The information contained in the Policy is of a general nature. Detailed information concerning the processing of specific personal data is made available each time the data is collected, in the form of an information clause placed in a visible and easily accessible place. This applies in particular to information about the purpose and legal basis of personal data processing, the storage period and the recipients to whom the data are transferred.
In case of doubt or contradiction between the Policy and the consent given by a person, the basis for taking and determining the scope of actions by the data controller is the voluntarily given consent or the law, irrespectively of the provisions contained herein.
The data controller is AboutHR Polska sp. z o.o. based in Wrocław at the following address:. Księcia Witolda St 49/15, 50-202 Wrocław.
AboutHR contact information: Email: firstname.lastname@example.org, Postal address: AboutHR Polska Sp.z o.o. ul. Księcia Witolda 49 lok. 15, 50-202, Wrocław, Polska
If you have provided additional consent, our partners may also be deemed data controllers of the data obtained from your online activities using technologies such as cookies.
Personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union.L No. 119, p. 1) (hereinafter: “GDPR”) and other applicable provisions of data protection law as are in force at any time throughout the duration of personal data processing. An identifiable natural person is one who can be identified, directly or indirectly in particular on the basis of an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, economic, cultural or social identity of the respective natural person.
The data controller shall take special care to protect the interests of data subjects, and in particular ensures that the data collected are:
The purpose and scope of data processing by the data controller depends upon the circumstances under which the data is acquired. When data is collected, the data controller shall provide all the necessary information on the purposes for which respective personal data is processed.
The purposes for which data may be collected by the data controller include:
In particular, the data controller may process the following personal data:
Is there an obligation to provide personal data or are there consequences for failing to do so?
Providing personal data is voluntary, however, it may be necessary to use certain functionalities of the AboutHR website.
Each time, the range of data required to perform a specific action is indicated in advance via respective communication channels. Failing to provide personal data may result in an inability to effectively perform a certain action.
Personal data processing is based on:
The data controller does not carry out any profiling as defined by the GDPR.
To whom may data be transferred?
The list of recipients of personal data processed by the data controller depends primarily on the scope of services provided by the data controller, and the nature of the relationship between AboutHR and the data subject.
The list of data recipients is also based on the Customer’s consent, or legal regulations, and is indicated in mandatory information provided when personal data is collected.
To a limited extent, the data controller’s partners may be involved in processing personal data, in particular those who technically assist in the smooth running of AboutHR’s business, including communication (i.e. IT-support for emails), providers of hosting or data communication services, carriers or agents carrying out shipments, companies that maintain software, as well as providers of legal and advisory services.
As part of the data controller’s use of tools provided to support its day-to-day operations, personal data may be transferred to a country outside the European Economic Area.
The data controller has put in place adequate safeguards for the transfer of personal data through the use of standard data protection clauses established by the European Commission and data processing and safeguarding agreements that meet GDPR requirements.
The Customer has the right to obtain a copy of the data controller’s safeguards for transferring personal data to a third country by contacting AboutHR.
Anyone may at any time:
The storage of personal data depends on the purposes for which it is processed. The data administrator sets the duration of storage for fulfilling this purpose.
Where processing of personal data is dependent on your consent, your personal data may be processed until you revoke it.
In any case:
Depending on the range of personal data and the purposes of their processing, they may be stored for varying periods.
In case of varying purposes processing, the longer duration of storage shall prevail.
Due to the fact that cookies technology (or functionality similar to cookies) used by the data administrator collects information on each person visiting the website, the following provisions of the Policy apply to users of the website.
Due to the fact that the data administrator may use solutions with functionality similar to cookies, the following provisions of the Policy also refer to these technologies accordingly.
A cookie is a small piece of text information that is sent by a server and stored locally by a visitor to a website (usually on a respective computer hard-drive or mobile device). It stores information that AboutHR’s website may need in order to adapt to the visitor’s use of the website, and to collect statistical information about the website (i.e. which pages were visited, what items were downloaded) and information about the domain name of the internet service provider, or the visitor’s country of origin. The storage technology identifies website users, which enables off-line use and storing of their preferences without requiring them to log in.
When a visitor uses the AboutHR website, cookies are used to identify the visitor’s browser or device – cookies collect various types of information that, in principle, do not constitute personal data (they do not identify the visitor). However, some information, depending on its content and use, may be linked to a specific person – for example attribution of certain behavior to a specific visitor, e.g. by linking it to the data provided when using a contact form – and thus be considered personal data.
For information collected by cookies that can be linked to a specific person, the provisions of the Policy relating to personal data and in particular those relating to the rights of the data subject shall apply.
The main purpose of cookies is to make it easier for visitors to use the AboutHR website, for example, by “remembering” the information they have provided so that they do not have to provide it each time, as well as to adapt its content, including the presented content, to their preferences. Cookies are also used to make the website more useful.
A visitor may object to actions taken by the data controller for the reasons described above. If a visitor gives consent, it may be withdrawn at any time, but this will not affect the lawfulness of the processing that was carried on the basis of consent prior its withdrawal.
The cookies used on the AboutHR website are not harmful to the visitor or the computer/end device used by the visitor, so we recommend that you do not disable them in your browsers. The About HR website uses two types of cookies: session cookies, which remain stored on the visitor’s computer or mobile device until the website is closed or the software (web browser) is turned off, and permanent cookies, which remain on the visitor’s device for the time specified in the cookies’ settings or until they are manually deleted in the web browser.
The personal data collected by cookies about visitors to the AboutHR website will be stored until you object. The data controller may delete personal data earlier, unless the law obliges the controller to store personal data longer.
Personal data may be stored longer by the data controller where they are required to make or defend against legal claims concerning the data controller, or to defend against claims (including by third parties), for the period of limitation determined by law and in particular the civil code.
In case of competing storage requirements, the longer duration of storage shall prevail.
The cookies used by the data administrator are mainly used to optimize the operation of the website. The administrator uses external website infrastructure providers to help build and manage the website. Third party providers providing services on the site have access to the data associated with a user’s cookie ID. Cookie data is securely stored on the servers of these providers. The providers have been carefully selected, are contractually bound and will not process your data for any other purpose.
A visitor to the AboutHR website can change the way cookies are used, by managing the consents given within the privacy settings on the website or through the browser, including blocking or deleting them. To do so, please change your browser settings. The removal method varies depending on the Internet browser used. Information on how to delete cookies should be located in the “Help” tab of the browser of your choice. Deletion of cookies is not the same as deletion of personal data by the data controller of personal data obtained through cookies.
It is also possible to block third-party cookies while accepting cookies used directly by the data controller (“block third-party cookies” option).
You can contact the data controller at any time through the contact channels indicated in the introduction of the Policy.
The administrator stores correspondence for statistical purposes and to ensure the best and quickest possible response to queries, as well as for complaint resolution. Addresses and data collected in this way will not be used for communication other than for purposes related to the implementation of the agreement.
When contacting the data controller in order to perform a specific action (e.g. submitting a complaint via a form), the data controller may again ask the person concerned to provide data, including personal data, i.e. name, surname, e-mail address, etc., in order to confirm the person’s identity and enable the person to be contacted on the matter and to perform the requested action. The provision of such data is not mandatory, but may be necessary to perform an action or obtain information of interest to the person concerned.
The data controller, taking into account the state of technical knowledge, the cost of implementation, and the nature, scope, context and purposes of personal data processing, as well as the risk of violation of the rights or freedoms of natural persons, while taking into account differing probabilities of occurrence and the gravity of the threat, shall apply the technical and organizational measures necessary to ensure the protection of the personal data being processed Such measures shall be appropriate to the threats and the category of data to be protected, and in particular, shall protect the data against their disclosure to unauthorized persons, obtention by an unauthorized person, processing in violation of binding regulations, and against any change, loss, damage or destruction. Disclosing information about the technical and organizational measures in place to ensure the protection of personal data processing may undermine their effectiveness and thus jeopardize the proper protection of personal data.
The data controller may change the Policy in the future, including for the following important reasons:
The data controller shall always post information about changes to the Policy on the website. With each change, a new version of the Policy will appear with a new date.
When does this version of the Policy enter into force?
The present version of the Policy is effective as of 20 October 2021.