particular, the following types of cookies:

  • necessary cookies, i.e. cookies that enable the website to function properly;
  • functional cookies, i.e. cookies that enable remembering choices made on the website, for example: preferred website language, content layout and the region in which the user is located;
  • Statistical cookies, i.e. cookies that allow the website owner to monitor user traffic and verify choices made, including examining the number of visits. Statistical cookies allow for the creation of anonymous statistics that help develop and improve the website);
  • Advertising cookies are used to display advertisements and tailor them to user preferences. These cookies are tailored by analyzing the behavior of individual users on the website. This analysis may also be linked to behavior on other websites, depending on the cookie provider.

Detailed information about the cookies used on a given website is included in the place where you consent to the use of cookies or change it.

 

IX. Cookie management

All cookies, except essential cookies, require user consent before they are used. The user selects which cookies to use (the exception being essential cookies), and until explicit consent is provided—accepted and selected via the button—cookies are blocked. Users can change their cookie settings on the Administrator's website at any time by withdrawing consent or objecting to non-essential cookies.


Cookie settings can also be changed directly in the web browser used. Users can manage cookies at the browser level by setting notifications each time a cookie is placed on their device or by blocking their automatic storage. Depending on the browser, configuration can be performed as follows:

  • Instructions for Microsoft Edge
  • Instructions for Google Chrome
  • Instructions for Mozilla Firefox
  • Safari Instructions
  • Instructions for Opera

If you limit the use of cookies, some functionalities may not function properly.


X. Changes to the Privacy Policy

The Administrator reserves the right to update the Privacy and Cookie Policy. The current version will always be available on the Administrator's website.