Privacy policy

In accordance with Article 13(1-2) and Article 14(1-2) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, commonly referred to as the GDPR, BIS-PAK Spółka z o.o., hereinafter referred to as the Company, commits to respecting your right to privacy on the Internet and making every effort to properly secure all provided data (“Personal Data”). We undertake to take appropriate actions to protect against unauthorized access or disclosure to third parties. We would like to inform you that the operator of the Internet service’s databases are secured against access by third parties.

At the same time, we would like to emphasize that you can browse our website without providing your personal information.

We would also like to inform you that:

  1. The controller of your personal data is BIS-PAK Spółka z o.o. with its registered office at 97 Szczecińska Street, 78-300 Świdwin, represented by the company’s CEO. You can contact the Data Controller regarding GDPR matters through postal correspondence at the above-mentioned registered office address.
  2. Your personal data will be processed in the following cases:
    • for the conclusion and performance of contract(s) – until the termination or expiration of the respective contract, with the caveat that sometimes these data may be processed even after the expiration of the contract, but only if allowed or required by applicable law, such as processing for statistical or accounting purposes,
    • for the provision of electronic services and sending commercial information – until consent is withdrawn,
    • for direct marketing of products or services, including establishing contact and presenting offers – until consent is withdrawn,
    • to fulfill our legal obligations under European Union law or Polish law – until the expiration of data retention obligations arising from legal regulations,
    • to ensure the security of electronic services we provide, handling your requests submitted, for example, through the contact form when they are not directly related to contract performance, debt collection, conducting legal, administrative, and mediation proceedings, data storage for archival purposes, and ensuring accountability – until the expiration of claims related to the contract(s) or claims related to the processing of personal data or until objection is raised.
  3. Your personal data is processed on the basis of:
    • Article 6(1)(b) of the GDPR (taking pre-contractual steps at the request of the data subject or the performance of a contract to which the data subject is a party). It is worth noting that, for employment-related purposes, it is necessary and legitimate for the Controller to process special categories of data as required, particularly by labor law.
    • Article 6(1)(c) of the GDPR (compliance with a legal obligation to which the Controller is subject). This is done solely for the purpose of carrying out the Company’s tasks as defined by legal regulations, particularly the obligations related to the Company’s business profile, as well as the issuance of invoices and accounting and tax documents.
  4. Your personal data will be disclosed to entities involved in debt collection activities on behalf of the Company, entities handling accounting and administrative services, legal and occupational health and safety services, and the IT support for the Company. Additionally, your personal data may only be disclosed to entities authorized to obtain them in accordance with the legal regulations governing their activities. Examples of such entities include, but are not limited to, General Courts, the Prosecutor’s Office, the Police, etc. The disclosure of personal data in such cases occurs upon a written request. 
  5. Your personal data will be processed and stored by the Controller for the duration of the contract’s validity, and after its expiration, for the period necessary to secure or enforce any claims that the Company may have, as well as to fulfill the legal obligation of the Controller (e.g., arising from tax or accounting regulations). 
  6. According to the legal status as of May 25, 2018, which marks the commencement of the application of the General Data Protection Regulation (GDPR), you have the right to:
    • Access your personal data.
    • Rectify your personal data.
    • Lodge a complaint regarding improper personal data processing with the supervisory authority.
    • Request the erasure, restriction, or object to the processing of your personal data.
    • Data portability and obtaining a copy of your personal data.
  7. The Company’s operations as a manufacturing business are based on legal regulations. Providing your consent for the processing of personal data is voluntary; however, refusing to provide data may result in the Company’s refusal to enter into a contract or provide other services.
  8. Your personal data is not subject to automated decision-making, including profiling.