The following document provides for the method of processing of personal data by Grupa Topex Sp. z o.o. Sp. k.

The controller of personal data is Grupa Topex Sp. z o.o. Sp.k. having its registered address in Warsaw at ul. Pograniczna 2/4, 02-285 Warsaw.

Our Company has implemented appropriate procedures and technical solutions in accordance with regulations on personal data protection which apply on the territory of the European Union and the Republic of Poland. The security procedures as well as technical and physical safeguards applied are intended to protect processed personal data against unauthorised access, loss, alteration, and unauthorised disclosure.

Our Clients' personal data, depending on the manner of communication with us, the type of the agreement / contract concluded, and the entity establishing cooperation, may be processed within the following scope:

  • data received from Clients: first and last name, telephone number, e-mail address, address of residence, NIP tax identification number, company data, bank account number.
  • automatically: Internet Protocol (IP) address used to connect the computer to the Internet, computer and connection information such as browser type and version, browser plug-in types and versions, operating system, cookies, Flash cookies (also known as Flash Local Shared Objects), session information, including website response time, page load errors, website visit duration, website interaction information (such as scrolling, clicking and mouse cursor movement), information on the devices connecting to our wireless network, and methods used to view the page

Our Clients' data are processed in order to:

  • carry out and complete the sales process regarding the products which we offer;
  • enable contact with us and familiarisation with our offer;
  • perform the agreement / contract previously concluded with the Client;
  • enable the Client to use our website;
  • monitor the activity on our website with the use of cookies and other analytical tools;
  • provide information on our products in accordance with the interests and needs of visitors to our website, using profiling based on Client's data held, including cookies and analytical tools;
  • carry out research and statistical analysis with respect to the functionality of the website, and improve its functioning;
  • recover debts, carry out litigation, arbitration and mediation proceedings;
  • conform to legal and regulatory requirements;
  • carry out market research, research on customer satisfaction and quality control, direct marketing and promotion activities (only on the basis of consents obtained).

The time of Clients' personal data processing depends on the purpose of processing, and it may be:

  • in the case of data processing pursuant to a(n) agreement / contract - throughout its period and the period of limitation regarding possible claims;
  • in the case of a consent from the person to whom the data refer - until the consent is revoked;
  • data processed within the framework of realisation of legitimate interests of Grupa Topex Sp. z o.o. Sp.k. - throughout its duration;
  • in the case of data processing for direct marketing purposes - throughout the time of objection from the person to whom the data refer;
  • data processed as a result of legal obligations of Grupa Topex Sp. z o.o. Sp.k. - throughout the time stipulated in applicable regulations.

For the proper functioning of our Company in daily activities, we use the support of services and products provided by our Suppliers. This requires the processing of personal data of Business Owners and their Employees.

The scope of the Suppliers' data covers: first and last name, e-mail address, telephone number, business, address, NIP tax identification number, bank account number, registration data.

Our Suppliers' data are processed in order to:

  • familiarise ourselves with the supplier's offer;
  • conclude a cooperation agreement;
  • communicate within the framework of mutual cooperation;
  • ensure provision of accounting services to our Company;
  • conform to legal and regulatory requirements.

Depending on the type of the document, the time of Suppliers' personal data processing may be:

  • data contained in the offer - 60 days.
  • agreements / contracts - throughout their period; as of discontinuation of cooperation - throughout the claim validity period.
  • financial records - for 5 calendar years, except for cases in which the data are required to carry out control activities, they are related to another tax period, or they are required to document potential claims.

Personal data of our Employees are processed within the scope permitted under the law: first name (names) and last name, names of parents, date of birth, place of residence (address for correspondence), PESEL personal identification number, NIP tax identification number, education, previous employment, first and last names and dates of birth of Employee's children if disclosure of such data is required by the Employee to exercise special rights provided for in the Labour Law, image, bank account number.

Our Employees' data are processed in order to:

  • conform to legal and regulatory requirements;
  • ensure safety within the premises of our Company;
  • make available information systems of the Company;
  • keep working time records which enable correct determination of the Employee's remuneration and other benefits associated with work.

The time of the processing of personal data is regulated by legislation and duration of the contract with the Employee, and it is as follows:

  • personal files - for 50 years as of the date of termination of the employment relationship.
  • payroll documentation - for 50 years as of the date of development.
  • documents regarding workers employed pursuant to civil law contracts - throughout the period required to access that information, provided for in applicable legislation (e.g. legislation on old age or disability pensions, tax legislation) - not less than 5 years.
  • in the event the Employee's consent - until it is revoked.
  • protection of mobile devices against unauthorised access to the data collected on them in the event of data loss.

When recruiting new employees or receiving applications for work with our Company, we process personal data of the applicants.

The scope of personal data is in line with applicable laws, or it has been voluntarily provided to us by the Applicant: first name(s) and last name, date of birth, place of residence (address for correspondence), education, previous employment, e-mail address, telephone number, image.

We process the foregoing data to carry out recruitment of new employees for our Company. We process the data depending on the consents expressed in the Candidates:

  • throughout recruitment of the position specified in the advert;
  • for the purpose of future recruitment regarding other positions - until the consent is revoked by the person to whom the personal data refer, however, not more than for 12 months of the date of application submission by the Applicant.

Given the requirements of the law, we also process, in the archive form thereof, personal data of our former Employees.

The scope and time of data processing is line with those applied during the employment period.

We store the data to document the employment history for the needs of former Employees, and as evidence documents in the case of inspection by state institutions (e.g. Social Insurance Institution, Revenue Office).

Individuals to whom the personal data refer have a right arising from the laws on personal data protection, which permits:

  • obtainment of information on the personal data processed;
  • access to the personal data processed;
  • correction, i.e. modification of any incomplete or inaccurate data processed;
  • in justified cases, deletion of personal data, i.e. the right to be forgotten; deletion of data when it is no longer justifiably required to continue their processing, or when the consent is revoked;
  • transfer of data, i.e. obtainment of data and reuse of data for other purposes by a different Data Controller;
  • objection to the processing of personal data if it is carried out for no justified reasons;
  • protection against automated decision-making and profiling.

Questions regarding the processing of personal data and resulting rights due to individuals to whom the data refer may be sent to the Inspector for Personal Data Protection, by writing to:

Within the framework of its activities, Grupa Topex Sp. z o.o. Sp.k. collaborates with external vendors who support us in implementing tasks necessary for the functioning of the Company. To that end, we may entrust personal data with third parties; for instance, for purposes related to the employee website, software maintenance, electronic mail, courier services, database management, payment processing, communication tool providers, information system providers (accounting, CRM, ERP, SFA, and fleet maintenance systems), disposal of documents. In the event of using external service providers, we only disclose personal data required by the services to be rendered. Suppliers of Grupa Topex Sp. z o.o. Sp.k. are required to ensure an adequate level of data protection and to comply with currently applicable legislation related to personal data protection. Third party service providers are bound by a confidentiality clause, and they may not use the entrusted personal data for purposes other than those specified in the contract with our Company.

We assure you that we not make your personal data available to third parties, except when so required by the law, for instance, pursuant to a court order, in order to prevent fraud or other illegal activity, and pursuant to a voluntary consent of the person to whom the data refer.

We hereby represent that we do not transfer personal data outside the European Economic Area.

We further represent that the automatic data processing applied in the use of our websites and tools intended to handle our Clients (inclusive of profiling) does not result in any legal implications with respect to the individuals to whom the personal data refer, nor does it materially affect their situation.

If you do not wish to receive cookies, you can modify your browser settings. We hereby stipulate that disabling cookies required for authentication, security, and user preference maintenance processes may hinder, and in some cases prevent, the use of websites.

To manage cookie settings, one needs to correctly configure settings for cookies in the browser used. Cookies may also be removed manually by means of cleaning the browsing history from the browser menu.

Any and all photographs, graphics, texts, presentations and other goods protected under the law and posted on our websites and in our corporate materials are subject to protection under the copyright law. Any and all copying, processing, modifying and using of the foregoing without the consent of the copyright holder is prohibited. Any and all marks of the products presented on our websites are registered trademarks, unauthorised use of which is prohibited.

Piotr Potowski – President of the Management Board

Inez Kulpińska – Member of the Management Board

Warsaw, 24.05.2018