Skip to content

Privacy policy

Information concerning processing of personal data by
TLC Sp. z o.o.

1. Glossary

Personal Data Administrator/Administrator – a person or entity which (unilateraly or jointly with other administrators) decides for what purpose and how he will process the personal data;

Personal Data – information that identify (or make it possible to identify) a natural person, in particular: name and surname, address, telephone number, e-mail address, date of birth, name of the company, tax identification number, social security number etc.;

Personal data processing – activities related to personal data, in particular: collecting, recording, organizing, storing, downloading, browsing, using, sharing, deleting, destroying etc.;

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Regulation on data protection).

2. Personal Data Administrator

The administrator of personal data processed by us in connection with conducting business activity is TLC Spółka z ograniczoną odpowiedzialnością, a Limited Liability Company seated in Gorlice, ul. Chopina 25N, 38-300 Gorlice (hereinafter “TLC“). In all matters regarding the processing of personal data, in particular exercising your rights related to the processing of personal data, you can contact the Administrator by:

a) email address: odo@tlc.eu 

b) phone: +48 505 140 140

c) in writing to the address of the Administrator’s office. 

3. Sources of Personal Data collection

All data is obtained by the Administrator in two ways:

  1. information voluntarily provided by the data subject; 
  2. information obtained when using the Administrator’s websites, i.e.:

    a) information in server logs (servers automatically save such data as the page request sent by the user, the date and time of the request and sending the response, device data, browser type, browser language, etc, type of operating system);
    b) IP address (on the basis of which it is possible to identify the country from which a given website user connects to the network), 
    c) text files „cookies” (sent to the user’s computer when visiting the website).

4. Main principles for the processing of Personal Data

In connection with its business activity, TLC processes the data of entities with which it has business relations, as well as the data of their employees and associates, data of persons transferred as part The Administrator represents and guaranties that:

a) Personal Data are processed in accordance with current regulations, including the GDPR, in a fair and transparent manner;

b) Personal Data are collected for specific, explicit and legitimate purposes and is processed only to the extent consistent with those purposes;

c) the Administrator makes the utmost care that the Personal Data it processes are truthful, current and accurate;

d) Personal Data are stored in a form that enables identification of the data subject for no longer than it is necessary for the purposes for which the data are processed;

e) Personal Data are processed in a manner that ensures adequate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by appropriate organizational, technical and technological measures.

5. Purposes and basics of Personal Data processing

In connection with its business activity, the Administrator processes the data of entities with which it has business relations, as well as the data of their employees and associates, data of persons transferred as part of the implementation of orders and contracts, data of persons making contact by means of remote communication (telephone, email).

The purpose of processing Personal Data by the Administrator is: 

a) conclusion and implementation of contracts (legal basis for processing – art. 6 sec. 1 letter b of the GDPR);

b) determining and pursuing possible claims by the Administrator or defense against claims raised against the Administrator (legal basis for processing – art. 6 sec. 1 letter f of the GDPR); 

c) performance of tax and accounting obligations (legal basis for processing – art. 6 sec. 1 letter c of the GDPR);

d) realization of promotional and marketing activities (legal basis for processing – art. 6 sec. 1 letter a of the GDPR);

e) sending commercial information regarding the Administrator’s products and services and entities from TLC Group, whose offer supplements the offer of the Administrator, including in particular information about current offer, promotions, discounts and marketing campaigns – newsletter (legal basis for processing – art. 6 sec. 1 letter a of the GDPR);

f) answering the questions asked by the user via the contact form available on the Administrator’s website, e-mail or by phone (legal basis for processing – art. 6 sec. 1 letter f of the GDPR);

g) analysis of data on actions taken by the user on the Administrator’s website, based on the user’s consent to the use of analytical and statistical cookies (legal basis for processing – art. 6 sec. 1 letter a of the GDPR);

h) ensuring the proper functioning of the Administrator’s website, including ensuring the security of services provided and the use of cookies necessary for the proper display of the website in the user’s browser (legal basis for processing – art. 6 sec. 1 letter f of the GDPR).

Providing data is voluntary, however the Administrator reserves that in some situations, providing it may be necessary to conclude and perform the contract, answer queries, conduct correspondence, and perform obligations arising from provisions of law, sending the newsletter.

Information obtained during the use of the Administrator’s websites is collected in order to guarantee the proper functioning of the websites and provide offer content tailored to the location and language of the user (availability of closest distributors and partners), without combining them with other data of users visiting the Administrator’s websites (legal basis for processing – art. 6 sec. 1 letter f of the GDPR).

6. Data storing term

The Administrator processes personal data for the time necessary to achieve the purpose of processing. The Administrator applies the principle of limiting the storage of personal data, which protects data against processing for an unlimited period. When the processing purpose is achieved, the Administrator deletes or anonymizes the data. The exceptions are situations when data storage is necessary under separate provisions.

The Administrator deletes or anonymizes data in particular when: 

a) the limitation of possible claims will take place;

b) deadlines that result from legal provisions (e.g. the Accounting Act) have expired;

c) the data subject withdraws consent to the processing of personal data (concerns cases where consent was the basis for processing i.e. sending the newsletter)

d) the data subject effectively opposes further processing (if the basis for processing was the legitimate interest of the Administrator).

7. Data recipients

Personal Data processed by the Administrator in connection with business relations may be transferred to the following categories of entities:

a) public authorities – in cases specified by law. 

b) distributors and business partners in connection with the execution of orders and handling the quotation inquiry process,

c) subcontractors, contractors and business partners as part of cooperation on a given project, solely for the purpose and to the extent necessary to implement the rights and obligations arising from cooperation,

d) courier and transport companies for the purpose of delivery,

e) maintenance of information systems in which data is processed,

f) entities providing accounting, legal, debt collection, consulting, IT services to the Administrator and entities providing maintenance of information systems in which data is processed,

g) entities providing the Administrator with system tools: hosting service providers and systems for managing the database of contractors, email service providers, telecommunications service providers, invoice software providers, providers of banking and electronic payment services, newsletter sending service providers, SAS systems for organizing webinars, marketing automation system and other marketing activities,   

h) entities from TLC Group, whose offer supplements the offer of the Administrator (entities indicated on a website www.tlcgroup.pl), 

8. Profiling

For direct marketing purposes (for example, by replying to a message, presenting the details of the offer), the Administrator may use profiling, consisting in automated decision-making on displaying advertisements and directing dedicated content in e-mails (the legal basis for such processing of Personal Data is art. 6, sec. 1, letter f of the GDPR, i.e. legitimate interest of the Administrator). This decision is made on the basis of actions taken by the user on the websites, forms, and in particular on the basis of concluded contracts or pages viewed. In practice, profiling supports the usability of websites and newsletters, allowing you to present content that may potentially interest you more. The legal basis for such processing of Personal Data is art. 6, sec. 1, letter f of the GDPR.

You have the right not to be profiled, unless you have given your consent. However, the basis for the processing of Personal Data will be consent, which can be withdrawn at any time.

9. Rules for the transfer of data outside Poland

In the justified circumstances, the Administrator may transfer personal data to entities in the European Economic Area (EEA).

The Administrator may transfer personal data to a third country (outside the EEA) if it guarantees at least such data protection as is applicable in Poland. In practice, such a guarantee is that a given country has been recognized by the European Commission as a country that provides adequate protection.

If data is transferred outside the EEA, the Administrator will take appropriate steps to ensure data protection, in particular through the use of contractual clauses that have been approved by the European Commission.

10. Entitlements related to the personal data processing

In accordance with applicable law, you have: 

a) the right to access personal data and receive a copy thereof, 

b) the right to rectify (correct) your data,

c) the right to delete data,

d) the right to limit data processing,

e) the right to object to data processing based on the legitimate interest of the Administrator or third parties, 

g) the right to transfer data,

h) the right not to be subject to decisions based on automated data processing, including profiling, if the Administrator would make decisions based solely on automated data processing, including profiling, which would have legal consequences for the data subject or similarly affect him or her,

i) the right to file a complaint to the supervisory body (the President of the Office for Personal Data Protection),

j) the right to withdraw consent to the processing of personal data.

If the data processing is based on your consent, you have the right to withdraw your consent to the processing of the Personal Data at any time. Withdrawal of consent will not affect the lawfulness of the processing that was carried out on the basis of consent before its withdrawal.

In order to exercise your rights, please send request the contact details indicated above. If you have additional questions, please contact us.