Content and materials published on the gww.pl website
The materials available on this website are for informational purpose only and do not constitute legal advice or opinion. Unless reserved otherwise, usefulness of these materials for determination of the legal status in a specific case is explicitly excluded.
Using these materials requires consent of the authorised entities, apart from the exclusions laid down in the provisions of law commonly in force such as fair use within the meaning of the Act of 4 February 1994 on copyright and related rights (Journal of Laws of 2006 No. 90, item 631, consolidated text, as amended).
Pursuant to Article 13 clauses 1-2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the GDPR), we hereby inform that:
The following entities shall be the joint controllers of personal data (hereinafter: Controller):
- GWW GRYNHOFF I PARTNERZY RADCOWIE PRAWNI I DORADCY PODATKOWI SPÓŁKA PARTNERSKA with its registered office in Warsaw, ul. Piękna 18, 00-549 Warsaw,
- GWW LADZIŃSKI, CMOCH I WSPÓLNICY SPÓŁKA KOMANDYTOWA with its registered office in Warsaw, ul. Piękna 18, 00-549 Warsaw
Any and all information on personal data should be sent to the following email address: email@example.com or by regular mail to the address of the Joint Controller referred to in clause 1 above.
Purpose and legal basis of data processing
Your data can be processed for analytical purposes related operating the website.
Basis for processing: granted consent or legitimate interest of the controller (e.g. better tailoring of products/services to the needs of our clients, general optimisation of our websites, service process optimisation, establishing knowledge on the visitors of our websites, financial analysis of our company, etc.), Article 6 clause 1 letters a and f.
Data storage period
- in the cases of grating consent – until its withdrawal, limitation or any other actions of the party limiting this consent,
- when data is necessary to perform the agreement, throughout its term and until the expiry of the prescription of claims under this agreement (3 or 10 years),
- when the basis for data processing is the legitimate interest of the controller, until the effective objection is raised,
- for tax and accounting purposes, in the scope and for time period compliant with the provisions in force,
If we process data on the basis of a consent, it can be withdrawn at any time and data will be processed only until the moment of that withdrawal.
- Personal data can be made available to our business partners, i.e. the companies with which we cooperate, only for the purposes referred to above (for analytic purposes).
- Moreover, this data can be transferred to our sub-contractors (processors) e.g. IT service providers, marketing agencies, provided that such entities process data under the agreement entered into with the Controller and only and exclusively following the instructions issued by the Controller.
Transferring data outside the EEA
Personal data cannot be made available outside the European Economic Area.
Joint arrangements between the Controllers
Pursuant to the Joint Control Agreement entered into between the Joint Controllers, we agreed on the scopes of our responsibility in meeting the requirements under the GDPR. In particular, we agreed as follows:
- The Controllers shall be jointly responsible for fufillment of disclosure requirement and it can be fulfilled by any Controller.
- Each Joint Controller shall be responsible for enabling the enforcement of rights of data subject, while Joint Controller No. 1 shall be responsible for fulfilment of data subject requests. This means that Joint Controller shall in any case transmit the request for enforcement of data subject rights to the Joint Controller No. 1, who is responsible for fulfilment of data subject request.
- Joint Controller No. 2 can process personal data in the file of Joint Controller No. 1, provided that this processing is performed for the same purposes, in which it is performed by Joint Controller No. 1.
- This information constitutes the essential part of arrangements made between the Joint Controllers.
Rights of data subject
- Right of access to data and the right of rectification, erasure and restriction of processing. When the basis for processing of personal data is the legitimate interest of the Controller, there is a right to object to personal data processing. In exceptional cases, you have the right to object to processing for analytic purposes.
- In the scope, in which the consent constitutes the basis for data processing, you have the right of withdrawal of consent. Such withdrawal of consent shall not affect the lawfulness of processing performed on the basis of such consent before its withdrawal.
- Within the scope, in which data is processed for entering into and performance of the agreement/providing services or processed on the basis of consent, you have the right to transfer your personal data. In such case, you will receive from us your personal data in a structured, commonly used and machine-readable format. You can transmit this data to any other controller.
- The right to lodge a complaint to the supervisory authority competent for the protection of personal data, when you consider that processing of personal data infringes the provisions of the General Data Protection Regulation of 27 April 2016. Detailed information is available at the address: www.uodo.gov.pl
Cookie files are information data, in particular text files, stored in the end device of the user of our website. Cookies usually contain the name of website domain, from which they are derived, storage time at the end device and unique number. Cookies are not used for user identification and for determination of the user entity.
The website can place a cookie in the browser, if the browser allows to do so. In addition, the browser enables the website to access only the cookies placed by this website and blocks the files placed by other websites.
In many cases, software used for website browsing (Internet browser) enables storage of information in the form of cookies and other similar technologies in the end device of the user by default. The user can however change these settings at any time. Failure to do so means that this information can be placed and stored in its end device and therefore that we will store information in the end device of the user and have access to this information. At the level of Internet browser utilised by the user, it is possible to manage cookies personally. The most popular browsers enable among others:
- accepting cookies, which enables full use by the user of options offered by the websites;
- cookies management at the level of individual websites selected by the user;
- specifying the settings for different types of cookies, for example accepting permanent cookies as session cookies, etc.;
- blocking or removing cookies.
- tailoring the website content to user’s preferences and optimisation of website use; e.g. cookies enable in particular identification of the user’s device and correct display of the website tailored to its individual needs;
- creating the statistics that help to understand, in what way the users utilise the services and applications, which enable improvements of their structure and content;
Types of cookies we use
Due to life-cycle of cookies and other similar technologies, we use two essential types of these files:
- session – temporary files stored on the user’s end device, until logging-out, leaving the website and the application or disabling the software (Internet browser);
- permanent – stored on the user’s end device for a time period specified in the cookies parameters or until deleted by the user.
Due to the purpose of cookies and other similar technologies, we can use their following types:
- necessary for correct operation of the service and application – enabling utilisation of our services e.g. authenticating cookies used for the services that require authentication;
- files used to ensure security e.g. used to detect misuses in the scope of authentication;
- performance – enabling collection of information on the way the websites and applications are used;
- functional – enabling „remembering” of settings selected by the user and personalisation of the user interface e.g. in the scope of the selected language or region, from which the user comes, font size, website and application layout etc.;
- statistical – used for computing statistics concerning websites and applications.
When the user visits the website, the software operating on the server providing access to these websites can also store the following data: HTTP queries (including IP addresses, from which these queries are sent and information on the resources browsed by the user); query reception time and response time; in the case in which the query was sent via link published on the other site, the address of such website (so called referrer); information on the operating system, browser and other data made available by the user computer, depending on its configuration; other data sent by the user computer via HTTP protocol (more information in the RFC 2616 available at the address http://www.w3.org/Protocols/rfc2616/rfc2616.html).