GDPR information - contact form

DATA PROTECTION INFORMATION

1. The data controller of your personal data is Brillance sp. z o. o. with its registered office in Krakow, ul. Królowej Jadwigi 167B, 30-212 Krakow (Poland), registered in the National Court Register maintained by the District Court for Krakow-Śródmieście in Krakow, Commercial Division XI of the National Court Register under KRS number: 0000193560, Tax ID: 6772225251, Statistical ID: 356802784, share capital: PLN 50,000.00, email: privacy@brillance.pl (hereinafter referred to as the "Controller").

 

2. The Controller processes your personal data for the purpose of establishing contact with you and providing you with answers to questions contained in the contact form available on the website: www.brillance.pl. The Controller obtained the processed personal data directly from you. The processed personal data include your name, email address, and phone number. Providing your personal data is entirely voluntary and is not based on the provisions of applicable law or contractual provisions; however, it is necessary to establish contact with you and to provide answers to questions contained in the contact form.

 

3. The legal basis for processing your personal data is Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "GDPR"), i.e. the Controller's legitimate interest in ensuring proper customer service for individuals contacting the Controller through the website.

 

4. Your personal data will be processed by the Controller for no longer than necessary to provide you with answers to questions contained in the contact form, and after this period, they will be processed until the expiration of any claims arising therefrom. In case of additional questions regarding the processing periods of your personal data, please contact us at the email address indicated in Section 1.

 

5. Recipients of your personal data may include:

  1. entities authorized to process personal data by law (e.g., public authorities in situations described in relevant legal regulations);
  2. entities processing personal data on behalf of the Controller based on authorization or a contract concluded with that entity for the purpose of entrusting the processing of personal data (e.g., IT service providers, entities providing accounting and legal services).

 

For detailed identification and contact information of the entities mentioned in Subsection b), please contact us at the email address provided in Section 1. The Controller also represents that all entities to which your personal data will be entrusted guarantee the application of appropriate measures to protect such data in accordance with applicable law.

 

6. In connection with the processing of personal data, you have the right to:

 

  1. access your personal data, including information about the types of data processed, the purpose and legal basis of processing, and the processing period;
  2. rectify or update your personal data, i.e., request correction or supplementation of your personal data if they contain errors or have changed;
  3. erase your personal data, also known as the "right to be forgotten"; this applies to situations where personal data processed by the Controller are incomplete, outdated, inaccurate, or have been collected in violation of legal provisions or are no longer necessary for the purpose for which they were originally collected; this right may be limited in cases and under conditions specified in the GDPR;
  4. restrict the processing of your personal data, if you dispute the accuracy of the collected personal data, processing is unlawful, or if, in your opinion, the collected personal data are no longer needed;
  5. object to the processing of your personal data, subject to the rules and limitations set out in the GDPR, you have the right to object to the processing of your personal data;
  6. data portability, in a commonly used electronic format, subject to the rules and limitations set out in the GDPR;

 

7. If you wish to exercise any of the above-described rights, please contact the Controller at the email address indicated in Section 1.

 

8. You also have the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Office for Personal Data Protection (address: ul. Stawki 2, 00-193 Warsaw), if you believe that the processing of your personal data by the Controller violates your rights. More information on how to lodge a complaint can be found on the supervisory authority's website: https://uodo.gov.pl.

 

9. The Controller hereby informs that your personal data will not be transferred to a third country outside the European Union or to an international organization within the meaning of the GDPR. Your personal data will also not be used for automated decision-making, including profiling.

 

10. More information about the processing of your personal data by the Controller can be found in the Privacy Policy available on the website: www.brillance.pl.