General information
The Privacy Policy informs about the purposes, basis and methods of processing personal data of Users of the website www.imercon.pl (hereinafter: “Website”), provided, among others, in contact forms, during the recruitment process or through any correspondence with the Administrator.
The processing of personal data means all activities performed on personal data, in particular such as: collecting, recording, organizing, structuring, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, disseminating or otherwise making available, adapting or combining, restricting, deleting or destroying.
Personal data administrator
The administrator of your personal data is ImerCon spółka z ograniczoną odpowiedzialnością with its registered office in Swadzim (62-080) ul. Parkowa 4, entered into the register of entrepreneurs of the National Court Register under KRS number: 0000370939, kept by the District Court Poznań – Nowe Miasto and Wilda in Poznań, 8th Commercial Division of the National Court Register, with NIP: 7773189397, REGON: 301558551, e-mail address: office@imercon.pl (hereinafter referred to as: “Administrator”).
The Administrator pays particular attention to maintaining the privacy of Users visiting the Website, as well as persons with whom the Administrator conducts conversations or correspondence in any form (hereinafter: “Users”).
Personal data collected by the Administrator are processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (hereinafter: “GDPR”).
In all matters related to the protection of Users’ personal data, you can contact the Administrator by e-mail: office@imercon.pl or by traditional mail.
The Administrator processes personal data for specified, lawful purposes and stores this data no longer than necessary to achieve the purposes of processing, in a manner that ensures appropriate security.
Purposes and legal basis for data processing
Users’ personal data are processed by the Administrator solely for the purpose of:
1. answering all questions, notifications and complaints of Users and conducting related correspondence via e-mail or other forms of communication with the Administrator (Article 6(1)(b) of the GDPR if the communication is related to the performance of a contract to which the Administrator is a party the data subject or aims to take action at the request of the data subject before concluding the contract and Article 6(1)(f) of the GDPR in other cases of communication);
2. concluding and implementing concluded contracts with the Administrator, including performing activities aimed at concluding a contract, e.g. preparing an offer, implementing a payment transaction (Article 6(1)(b) of the GDPR);
3. fulfillment of the Administrator’s legal obligations towards the competent authorities, in particular the fulfillment of tax and accounting obligations (Article 6(1)(c) of the GDPR);
4. asserting rights or defending against claims of Users and third parties (Article 6(1)(f) of the GDPR),
5. sending marketing and commercial content via electronic messages, such as information about the Administrator’s products and services, as well as publishing marketing content on the Website based on the User’s voluntary consent (Article 6(1)(a) of the GDPR) or if the provisions the law allows it, based on the Administrator’s legitimate interest in promoting its own brand (Article 6(1)(f) of the GDPR),
6. maintaining ongoing contact with business partners, including Customers and persons responsible on the partner’s side for the performance of the contract with the Administrator. The Administrator processes the contact details of such persons for the purpose of ongoing communication with business partners and maintaining contacts with them in order to properly and effectively perform the contract (Article 6(1)(f) of the GDPR),
7. considering the candidacy and conducting the recruitment process in connection with the submitted application (if personal data are required by law, the legal basis for processing is Article 6(1)(c) of the GDPR, and in the case of additional data, the provision of which is voluntary, the basis legal basis for processing is the candidate’s consent expressed by sending the application documents by the candidate, Article 6(1)(a) of the GDPR),
8. considering the candidacy in future recruitment processes on the basis of a separate consent granted by the candidate (Article 6(1)(a) of the GDPR).
The Administrator may also process personal data of Users who have interacted with social profiles maintained on popular social networking sites by the Administrator. This data is processed to enable the running and ongoing management of the Administrator’s profiles, including communication with the community and organization of events on the terms specified by the functionalities of individual social media and their regulations. Data of users of a given community may also be processed for statistical and analytical purposes and may be processed to assert rights and defend against claims (Article 6(1)(f) of the GDPR). The above information does not apply to the processing of personal data by the administrators of these websites.
Scope of processed personal data
The administrator may process the following data:
1. name, surname, e-mail address, telephone number, name of the organization associated with the User and any other data that will be voluntarily provided when contacting the Administrator, including via electronic forms,
2. name, surname, e-mail address, telephone number, name of the organization associated with the User, professional experience, education, image, address and all additional data sent to the Administrator included in the CV and the form in the recruitment process,
3. name, surname, address, e-mail address, telephone number, bank account number, NIP number, REGON number, if the User is a current client, partner or collaborator of the Administrator.
The Administrator may also collect and process other personal data if they are necessary to achieve the purposes and have been provided by the User. If personal data were not collected from the data subject, they were obtained, e.g. from clients, contractors, partners or collaborators of the Administrator, as well as from publicly available registers and online platforms.
Providing data is voluntary, but may be necessary to achieve the purposes of processing, including concluding a contract with the Administrator, receiving answers to questions or taking part in the recruitment process. Failure to provide them may result in failure to conclude the contract, the inability to consider the User’s candidacy in the recruitment process and failure to obtain answers to submitted questions or complaints.
Users can also visit the Website anonymously.
Recipients of personal data
The recipients of Users’ personal data will be employees, collaborators and subcontractors of the Administrator, entities personally related to the Administrator, entities providing hosting of the Website, server and e-mail providers, external entities providing ICT support services, entities providing payment intermediation services, accounting office, auditors, state authorities. , entities providing courier and postal services, entities offering electronic communication tools and entities offering marketing and analytical tools.
Personal data processing period
The period of personal data processing depends on the purpose and legal basis of processing.
Users’ personal data will be processed:
1. for the duration of cooperation between the User and the Administrator, and after this period for the time necessary to fulfill the Administrator’s legal obligations, but no longer than until the date of limitation of claims,
2. until the consent is withdrawn or modified, if the processing is based on consent,
3. until the transaction is completed and during the limitation period for any claims arising from the transaction,
4. until the User’s query addressed to the Administrator has been comprehensively exhausted,
5. until the end of current communication or until an objection to processing is raised, but no longer than until the claims expire in accordance with applicable regulations,
6. until the legal obligation imposed on the Administrator is fulfilled, in particular until the inquiries of the relevant state authorities, including law enforcement and fiscal and tax authorities, have been exhausted,
7. throughout the recruitment process, but no longer than 3 months, and if a given candidate consents to the processing of data for future recruitment purposes, it will be stored until such consent is withdrawn, but no longer than 12 months.
Personal data may be processed no longer than the period required by applicable law or the period needed by the Administrator to protect against claims or pursue rights.
After the processing period ends, the data is irreversibly deleted or anonymized.
Rights of persons whose personal data are processed
The User has the following rights regarding his/her personal data processed by the Administrator:
1. The right to withdraw consent at any time if it constitutes the basis for processing. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
2. The right to access your data along with the right to access information about these data, including: processing purposes, categories of data processed, data recipients or processing periods.
3. The right to request rectification of personal data if the data is incorrect.
4. The right to request the deletion of personal data whose processing is no longer necessary to achieve any of the purposes for which they were collected.
5. The right to request restriction of the processing of personal data.
6. The right to transfer personal data.
7. The right to object to the processing of your personal data which is based on the legitimate interest of the Administrator – Art. 6 section 1 letter f) GDPR.
8. The right to lodge a complaint with the competent supervisory authority. In Poland, the supervisory authority is the President of the Personal Data Protection Office.
Transfer of data to a third country or international organization
The Administrator does not envisage transferring the User’s personal data to a third country (outside the European Economic Area) or to an international organization, and if such a transfer takes place in the future, it will be in accordance with the GDPR and the provisions of this Privacy Policy.
Automated decision-making, profiling
Users’ personal data will not be processed in an automated manner or profiled.
Changes to the Privacy Policy
The Administrator may make changes to the Privacy Policy, provided that the changes will be made with the utmost care to maintain the security of the processed personal data, in particular by using technical and organizational security measures adequate to the identified data security threats. The User should read the amended Privacy Policy.
The current Privacy Policy is valid from February 10, 2024.
The website may contain links to other websites. The Administrator encourages Users to read the privacy policy established there after going to other websites. This privacy policy applies only to the Website.