Information on the processing of personal data by GRUPA S.O.S.

In compliance with the information obligation arising from the GDPR, i.e., Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, which introduces new requirements for the protection of personal data, including in particular the obligation to provide information to data subjects and the processing of personal data, we hereby inform you as follows:

Where did we get your personal data?

We have your personal data because we contacted you about submitting an offer for the services provided by GRUPA S.O.S., or you contacted us about the provision of services, or your company is already a contractor. We also hold the personal data of individuals participating in recruitment processes and those employed by us.

What personal data do we hold?

This is the personal data you provided to us in connection with the offer, service provision, recruitment, or employment process.

Who is the controller of your personal data?

If you are already our contractor or employee, the controller of your personal data is the company from the S.O.S. GROUP providing the service or being our employer. Details of this company can be found in the agreement concluded with us. The controller of personal data processed as part of the service offering is:

S.O.S. A limited liability company with its registered office in Kraków, ul. B. Głowackiego 24, 30-085 Kraków, registered in the Register of Entrepreneurs of the National Court Register under number 0000491853 at the District Court for Kraków-Śródmieście in Kraków, 11th Commercial Division of the National Court Register, REGON: 123016750, NIP: 6772378960

Tel. 12 357 22 24, mail: rodo@grupa.sos.pl

How do we process personal data?

Data is processed in accordance with applicable law, including the GDPR, i.e. Regulation (EC) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the National Data Protection Act. We take special care to protect the personal data we process and ensure that the personal data we hold is:

  • processed lawfully, fairly, and transparently for the data subject,
  • collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes,
  • adequate, relevant, and limited to what is necessary to achieve the purposes for which it is processed,
  • accurate, and, where necessary, updated or corrected,
  • kept in a form which permits identification of the data subject for no longer than is necessary to achieve the purposes for which the personal data is processed,
  • processed in a manner that ensures appropriate security and confidentiality of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate measures technical or organizational purposes.

We do not profile personal data and do not transfer it outside the European Economic Area.

For what purposes do we process personal data?
  • to establish cooperation,
  • for recruitment and employment purposes,
  • to conclude and perform a contract,
  • for contract settlement purposes,
  • to respond to any inquiries and/or requests and to conduct further correspondence/contact in this regard,
  • to contact us regarding services provided by GRUPA S.O.S.
  • to defend against potential claims, as well as to pursue possible claims.
What is the basis for the processing of personal data by GRUPA S.O.S.?
  • necessity to perform the concluded contract or take steps prior to its conclusion;
  • fulfilment of legal obligations imposed on the Controller;
  • other legitimate interests of the Controller (e.g., marketing of the Controller’s products and services, defense against potential claims, management of claims)
How long do we process personal data?
  • Personal data collected for the purposes of concluding and performing the contract are processed for the duration of the contract, and then until the expiry of the limitation period for potential claims or for as long as required by law.
  • Personal data collected or obtained for other legitimate purposes are processed until the purpose for which they are processed is achieved or for as long as required by law.
What rights do you have?

On the terms specified Under applicable regulations, you have the right to:

  • access your personal data, including the right to obtain a copy thereof,
  • request their rectification, erasure, or restriction of processing,
  • object to processing,
  • transfer them to another controller (to the extent that their processing is based on the necessity for the performance of the contract or your consent),
  • withdraw consent to processing if the processing of personal data is based on consent,
  • file a complaint with the President of the Personal Data Protection Office.