This document defines the established rules for the processing and protection of personal data of users of the website available at: www.leaware.com.
I. Personal Data Protection Policy
1. Personal Data Controller
Lea Sp. z o.o. with the registered office at 167 Włocławska Street in Toruń (87-100), entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the city of Toruń, KRS (National Court Register) entry number: 0000835659, NIP: 9522205303, REGON: 385846997, is the sole personal data controller and operator of the www.leaware.com.
2. Personal data Protection Inspector
Contact info: Personal Data Protection Inspector may be reached via the following e-mail address: firstname.lastname@example.org .
3. The scope of data collection and data recipients
All personal data is collected and stored on the leaware.com website in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, the General Data Protection Regulation (RODO - hereinafter referred to as GDPR) and the Act of 18 July 2002 on the provision of electronic services. We collect and process personal data of the Users only to the extent that is necessary to ensure the functioning of the website, including the content and services, for example, when the User wants to: use the service on the portal, to be contacted/reached, send his application to a workplace, send their CV, take advantage of the Newsletter service.
Only official employees of the Controlling entity (employed on the basis of a contract of employment or a different civil law contract) and - to an extent necessary for the purposes of data processing – other trusted entities cooperating with the Controller, operate as personal data recipients.
The following information indicate what data is obtained, for what purpose, and who is given access to it.
3.1. General information
The www.leaware.com website performs its data - collecting functionality i.e. obtains information on its Users and their behaviour in the following way:
through information voluntarily submitted by the Users in user – filled forms.
through files (so-called "cookies") saved in data terminal devices.
The data collected is protected against unauthorized access by third parties and the Controller does not give access to the collected User personal data to third parties without a legal basis. All the data are made available to third parties only within legally permitted cases. The Controller reserves the right to disclose certain personal data to competent authorities or to third parties which officially submit a request for such access based on a relevant legal basis, in accordance with applicable law.
3.2. Purpose and legal basis for data processing.
1. We collect, process and make use of collected personal data for the following purposes:
1) customer service and support, including contacting the clients in relation to any information, inquiries, and orders sent by them,
2) recruitment process based on a voluntary submission of an application and attached documents - CV/cover letter,
3) efficient maintenance and functioning of the website, implementation of safety measures and safe - use regulations, preparation of reports and collecting traffic statistics on the website's sub sites,
4) publication of appropriate content,
5) preparation and presentation of customized, relevant offers, advertisements and commercial information, sending a newsletter to an e-mail address provided by the client.
2. The legal basis for the processing of personal data of the Users is:
1) voluntary consent to the processing by the subject whose personal data is to be processed,
2) legitimate interests pursued by the Operator or by third parties, in accordance with relevant legal regulations,
3) indispensable execution of orders placed by the Users via the website, and conducting preparatory activities or actions requested by the Users prior to placing an order/entering into an agreement.
3. The Controller processes personal data of the Users on the basis of:
- article 6 paragraph 1 point a) GDRP - the data subject who has given consent to the processing of his or her personal data for one or more specific purposes – particularly in order to establish or maintain contact with the data subject, and share or deliver (also via e-mail) commercial and other information,
- article 6 paragraph 1 point b) GDRP - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to making an order or entering into a contract – particularly in order to exercise all rights and obligations under contracts and agreements concluded by the controller,
-article 6 paragraph 1 point c) GDRP - processing is necessary for compliance with a legal obligation to which the controller is subject - particularly in order to exercise the rights and obligations resulting from the applicable provisions of law, especially in the field of tax law, labour law and social insurance policies;
- article 6 paragraph 1 point f) GDRP - processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party - for example in order to pursue viable claims.
4. Any personal data/information the Users provide when using the site is voluntary, but necessary to meet one or more purposes of personal data processing, which the Controller will not be able to perform if the information is not provided.
3.3. Information shared by the Users via available forms
The Website collects information provided voluntarily by the User via the forms available on the website, in particular: the name, surname, e-mail address, as well as other data provided by the User.
The website may also save information about the connection parameters, i.e. the time stamp, and the IP address.
The website operator is obliged to comply with the obligations arising from the Act of 10 May 2018 on the protection of personal data and the GDPR.
The data provided by the User via available forms is processed for the purpose resulting from the function of a specific form, e.g. for commercial contact, presentation of an offer or commercial information, handling inquiries related to recruitment, and contacting the data subject as part of the recruitment process.
In order for our company to be able to send out newsletters, advertisements and offers, we ask our Users to provide an e-mail address in the subscription form.
4. Data Processing - Period
Personal data is stored:
1) in the case of data processed on the basis of article 6 paragraph 1 point a) GDPR - until the processing purposes indicated in the submitted consent have been completed,
2) in the case of data processed on the basis of article 6 paragraph 1 point b) GDPR DIRECTORY - until the fulfilment of all obligations related to the performance of the contract have been completed by the involved parties, and then until the expiration or limitation of any claims related to the contract,
3) in the case of data processed on the basis of article 6 paragraph 1 point c) GDPR - until the fulfilment of all legal obligations of the controller, in particular the obligation of keeping records and documentation,
4) in the case of data processed on the basis of article 6 paragraph 1 point f) GDPR - until the processing purposes are met, in particular the settlement, expiration or limitation of the claim.
5) in other cases - as long as there is a legal basis for their processing, unless a longer period of keeping the data is required by the applicable law.
5. User Rights
1. Every User has the right to:
1) access their personal data, and in cases specified in the GDPR provisions also to rectify, delete or limit/restrict the processing – please, send an e-mail with your request to: email@example.com,
2) object to the processing of their personal data, withdraw consent to the processing of their personal data, and to transfer their personal data - please send an e-mail with your request to: firstname.lastname@example.org.
2. The data subject has the right to lodge a complaint with the legally appointed supervisory body for personal data protection if the processing of their personal data violates the provisions of the GDPR.
3. In the case of personal data processed on the basis of article 6 paragraph 1 point a) GDPR, the data subject has the right to withdraw their consent to the processing of the data in question at any time, but it has no influence on the validity of the processing carried out on the basis of the consent prior to its withdrawal. Withdrawal of consent may be conducted via e-mail. Please send a request for withdrawal of consent to: email@example.com
4. In the case of personal data processed on the basis of article 6 paragraph 1 point a) GDPR, providing personal data is not a statutory or contractual requirement and is voluntary; if the data is not provided however, the performance of the processing purposes may be hindered or prevented altogether, and result in the lack of communication channel with the controller or failure to deliver essential commercial information or any other information to the User. In other cases, providing personal data may be a statutory or contractual requirement if it is included in the provisions of legal regulations or a contract.
Cookies are not linked to any personal data.
The files (so-called "cookies") constitute IT data, in particular text files, which are stored in the end device of the User and are intended for supporting the use of websites. Cookies usually contain the name of the website which they originate from, data on their storage period in the end device, and a unique number.
Upon accessing the service by the User, information on the number (including IP) and the type of the User's end device they appear in the system logs. In accordance with the law, the Controller processes the data on the number and type of the User's end device, the length of maintained connection, and other operational data regarding the User's activity on the website, which are further processed for technical purposes in order to adapt the website to the needs of its Users and collect statistical information on the website’s functionality.
The entity sending the files (cookies) to the User's end device and sustaining access to them is the website operator.
Cookies are used for the following purposes:
1) analysis and statistics generation - in order to track and understand the way the users navigate the site and which functionalities they use;
2) matching the profile of the User with customized, tailored materials in advertising networks, e.g. Google,
3) ensuring the safety and reliability of the service.
Software for browsing websites (a web browser) usually allows cookies to be stored in the User's device by default. Website users can change those settings and the web browser allows the User to delete the cookies. It is also possible to block cookies automatically. Detailed information on the subject may be found in the help tab or web browser documentation.
Cookies in the User's end device may also be used by advertisers and partners cooperating with the website operator.
Cookies may be used by advertising networks, Google in particular, to display ads tailored to the user and their browsing habits.
In order to disable cookies, you must change your web browser settings. Disabling cookies necessary for authentication processes, security, maintaining user preferences might make it difficult to use the website and affect some of its functionalities.
III. Final provisions
All events affecting the security of data transmission on the site should be reported to: firstname.lastname@example.org.