IMMUSEC, as part of the services provided to clients, generally does not decide about the purposes and methods of personal data processing or does not process personal data.
“Personal data” is information that concerns living individuals (including individuals conducting business activity based on the entry into the Central Register and Information on Economic Activity) and allows identifying such individuals directly or indirectly (including by linking these individuals’ data with other data held). Examples of personal data types are: first name, last name, home address, e-mail address, PESEL number or location data. Data on corporations, organizational units without legal personality (including contact details of such entities) or deceased individuals, are not personal data.
In case of deciding about the purposes and methods of personal data processing or processing personal data by IMMUSEC as part of our services or for our own activities, IMMUSEC meets the requirements of Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (General Data Protection Regulation), so-called “GDPR”. This means that any personal data will always be processed by IMMUSEC as a personal data administrator or as a processor of personal data (so-called “processor”) and in compliance with obligations that the GDPR imposes on each of these roles.
If IMMUSEC provides services to customers electronically (“Electronic Services”), documents related to such services (primarily the regulations for the provision of electronic services) contain detailed provisions as to whether and how personal data are processed in connection with specific Electronic Services. Below, we present the general principles and requirements of GDPR related to the processing of personal data, which IMMUSEC uses (“General Principles”). If you use any of the Electronic Services and the General Rules are contrary to the principles of personal data processing in the Electronic Services you use – priority is always given to the rules set out for your Electronic Service.
IMMUSEC maintains a website at https://www.immusec.com, in Polish and English language versions.
Our website is operated using secure technologies, such as the https protocol, which provides encryption of data sent between the device, from which you visit our website, and the server where our website is located.
In certain situations it is possible that individuals visiting our website will provide us with their personal details. This applies to the following situations:
– filling out the contact form (“Contact Form”);
– submitting an inquiry via the contact form (“Inquiry”);
– sending us your CV in response to a job offer or to register in our CV database (“Curriculum Vitae”).
In the event that personal data is provided to us and we decide about the purposes and methods of its processing, the personal data administrator is: IMMUSEC Sp. z o.o., with its registered office in Warsaw, operating at ul. Mokotowska 1, 00-640 Warsaw, entered into the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw in Warsaw, XII Commercial Division of the National Court Register, under KRS number 0000360418, NIP: 9512317130, REGON: 142487704 (“IMMUSEC”).
The administrator of personal data can be contacted at the address indicated in paragraph 1 above, as well as by sending a contact form, located in the “contact” tab on our website or by sending an e-mail to: firstname.lastname@example.org.
Hereby we provide information required by the GPRD regarding the situation when IMMUSEC is the administrator of personal data:
|Lp.||Processing operation||Purpose of personal data processing||Legal basis for the processing of personal data||The period of storage of personal data|
|1.||Contact Form||making a contact to reply to your message||depending on the situation:
a) performance of the contract to which you are a party (if you already have a contract with IMMUSEC and you are contacting us via the Contact Form) or taking action on your request, before concluding the contract (when the potential goal of the contact may be the conclusion of a contract between us)
– art. 6 par. 1 letter b) GDPR
b) the legitimate interest of the administrator
– art. 6 par. 1 letter f) GDPR
the legitimate interest of IMMUSEC lies in the possibility of acquiring new customers or building a positive image of our brand
|3 years from the date of sending a message via the Contact Form
|2.||Inquiry||providing you with IMMUSEC’s commercial offer, for your express order, related to specific services provided by IMMUSEC||take action at your request, before concluding the contract
– art. 6 par. 1 letter b) GDPR
|3 years from the date of sending an Inquiry, or 5 years in the case when submitting an Inquiry will result in a contract between you and IMMUSEC|
|3.||Curriculum vitae||conducting the recruitment process for a specific position by IMMUSEC or using your CV for the future recruitment of IMMUSEC||the legitimate interest of the administrator
– art. 6 par. 1 letter f) GDPR
the legitimate interest of IMMUSEC lies in the search for new employees
|up to 1 year from the date of sending your CV to IMMUSEC|
Providing personal data in connection with the above situations is not a requirement under the law or a condition for entering into any contract with IMMUSEC. However, refusal to provide personal data in the above situations will result in the fact that we will not be able to meet the above-mentioned purposes of processing to individuals.
According to the GDPR, if IMMUSEC is the administrator of your personal data, you have the following rights with IMMUSEC:
IMMUSEC never uses automatic decision-making for individuals (including this based on profiling).
On the IMMUSEC website there are links to other websites, for example social networks and our business partners.
Remember that by clicking on such a link, you go to another website managed by another entity, that may present a different approach to personal data protection and privacy than IMMUSEC.