Personal Data Protection Policy

• Who is the personal data controller?
• Where do we obtain your personal data?
• What is the purpose and legal basis of processing your personal data?
• Which entities may access your personal data?
• Will your personal data be provided outside the European Union?
• Will your personal data be used for automated individual decision-making?
• How long will we store your personal data?
• Rights of Data Subjects

INFORMATION ABOUT PERSONAL DATA PROCESSING

In accordance with Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter the “GDPR”), we meet our information obligation with respect to the processing of your personal data.

Please read the following information on how we process your personal data. With respect to the processing of your personal data, you are a data subject, i.e. a person whose personal data we process.

WHO IS THE PERSONAL DATA CONTROLLER?

TITANS freelancers, s.r.o., with its registered office at: Jégého 16999/8, Bratislava-Ružinov 821 08, Company ID: 47 047 224, registered in the Business Register of District Court Bratislava I, Section: Sro, File No.:  89105/B

Contact details of the controller: phone: +421 (0) 908 857 752, e-mail: titans@titans.sk

If you have any questions or if you wish to exercise your rights with respect to the processing of your personal data, please contact the controller using the above e-mail or contact the data protection officer by e-mail at: gdpr@titans.sk. You may also exercise your rights in writing at the controller’s address.

WHERE DO WE OBTAIN YOUR PERSONAL DATA?

We obtain your personal data directly from you, unless expressly stated otherwise in this document.

We process personal data on the following legal bases:

• Based on contractual and pre-contractual relationships (Article 6 (1) (b) of the GDPR);
• Based on legitimate interests (Article 6 (1) (f) of the GDPR);
• Based on compliance with a legal obligation (Article 6 (1) (c) of the GDPR); and
• Based on consent (Article 6 (1) (a) of the GDPR).

We would like to inform you that the data subject is required to provide his/her personal data if the processing of personal data is necessary for compliance with a legal obligation of the controller. The data subject is also required to provide personal data if their provision is a contractual requirement resulting from a contract concluded between the controller and the data subject.

The provision of your personal data under pre-contractual and contractual relationships is necessary; otherwise, failing to do so could prevent your participation in a selection procedure, or conclusion or performance of a contract.

If consent is the legal basis for the processing of personal data, the granting of consent is voluntary. If we process your personal data on the basis of your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing based on the consent prior to its withdrawal. The withdrawal of consent is neither charged nor sanctioned.

If we process your personal data based on legitimate interests, you have the right to object to the processing of your personal data on this basis at any time on grounds relating to your particular situation and you also have the right to object to profiling based on those interests (Article 21 of the GDPR). In this event, the controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

WHAT IS THE PURPOSE AND LEGAL BASIS OF PROCESSING YOUR PERSONAL DATA?

• Processing your request made by filling in a contact form on the web to obtain information about the services we offer (e.g. request to find an IT specialist for a project)

  The processing for this purpose is necessary to make pre-contractual arrangements at the request of the data subject prior to the conclusion of the contract.

• Recording the controller’s internal activities aimed at acquiring a client

  This purpose includes the controller’s internal activities associated with the recording of the progress of communication, meetings, negotiations and other activities that must be performed before making a deal with a potential client based on their request/order.
  The processing for this purpose is necessary to make pre-contractual arrangements at the request of the data subject prior to the conclusion of the contract.

• Selection procedure in which you participate as a candidate for employment

  The processing of your personal data as a candidate for employment includes activities related to the receipt and assessment of your CV and job application, the selection procedure and informing the candidate about the result (hired or not hired). The processing for this purpose is necessary to make pre-contractual arrangements at the request of the data subject prior to the conclusion of the contract.

• Selection procedure in which you participate as a candidate for cooperation by concluding a commercial relationship between the controller and you as a natural person – entrepreneur (under a contract for work, mandate contract, cooperation contract or other contract)

  The processing of your personal data (as a candidate for cooperation with us) for this purpose includes activities related to the selection of a business partner on the basis of its participation in the selection procedure. These activities precede the conclusion of a business relationship between the controller and the data subject – a service provider for the controller (e.g. communication, informing about whether the candidate succeeded or not). The processing for this purpose is necessary to make pre-contractual arrangements at the request of the data subject prior to the conclusion of the contract.

• Performing the existing contractual relationships with suppliers (i.e. for the purpose of supplying products and/or services to suppliers and paying the price/remuneration for the supply of products and/or services), including records about suppliers and the existing contractual relationships with them (records of contracts, orders, acceptance protocols and invoices relating to suppliers of products and services) and timesheets for work performed by the supplier for the controller

  This purpose includes activities related to the performance of our obligations under the contract that we have concluded with you as our supplier, and administrative acts associated with the monitoring of the fulfilment of your obligations under the concluded business relationship, such as tracking the agreed deadlines, hours worked, product/service delivery methods. In connection with the conclusion of a contract to supply services and/or products (contract for work, mandate contract, cooperation contract or other contract), we keep records of the existing contracts and hours worked by you for the controller. The processing for this purpose is necessary to perform a contract to which the data subject (supplier) is a party.
  For this purpose, in the records of suppliers and the existing contractual relationships, we will also process common personal data of the person authorised to act on behalf of the supplier (legal entity), and common data of the supplier’s employees, based on the controller’s legitimate interest to ensure effective performance of contracts.

• Performance of the existing contractual relationships with clients (i.e. for the purpose of providing our services based on a contract concluded with a client/party that ordered our services), including records of the existing contractual relationships with clients (records of contracts with clients)

  This purpose includes activities related to the performance of the controller’s obligations under the contract that we have concluded with you as our client, and administrative acts associated with the concluded contract, such as tracking the agreed deadlines. In connection with the conclusion of a contract to supply our services, we also keep records of the existing contracts with clients. The processing for this purpose is necessary to perform a contract to which the data subject (client) is a party.
  For this purpose, we will also process common personal data of the person authorised to act on behalf of the client (if it is a legal entity), and common (contact) data of the client’s employees contained in the contract with the client, based on the controller’s legitimate interest to ensure effective performance of contracts.

• Administration of pending disputes and enforcement proceedings, and collection of receivables and other claims of the controller in judicial, out-of-court, enforcement or bankruptcy proceedings, including legal representation in such proceedings

  If we process your personal data for this purpose, the legal basis of the processing is the controller’s legitimate interest: exercise or defence of legal claims of the controller, prevention of damage and ensuring fulfilment of receivables and other legal claims of the controller. For this purpose, the controller may provide personal data to an attorney who processes personal data of clients and other natural persons to the extent necessary for the purpose of advocacy.

• Identification of a party to a legal dispute and a debtor in an enforcement petition

  If we process your personal data for these purposes, we do so because it is our legal obligation to identify the debtor in an enforcement petition (especially the Civil Code, the Enforcement Code), and the plaintiff or defendant in court proceedings (especially Code of Contentious Civil Procedure, Code of Administrative Procedure).

• Legal representation (except proceedings)

  The processing of your personal data for this purpose involves the use of attorneys’ legal services, such as commenting on contracts and their amendments (including annexes) concluded with data subjects, or participating in meetings and other communication with data persons. For this purpose, the controller provides personal data to an attorney who processes personal data of clients and other natural persons to the extent necessary for the purpose of advocacy in accordance with Act No. 586/2003 Coll. on Advocacy and on Amendments to Act No. 455/1991 Coll. on Trade Licencing (the Trade Licencing Act), as amended, and the GDPR.
  For this purpose, we provide your personal data to an attorney based on our legitimate interest: to prevent damage using professional legal services and to conclude valid contractual relationships in compliance with the legal requirements for concluded contracts.

• Business communication (supplier-customer relationships), including records of e-mail business communication

  The legal basis for processing your personal data for this purpose is the controller’s legitimate interest: to communicate with business partners (with clients and suppliers) as part of business activities.

• Ensuring network and information security

  The legal basis for processing personal data for this purpose is the controller’s legitimate interest to prevent unauthorised access to electronic communication networks, to prevent damage to computer and electronic communication systems and to protect data contained in the controller’s IT technologies and systems.

• Direct marketing

  If you are our client and we obtained your e-mail address in connection with the sale of goods or services, we will send you e-mails with the offer of our new products and services that are similar to those you ordered/purchased. For this purpose, your personal data is processed on the legal basis of the controller’s legitimate interest to inform our clients about news regarding our products and services.
  As a data subject, in accordance with Article 21 (2) of the GDPR, you have the right to object at any time to the processing of your personal data for the purposes of such marketing, including profiling to the extent that it relates to such direct marketing. If the data subject objects to the processing for the purposes of direct marketing, personal data must no longer be processed for such purposes.
  Every sent marketing e-mail or newsletter contains an “unsubscribe” link. If you do not wish to receive information about our news and offers, you can opt out the subscription by clicking this link. If you unsubscribe, we will no longer send you information about our news and offers.

• Sending thank-you letters/e-mails

  We process your personal data for this purpose if you are our business partner or if you have cooperated with us in the past and we would like to express our satisfaction and thank you for your cooperation. For this purpose, your personal data is processed on the legal basis of the controller’s legitimate interest: presentation of the achievements of cooperation in order to maintain active contacts with a business partner.

• Records of professional profiles and contacting professionals regarding offers to participate in a new project (including records of such contacts)

  If we obtained your personal data for this purpose directly from you (based on your CV or otherwise) or on the LinkedIn or Profesia website, we will process them based on the controller’s legitimate interest to approach and establish cooperation with a suitable professional for a project/task performed for a third party.
  We process your personal data on this legal basis only for the period necessary to contact you in relation to a particular offer to participate in a project or an offer to grant us consent to keep your professional profile in our information system, for a maximum of 3 months. If you do not grant us your consent or you object to the processing for the purpose of our keeping you in our records as a professional for potential cooperation, we will cease processing your personal data for this purpose and we will remove you from the professional records.
  We process your personal data in the scope of personal data published or provided by you (in particular, identification details, contact details, education background, qualifications, language skills, professional experience, work position).

• Conclusion of valid contractual relationships and ensuring their performance

  For this purpose, we process personal data contained in contracts concluded as part of supplier-customer relationships or in drafts of such contracts. We process personal data of natural persons – clients or suppliers, and personal data of persons authorised to act on behalf of the contract partner (supplier, client) and data of employees of contract partners.
  This purpose also includes the legal requirement to properly identify a contracting party (natural person – client or supplier) when we process personal data based on the law (Civil Code, Commercial Code).
  We also have the legitimate interest to process common personal data of a person authorised to act on behalf of a contract partner (supplier, client), and contact personal data of an employee of a contract partner, as specified in the contracts we conclude as part of customer-supplier relationships (or in the drafts of such contracts). We process data of such data subjects for this purpose on the basis of the controller’s legitimate interest to ensure valid conclusion of contracts and their effective performance.

• Provision of benefits to suppliers or persons authorised to act on behalf of suppliers

  This purpose includes activities related to the provision of various benefits to contract partners – suppliers (natural persons – entrepreneurs), or for persons authorised to act on behalf of the supplier (legal entity), such as magazine subscriptions, cinemax vouchers, ProCare vouchers. The legal basis for processing your personal data for this purpose is the controller’s legitimate interest: interest in motivating data subjects to continue cooperation with the controller by providing benefits.

• Registry administration

  This purpose includes activities related to the fulfilment of the controller’s registry obligations, including records of sent and received mail. Your personal data are processed for this purpose on the legal basis: processing is necessary for compliance with the controller’s legal obligations under Act No. 395/2002 Coll. on Archives and Registries and on Amendments to Certain Acts.

• Bookkeeping, processing of accounting and tax documents, billing and cash register records

  The processing for this purpose is necessary to comply with the controller’s legal obligations, in particular pursuant to Act No. 431/2002 Coll. on Accounting, Act No. 222/2004 Coll. on Value Added Tax and Act No. 595/2003 Coll. on Income Tax.

• Dealing with rights of data subjects

  Your personal data are processed for this purpose on a legal basis: processing is necessary for compliance with the controller’s legal obligations under the personal data protection legislation (GDPR) in relation to the exercise of data subjects’ rights under Article 15 to 22 of the GDPR.

• Human resources, payroll and tax agenda (including income taxes and income tax advances)

  For this purpose, we process personal data of employees and their spouses, dependent children, parents of dependent children, close persons and former employees of the controller. The processing of personal data for this purpose is made on the legal basis:
  a) the processing is necessary to perform a contract to which the data subject is a party. (i.e. to perform an employment contract or an agreement on work performed outside an employment relationship); or
  b) The processing is necessary for compliance with the controller’s legal obligations, in particular obligations under Act No. 311/2001 Coll. the Labour Code, Act No. 125/2006 Coll. on Labour Inspection, Act No. 43/2004 Coll. on Pension Saving, Act No. 650/2004 Coll. on Supplementary Pension Saving and on Amendments to Certain Acts, Act No. 580/2004 Coll. on Health Insurance, Act No. 595/2003 Coll. on Income Tax, Act No. 461/2003 Coll. on Social Insurance, Act No. 5/2004 Coll. on Employment Services and on Amendments to Certain Acts, Act No. 462/2003 Coll. on Compensation of Income during Employee’s Temporary Incapacity for Work and on Amendments to Certain Acts, Act No. 152/1994 Coll. on the Social Fund and on Amendments to Act No. 286/1992 Coll. on Income Tax, Act No. 595/2003 Coll. on Income Tax.

• Company agenda, registration and notification of changes in the Business Register

  The controller processes your personal data for this purpose as required by law. The processing for this purpose is necessary for compliance with the controller’s legal obligations (Act No. 530/2003 Coll. on the Business Register and on Amendments to Certain Acts, the Commercial Code).

• Access to and operation of the electronic mailbox

  We process your personal data if you are a person authorised by us to access and operate the controller’s electronic mailbox. When granting the access and operation authorisation, we will provide your personal data to the extent required by law to the electronic mailbox module administrator in accordance with Act No. 305/2013 Coll. on e-Government and Amendments to Certain Acts.

• Marketing

  We will send you e-mails with a presentation of new projects and newsletters based on your consent. For this purpose, your personal data is processed on the legal basis: consent of the data subject. The consent is voluntary. Unfortunately, if you do not grant consent, we cannot provide you with the offers of our goods and services and inform you about the news. You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing based on the consent prior to its withdrawal. Every sent marketing e-mail or newsletter contains an “unsubscribe” link. If you do not wish to receive information about our news and offers, you can opt out the subscription by clicking this link.

• Records of professional profiles and contacting professionals regarding offers to participate in a new project (including records of such contact and provision of a professional profile to clients)

  If you grant us your consent, we will process your personal data that you provided in your CV and by filling in the form on our website, including your photo. Your consent also includes the provision of your personal data to our clients who wish to implement a project and are looking for a professional in the relevant area of your qualification or specialisation.
  The consent is voluntary. Unfortunately, if you do not grant consent, we cannot contact you with an offer if we are looking for a suitable professional to cooperate on a project/task for a third party, or provide your data to the client.
  The records are used to find and reach a suitable professional in the field (candidate for cooperation) for a third-party project. The contact records are intended to prevent the professional from being contacted repeatedly in connection with the same project.
  You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing based on the consent prior to its withdrawal.

• Publication of the data subject’s professional profile, including a photo, on the controller’s website and on social networks (Facebook, Instagram, LinkedIn) where the controller has created a profile)

  We process personal data of data subjects – suppliers (natural persons) or persons authorised to act on behalf of the supplier (legal entity) for this purpose if the data subject grants us his/her consent. The consent is voluntary. If it is not granted, we will not publish your professional profile.
  You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing based on the consent prior to its withdrawal.

• Using a profile with a photo in business e-mails sent by data subjects from the controller’s domain (as part of their activities for the controller)

  We process personal data of data subjects – suppliers (natural persons) or persons authorised to act on behalf of the supplier (legal entity) for this purpose if the data subject grants us his/her consent. The consent is voluntary. If it is not granted, your profile with a photo will not be included in your business e-mail.
  You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the processing based on the consent prior to its withdrawal.

• Records of trips using private vehicles of data subjects (suppliers or persons authorised to act on behalf of the supplier – legal entity) made when performing activities for the controller

  For this purpose, the controller processes your personal data to the extent of the vehicle log book. The legal basis for processing your personal data for this purpose is the controller’s legitimate interest: establishment and defence of the controller’s rights and interests in relation to the exercise, if any, of the data subject’s claims related to the use of a private car (e.g. compensation for damage to the vehicle).

• Records of trips of data subjects (suppliers or persons authorised to act on behalf of the supplier – legal entity) made by the controller’s vehicles when performing activities for the controller

  For this purpose, the controller processes your personal data to the extent of the vehicle log book. The legal basis for processing your personal data is the legitimate interest: protection of the controller’s property, establishment, exercise and defence of the controller’s claims in relation to damage, if any, to the vehicle, and fuel expense checks.

• Access management and key regime

  This purpose includes activities related to the keeping of access codes and passwords to individual information systems and databases of the controller, and the recording of access to the controller’s premises. We process your personal data for this purpose because it is the controller’s legitimate interest to prevent unauthorised access to the controller’s systems, databases and selected premises. The data subjects are employees and other natural persons who work on the controller’s premises or in the controller’s information systems.

WHICH ENTITIES MAY ACCESS YOUR PERSONAL DATA?

The entities defined by law, in particular tax authorities, government and public authorities for audit and oversight, courts and law enforcement authorities, are or may be recipients of your personal data to ensure compliance with the controller’s legal obligations.

Depending on the purpose of processing and the particular circumstances, other persons (in the position of a processor or a separate controller) may be recipients of your personal data, in particular:

• An attorney;
• An enforcement officer;
• A data protection officer under the GDPR;
• A bank;
• A provider of postal services;
• External trade intermediaries;
• External providers of marketing services;
• A company providing external website support and operation services;
• External suppliers of programming work and system and implementation work;
• Suppliers of installation, integration, migration, configuration, customisation, custom development, reporting and software product training;
• A company providing design, development, implementation and other related IT and software services;
• A company that is an external supplier of accounting services;
• An external registry administrator;
• External benefit providers (if identification and contact data of data subjects are processed to provide vouchers);
• An external provider of audit services;
• An external provider of the relevant SW solution and cloud database;
• Providers of occupational health and safety services, occupational health service and fire protection;
• An external provider of administrative services and intermediation services (including search and selection services to find candidates for third-party projects); and
• Recipients to whom we only provide employee personal data are specified in separate information for employees.

If we process your personal data using processors as a special category of recipients of personal data, we make sure that they comply with the applicable laws and terms and conditions agreed in the personal data processing agreement, that they are bound by confidentiality and that they protect your data in accordance with the GDPR requirements.

Based on your consent, we will provide your personal data to our clients who wish to implement a project and are looking for a professional in the relevant area of your qualification or specialisation.

Controllers of social networks and visitors to the relevant websites are also recipients of personal data for the purpose of publishing a professional profile (with a photo) on the controller’s website and on the defined social networks. Recipients of personal data also include recipients of e-mails containing the data subject’s profile (with a photo) sent by the data persons from the controller’s domain (as part of their activities for the controller).

WILL YOUR PERSONAL DATA BE PROVIDED OUTSIDE THE EUROPEAN UNION?

Your data are not transferred to a third country or international organisation, except as specified below.

Projects with clients in third countries (outside the EU) may involve the transfer of personal data of professionals who participate in or are candidates for projects for such clients. We will always inform professionals about the particular intended transfer and its conditions individually depending on the client. If the country does not guarantee a suitable level of security in line with the European Commission’s decision, other institutes in accordance with the GDPR will be used for the transfer. If there is no decision on the suitability or suitable safeguards of transfers, we will only make such transfer on the basis of the data subject’s explicit consent (after informing the data subject about the risks of such transfers due to the absence of a decision on the suitability and suitable safeguards) or if such transfer is necessary to perform a contract between the data subject and the controller, or for pre-contractual arrangements made at the request of the data subject.

WILL YOUR PERSONAL DATA BE USED FOR AUTOMATED INDIVIDUAL DECISION-MAKING?

Your personal data will not be used for automated individual decision-making.

Our selection of a suitable professional for cooperation on a project/task for a third party (client) also involves profiling of professionals kept in our records. The profiling involves various data that may affect our selection. We consider data on education, qualifications, professional experience, language skills and personality. The profiling results in a professional profile of the data subject and suitability for the project. The profiling result will not be used for automated individual decision-making.

Our website uses cookies. Detailed information about cookies can be found directly in the plug-in on our website. We process cookies to improve the functionality of our website based on our legitimate interests. We process cookies for marketing purposes based on your consent. The terms of use are also regulated in personal data protection policies of third parties to which personal data are provided. We inform you about them in the cookie plug-in. If you wish to disable the use and storage of cookies in your browser, you can do so in your browser settings. The procedure for blocking cookies depends on your browser.

HOW LONG WILL WE STORE YOUR PERSONAL DATA?

We will store your personal data for the period necessary to achieve the purpose for which the personal data are processed. If your personal data is processed to comply with the controller’s legal obligations and the law defines the storage period or criteria for its determination, we will store your personal data and the related documentation for the period required by the applicable law.

We store personal data for registry purposes for the period required by the applicable law (i.e. for the period over which the registry holder needs a registry record for its activities) in accordance with the prepared Registry Plan. We store personal data in the records of sent and received mail for 5 years (from the end of the calendar year in which the mail was sent/received). In accordance with the Accounting Act (Article 35), we store personal data in accounting records for 10 years (following the year to which they pertain).
We will store your personal data obtained in pre-contractual arrangements (e.g. using a contact form on the web) for one year.
Your personal data processed for the purpose of the selection procedure in which you participate as a candidate for employment or candidate for cooperation will be stored until the completion of the selection procedure.
We will store personal data processed on the legal basis of necessary processing for the performance of a contract, to which the data subject is a party, until the mutual rights and obligations are settled, but at least 10 years from the termination of the contractual relationship. Personal data processed for the purpose of concluding valid contractual relationships and ensuring their performance, which are set out in contracts or their drafts, are stored for the same period.
We will store your personal data processed for the purpose of dealing with rights of data subjects for 5 years from the date of processing the request, but at least until the finality of the administrative proceedings initiated by the data subject in connection with the request.
We will store personal data processed for the purpose of administration of pending disputes and enforcement proceedings, and collection of receivables and other claims of the controller in judicial, out-of-court, enforcement or bankruptcy proceedings until the legal limitation and extinction periods expire or until the settlement of a legal claim enforced in the relevant judicial, out-of-court or enforcement proceedings.
If we process your personal data for the purpose of legal representation (except proceedings), we store these data for 5 years (from the end of the calendar year in which the legal representation service was provided), and in justified cases for as long as necessary to protect and defend our legitimate interests and legal claims.
Personal data processed for the purpose of ensuring network and information security are stored 5 years following the end of the calendar year when a log was recorded.
Personal data processed for the purpose of commercial communication as part of the controller’s supplier-customer relationships are stored for 10 years (from the end of the calendar year in which the contractual relationship with a business partner was terminated).
We will store personal data processed for the purpose of direct marketing and sending of thank-you letters for 5 years from the start of processing for this purpose (or until the processing for this purpose is objected). We will store personal data obtained based on your consent for marketing purposes for 5 years or until the withdrawal of consent.
We will store personal data processed for the purposes of keeping your professional profile for 3 years from the date of granting consent (or until its withdrawal). If we process your personal data for this purpose based on the legitimate interest, we do so only for the period necessary to contact you in relation to a particular work offer or an offer to grant us consent for further processing for that purpose, for a maximum of 3 months. If you do not grant us your consent, withdraw it or object to the keeping of your professional profile for potential cooperation, we will cease processing your personal data for this purpose and we will remove you from the professional records.

We will store personal data processed on the basis of the data subject’s consent for the period specified in the consent, or for the period specified in this information (if it is not specified in the consent).
Personal data processed for the purpose of recording trips using private vehicles of data subjects (suppliers or persons authorised to act on behalf of the supplier – legal entity), and for the purpose of recording trips using the controller’s company vehicles are stored for 5 years from the termination of the controller’s business relationship with the data subject, or from the termination of the business relationship with the supplier – legal entity, whose manager is the data subject, and, in justified cases, for the period necessary to defend the controller’s rights and interests if legal claims have been enforced in this respect, e.g. claiming compensation for damage to a vehicle.
The storage period for personal data of employees is detailed in a separate document (information) intended for employees. We keep personal data of other data subjects (spouses, dependent children, parents of dependent children, close persons of employees) for the purpose of complying with our legal obligations for the period defined by the applicable legislation (10 years).
We store personal data for the purposes of providing benefits to suppliers or persons authorised to act on behalf of suppliers for the term of the business relationship with the relevant supplier.
We store personal data processed for the purpose of the Company’s agenda, registration of changes in the Business Register (contained, for example, in the Company’s Articles of Association, minutes from the General Meeting, share transfer agreements and in other legal documents relating to the Company’s corporate agenda) for the term of the controller’s legal personality (even in the event of the Company’s dissolution with a legal successor).
We store personal data for the purpose of access to and operation of the electronic mailbox for the term of the authorisation granted to the data subject.

RIGHTS OF DATA SUBJECTS