INFORMATION CLAUSE
Hereby, out of concern for the integrity of your personal data and your rights, and in order to meet the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”), I would like to update and supplement information regarding the processing of your personal data.
ADMINISTRATOR
The administrator of personal data is:
Arkadiusz Waliczek, conducting business under the name HYDROTRADE Poland, Arkadiusz Waliczek, 43-200 Pszczyna, ul. Piwowarska 24/5, NIP: 638 116 23 39, REGON: 072319501, hereinafter referred to as the “Administrator.”
CATEGORIES OF ADDRESSEES
This clause is addressed to:
2.1. Recipients of the Administrator’s goods and services and suppliers of goods and services to the Administrator, regardless of their legal form (hereinafter also referred to as the “other party”).
2.2. Persons providing work/services on behalf of or for the benefit of the other party, only within the scope of the legal relationship between the Administrator and the other party, in particular employees, contractors, subcontractors, service providers, agents or proxies of the other party (hereinafter collectively referred to as the “persons involved”).
DATA SOURCE AND CATEGORIES OF PERSONAL DATA
Personal data have been obtained directly from the data subject. Personal data of the persons involved have been obtained either directly from the data subject, from the other party, or from other persons involved.
If the data were obtained from the data subject, this person has full control over the scope of the disclosed data.
If the data were obtained from the other party or other persons involved, they include data necessary for identification and verification, such as: name, surname, telephone number, professional license number, vehicle registration number, function, position, e-mail address, company name.
LEGAL BASIS, PURPOSES AND STORAGE PERIODS
4.0.1. Basis: consent of the data subject. Purpose: business contacts requiring separate consent.
The data are processed for acquiring and maintaining business contacts, i.e., marketing requiring separate consent (e.g., marketing using telecommunications devices such as network-connected computers or telephones).
Data are processed until consent is withdrawn. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
4.0.2. Purpose: responding to a request / clarifying doubts
Submitting an inquiry (via contact form, e-mail, phone, social media) constitutes consent for the Administrator to contact the person to address the inquiry. Data are processed until consent is withdrawn.
4.0.3. Purpose: newsletter
Data processing provides access to up-to-date information about the Administrator’s offer and activities. Data are processed until consent is withdrawn.
4.0.4. Purpose: improving/convenient functioning of websites
The Administrator owns five active websites: hydrotrade.pl, wf-sedziszow.hydrotrade.pl, mahle.hydrotrade.pl, cronne.pl, and others.
These are informational websites (“business card” pages) and do not allow account creation or personal data transmission via form.
The websites use cookies. Cookies are small text files sent by website servers and stored in the browser. When reconnecting, the website recognizes the device type. Cookies can be read only by the server that created them.
4.2. Basis: performance of a contract. Purpose: conclusion and execution of a contract
Processing is necessary for concluding and performing a contract, including complaints and debt collection, and for transferring data to couriers. Examples of processed data: name, surname, company, phone number, e-mail, address, tax identification number, bank account number.
Data are stored for the contract duration and afterwards—during the statutory limitation periods.
4.3. Basis: legal obligation. Purpose: preparation and storage of documentation
The Administrator processes personal data included in invoices, accounting books, and other documents to fulfill obligations under tax and accounting laws.
Data are stored as long as required by law.
4.4. Basis: legitimate interest of the Administrator or a third party
a) Purpose: business contacts where no separate consent is required
This includes direct marketing, sales of goods and services, and strengthening business relations unless separate consent is required.
The data subject has the right to object under Art. 21 GDPR.
Data are processed until an objection is submitted.
b) Purpose: performance of the contract through persons involved
Applies when an employee of the other party performs a service for the Administrator, signs documentation, or when contact details are provided for identity verification.
Data are processed for contract execution, documentation, protection of rights, or pursuing claims.
Data are processed during the contract period and after—as long as legally required or until objection.
c) Purpose: proving obligations and pursuing claims
Data disclosed in forms, contracts, or otherwise may be processed for archiving and claim-related purposes, including accountability.
Data are processed during the performance of obligations and after—for limitation periods or until objection.
RECIPIENT CATEGORIES
Data may be transferred to:
5.1. Persons authorized by the Administrator (e.g., sales representatives).
5.2. Data processors under Art. 28 GDPR (e.g., accounting offices, IT admins, legal services, couriers, hosting providers, payment service providers).
5.3. Authorized persons or processors via further authorization, anti-fraud authorities.
5.4. Public authorities (e.g., ZUS, NFZ, tax authorities) and entities acting as independent controllers (e.g., shipping entities).
RIGHTS UNDER GDPR
The data subject has the right to:
6.1. Access data
6.2. Rectify data
6.3. Erase data
6.4. Restrict processing
6.5. Data portability
6.6. Object (when processing is based on legitimate interest)
6.7. Withdraw consent (when consent is the basis for processing)
Refusal must be justified based on GDPR rules.
FAILURE TO PROVIDE DATA
Providing data required for issuing invoices or settlement documents is mandatory under tax and accounting laws.
Failure to provide necessary contact/delivery data may prevent contract conclusion and fulfillment.
Failure to provide optional data limits business contact and access to information.
Providing signature or image data is required for on-site safety and access; failure to do so may prevent contract performance requiring on-site presence.
AUTOMATED DATA PROCESSING
Data are processed automatically only within cookies. No automated decisions are made that could affect the user legally or significantly.
Profiling is limited to analysing preferences for website improvements.
GOOD PRACTICES – PROVIDING THE CLAUSE TO PERSONS INVOLVED
As good practice, the other party should provide this clause to all persons involved, as fulfilling the obligation directly toward them may be difficult or require disproportionate effort.
CONTACT DETAILS
For all matters related to this clause, including exercising your rights, contact: