Privacy policy

1.

General Provisions

This Privacy Policy describes the protection of personal data in connection with the processing of data by SAMITO pursuant to Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”).

2.

Personal Data

  1. The Controller of your personal data is SAMITO Sp. z o.o. with its registered office in Warsaw (03-976), at ul. Rzymska 9 (hereinafter referred to as “SAMITO”).
  2. SAMITO may process personal data:
    • for the purposes of recruitment based on the activities necessary to enter into and perform a contract (point (b) of Article 6(1) of the GDPR); comply with legal obligations (point (c) of Article 6(1) of the GDPR), and based on the consent of a candidate (point (a) of Article 6(1) of the GDPR);
    • in order to send marketing communications based on consent (point (a) of Article 6(1) of the GDPR);
    • for the purposes of contact and in order to present an offer based on the legitimate interests of SAMITO (point (f) of Article 6(1) of the GDPR);
    • for the purposes of contact with journalists and media people in connection with establishing and building relationships with the media;
    • in order to enter into and perform contracts based on the legitimate interests of SAMITO (point (f) of Article 6(1) of the GDPR), or based on the activities necessary to enter into and perform a contract (point (b) of Article 6(1) of the GDPR);
    • for the purposes of web analytics based on the legitimate interests of SAMITO (point (f) of Article 6(1) of the GDPR), manifesting itself in the optimisation and improvement of the quality of website experience, as well as for remarketing purposes based on consent (point (a) of Article 6(1) of the GDPR), in particular according to the terms and conditions of the Cookie Policy;
    • in order to manage a fanpage on Facebook.com, including in order to create statistical data, manage promotional activities, and respond to messages sent to us based on the legitimate interests of the Data Controller (point (f) of Article 6(1) of the GDPR).

3.

The Processing of Personal Data for Recruitment Purposes

  1. In the case of recruitment for a position for which employment under a contract of employment is planned, personal data will be processed to the extent specified in the provisions of labour law in order to carry out the current recruitment procedure (point (c) of Article 6(1) of the GDPR in connection with Article 22 of the Labour Code and §1 of the Regulation of the Minister of Labour and Social Policy of 28 May 1996 regarding the scope of documentation kept by employers on matters concerning employment relationships and the manner of keeping personnel files of employees), whereas other data, including data for contact purposes, will be processed based on consent (point (a) of Article 6(1) of the GDPR), on the proviso that we will consider sending application documents to us to be a clear affirmative action for the consent.
  2. In the case of recruitment for a position for which employment under civil law contracts or business cooperation (B2B) is planned, personal data will be processed based on taking the necessary steps prior to entering into a contract that are performed at a candidate’s own initiative (point (b) of Article 6(1) of the GDPR).
  3. If you agree to participate in future recruitment processes, your data will be processed based on consent (point (a) of Article 6(1) of the GDPR). If you consent to the processing of your data, you have the right to withdraw your consent, which shall not affect the lawfulness of processing based on consent before its withdrawal.
  4. Your personal data may be provided to us by pracuj.pl, recruitment agencies or a person who has recommended you as a job candidate. Nevertheless, the transfer of such data always takes place based on your explicit request (job application, submission of a CV, or express consent).
  5. Your data will be processed for the period necessary to enter into a contract, including in order to conduct the recruitment process. If you agree to participate in future recruitment processes, your data will be processed for not longer than one year after the application submission date.

4.

The Processing of Personal Data for the Purposes of Contact

  1. Providing data for contact purposes and in order to receive a response to an inquiry, including in order to have an offer presented is voluntary, but failure to do so will prevent us from sending a response to your inquiry.
  2. Apart from the data that you provide to us for contact purposes on your own, we can also obtain your other data, including your first name, surname, telephone number and e-mail address so that we could contact you.
  3. Sources from which the personal data referred to above may come include websites of your employers or companies, social networks, including LinkedIn and Goldenline, as well as our business partners.
  4. The data provided for this purpose will not be made available to other entities.
  5. The data provided for this purpose will be processed for one year after the inquiry date.

5.

The Processing of Personal Data for the Purposes of Contact Related to Establishment and Building Relationships with the Media

  1. We will process personal data for contact purposes, including in order to provide information about significant events at SAMITO based on the legitimate interests of SAMITO, manifesting itself in establishing and building relationships with the media.
  2. Apart from the data that you provide to us for contact purposes on your own in connection with establishing and building relationships with the media, we can also obtain your other data, including your first name, surname, place of employment, telephone number and e-mail address so that we could contact you.
  3. Sources from which the personal data referred to above may come include websites of your employers, editorial offices of newspapers, your portals and blogs, and social networks, including LinkedIn and Goldenline.
  4. The data provided for this purpose will not be made available to other entities. They may be disclosed to other entities that support our Company, such as companies that provide services of the editorial office system.
  5. The data provided for this purpose will be processed throughout the period when the press relationship is maintained.

6.

The processing of Personal Data for Sending Marketing Communications

  1. In the case of consent for marketing purposes, marketing information, including the SAMITO newsletter, will be sent to your e-mail address.
  2. The newsletter may contain commercial communications, as well as information on the latest products, services and news of SAMITO.
  3. Providing personal data for the purpose of sending marketing content to your e-mail address is voluntary, but failure to do so will render sending such marketing content impossible.
  4. The data provided will not be made available to other entities.
  5. The data transferred for the purpose of sending marketing content will be processed until the consent to the processing of personal data for marketing purposes is withdrawn, but for no longer than it is necessary to achieve the purpose for which the data were collected.
  6. Data subjects may at any time opt out of receiving further commercial communications via e-mail by clicking the opt-out link (“I don’t want to receive messages”) that can be found in the footer of each e-mail, or by sending relevant information to the email address: iod@samito.co
  7. SAMITO considers using this button as the withdrawal of your consent to the processing of data for marketing purposes.

7.

The Processing of Personal Data in order to Enter into and Perform Contracts

  1. Personal data of persons representing the Parties will be processed in order to enter into and perform commercial contracts based on the legally justified interests of SAMITO (point (f) of Article 6(1) of the GDPR), manifesting itself in entering into contracts in accordance with the rules of representation. The data will also be processed on this basis in order to perform a contract, and defend against legal claims of the opposing party related to the existing contracts.
  2. If a contract is entered into with a sole proprietor or a consumer, personal data will be processed for the purpose of performing the contract (point (b) of Article 1(6) of the GDPR).
  3. Providing your personal data is voluntary, but failure to do so can render entering into a contract impossible.
  4. SAMITO informs you that the data will be processed throughout the period of contract performance, on the proviso that this period may be extended by the period of limitation of claims resulting from non-performance or improper performance of the contract. This period will be counted from the date of termination or expiry of contracts.

8.

The Processing of Personal Data for Data Analytics Purposes and for Marketing/Remarketing Based on Online Identifiers

  1. Detailed rules for the processing of such data for such purposes are defined in the Cookie Policy.
  2. The provision of personal data is voluntary.
  3. SAMITO uses Facebook Pixel – marketing tools provided by Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA. They make it possible to target advertising campaigns on Facebook. As a result, Facebook is aware that the person registered is using the Portal. Facebook is the controller of the data thus collected. The Portal does not provide any additional personal data to Facebook. The service is based on the use of Cookies on the User’s End Device. The information collected on Facebook Pixel is anonymous, i.e. it does do not allow for identification. For more information, see the Facebook Data Policy. Facebook Inc. has its registered office in the US, uses technical infrastructure located in the US, and has joined the EU-US-Privacy Shield to ensure an adequate level of protection of personal data required by European regulations. Under the agreement between the US and the European Commission, the latter has confirmed that the companies certified under the Privacy Shield offer an adequate level of data protection.
  4. We use Google Ads marketing tools provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google Ads is used to promote our website in search results and on third party websites, including the use of remarketing tools. Any activities in this regard are based on your consent to the use of your cookies according to the terms and conditions of the Cookie Policy. The functionality of Google Ads consists of leaving a Google cookie on the User’s End Device, which uses the ID associated with the visited pages to display interest-based ads. For more information on how Google Ads processes data, see Google Privacy Policy.
  5. SAMITO also uses Google Analytics, a tool for creating and analysing statistics and for website optimisation provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This tool collects data using cookies. Cookies may be used by advertising networks, in particular by the Google network, to display advertisements that are adjusted to the User’s behaviours on the Website. To this end, they can store information about the User’s navigation path or time spent on a given page. Google LLC is the controller of the data thus collected. To learn about the rules for the use of Cookies by an external controller, please read Google Privacy Policy. Google LLC has also joined the EU-US-Privacy Shield to ensure an adequate level of protection of personal data required by European regulations. Under the agreement between the US and the European Commission, the latter has confirmed that the companies certified under the Privacy Shield offer an adequate level of data protection.
  6. The transmitted data will be processed:
    • For the purpose of analytics – for 36 months after the last visit to the Portal;
    • For marketing and remarketing purposes – for 12 months after the last visit to the Portal.

9.

The Processing of Personal Data in order to Manage a Fanpage on Facebook.com

  1. The controllers of data of visitors to our fanpage on Facebook are: SAMITO Sp. z o.o. with its registered office at ul. Rzymska 9, Warsaw (03-976) and Facebook Ireland Ltd with its registered office in Dublin.
  2. Personal data will be processed by SAMITO Sp. z o.o. in order to create statistical data, carry out promotional activities and respond to messages sent to us based on legitimate interests of the Data Controller (point (f) of Article 6(1) of the GDPR).
  3. The data we possess for this purpose will be processed for a maximum period of two years after unliking our fanpage, or for a maximum period of two years after the last visit in case you did not use the “Like” button.

10.

Rights of Natural Persons

  1. The persons whose data are processed for the purposes referred to above have the following rights with regard to the processing of personal data:
    • the right to withdraw their consent, if the basis for our processing is the consent;
    • the right of access to personal data;
    • the right to have personal data rectified;
    • the right to request the erasure of personal data;
    • the right to demand the restriction of personal data processing;
    • the right of data portability if the basis for the processing is the consent given or the contract concluded, and the processing of personal data is carried out by automated means;
    • the right to object to the processing of data if the basis for the processing of such data by us are the legitimate interests of SAMITO;
    • the right to lodge a complaint with an authority – the data subject also has the right to lodge a complaint with a data protection supervisory body, i.e. the President of the Office for Personal Data Protection.
  2. In the case of data processing for the purposes of web analytics and marketing/remarketing based on online identifiers, the rights listed in b)–g) can be exercised by data subjects according to the terms and conditions specified by Google LLC (Google Privacy Policy) and Facebook (Facebook Data Policy).

11.

Additional Information

  • The function of the Data Protection Officer at SAMITO is held by Maciej Chodorowski, e-mail: dpo@samito.co.
  • If you have any questions or concerns about means and principles of processing, as well as the exercise of your rights, please contact us by e-mail at: dpo@samito.co

12.

Security Measures

SAMITO ensures the protection of the integrity and confidentiality of personal data transmitted via the Internet in particular by means of encryption.

13.

Other Data Recipients

The data will not be made available to entities other than those authorised under law, and only at their justified request. Data may be disclosed to IT support companies and hosting companies.



COOKIE POLICY

1. 

Definitions:

  1. Controller – SAMITO.
  2. Cookies – mean computer data, in particular text files, stored on Users’ End Devices and intended for using Website pages. These files make it possible to recognise the User Device and display the website accordingly, customised to the User’s individual needs. “Cookies” usually contain the name of the website they come from, the time they are stored on the End Device, and a unique number.
  3. Controller’s Cookies – mean Cookies placed by the Controller related to the provision of electronic services by the Controller via the Website.
  4. External Cookies – mean Cookies placed by the Controller’s partners via the Website.
  5. Website – means the Controller-operated website in the domain SAMITO.pl.
  6. Device – means an electronic device through which the User gains access to the Website pages.
  7. User – means an entity for which services may be legally provided by electronic means, or with which/whom an agreement for the provision of electronic services may be concluded.
  8. The Cookies used by the Controller are safe for the User Device. These files make it possible to identify the User’s software and customise the Website to each User. Cookies usually contain the name of the domain they come from, the time they are stored on the Device, and an assigned value.
  9. The User can limit or disable Cookie access to their Device. If the User has not disabled Cookies access, this is understood as a clear affirmative action confirming their consent to Cookies. The User may disable the placement and storage of Cookies in their web browser settings. The method of disabling Cookies depends on the web browser used by the User. If you use this option, you will still be able to use the Website, apart from the functions which, by their very nature, require the use of Cookies.
  10. The Controller uses two types of Cookies:
  11. Session Cookies: they are stored on the User Device until the end of the browser session. Then the information previously saved is permanently deleted from the Device memory. The mechanism of session Cookies does not allow for the collection of any personal data or confidential information from the User Device.
    • Persistent Cookies: they are stored on the User Device until they are deleted. Ending the session of any web browser or switching the Device off will not delete such files from the User Device. The mechanism of persistent 
    • Cookies does not allow for the collection of any personal data or confidential information from the User Device.

2.

Purposes for which Cookies are Used

  1. The data of the User can also be collected via Cookies.
  2. The Controller uses its own Cookies in order to set up the Website in a correct way, in particular to adjust the content of the Website pages to the User’s preferences, and to optimize the use of the Website pages.
  3. The Controller uses its own Cookies in order to complete the processes necessary to ensure that the websites are fully functional, in particular to adjust the content of the Website pages to the User’s preferences, and to optimize the use of the Website pages. In particular, these files make it possible to recognise basic parameters of the User Device and display the website accordingly, customised to the User’s individual needs.
  4. The Controller uses external Cookies to collect general and anonymous statistical data via analytical tools of Google Analytics (external cookie administrator: Google Inc., based in the USA).

3.

Possibilities for Determining the Conditions for the Cookie Storage or Access

  1. The User may independently and at any time change the Cookie settings, specifying the conditions for the Cookie storage on and access to the User Device. The User can change the settings referred to in the previous sentence via their web browser settings, or by using the service setup options. These settings can be changed in particular in such a way as to block the automatic support for Cookies in the web browser settings, or ensure the Website user notification every time when such files are stored on the User Device. Detailed information about the functionalities and management of Cookies can be found in the (web browser) software settings.
  2. If Cookie settings are not changed in the web browser, then the Website navigation will be considered by SAMITO as a clear affirmative action confirming the User’s consent to the use of Cookies for the purposes described in this Policy.
  3. The User can delete Cookies at any time by using the functions available in their web browser.
  4. If Cookies are restricted, this may adversely affect some of the Website functionalities.
Skip to content