The following capitalised terms in this document have the following meanings:
- PMR or Controller – PMR Ltd. Sp. z o.o., with its registered office in Kraków, ul. Królewska 57, 30-081 Kraków KRS No. 0000057694
- PMR Website – pmrmarketexperts.com
- User – a person using the PMR Website, including someone providing data for the purpose of communication with PMR or downloading materials from the PMR Website
Controller of personal data
- The following are the provisions which govern PMR’s approach to the purposes, and use of, personal and company data, along with relevant security and storage issues.
In accordance with Articles 13 and 14 of the General Data Protection Regulation of 27 April 2016 (OJ L 119/1, 4.5.2016), hereinafter referred to as the “Regulation” or “GDPR”, we provide, in the following paragraphs, information on the processing of Users’ personal data, along with Users’ rights in the arena of such processing.
- The personal data Controller is PMR Ltd. Sp. z o.o., with its registered office in Kraków, ul. Królewska 57, 30-081 Kraków KRS No. 0000057694. The Controller may be contacted by sending correspondence to the address given above or by e-mail at: firstname.lastname@example.org, or by phone: +48 12 340 51 30.
Nature of the data collected
- The information about Users collected by PMR invariably includes:
3.1 designations identifying the telecommunications network end point or ICT system favoured by the User;
3.2 information pertaining to the commencement, termination and scope of each use of PMR’s products and/or services, in addition to PMR’s Website;
3.3 internet protocol (IP), which is used to connect to the internet;
3.4 the nature and version of the internet browser, along with the form and version of the operating system;
3.5 the URL from which the User has accessed the PMR Website;
3.6 geographic data, and information on the User’s website behaviour, location and interests;
3.7 information on the order status of the free materials when the User requests them by means of the forms on the website.
- The information collected invariably includes, but is not limited to, Cookies (these are stored on the User’s computer hard drive when the person is viewing one of the PMR Websites; their purposes include the storage of session information, customisation of the website and advertisements displayed on other sites, along with the compilation of statistics; the website may not function properly if Cookies are disabled). Details of the policy related to Cookies can be found later in this document.
- Information voluntarily provided by visitors to the PMR Website is collected when they are:
5.1 completing forms: e.g., contact, registration or order forms;
5.2 sending enquiries about products and/or services via the PMR Website;
5.3 requesting more detailed information on products and/or services;
5.4 subscribing to newsletters;
5.5 subscribing to other materials (including articles and market information), notifications and marketing or information mailings;
5.6 adding comments and using the forum or chat;
5.7 using other similar features of the PMR Website made available by the Controller from time to time.
- Registration and completion of the forms available on the PMR Website are voluntary. Failure to provide personal data on the PMR Website does not prevent Users from using the Website, but it does preclude the option to order or download free materials.
- The personal or business information which Users may be asked to provide on the PMR Website includes, but is not limited to: e-mail address, first name, surname, job title, company, website address, industry, postal address, city, postal code, country, phone number and the industries in which the User is interested.
- The Controller will process the personal data set out in section 3 and the related data indicated in section 7, along with the data which the User will provide to the Controller at his/her own discretion.
Purpose of collection and use of and related security
- Personal data, regardless of how they are obtained, will be used for the following purposes:
9.1 to respond to enquiries made via the contact details available on the website and further related correspondence, via e-mail or other forms of communication (Article 6(1)(a) and (b) GDPR);
9.2 to conclude and carry out the stipulations of the concluded contracts (Article 6(1)(b) GDPR), including delivery of the ordered products, services and/or other requested materials;
9.3 to fulfil the Controller’s obligations toward public bodies, such as tax authorities and the Social Insurance Institution (ZUS), (Article 6(1)(c) GDPR), as required by law;
9.4 to carry out internal analytics and reporting for the Controller’s own purposes, associated with improvements in the Controller’s operations and the PMR Website (Article 6(1)(f) GDPR), including: the maintenance of the User’s session; along with the customisation of the website in accordance with the User’s preferences and the device favoured by the User; the diagnosing of potential problems; the creation of statistics reports related to the way in which the websites are used; the improvement of products and services, and the manner in which the PMR Website works;
9.5 to pursue direct marketing, within the bounds of the User’s consent, of the Controller’s own products or services or those of its business partners (Article 6(1)(f) GDPR), in particular, informing the User about other products, services and/or materials which may be of interest, using communication methods to which the User has consented;
9.6 to assert the Controller’s legitimate interests or proffer protection against claims (Article 6(1)(f) GDPR).
- Free materials and subscriptions – subscription to electronic free materials, newsletters and other marketing, along with information and commercial notifications and mailing, is subject to user requests and depends upon the User’s consent, which is provided in the form of his/her e-mail address and other necessary information which may be requested from the User when the forms used for this purpose are being completed.
Period of retention of personal data
- Users’ personal data will be stored:
12.1 for the duration of the cooperation/correspondence between the User and the Controller, or
12.2 in cases involving the processing of the personal data of Users who are employees/representatives of a PMR contractor, for the period of cooperation between the Controller and the entity for which the User works or which he or she represents, and for a further period necessary to protect the Controller’s interests in the arena of such cooperation;
12.3 where processing is based on consent, for the period for which such consent has been given or until it is withheld;
12.4 to maintain the User’s account set up on the PMR Website.
- Personal data may also be retained after the time strictures described for the period required by the applicable law or the time necessary for the Controller to protect or assert its interests (in essence, until the expiry of the statute of limitations for civil law and tax liabilities).
Recipients of personal data
- The personal data provided by the User will be made available to persons cooperating with, and under the aegis of, the Controller, and may also be made available to external entities whose responsibilities include accounting and HR or IT services. Personal data may also be communicated to other entities in connection with the Controller’s exercise of its rights and duties (including tax authorities, courts and bailiffs).
- Personal data will be processed by the following entities used by the Controller for the operation of the PMR Website:
OHVcloud – for server hosting; the link to the data protection policy of the supplier is: www.ovhcloud.com/pl/personal-data-protection
Rights of persons whose personal data is processed by the Controller
- With regard to his/her personal data processed by the Controller, the User has the following rights, which can be exercised by notifying the Controller each time he/she wishes to exercise the rights, by e-mail at email@example.com.
- Right to withdraw the consent stipulated by (Article 7(3) GDPR):
17.1 Where the processing of personal data is based on the User’s consent, the User has the right to withdraw such consent at any time. The withdrawal of the consent will not affect the lawfulness of the processing based on the consent before its withdrawal. The withdrawal of consent will take effect at the moment at which a statement is made about such withdrawal.
17.2 The User may exercise this right by sending an e-mail to firstname.lastname@example.org.
17.3 The withdrawal of the consent granted for the processing of personal data may result in the Controller’s inability to fulfil its obligations, and this may, in fact, make it impossible for the Controller to act for the benefit of the User.
- Right of access to one’s personal data (Article 15 GDPR):
18.1 The user has the right to access all of his/her personal data, along with the right to access information pertaining to the data, such as the purposes of the processing, the categories of data processed, the recipients and the duration of the processing. The Controller must provide a copy of the personal data being processed upon request. In the absence of any other indicated form of data delivery, the data will be provided electronically. The compiling and delivery of the first copy of the data will be free–of–charge. The Controller may charge a reasonable fee based on the administrative costs for any subsequent data provision.
18.2 The User may exercise this right by sending an e-mail to email@example.com.
- Right to correct personal data (Article 16 GDPR):
19.1 The User has the right to correct his/her data processed by the Controller if they are inaccurate. The User also has the right to supplement incomplete personal data (taking the objective of the processing into account), including the provision of a supplementary statement.
19.2 The User may exercise this right by sending an e-mail to firstname.lastname@example.org.
- Right to data erasure (Article 17 GDPR):
20.1 The User has the right to be forgotten, under which he or she may request that the Controller erase his or her personal data and ensure that the Controller informs other controllers, to whom the description of the User’s data to be erased has been made available. The need to erase links to, copies of or replication of, the said data must also be taken into account. The occurrence of any of the following situations may be relevant to these rights:
20.1.1 personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
20.1.2 consent to the processing of personal data, which is the only legal basis for data processing, has been withdrawn;
20.1.3 an objection has been raised, on grounds relating to the User’s particular situation, to the processing of his/her personal data in pursuit of legitimate interests pursued by the Controller, and there are no overriding legitimate grounds for the processing;
20.1.4 an objection has been raised to the processing of personal data for direct marketing;
20.1.5 personal data have been processed unlawfully;
20.1.6 erasure of the data is necessary to comply with a legal obligation under European Union or Polish law;
20.2 The User may exercise this right by sending an e-mail to email@example.com.
- The User has the right to restrict processing in the following cases (Article 18 GDPR):
21.1 where the accuracy of the personal data is contested, for a period which will enable the Controller to check the accuracy of the personal data;
21.2 when the processing is unlawful and the User objects to the erasure of the personal data, requesting, instead, a restriction of use;
21.3 when the Controller no longer needs the personal data for the purposes of the processing, but they are needed by the User to establish, assert or defend his/her claims;
21.4 where the User has raised an objection to processing under Article 21(1) GDPR, until such time as is necessary to determine whether the legitimate grounds on the part of the Controller override those of the User.
21.5 The User may exercise this right by sending an e-mail to firstname.lastname@example.org.
21.6 The request to restrict the processing of personal data may result in the Controller’s inability to fulfil its obligations, and this may, in fact, make it impossible for the Controller to act for the benefit of the User.
- Right to data portability (Article 20 GDPR):
22.1 The User has the right to transmit his/her personal data processed by the Controller by automated means or on the basis of consent or a contract, and, as a result, the User may request that:
22.1.1 he/she receive his/her personal data previously provided to the Controller on the basis of consent or a contract or in connection with the User’s request for pre-contractual activity, along with data which the Controller processes by automated means;
22.1.2 the above data be transmitted without delay;
22.1.3 the Controller transmit the data in question to another controller, insofar as this is technically feasible.
22.2. The above right entitles the User to receive the aforementioned data in a structured, commonly used machine-readable format.
- Right to object to the processing of personal data (Article 21 GDPR):
23.1 The User has the right to object to:
23.1.1 the Controller’s processing of the User’s personal data for marketing purposes;
23.1.2 the Controller’s processing of the User’s personal data for purposes arising from a claimed legitimate interest pursued by the Controller. The objection must be based on reasons relating to the User’s particular situation. Permission to process the personal data will not be forthcoming unless the Controller can demonstrate compelling legitimate grounds for the processing which override the User’s interests, rights and freedoms, or grounds for establishing, asserting or defending legal claims.
23.2 The User may exercise this right by sending an e-mail to email@example.com.
23.3 The objection to the processing of personal data may result in the Controller’s inability to fulfil its obligations, and this may, in fact, make it impossible for the Controller to act for the benefit of the User.
- The User has the right to unsubscribe from electronic newsletters, marketing, information and commercial mailings and other communications from PMR.
24.1. The User may opt out of all communications from PMR by sending an e-mail containing such a request to firstname.lastname@example.org
24.2 The User may also unsubscribe from his/her free subscription and e-mailings only by using the link provided in each e-mail or e-newsletter sent to the User by PMR, or by sending an e-mail with UNSUBSCRIBE in the subject to email@example.com.
- Right to lodge a complaint with a supervisory authority
25.1 The User has the right to lodge a complaint with the President of the Personal Data Protection Office if it is found that the processing of the User’s personal data by the Controller violates the provisions of the Regulation.
Limitation of liability
- PMR cannot not be held liable for any errors or omissions, or for the consequences of decisions made on the basis of information presented on the PMR Website, in products (including those on www.pmrmarketexperts.com), news, analyses and other materials. PMR guarantees that this information is based on the analyses and findings of research carried out by PMR or that it emanates from reliable data sources.
- The PMR Website contains links to other websites; PMR is not liable for the actions of the third parties who operate or own these websites. Detailed provisions pertaining to the disclaimer of PMR’s liability are contained in the available Legal Disclaimer pmrmarketexperts.com/legal-disclaimer
- Cookies are small text files stored on the User’s end device. Their usage includes the storage of session information, the customisation of the website and advertisements displayed on other sites, and the compilation of statistics; the PMR Website may not function properly if these files are disabled. When the User visits the PMR Website again, the files make it possible to recognise the device and to customise the PMR Website in accordance with the User’s individual preferences. Cookies also make it possible to prepare statistics on PMR Website page views.
- The Cookies mechanism on the PMR Website is not used to collect any information about, or to track, Users. Cookies do not store any of the Users’ personal data or any confidential information from the User’s device.
- Cookies on the PMR Website are used for the following purposes:
33.1 to customise content and advertising to match Users’ individual preferences;
33.2 to compile statistics and analyse visits to and views of the PMR Website;
33.3 to improve the functionality of the PMR Website.
- The following kinds of Cookies are used on the PMR Website:
34.1 Session Cookies – stored temporarily on the User’s device until the User stops using the PMR Website (after logout, the end of a browsing session and the switching off of the computer).
34.2 Persistent Cookies – stored in the memory of the User’s device until they are deleted or expire. The files are not automatically deleted when the User logs out, ends a browser session or switches off the computer.
Google and other Cookie providers
- Other providers, including Google, show the Controller’s advertisements on websites.
- It is possible to opt out of Google Cookies by referring to the instructions on the Google Advertising site: www.google.com/settings/ads. It is also possible to opt out of other Cookie providers by following the instructions on the Network Advertising Initiative site: networkadvertising.org/choices/.
Links to other sites. External web services
- The Website may contain links to other sites.
- With regard to the Controller’s cooperation with external services – such as Google, Facebook, Twitter, LinkedIn and companies providing analytical or advertising services – external Cookies from these sites may be placed on the User’s device. Any further information is available on the websites of those services.