GDPR information - registration for training

DATA PROTECTION INFORMATION

1. The data controller of your personal data is Brillance sp. z o. o. with its registered office in Krakow, ul. Królowej Jadwigi 167B, 30-212 Krakow (Poland), registered in the National Court Register maintained by the District Court for Krakow-Śródmieście in Krakow, Commercial Division XI of the National Court Register under KRS number: 0000193560, Tax ID: 6772225251, Statistical ID: 356802784, share capital of PLN 50,000.00, email: privacy@brillance.pl (hereinafter referred to as the "Controller").

 

2. The Controller processes your personal data for the purpose of preparing and executing a training agreement concluded with you through our website www.brillance.pl. The processed personal data include: your name or company name (for entrepreneurs), correspondence address or registered office address (for entrepreneurs), email address, contact phone number, NIP (for entrepreneurs), bank account number. Providing your personal data is entirely voluntary and is not based on the provisions of applicable law, however, it is a necessary condition for preparing and executing a training agreement.

 

3. The legal basis for the processing your personal data is Article 6(1)(b), (c), and (f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as "GDPR"), i.e.: (a) the necessity of processing your personal data for preparing and executing a training agreement; (b) the necessity of processing your personal data for fulfilling legal obligations related to accounting and tax settlements; (c) the necessity of processing your personal data for the legitimate interests pursued by the Controller, such as the necessity of defense or pursuit of claims arising from the concluded training agreement.

 

4. The processing period of your personal data is as follows:

  1. until the complete execution of the training agreement, and after this period - until the expiration of the limitation periods for claims arising from the concluded agreement (applies to processing personal data based on Article 6(1)(b) and (f) of the GDPR);
  2. until the complete fulfillment of legal obligations imposed on the Controller, and after this period - until the expiration of the limitation periods for tax obligations specified in separate provisions of law (applies to processing personal data based on Article 6(1)(c) of the GDPR).

 

In case of additional questions regarding the processing periods of your personal data, please contact us at the email address indicated in Section 1.

 

5. Recipients of your personal data may include:

  1. entities authorized to process personal data by law (e.g., public authorities in situations described in relevant legal regulations);
  2. entities processing personal data on behalf of the Controller based on authorization or a contract concluded with that entity for the purpose of entrusting the processing of personal data (e.g., IT service providers, entities providing accounting and legal services).

 

For detailed identification and contact information of the entities mentioned in Subsection b), please contact us at the email address provided in Section 1. The Controller represents that all entities entrusted with your personal data guarantee the application of appropriate measures to protect such data in accordance with applicable law.

 

6. In connection with the processing of your personal data, you have the right to:

 

  1. access your personal data, i.e., obtain information from the Controller about the types of personal data, the purpose of processing, the legal basis, and the processing period; this right also includes your right to receive a copy of your personal data;
  2. rectify or update your personal data, i.e., request correction of your personal data if they contain errors or have changed;
  3. erase your personal data, also known as the "right to be forgotten"; this applies to situations where personal data processed by the Controller are incomplete, outdated, inaccurate, or have been collected in violation of law or are no longer necessary for the purpose for which they were originally collected; this right may be limited in cases specified by the GDPR;
  4. restrict the processing of your personal data if you dispute the accuracy of the collected personal data, the processing is unlawful, or if, in your opinion, the collected personal data are no longer needed;
  5. object to the processing of your personal data, subject to the rules and limitations set out in the GDPR, you have the right to object to the processing of your personal data;
  6. data portability, in a commonly used electronic format, subject to the rules and limitations set out in the GDPR;

 

7. If you wish to exercise any of the above-described rights, please contact the Controller at the email address indicated in Section 1.

 

8. You also have the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Office for Personal Data Protection (address: ul. Stawki 2, 00-193 Warsaw), if you believe that the processing of your personal data by the Controller violates your rights. More information on how to lodge a complaint can be found on the supervisory authority's website: https://uodo.gov.pl.

 

9. Please be informed that your personal data will not be transferred to a third country outside the European Union or to an international organization within the meaning of the GDPR provisions. Your personal data will also not be used for automated decision-making, including profiling.

 

10. More information about the processing of your personal data by the Controller can be found in the Privacy Policy available on the website: www.brillance.pl.