Facebook Linkedin Youtube

Integrated services for
business

Data

Software

Cloud

Privacy policy

This document contains detailed information regarding the processing of Personal Data by the Administrator of the website https://integralservices.io. 

1. DEFINITIONS

The terms and expressions used in this Privacy Policy have the following meanings:

  1. Administrator – refers to the administrator of Personal Data, being a natural or legal person who independently or jointly with others determines the purposes and means of processing personal data (in accordance with Article 4(7) of the General Data Protection Regulation (GDPR)).
  2. Processing – refers to an operation or set of operations performed on personal data or sets of personal data (in accordance with Article 4(2) of the GDPR), which, within the Administrator’s activities, relate to the following main categories of individuals:
    1. CANDIDATES, meaning individuals who do not have a permanent cooperation with the Administrator, whose data the Administrator processes for the purposes of ongoing, future, or potential recruitment projects,
    2. EMPLOYEES OF THE ADMINISTRATOR, meaning individuals whose data the Administrator processes in connection with their permanent cooperation with the Administrator based on various legal relationships, in particular, the Administrator’s employees and contractors,
    3. EMPLOYEES OF THE ADMINISTRATOR’S CLIENTS, meaning individuals employed by the Administrator’s clients (contractors) or potential clients regardless of the legal basis of employment, including client representatives, whose data the Administrator processes in connection with their provision to the Administrator for the purpose of performing contracts or submitting offers between the Administrator and its clients.
  3. Personal Data – refers to any information about an identified or identifiable natural person (“data subject”) as defined in Article 4(1) of the GDPR; an identifiable natural person is one who can be directly or indirectly identified.
  4. GDPR – refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  5. Service – broadly refers to the internet service available at https://integralservices.io, including its related web pages, social media profiles, functionalities, and applications.
  6. User – refers to a natural person using the Service.
  1.  

2. GENERAL INFORMATION

  1. The Administrator of Personal Data is Integral Solutions Ltd., located at ul. Wspólna 35 lok. 1, 00-519 Warsaw, registered in the Register of Entrepreneurs kept by the District Court for the capital city of Warsaw, 12th Economic Department of the National Court Register, under the registration number KRS: 0000171717, NIP: 5272415083, Regon: 015549289.
  2. For matters related to personal data protection, anyone can contact the Administrator by traditional mail at the Administrator’s address or by email at: biuro@integralservices.io.

3. SECURITY

  1. The Administrator takes measures to protect Personal Data against unauthorized access by third parties and, in this regard, implements organizational and technical security measures, including but not limited to:
    1. Internal access restrictions to Personal Data in accordance with the principle of the need-to-know basis.
    2. Periodic security testing of the IT infrastructure.
    3. Use of cryptographic methods.
    4. Internal controls and audits of the collected Personal Data.
    5. Storage and processing procedures, as well as physical and IT security measures aimed at protecting against unauthorized access to systems.
  2. The Administrator does not disclose Personal Data to any unauthorized recipients, in accordance with the applicable legal regulations and this Privacy Policy.

4. CANDIDATES

  1. The Administrator processes Personal Data of CANDIDATES for the following purposes and on the following legal bases:
    1. Purposes related to conducting recruitment processes for employees, contractors, or other potential collaborators on behalf of the Administrator. The legal bases for processing are the consent of the data subject (Article 6(1)(b) of the GDPR) and the necessity to fulfill a legal obligation incumbent on the Administrator (Article 6(1)(c) of the GDPR).
    2. Purposes related to conducting recruitment processes by the Administrator for clients or potential clients of the Administrator. The legal basis for processing is the consent of the data subject (Article 6(1)(a) of the GDPR).
    3. Purposes related to establishing, investigating, or defending against potential claims arising from contracts concluded with the Administrator or its clients. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
  2. The Administrator processes the following Personal Data of CANDIDATES:
    1. Data necessary for conducting the recruitment process for employees of the Administrator, as listed in Article 221 of the Labor Code, including name, surname, date of birth, education data, skills, and professional experience (completed schools and studies, completed training courses, previous and current employers, positions held, and professional responsibilities).
    2. Data collected in the recruitment process for employees of the Administrator other than those mentioned above but provided to the Administrator, including data contained in letters of intent, CVs (phone number, email address, etc.), provided during negotiations with the Administrator, etc.
    3. Data provided in surveys or forms (e.g., newsletters) posted on the Service for purposes other than employment with the Administrator, including name, surname, contact details, education data, skills, and professional experience (completed schools and studies, completed training courses, previous and current employers, positions held, and professional responsibilities).
  3. Personal Data of CANDIDATES may be disclosed, in particular, to the following recipients (entities):
    1. Providers of services related to the provision of electronic recruitment platforms.
    2. Providers of services related to the support, maintenance, and management of IT networks and end-user devices.
    3. Providers of technical support services for applications in which Personal Data is processed.
    4. Clients of the Administrator (potential employers or clients).

5. EMPLOYEES OF THE ADMINISTRATOR

  1. The Administrator processes Personal Data of EMPLOYEES OF THE ADMINISTRATOR for the following purposes and on the following legal bases:
    1. Purposes related to the performance of contracts concluded by these individuals with the ADMINISTRATOR. The legal bases for processing are the necessity of Personal Data for the performance of a contract or for taking steps at the request of the data subject prior to entering into a contract (Article 6(1)(b) of the GDPR) and the necessity to fulfill a legal obligation incumbent on the Administrator (Article 6(1)(c) of the GDPR).
    2. Providing Personal Data to the contractors of the Administrator. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    3. Purposes related to establishing, investigating, or defending against potential claims arising from contracts concluded with the Administrator or its clients. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
  2. The Administrator processes the following Personal Data of EMPLOYEES OF THE ADMINISTRATOR:
    1. Data necessary for the performance of contracts with the Administrator or its clients, especially as listed in Article 221 of the Labor Code, including name, surname, date of birth, education data, skills, and professional experience (completed schools and studies, completed training courses, previous and current employers, positions held, and professional responsibilities).
    2. Data collected in the recruitment process other than those mentioned above but provided to the Administrator, including data contained in letters of intent, CVs (phone number, email address, etc.), provided during negotiations with the Administrator.
  3. Personal Data of EMPLOYEES OF THE ADMINISTRATOR may be disclosed, in particular, to the following recipients (entities):
    1. Providers of services related to the provision of electronic recruitment platforms.
    2. Providers of services related to the support, maintenance, and management of IT networks and end-user devices.
    3. Providers of technical support services for applications in which Personal Data is processed.
    4. Clients of the Administrator (potential employers or clients).

6. EMPLOYEES OF ADMINISTRATOR’S CLIENTS

  1. The Administrator processes Personal Data of EMPLOYEES OF ADMINISTRATOR’S CLIENTS for the following purposes and on the following legal bases:
    1. Purposes related to acquiring business clients or contacting them to present an offer. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    2. Purposes related to entering into and performing contracts with clients of the Administrator. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    3. Purposes related to establishing, investigating, or defending against potential claims arising from contracts concluded with clients. The legal basis for processing is the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
  2. The Administrator processes the following Personal Data of EMPLOYEES OF ADMINISTRATOR’S CLIENTS:
    1. Data necessary for contact purposes, especially provided to the Administrator by the clients of the Administrator or the individuals to whom the data relates, including name, surname, phone number, email address, etc.
  3. Personal Data of EMPLOYEES OF ADMINISTRATOR’S CLIENTS may be disclosed, in particular, to the following recipients (entities):
    1. Providers of services related to the support, maintenance, and management of IT networks and end-user devices.
    2. Providers of technical support services for applications in which Personal Data is processed.
    3. Collaborators and employees of the Administrator.

7. OTHER AREAS OF PROCESSING

  1. The Administrator also processes Personal Data for purposes other than those described in § 4-6 above, including:
    1. Purposes related to the provision of services within the Service, i.e., taking actions in response to a user’s request, particularly to prepare a response to a question asked or to prepare a customized offer. The legal basis for processing is the necessity of data for the provision of services (Article 6(1)(b) of the GDPR).
    2. Purposes related to ongoing contact. Processing is based on the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    3. Purposes related to managing the Service and analyzing the data collected therein. Processing is based on the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    4. Purposes related to direct marketing. Processing is based on the legitimate interest (Article 6(1)(f) of the GDPR). Direct marketing communications may also be conducted based on Article 10 of the Act of 18 July 2002 on the provision of electronic services or based on the consent of the data subject to receive commercial information via electronic means or Article 172 of the Act of 16 July 2004 Telecommunications Law.
    5. Purposes related to maintaining profiles on social media and internet platforms, such as Facebook, Instagram, LinkedIn, Twitter, YouTube. Processing is based on the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR).
    6. Purposes related to running a newsletter. Processing of Personal Data is based on the legitimate interest pursued by the Administrator (Article 6(1)(f) of the GDPR), in accordance with Article 10 of the Act of 18 July 2002 on the provision of electronic services and Article 172 of the Act of 16 July 2004 Telecommunications Law.
    7. Purposes related to registration for various types of events, including events, fairs, workshops, webinars.
  2. After appropriate notification by the Administrator, Personal Data may also be processed for other purposes, which may be based on:
    1. Voluntary consent given by the individuals to whom the data relates (Article 6(1)(a) of the GDPR).
    2. Applicable legal provisions when processing is necessary for compliance with a legal obligation by the Administrator (Article 6(1)(c) of the GDPR).
    3. Necessity for other purposes not mentioned above, based on the legitimate interests pursued by the Administrator or a third party (Article 6(1)(f) of the GDPR).
  3. Providing Personal Data is voluntary, but it is a condition for fulfilling the services by the Administrator or entering into a contract with the Administrator. It may also be required by law. The data subjects are informed by the Administrator in the appropriate information clause about the voluntary nature or the necessity of disclosing specific Personal Data.

8. OTHER CASES OF PERSONAL DATA DISCLOSURE

  1. In cases other than those described in sections 4-6 of this Privacy Policy and to the extent justified by the purpose of processing, the Administrator will disclose Personal Data to entities acting on its behalf, such as service and IT solution providers, consultants providing services in the Service, marketing agencies, entities providing accounting, legal, financial, insurance, and administrative services, auditors, entities conducting customer satisfaction surveys on behalf of the Administrator, entities providing customer support services on behalf of the Administrator, entities engaged in message delivery services, advisors, and entities providing tools mentioned in point XI of this Privacy Policy (Cookies).
  2. If required by law or necessary for the establishment, exercise, or defense of legal claims, the Administrator may disclose Personal Data to public authorities, including courts, prosecutors’ offices, or the police, as well as professional representatives (these entities will become separate controllers of Personal Data in such cases).
  3. Personal Data may be transferred to entities processing them on behalf of the Administrator, whereby such entities process Personal Data based on an appropriate data processing agreement concluded with the Administrator and in accordance with the Administrator’s instructions.

9. RETENTION PERIOD OF PERSONAL DATA

  1. To the extent that Personal Data is processed by the Administrator for the performance of a contract, the Administrator will process it for the duration of that contract.
  2. To the extent that Personal Data is processed for the legitimate interests of the Administrator, it will be processed for the period of existence of the legitimate interest, unless the data subject objects to the processing of such data before that time. If the Administrator can demonstrate the existence of compelling legitimate grounds for further processing that override the rights and interests of the data subject, or for the establishment, exercise, or defense of legal claims, defense of the Administrator’s position in criminal, administrative, or misdemeanor proceedings, as well as prevention of potential abuses or frauds, the Administrator will continue to process the data despite the objection (except for objections regarding direct marketing, which do not require justification).
  3. To the extent that Personal Data is processed based on the consent of the data subject, it will be processed until the consent is withdrawn.
  4. To the extent that Personal Data is processed for the purpose of fulfilling the obligations arising from legal provisions (e.g., the Accounting Act, the Labor Code, tax regulations, or the GDPR), it will be processed for the period specified in such provisions.
  5. To the extent that Personal Data is processed for the purpose of establishing or pursuing claims, as well as for defense against such claims, it will be processed for the limitation period of the claims of the data subject or the Administrator.

10. RIGHTS OF THE DATA SUBJECT

  1. In relation to the processing of Personal Data, the data subject has the following rights:
    1. The right to request access to their Personal Data.
    2. The right to request the rectification of their Personal Data if they believe it is inaccurate or incomplete.
    3. The right to request the erasure of their Personal Data if: (i) the data is no longer necessary for the purposes for which it was collected by the Administrator; (ii) the data subject has withdrawn their consent to the processing of Personal Data, and the Administrator does not have any other legal basis for processing the Personal Data; (iii) the data subject objects to the processing of Personal Data, and there are no overriding legitimate grounds for the processing by the Administrator, or the data subject objects to the processing of Personal Data for direct marketing purposes; (iv) the Personal Data has been processed unlawfully; (v) the erasure of Personal Data is required to fulfill a legal obligation. The right to erasure does not apply to Personal Data processed based on applicable legal provisions or data processed for the purpose of establishing, exercising, or defending legal claims.
    4. The right to request the restriction of processing of their Personal Data if: (i) the data subject notices that their Personal Data is inaccurate – they can request the restriction of processing their Personal Data for a period that allows the Administrator to verify the accuracy of the data; (ii) the Personal Data is processed unlawfully, but the data subject does not want it to be erased by the Administrator; (iii) the Personal Data is no longer necessary for the Administrator, but it may still be needed by the data subject for the establishment, exercise, or defense of legal claims; (iv) the data subject objects to the processing of data – until it is determined whether the legitimate grounds on the part of the Administrator override the grounds of the objection.
    5. The right to object to the processing of Personal Data when the processing is based on the legitimate interests of the Administrator and the objection is justified by the specific situation of the data subject.
  2. The data subject also has the right to withdraw any given consent, based on which the Administrator processes Personal Data, as well as consent to the use of their email address and phone number for marketing purposes. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  3. To exercise the above-mentioned rights, the data subject should contact the Administrator at the email address provided in this Privacy Policy.
  4. The data subject also has the right to lodge a complaint with the supervisory authority if they believe that the processing of their Personal Data violates the provisions of the GDPR. The complaint should be lodged with the supervisory authority, which, from May 25, 2018, is the President of the Office for Personal Data Protection.

11. COOKIES

  1. Cookies (also known as HTTP cookies) are small text files that the website sends to the browser and the browser sends back to the website each time you visit it.
  2. Cookies are stored in the memory of devices and read by the server during each connection to the website.
  3. Cookies do not contain information that allows third parties to access the User’s Personal Data or contact them through email or phone.
  4. By using the website without changing the software settings (browser), the User consents to the storage of Cookies on their end device and the use of the information stored in them.
  5. Additional information about Cookies can be found on the website https://wszystkoociasteczkach.pl/.
  6. The legal basis for collecting data obtained from Cookies is Article 6(1)(f) of the GDPR, which allows the processing of personal data for the purposes of the legitimate interests pursued by the data controller. These interests include, in particular:
    1. Ensuring proper and secure functioning of the website for the User and their device.
    2. Adapting the website to the User’s individual settings and remembering the data entered by the User related to the use of the website, such as the choice regarding the storage of Cookies on the User’s device or remembering the password.
    3. Conducting statistical analysis of website visitors, such as visit statistics, which will contribute to improving the effectiveness of marketing activities and building a business strategy by the Administrator.
    4. Advertising, promotion, distribution of informational and advertising materials through the website.
  7. When using the website, the User remains anonymous until they decide otherwise. Information contained in system logs (e.g., IP address) is used by the Administrator for technical purposes related to server administration. In addition, IP addresses are used to collect general statistical demographic information, such as the region from which Users connect.
  8. The website uses the following Cookies and tools:
    1. LinkedIn
    2. Google Analytics
    3. Facebook
  9. The User can opt out of the collection of Cookies at any time by appropriately changing the settings in their Internet browser when connecting to the website. In such a case, using all the features of the website may be difficult or impossible. Additional information can be found at the following links:
    1. Google Chrome – https://support.google.com/chrome/answer/95647
    2. Firefox – https://support.mozilla.org/pl/kb/wylaczanie-ciasteczekpochodzacych-z-innych-witryn
    3. Safari – https://support.apple.com/pl-pl/guide/safari/sfri11471/mac
    4. – Opera – https://help.opera.com/pl/latest/web-preferences/#cookies

12. CONTACTING THE ADMINISTRATOR

The individual whose data is concerned may contact the Administrator regarding any matter related to Personal Data in the following ways:

  1. Sending a message to the email address: biuro@integralservices.io,
  2. Sending traditional correspondence to the address: Integral Solutions sp. z o.o., ul. Wspólna 35 lok. 1, 00-519 Warsaw.

The Administrator will be available to respond to any questions or concerns regarding the processing of personal data and provide necessary assistance.

Wspólna 35/1, 00-519 Warsaw, Poland

+48 22 828 33 05 – Office

biuro@integralservices.io

Sign up for our newsletter!

Facebook Linkedin Youtube
@2023

Integral Services. All rights reserved.

Privacy Policy.