We care about the security of your personal data

Privacy

Policy 

PRIVACY AND COOKIES POLICY

This Policy sets out the rules of processing and protection of personal data of the users of www.icsec.pl, persons contacting us through it, and the users of official accounts on social networking sites.

DATA CONTROLLER

The personal data controller is ICsec S.A. with its registered office in Poznań (60-449) at ul. Wichrowa 1A, National Court Register Number (KRS): 0000761914, Tax Identification Number (NIP): 781-198-60-10, Statistical Identification Number (Regon): 382035399, www.icsec.pl (hereinafter: “the Company”).

In connection with its business activity, the Company collects and processes personal data in accordance with relevant regulations, including in particular the General Data Protection Regulation (GDPR), and the rules of data processing prescribed therein, in particular the Company:

  • assures the transparency of data processing;
  • always informs on data processing when the data are collected, in particular on the purpose and legal basis of the processing of personal data, unless the Company is not required to do so under separate provisions;
  • makes sure that data are collected only in the scope necessary for the specified purpose, and processed only for the period necessary.

In case of any doubts regarding the processing of personal data, please contact our Data Protection Officer directly at rodo@icsec.pl.

SECURITY OF PERSONAL DATA

To assure data integrity and confidentiality, the Company has implemented procedures which ensure that personal data may only be accessed by persons authorized and only on a need-to-know basis. The Company applies organizational and technical solutions to ensure that all operations on personal data are recorded and performed only by persons authorized.

The Company takes all steps necessary to ensure that also its subcontractors and other partners guarantee the application of appropriate security measures in each case where personal data are processed.

The Company conducts an ongoing risk analysis and monitors whether the applied data protection measures are adequate for the risks identified. Where necessary, the Company implements additional measures to increase data security.

When processing data, the Company ensures their security and confidentiality, and provides data subjects with access to information. In the event of any personal data breach (such as a “leakage” or loss of data) occurring despite the applied security measures, and such a breach could cause a high risk of infringement of the rights or freedoms of data subjects, the Company will notify the data subjects of such event as required by appropriate regulations.

PURPOSES AND LEGAL GROUNDS OF PROCESSING

COOKIES

The information on the activities of a person visiting www.icsec.pl (such as the type of web browser used or operating system used, IP address of the computer) is stored automatically on the person’s device.

Cookies are processed to:

  • ensure proper operation and security of the website (Article 6(1)(f) of the GDPR), until the user deletes them from their web browser;
  • adapt the displaying of the website to the device and preferences (Article 6(1)(f) of the GDPR), until the web browser user ends their session;
  • carry out anonymized analysis, statistics and audits of browsing the website (Article 6(1)(f) of the GDPR), for up to 50 months or until the data for statistical purposes are blocked or erased.

The collected cookies are not used for marketing purposes, including to determine individual preferences based on actions taken on the website.

The rules of collecting, accessing and time of storing cookies must be determined in the settings of the web browser installed on the device used for connecting with the website.

Data management for statistical purposes (Google Analytics) is possible with a browser plug-in:https://tools.google.com/dlpage/gaoptout or by using the private browsing option offered by the web browser.

We do not control websites of third parties or their activities.

NEWSLETTER

The provision of your personal data is voluntary but necessary to offer you the subscription of our newsletter.

Personal data are processed for sending the ordered newsletter (Article 6(1)(a) and (f) of the GDPR), until your consent is withdrawn.

CONTACT FORM

The provision of personal data is voluntary but necessary for us to contact you and answer your inquiry.

Personal data are processed for

  • identifying the sender and handling their inquiry or request (Article 6(1)(b) of the GDPR), until the inquiry or request is resolved;
  • other communications related to our business activity (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

E-MAIL AND POSTAL CORRESPONDENCE

Personal data contained in incoming correspondence are processed for:

  • communications and resolving the matter referred to in the correspondence (Article 6(1)(b) of the GDPR), until completion of the case concerned;
  • other communications related to our business activity (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

COMMUNICATION BY PHONE

The provision of personal data is voluntary but may be necessary to give a response in the matter raised in the call.

Personal data provided during a phone call are processed for:

  • communications and resolving the matter referred to in the call (Article 6(1)(b) of the GDPR), until completion of the case concerned;
  • other communications related to our business activity (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

MARKETING COMMUNICATIONS (E-MAIL, PHONE)

In connection with its business activity, the Company, its employees and associates collect personal data of persons interested in business liaison and receiving marketing communications.

Personal data are processed for marketing and commercial communications related to our business activity (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

SOCIAL MEDIA

The Company maintains official public profiles on social networking sites, and processes data of their visitors (such as comments, likes or online identifiers).

Personal data of such persons are processed for communications related to our business activity (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

Note: The above information does not apply to the processing of personal data by administrators of social network services.

CONTACT REGARDING RECRUITMENT

The provision of personal data is voluntary but necessary to initiate the recruitment process.

Personal data included in application files are processed to:

  • perform obligations related to the recruitment process, arising from the provisions of law, including in particular the Labor Code (Article 6(1)(c) of the GDPR), for a period of 6 months after the recruitment was completed;
  • take steps prior to entering into a civil-law contract at the request of the data subject (Article 6(1)(b) of the GDPR), for the term of the contract;
  • verify the candidate’s qualifications and skills (Article 6(1)(f) of the GDPR), for a period that allows for pursuing the legitimate interest or filing an effective objection against the data processing.

Note: The Company expects the provision of personal data only in the scope set forth in the provisions of labor law (Article 221 of the Labor Code). In the event of sending an application that includes any additional data which go beyond that scope, they will be processed upon the candidate’s consent expressed by an explicit authorizing action, which is the submission of application files by the candidate (Article 6(1)(a) of the GDPR).

Where a sent application includes any information irrelevant for recruitment purposes, it will not be used or considered in the recruitment process.

Insofar as personal data are processed based on an expressed consent, the consent may be withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal.

SPECIAL PERIOD OF PROCESSING OF PERSONAL DATA

The period of data processing may be extended if the processing is necessary for the establishment, exercise or defense of or against legal claims, and after that period, only if and to the extent it is required by legal provisions.

DATA RECIPIENTS

As the Company carries on business that requires the processing of personal data, the personal data may be disclosed to the Company employees, capital group companies and third parties, including in particular to service and IT system providers, suppliers of accounting and human resource services, postal operators, and marketing and recruitment agencies.

In addition, data may be made available to competent public authorities or third parties, which demand it based on appropriate legal grounds and in accordance with applicable provisions of law.

 

DATA TRANSFER OUTSIDE THE EUROPEAN ECONOMIC AREA

The Company does not intend to transfer personal data outside the European Economic Area or to international organizations.

SPECIAL PROCESSING OPERATIONS

Personal data will not be processed for the purpose of automated decision-making, in particular they will not be subject to profiling.

RIGHTS OF DATA SUBJECTS

Any person whose data are processed has the right to:

  • information on personal data processing;
  • receive a copy of data;
  • rectification of data;
  • erasure of data;
  • restriction of processing;
  • data portability;
  • object to processing of data for marketing purposes;
  • withdraw consent (which does not affect the lawfulness of processing based on consent before its withdrawal).

A request for exercising the said rights may be submitted:

  • in writing to the following address: ICsec S.A., Wichrowa 1A, 60-449 Poznań;
  • by e-mail to the following address: rodo@icsec.pl.

The reply is sent in electronic form, unless the applicant has requested a reply in writing.

If in your opinion the processing of personal data infringes the GDPR or any other provisions on personal data protection, you may use the right to lodge a complaint with the President of the Personal Data Protection Office.

However, before you do that, we encourage you to contact our Data Protection Officer at rodo@icsec.pl.

The Management Board of ICsec Spółka Akcyjna

Make sure your network is secure! Contact us!

Newsletter

Subscribe to our newsletter and stay up to date with us

.