Privacy Policy
(Information clause regarding the principles of personal data processing) applicable in DB Port Szczecin limited liability company in Szczecin
Acting pursuant to Article 13 (1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the GDPR, the General Data Protection Regulation), we hereby provide you with the following information regarding the processing of your personal data by DB Port Szczecin Limited liability company with it’s residing office in Szczecin.
The Privacy Policy (hereinafter referred to as: "Policy") is only informative, which means that it is not a source of obligations for our clients and business partners (it is not a contract or bye – laws).
§ 1. General information
The Controller of your personal data is
DB Port Szczecin limited liability company
with its registered office in Szczecin, at 14 Bytomska Street, 70-603 Szczecin, entered into the Register of Entrepreneurs of the National Court Register run by the District Court in Szczecin, Commercial Division XIII of the National Court Register, under the KRS No: 0000029909, NIP (Tax Identification Number) No: 851-01-09-332, 810622795, with a fully paid share capital of 16 004 750 PLN
e-mail: daneosobowe@dbport.eu
hereinafter referred to as the “Controller”
Personal data of our clients and business partners (hereinafter referred to as: "Personal data") are processed in accordance with the GDPR and other applicable legal provisions in the field of personal data protection.
The Controller pays required attention to protect the interests of data subjects, and in particular, ensures that the data collected by the Controller are:
o processed lawfully, fairly and in a transparent manner for the data subject;
o collected for specific, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes;
o adequate, relevant and limited to what is necessary for the purposes for which they are processed;
o correct and, if necessary, updated;
o stored in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
o processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organizational measures.
§ 2. Purposes and legal basis for processing your personal data
1) In accordance with the provisions of GDPR, the processing of personal data is considered lawful when, among others:
a) you expressed your consent for processing of your personal data for one or more purposes;
b) it is necessary to fulfill contractual obligations of which you are a party to, or for the purpose of tasks carried out at your request, before entering into a contract;
c) it is necessary to comply with the Controller’s legal obligations;
d) it is necessary for purposes which result from legitimate interest pursued by the Controller or by a third party.
2) Your personal data shall be processed by the Controller for the following purposes:
a) taking proceedings before concluding the contract (legal basis: Article 6 (1) (b) of the GDPR) - this applies primarily to personal data provided during the first contact with the Controller and when establishing business relationships;
b) concluding and performing any contracts related to the economic activity carried out by the Controller, including, in particular, contracts concluded with clients, contractors and business partners, establishing appropriate contract performance in accordance with the provisions and principles binding the Controller, as well as taking any actions at the request of data subjects prior to the conclusion of a contract (legal basis:
Article 6 (1) (b) of the GDPR);
Providing your personal data for the above purpose is necessary to conclude and perform a contract, or to take the necessary actions and measures before its conclusion. The obligation to provide personal data in the designated scope results also from applicable law, or is a requirement arising from the principles set out for a given project.
c) organization of business meetings, sending invitations, providing information about the Controller’s business offer and drawing up necessary documentation (legal basis: Article 6 (1) (a) and (b) of the GDPR);
d) fulfilling legal obligations vested in the Controller in connection with the concluded and performed contracts and in connection with the conducted activity, including, in particular, tax and accounting obligations, i.e. drawing up accounting and tax documentation, customs or other documentation in accordance with applicable regulations, providing information at the request of authorized institutions and bodies (legal basis:
Article 6 (1) (c) of the GDPR);
e) seeking all possible claims and damages (including debt collection proceedings), conducting court litigation, as well as defense against claims, which makes up Controller’s legitimate interest (legal basis: Article 6 (1) (f) of the GDPR);
f) collecting evidence in case of the need to prove facts, which constitutes the implementation of the Controller's legitimate interest (legal basis: Article 6 (1) (f) of the GDPR);
g) carrying out marketing activities, including acquiring and keeping customers, contractors, business partners, offering services provided by the Controller or entities cooperating with the Controller in the scope of handling transactions/contracts on terms compliant with applicable regulations, which is the implementation of the Controller’s legitimate interest, or is being done based on the given consent (legal basis: Article 6 (1) (f) of the GDPR);
h) drawing up statistics, business analyses, as well as carrying out reporting activities, which is the implementation of the Controller’s legitimate interest (legal basis: Article 6 (1) (f) of the GDPR);
i) securing and protecting the Controller’s property, ensuring the safety of persons who use Controller’s facilities, preventing crimes or disclosing committed crimes by means of the security measure in the form of video surveillance, which is the implementation of the Controller’s legitimate interest (legal basis: Article 6 (1) (f) of the GDPR).
3) As a rule, providing personal data is voluntary, however, it is necessary in the case of concluding and performing contracts, taking actions before the conclusion of a contract or providing services, and the refusal to provide data shall result in the inability to conclude the contract, take actions before its conclusion, use the services, and also the inability to participate in business meetings/events organized by the Controller. In some cases, the obligation to provide data results also from applicable regulations. Moreover, finding oneself in a place covered by video surveillance shall also result in one’s image being recorded.
§ 3. Categories of the data processed and the source of data
1) In most cases, the Controller receives personal data directly from data subjects, however, the Controller is also entitled to obtain data from other sources, in accordance with applicable regulations, in particular, from publicly available registers.
2) In particular, the Controller processes the following categories of personal data: identity data, address data, business operations data, data of representatives, including data necessary to establish collaterals, contact details, financial data, of which data on the resulting debt, images captured through video surveillance, or those captured during business events or meetings.
§ 4. Data storage period
3) We process your personal data for the time necessary to achieve the purposes of processing, or in accordance with the requirements imposed by applicable regulations. Having completed a given purpose of processing, we archive personal data in accordance with applicable law, taking into consideration, in particular, limitation periods for civil law claims and for public law claims. In the case of data processing based on your consent, we store your data for the period for which consent was given.
§ 5. Cookie files
We use “cookie” files while you browse our website. Personal data can be collected when using cookies, which can then only be used to provide the user with specific functions. In addition, the data collected in this way is encrypted in a way that prevents access by unauthorized persons.
Each user can disable the “cookies” mechanism in the web browser on their device. Disabling cookies may, however, cause difficulties in the correct functioning of our website.
Depending on the purpose, we use the following types of cookies on our website:
• obligatory cookies - these are files necessary for efficient navigation of the website and for the use of all its functionalities. The user's consent to our use of these cookies is not required;
• performance cookies - they collect information on how the user uses the website, including the most visited pages and error messages. They do not collect information to identity users. Their purpose is to improve the operation of the website;
• functionalities cookies - these files allow our website to remember the choices (if any) the user makes (username, language or region) and provide functions tailored to individual needs (if such functions are available). The information collected in this way is anonymous and does not track user activity on other websites;
• advertising cookies - they help deliver ads that match the user’s interests. They can collect information about browser usage habits and adjust the content of advertisements to the user’s interests;
• statistical cookies - these files produce website statistics.
Matomo
We use the analysis service Matomo (formerly known as Piwik) on our website in order to analyse how our website is used and make improvements on a regular basis. The statistics gathered allow us to improve our offering and design it in a way that is more attractive to you as a user. With the help of small text files (cookies), we collect data on how you use our website, which includes your IP address. This data is anonymised and stored on our servers.
The legal basis for the use of Matomo is subparagraph 1 in point (f) of Article 6(1) of the GDPR.
Your deactivation options: If you do not consent to the analysis of how you use our website, you can set your browser at any time so that it does not install an analysis cookie. Additionally, you can decide whether to allow your browser to store a cookie that is clearly identified as being for web analysis purposes so that the website operator can collect and analyse various types of statistical data. If you decide not to allow this, click the following link to store the Matomo deactivation cookie in your browser:
Data from your visit to this website is currently being collected by the Matomo web analysis service. Click here to stop data from your visit being collected.
Please note that if you delete cookies altogether, you will also delete the deactivation cookie. This means that you will need to opt out of the analysis of your usage behaviour again.
§ 6. Automated decision-making and transfer of personal data outside the EEA
Your personal data is not subject to automated decision making.
In extraordinary situations, i.e. those related to our use of services, tools and applications offered e.g. by Facebook Inc., Google Inc. your personal data may be transferred outside the European Economic Area. In the case of the above entities, and in particular with regard to the use of Google Analytics systems, Google Adwords data shall be transferred pursuant to Commission Implementing Decision (EU) 2016/1250 of 12th July 2016, adopted pursuant to Directive 95/46/EC of the European Parliament and the Council on the adequacy of protection provided by the EU-US Privacy Shield (notified under document no. C(2016). You have the right to obtain a copy of your personal data transferred to a third country.
§ 7. Data recipients
In each case the cataloque of recipients of personal data processed by the Controller results primarily from the scope of cooperation with the client or business partner whereas from the consents granted by him. Your personal data may be disclosed to our trusted business partners, i.e. entities with whom we cooperate, including, in particular, suppliers responsible for operating IT systems and equipment, entities providing accounting and book-keeping services, package and mail delivery companies, customs agencies, marketing agencies, law firms, debt collection and auditing companies, banks, as well as institutions, authorities or third parties that may make a proper request, based on the appropriate legal basis. In the processing of personal data, to a limited extent, may participate entities that technically support operation of our websites, including communication with our clients and business partners.
§ 8. The right to access personal data
As a result of processing your personal data by the Controller, you have the right to:
a) request access to your personal data;
b) rectify these data;
c) demand to supplement the data, also including by providing an additional statement;
d) remove data or limit their processing;
e) object to the further processing of your personal data;
f) transfer your personal data;
g) in the case of data processing on the basis of consent, you have the right to withdraw your consent to the processing of personal data at any time, and withdrawal of consent shall not affect the lawfulness of their processing carried out on the basis of consent given before the withdrawal.
The above rights can be exercised by contacting us at: daneosobowe@dbport.eu or by writing to the address of the Controller's office indicated in § 1 above, with the note “personal data”. The scope of each of these rights and the situations in which you can exercise them result from the law. The right and its scope shall each time depend also on the legal basis for data processing by the Controller and on the purpose of this processing. In case of doubts as to the correctness of the processing of your personal data by the Controller, you have the right to file a complaint to the supervisory body, i.e. President of the Personal Data Protection Office.
§ 9. Changes to our Privacy policy
The Controller reserves the right to change this Privacy policy by publishing its new content on the website. After making the change, the Privacy policy shall appear on the page with a new date. The current version of this Privacy Policy was adopted on 31st July 2021. and it is effective starting from this date.
Szczecin, 31 July 2021