Privacy and Cookie Policy

AboutHR PRIVACY POLICY

The information contained in the Policy is of a general nature. Detailed information concerning the processing of specific personal data is made available each time the data is collected, in the form of an information clause placed in a visible and easily accessible place. This applies in particular to information about the purpose and legal basis of personal data processing, the storage period and the recipients to whom the data are transferred.

In case of doubt or contradiction between the Policy and the consent given by a person, the basis for taking and determining the scope of actions by the data controller is the voluntarily given consent or the law, irrespectively of the provisions contained herein.

The data controller is AboutHR Polska sp. z o.o. based in Wrocław at the following address:. Księcia Witolda St 49/15, 50-202 Wrocław.

AboutHR contact information: Email: info@abouthr.pl, Postal address: AboutHR Polska Sp.z o.o. ul. Księcia Witolda 49 lok. 15, 50-202, Wrocław, Polska

If you have provided additional consent, our partners may also be deemed data controllers of the data obtained from your online activities using technologies such as cookies.

Personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union.L No. 119, p. 1) (hereinafter: “GDPR”) and other applicable provisions of data protection law as are in force at any time throughout the duration of personal data processing. An identifiable natural person is one who can be identified, directly or indirectly in particular on the basis of an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, economic, cultural or social identity of the respective natural person.

The data controller shall take special care to protect the interests of data subjects, and in particular ensures that the data collected are:

  • processed lawfully, fairly and in a manner which is clear to the data subject;
  • collected for specified, explicit and legitimate purposes and not further processed in a way which is incompatible with those purposes;
  • appropriate, relevant and limited to what is necessary for the purposes for which they are processed;
  • correct and updated as necessary;
  • stored in a manner which enables identification of the data subject for no longer than is necessary for the purposes for which the data are processed;
  • processed in a way which ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by making use of appropriate technical or organizational measures.

The purpose and scope of data processing by the data controller depends upon the circumstances under which the data is acquired. When data is collected, the data controller shall provide all the necessary information on the purposes for which respective personal data is processed.

The purposes for which data may be collected by the data controller include:

  • entering into and performing a contract, or taking steps at the request of the data subject prior to entering into a contract;
  • receiving and processing complaints;
  • presenting offers regarding the services of the data controller and its partners;
  • pursuing and defending against claims, including those by third parties;
  • fulfilling legal obligations arising from legislation, e.g. tax and accounting, and in particular contractual obligations;
  • conducting correspondence and in particular replying to messages.

In particular, the data controller may process the following personal data:

  • any data collected by filling in the form, notably including name, surname, e-mail address, telephone number;

Is there an obligation to provide personal data or are there consequences for failing to do so?

Providing personal data is voluntary, however, it may be necessary to use certain functionalities of the AboutHR website.

Each time, the range of data required to perform a specific action is indicated in advance via respective communication channels. Failing to provide personal data may result in an inability to effectively perform a certain action.

Personal data processing is based on:

  • freely given consent – (art. 6(1)a GDPR);
  • applicable legislation – when processing is necessary for compliance with a legal obligation to which the data controller is subject, i.e. on the basis of tax or accounting regulations (Article 6(1)(c) GDPR);
  • other grounds not mentioned above in pursuit of the legitimate interests of the data controller or a third party, in particular to establish, assert or defend claims, conduct correspondence, including through contact forms (including replying to messages), market analysis and statistics (Article 6(1)(f) GDPR).

The data controller does not carry out any profiling as defined by the GDPR.

To whom may data be transferred?

The list of recipients of personal data processed by the data controller depends primarily on the scope of services provided by the data controller, and the nature of the relationship between AboutHR and the data subject.

The list of data recipients is also based on the Customer’s consent, or legal regulations, and is indicated in mandatory information provided when personal data is collected.

To a limited extent, the data controller’s partners may be involved in processing personal data, in particular those who technically assist in the smooth running of AboutHR’s business, including communication (i.e. IT-support for emails), providers of hosting or data communication services, carriers or agents carrying out shipments, companies that maintain software, as well as providers of legal and advisory services.

As part of the data controller’s use of tools provided to support its day-to-day operations, personal data may be transferred to a country outside the European Economic Area.

The data controller has put in place adequate safeguards for the transfer of personal data through the use of standard data protection clauses established by the European Commission and data processing and safeguarding agreements that meet GDPR requirements.

The Customer has the right to obtain a copy of the data controller’s safeguards for transferring personal data to a third country by contacting AboutHR.

Anyone may at any time:

  • lodge a complaint with the Data Protection Commissioner;
  • transfer personal data, initially provided by consent or contract to the data controller for automatic processing, to another data controller;
  • access their personal data (including obtaining information on what types of personal data are being processed);
  • request correction of their personal data (if personal data is incorrect) or deletion of personal data (if personal data has been processed in an unlawful manner);
  • withdraw consent for personal data processing of their personal data, whereby the withdrawal of consent shall not affect the processing of personal data carried out by the data controller prior to consent being withdrawn;
  • object to the processing of their personal data being carried out in order to pursue legitimate interests of the controller or of a third party (if there are no other valid legitimate grounds for processing overriding the interests of the Customer).

The storage of personal data depends on the purposes for which it is processed. The data administrator sets the duration of storage for fulfilling this purpose.

Where processing of personal data is dependent on your consent, your personal data may be processed until you revoke it.

In any case:

  • personal data will be stored where legal regulations (e.g. accounting or tax regulations) oblige the data controller to process them;
  • personal data will be stored longer where they are required to make or defend against legal claims concerning the data controller, or to defend against claims by third parties, for the period of limitation determined by law and in particular the civil code;
  • personal data collected for the purpose of concluding and performing a contract will be processed for the duration of the contract;
  • personal data processing based on the legitimate interest of the data controller will continue until you raise an objection to such processing.

Depending on the range of personal data and the purposes of their processing, they may be stored for varying periods.

In case of varying purposes processing, the longer duration of storage shall prevail.

Due to the fact that cookies technology (or functionality similar to cookies) used by the data administrator collects information on each person visiting the website, the following provisions of the Policy apply to users of the website.

The AboutHR website uses technology that stores and accesses information on your computer or other device connected to the network (in particular, through the use of cookies or related solutions), in order to provide maximum comfort when using the website, including for statistical purposes. Information may be collected about the online activity of the site’s users, when visiting the AboutHR website.

Due to the fact that the data administrator may use solutions with functionality similar to cookies, the following provisions of the Policy also refer to these technologies accordingly.

A cookie is a small piece of text information that is sent by a server and stored locally by a visitor to a website (usually on a respective computer hard-drive or mobile device). It stores information that AboutHR’s website may need in order to adapt to the visitor’s use of the website, and to collect statistical information about the website (i.e. which pages were visited, what items were downloaded) and information about the domain name of the internet service provider, or the visitor’s country of origin. The storage technology identifies website users, which enables off-line use and storing of their preferences without requiring them to log in.

When a visitor uses the AboutHR website, cookies are used to identify the visitor’s browser or device – cookies collect various types of information that, in principle, do not constitute personal data (they do not identify the visitor). However, some information, depending on its content and use, may be linked to a specific person – for example attribution of certain behavior to a specific visitor, e.g. by linking it to the data provided when using a contact form – and thus be considered personal data.

For information collected by cookies that can be linked to a specific person, the provisions of the Policy relating to personal data and in particular those relating to the rights of the data subject shall apply.

Obtaining and storing information using cookies is possible on the basis of consent provided by visitors to the AboutHR website. By default, web browsers or other software installed on computers or other devices connected to the network allow cookies to be placed on such devices and thus collect information about visitors. In your browser settings or within the privacy policy management on the AboutHR website, the consent given to the use of cookie technologies, including by our partners, can be modified or revoked at any time (this may lead to some parts of the website no longer functioning properly). Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent provided before consent was withdrawn. The processing of data obtained in this way is based on the legitimate interest of the data controller, which is the need to ensure the highest quality of content presented by adapting it to individual preferences. On the other hand, to the extent that partners of the data controller may have direct access to this information, the legal basis for such processing is the voluntary consent of the visitor.

The main purpose of cookies is to make it easier for visitors to use the AboutHR website, for example, by “remembering” the information they have provided so that they do not have to provide it each time, as well as to adapt its content, including the presented content, to their preferences. Cookies are also used to make the website more useful.

A visitor may object to actions taken by the data controller for the reasons described above. If a visitor gives consent, it may be withdrawn at any time, but this will not affect the lawfulness of the processing that was carried on the basis of consent prior its withdrawal.

The cookies used on the AboutHR website are not harmful to the visitor or the computer/end device used by the visitor, so we recommend that you do not disable them in your browsers. The About HR website uses two types of cookies: session cookies, which remain stored on the visitor’s computer or mobile device until the website is closed or the software (web browser) is turned off, and permanent cookies, which remain on the visitor’s device for the time specified in the cookies’ settings or until they are manually deleted in the web browser.

The personal data collected by cookies about visitors to the AboutHR website will be stored until you object. The data controller may delete personal data earlier, unless the law obliges the controller to store personal data longer.

Personal data may be stored longer by the data controller where they are required to make or defend against legal claims concerning the data controller, or to defend against claims (including by third parties), for the period of limitation determined by law and in particular the civil code.

In case of competing storage requirements, the longer duration of storage shall prevail.

The cookies used by the data administrator are mainly used to optimize the operation of the website. The administrator uses external website infrastructure providers to help build and manage the website. Third party providers providing services on the site have access to the data associated with a user’s cookie ID. Cookie data is securely stored on the servers of these providers. The providers have been carefully selected, are contractually bound and will not process your data for any other purpose.

A visitor to the AboutHR website can change the way cookies are used, by managing the consents given within the privacy settings on the website or through the browser, including blocking or deleting them. To do so, please change your browser settings. The removal method varies depending on the Internet browser used. Information on how to delete cookies should be located in the “Help” tab of the browser of your choice. Deletion of cookies is not the same as deletion of personal data by the data controller of personal data obtained through cookies.

It is also possible to block third-party cookies while accepting cookies used directly by the data controller (“block third-party cookies” option).

Restricting the use of cookies on a given device prevents or significantly impedes the proper use of AboutHR website. For example, it may be associated with the inability to maintain a login session.

You can contact the data controller at any time through the contact channels indicated in the introduction of the Policy.

The administrator stores correspondence for statistical purposes and to ensure the best and quickest possible response to queries, as well as for complaint resolution. Addresses and data collected in this way will not be used for communication other than for purposes related to the implementation of the agreement.

When contacting the data controller in order to perform a specific action (e.g. submitting a complaint via a form), the data controller may again ask the person concerned to provide data, including personal data, i.e. name, surname, e-mail address, etc., in order to confirm the person’s identity and enable the person to be contacted on the matter and to perform the requested action. The provision of such data is not mandatory, but may be necessary to perform an action or obtain information of interest to the person concerned.

The data controller, taking into account the state of technical knowledge, the cost of implementation, and the nature, scope, context and purposes of personal data processing, as well as the risk of violation of the rights or freedoms of natural persons, while taking into account differing probabilities of occurrence and the gravity of the threat, shall apply the technical and organizational measures necessary to ensure the protection of the personal data being processed Such measures shall be appropriate to the threats and the category of data to be protected, and in particular, shall protect the data against their disclosure to unauthorized persons, obtention by an unauthorized person, processing in violation of binding regulations, and against any change, loss, damage or destruction. Disclosing information about the technical and organizational measures in place to ensure the protection of personal data processing may undermine their effectiveness and thus jeopardize the proper protection of personal data.

The data controller may change the Policy in the future, including for the following important reasons:

  • changes in applicable regulations, in particular those concerning personal data protection, telecommunications law, services provided by electronic means, and consumer rights, affecting the rights and obligations of the data controller or the rights and obligations of the data subject;
  • development of enhancements resulting from advances in internet technology, including the use/implementation of new technological or technical solutions, affecting the scope of the policy.

The data controller shall always post information about changes to the Policy on the website. With each change, a new version of the Policy will appear with a new date.

When does this version of the Policy enter into force?

The present version of the Policy is effective as of 20 October 2021.

Would like to receive interesting articles about recruiting?