Loading...
personal data security GDPR

Disclosure obligation to customers concerning personal data security 

Controller:

ITD Collection s.c. with its registered office in Łódź, Morgowa Street 21 (91-231 Łódź).

Contact details of the data protection officer: 

dpo@itdcollection.com 

Personal data are processed based on the  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR) and for a purpose of:

a) conclusion and execution of a contract or order in an internet-shop – in accordance with art. 6.b of GDPR,

b) or compliance with a legal obligation to which the Controller is subject, resulting from tax law – in accordance with art. 6.c. of GDPR.

Your data are processed by the Controller in connection with the legitimate interest, pursued by the Controller, which consists in:

providing marketing information by electronic means or by telephone – in accordance with art. 6.f. of GDPR.

In case of personal data of third parties the Controller collects categories of personal data, which are adequate to the order, in particular:  

a) In case of an invitation the name and surname, date and place of event,

b) In case of an order of diploma information regarding the attended training or obtained education.

The recipients of the personal data are:

a) Poczta Polska [=Polish Post],

b) courier companies,

c) in case of orders from outside the EU the personal data will be processed by courier companies ensuring the execution of an order, in particular in the order receiving country.

The data storage period is:

a) in case of a registered online- customer the data will be processed until the customer deregisters.

b) In case of a placed order the personal data will be processed for tax purposes for a period of 5 years from the end of the year in which the last invoice has been issued.

The provision of your personal data is:

voluntarily, however necessary for the execution of the contract. When issuing an invoice the data is processed based on legal requirements.  

In case of providing personal data of third parties:

I hereby declare to have the relevant legal basis to transfer personal data of third parties and I undertake to provide the information contained in this form to this parties.

Not providing of data will have the following consequences:

the execution of a contract/ order, issuing of an invoice will not be possible.

Consent to the processing of personal data:

will be collected solely while processing data regarding the information on religious events and data given for the purpose of executing an order.

The existence of automated decision-making, including profiling

The processing of your data by the Controller will not be carried out by automated means. In case of profiling the marketing offer will be adapted to your needs.

Furthermore we provide you with the information about the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability and the right to lodge a complaint with a supervisory authority.


.

.

We are GDPR compliant

.

.