General information

  • This Privacy Policy is applicable to personal data of users of the website (hereinafter the “Users”) operating at the address www.arteria.pl (hereinafter the “Website”) and other categories of persons indicated in this Privacy Policy.
  • The controller of personal data of Website Users is the Service Provider, i.e. Arteria S.A. with its registered office in Warsaw, postal code 00-193, at ul. Stawki 2A, listed in the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw, 12th Commercial Division of the National Court Register, under KRS No. 0000226167 (hereinafter also the “Company”).
  • Personal data of Website Users are processed by the Service Provider for the purpose of operating the Website, including without limitation for:
  1. ensuring smooth operation of the Website;
  2. explaining the circumstances of non-allowed use of the Website;
  3. creating internal reports and analyzes (including statistical data on viewing Website pages);
  4. enhancing the quality of the Website, and
  5. if applicable, sending by the Service Provider, in an electronic form, of electronic newsletter ordered by the User to the indicated e-mail address.
  • Contact details of the Data Protection Officer, of if he/she has not been appointed, of the Data Protection at the Company: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • The above person should be contacted in each case relating to the protection of personal data processed by the Service Provider.

Fulfillment of data subjects’ rights.

  • Every individual (hereinafter the “Applicant”) has the right to request the Service Provider to: (A) confirm that the Service Provider processes his/her personal data, and to fulfill the right of access to his/her personal data; (B) request rectification of personal data; (C) request erasure of personal data or restriction of their processing; (D) request data portability, consisting in the right to receive the above data and send them to another controller or to request, if technically feasible, that such data be sent directly to another controller (to the extent that data are processed by automated means and for the purpose of performance of a contract or pursuant to consent given); (E) object to the processing of personal data (to the extent that data are processed in the Company’s legitimate interest).
  • The above requests will be made by the Applicant with due regard of the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation — hereinafter “GDPR”). It means that in some cases enumerated in GDPR the data subject will not have the above rights.
  • The request should be submitted in writing to the address: ul. Stawki 2A, 00-193 Warsaw or by e-mail to the address: This email address is being protected from spambots. You need JavaScript enabled to view it. ">This email address is being protected from spambots. You need JavaScript enabled to view it.. In the event that no personal data of the Applicant are processed by the Service Provider (apart from the fact of processing the above data for the purpose of the request itself), the request will not be admitted and the Applicant’s data will be promptly erased.
  • Promptly after having received the request, the Service Provider notifies this fact to the Applicant and records the information about the request in the register kept.
  • The Service Provider reserves the right to verify the Applicant’s identity. Failure to effectively verify the Applicant’s identity because of reasons for which the Applicant is liable means failure to admit the request by the Service Provider, of which the Applicant will be promptly notified.
  • The request shall be handled in the Service Provider’s respective unit designated for that purpose without undue delay, but within 10 days at the latest, counting from the day on which the request was received by the Service Provider. The manner of handling the submitted request is consulted with the Data Protection Officer appointed by the Service Provider or, if no such person has been appointed, with the Data Protection Coordinator in the Service Provider’s organization.
  • The Service Provider shall provide an answer to the Applicant’s request within three (3) weeks of its receipt. In objectively complicated cases (i.e. requiring a lot of work on the part of the Company), the above time limit shall be extended to two (2) months, of which the Applicant shall be promptly notified. At the same time, the Service Provider shall take all efforts so that the time limit is not extended.
  • As part of fulfillment of the right of access to data, data are indicated to the Applicant to the extent requested in the request. The scope of information covers:
  • the purpose of processing,
  • the categories of personal data subject to processing,
  • the recipients or categories of recipients to whom personal data have been or will be disclosed, including without limitation recipients in third countries or international organizations,
  • the planned period of personal data storage, and if not possible, how such period is calculated,
  • if personal data were not collected from the data subject – any available information about their source,
  • the automated decision-making, including profiling, and material information about the principles for decision-making, as well as the significance and anticipated consequences of such processing for the data subject.
  • the right to request from the Company rectification, erasure of personal data and restriction of their processing, and to object to such processing (if such right is available),
  • the right to lodge a complaint with a supervisory authority.
  • In the event of fulfilling the right of access to data and the right to data portability, the answer provided to the Applicant shall be enclosed with a copy of his/her personal data in a commonly used and available machine-readable formats.
  • Any and all complaints connected with the performance of this procedure should be lodged with the Service Provider’s Data Protection Officer (DPO) or Data Protection Coordinator (if DPO has not been appointed by the Company), to the following address: This email address is being protected from spambots. You need JavaScript enabled to view it.. The complaint will be handled without delay but within 7 days of its delivery at the latest, of which the Applicant will be promptly notified. The Applicant will also be notified about the fact that the complaint has been received. Information about the complaint is recorded in the register kept by the Company’s DPO/Data Protection Coordinator.

Other provisions

  • If the Service Provider asks for consent for sending commercial information by electronic means (e.g. via e-mail, text message or bluetooth), the person who gave such consent has the right to withdraw consent by sending an e-mail to the address stated in section 1.4. above, writing “resignation” in the subject field. The above also applies to any other consent obtained by the Service Provider via the Website.
  • The Service Provider represents that it will take efforts to ensure that the Users have a high level of security when using the Website. Any incidents affecting the security of information transfer should be reported to the address stated in section 1.4. above.
  • The Service Provider reserves the right to disclose selected information relating to the User to competent authorities or third parties which request the disclosure of such data under relevant legal provisions and in accordance with applicable law.
  • Apart from cases indicated in section 1.18. above, information relating to the User will not be disclosed to any third party or authority without data subject’s consent.

Cookies and system logs

 

  • The Service Provider informs that upon the User’s connection with the Website, information about the number (including IP) and type of the User’s terminal equipment from which connection is made appears in the Website’s system logs. The Service Provider informs that it will also process, in accordance with applicable law, data relating to the number (including IP) and type of the User’s terminal equipment, as well as the time of connection of the above persons with the Website and other operating data relating to the User’s activity. Such data are processed especially for technical purposes and in order to collect general statistical information.
  • The Service Provider uses cookies (i.e. small text files sent to the User’s equipment, identifying it as necessary to simplify or cancel a given operation) in order to collect information connected with use of the Website by the User. Cookies make it possible to: maintain the User’s session; adjust the Website to the User’s needs; create statistical data on viewing the Website pages.
  • The User may change cookie settings at any time. To that end, browser settings for cookies should be changed. Such settings may be changed in particular so that automated support of cookies in the browser settings is blocked or information about every placement of cookies on the User’s device is displayed. Detailed information about the possibility and manner of cookies support is available in the software’s (browser’s) settings.
  • Some pages of the Website and other means of communication with the Users may contain so called “web beacons” (so called electronic images, also called clear gifs). Web beacons make it possible to obtain information such as IP address of the computer to which a page with web beacon was loaded, page URL, page loading time, browser type as well as information contained in cookies, in order to evaluate the effectiveness of our advertising.

Hosting

 

  • The Service Provider entrusts, pursuant to a contract in writing, the processing of all personal data provided by the User and other data referred to in this Policy to Trimtab Arteria Management Sp. z o.o. Sp.k., for the purpose of proper performance by the above company of the activities connected with hosting, administration, maintenance and management of the Website.
  • Date when the Privacy Policy was last updated: June 8, 2018

INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA

Personal data controller

The controller of your personal data is Arteria S.A. with its registered office in Warsaw, postal code 00-193, at ul. Stawki 2A, listed in the Register of Entrepreneurs kept by the District Court for the Capital City of Warsaw, 12th Commercial Division of the National Court Register, under KRS No. 0000226167 (hereinafter the “Company”).

Contact Person in matters related to personal data processing

In matters related to personal data processing, please send an e-mail to: This email address is being protected from spambots. You need JavaScript enabled to view it. ">This email address is being protected from spambots. You need JavaScript enabled to view it..

Purpose of data processing

Legal basis of data processing

If you are a Website User, your personal data will be processed on the basis of the Company’s legitimate interest, i.e. for the purposes stated in section 1.3. of the Company’s Privacy Policy http:/arteria.pl/grupa-kapitalowa/polityka-prywatnosci-2 or pursuant to the consent to receive commercial information if the Company received such consent from you.

Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter “GDPR”, in the case of the Company’s legitimate interest.

Article 6(1)(a) of GDPR if you gave the Company consent to send you commercial information.

If you are a natural person carrying out business as a sole trader, intending to enter into contract with the Company, your personal data will be processed in order to (A) take steps prior to entering into contract with you, (B) perform the contract, if it has been entered into, and claim amounts due, if any, and (C) comply with the obligations stipulated by tax and accounting provisions.

Article 6(1)(b) of GDPR

Article 6(1)(c) of GDPR

Article 6(1)(f) of GDPR

If you are a representative of the Company’s contractor, designated for contact with the Company, your personal data will be processed for the purposes arising from legitimate interests pursued by the Company, to ensure contact with the contractor and to verify whether the person contacting the Company is authorized to act on behalf of the contractor, and in order to (A) perform the contract between the Company and the entity represented by you, and (B) comply with the obligations stipulated by tax and accounting provisions.

Article 6(1)(c) of GDPR

Article 6(1)(f) of GDPR

If the contract form is used by individuals who are not the Company’s contractors or their representatives, your personal data will be processed for purposes arising from the legitimate interests pursued by the Company, i.e. to answer the inquiry sent via the contact form and to ensure contact with you.

Article 6(1)(f) of GDPR

To whom will personal data be transferred?

The recipients of your personal data may be entities cooperating with the Company in the scope of services delivered to the Company (e.g. subcontractors) and supporting the Company’s current business processes.

How long will my personal data be stored?

If you are a Website User, your personal data will be stored for a period which is necessary in order to achieve the purposes stated in section 1.3. of the Company’s Privacy Policy.

If you are a natural person carrying out business as a sole trader, intending to enter into contract with the Company, your personal data will be stored for the term of the contract entered into between you and the Company (if such contract was actually concluded), and after such term until all claims, if any, are barred by limitation.

Furthermore, your personal data will be stored for a period required by tax and accounting provisions.

If you are a contractor’s representative, your personal data will be stored for the term of the contract entered into between the entity represented by you and the Company, and after such term until all claims, if any, are barred by limitation.

Furthermore, your personal data will be stored for a period required by tax and accounting provisions.

Your personal data obtained by the Controller in connection with the use of the contact form will be processed for the time necessary to answer the inquiry sent via the form.

What are your rights in connection with personal data processing?

If you are a Website User, you have the right to:

§  access your personal data,

§  request rectification of personal data,

§  request erasure of personal data,

§  restrict the processing of personal data,

§  data portability, consisting in the right to receive the above data and send them to another controller or to request, if technically feasible, that such data be sent directly to another controller (to the extent that data are processed by automated means and for the purpose of performance of a contract or pursuant to consent given).

§  lodge a complaint with a supervisory authority for personal data protection,

§  object to the processing of personal data (to the extent that data are processed in the Company’s legitimate interest).

If you are a natural person carrying out business as a sole trader, you have the right to:

§  access your personal data,

§  request rectification of personal data,

§  request erasure of personal data,

§  restrict the processing of personal data,

§  data portability, consisting in the right to receive the above data and send them to another controller or to request, if technically feasible, that such data be sent directly to another controller (to the extent that data are processed by automated means and for the purpose of performance of a contract or pursuant to consent given).

§  lodge a complaint with a supervisory authority for personal data protection,

§  object to the processing of personal data (to the extent that data are processed in the Company’s legitimate interest).

If you are a representative of a contractor, you have the right to:

§  access your personal data,

§  request rectification of personal data,

§  request erasure of personal data,

§  restrict the processing of personal data,

§  object to the processing of personal data (to the extent that data are processed in the Company’s legitimate interest),

§  lodge a complaint with a supervisory authority for personal data protection.

If you are using the contact form, you have the right to:

§  access your personal data,

§  request rectification of personal data,

§  request erasure of personal data,

§  restrict the processing of personal data,

§  lodge a complaint with a supervisory authority for personal data protection,

§  object to data processing:

Is the provision of personal data obligatory?

Data about Website Users are provided voluntarily. The provision of data is necessary to use the Website.

If you are a natural person carrying out business as a sole trader, the provision of personal data is voluntary but necessary for entering into contract with the Company.

If you are a representative of a contractor, the provision of personal data is voluntary but necessary to ensure contact with the Company.

Providing data in the contact form is voluntary but necessary to send an inquiry and receive a response from the Company.

Corrected on: September 19, 2019