1. pl
  2. en
  1. pl
  2. en

Privacy Policy

INFORMATION ON DATA PROCESSING

PICTOPLAN Oliwia Chłopek

 

§ 1 Information regarding the processing of personal data contained in electronic correspondence

I [Data Administrator]

  1. Oliwia Chłopek, running a business under the name PICTOPLAN, entered into the Central Register and Information on Economic Activity kept by the minister responsible for the economy, with the Tax Identification Number (NIP): 6322039494, National Business Registry Number (REGON): 540750562, is the administrator of the data of the addressees and senders of electronic messages.
  2. You can contact the data administrator:
  1. at the correspondence address: ul. Filomatów 15B, 43-600 Jaworzno
  2. at the e-mail address: biuro@pictoplan.com.pl
  3. by phone: +48 792 805 800.

II [Purposes and duration of personal data processing]

  1. The Administrator processes contact information about senders and recipients of e-mail correspondence , contained in the content of such correspondence, for the purpose of:
  1. enabling e-mail contact with the administrator and contacting the addressees;
  2. documenting arrangements made with clients, contractors and other persons;
  3. receiving letters, notifications and applications in electronic form, e.g. complaints, claims and other applications;
  4. protection against claims and the pursuit of possible claims.
  1. Correspondence is stored for one year, unless the messages contain content that is important for pursuing or defending against claims, in which case selected messages will be stored for up to 3 years, i.e. until the expiry of the limitation period for claims in accordance with the Civil Code.

III [Legal basis for personal data processing]

The legal basis for processing data contained in e-mail correspondence is:

  1. the legitimate interest of the data controller and the senders of electronic messages (Article 6(1)(f) of the GDPR) – in relation to incidental correspondence, consisting in enabling electronic contact with the controller;
  2. necessity for the performance of a contract concluded with our clients or contractors (Article 6, paragraph 1, letter b of the GDPR) in the scope of correspondence conducted for the purpose of performing the contract;
  3. voluntary consent – if the correspondence sent contains special category data. If the sender has not included consent in their correspondence, we will ask for it to be granted separately, as this is a necessary condition for us to process special category data in accordance with the GDPR. The consent expressed may be withdrawn at any time, without giving a reason, but without affecting the lawfulness of its processing before its withdrawal;
  4. voluntarily expressed consent through a clear affirmative action – if the sender of the message asks for information regarding the administrator’s brand, its products or services, the reply given to the sender will contain the information requested by the sender, and sending the query will constitute consent for the administrator to send commercial information to the sender at the email address provided by the sender to the extent necessary to provide the reply (Article 10 of the Act on the provision of services by electronic means); the expressed consent may be withdrawn at any time without giving any reason, but commercial information sent after the query has been sent and before the consent is withdrawn will be sent in accordance with the law; withdrawal of consent may prevent a full answer to the question asked;
  5. the legitimate interest of the controller in pursuing claims or defending against claims, in accordance with generally applicable legal provisions, in particular the Civil Code (Article 6 paragraph 1 letter f and Article 9 paragraph 2 letter f of the GDPR).

IV [Recipients of personal data]

The Administrator may disclose the content of correspondence solely for the purpose of pursuing its claims in the proceedings and to entities cooperating with the Administrator on the basis of written personal data processing agreements, in order to perform the tasks and services specified in the agreement for the Administrator, in particular in the field of electronic or traditional mail handling, hosting, IT services, debt collection, legal or advisory services, administrative services.

V [Rights of persons whose personal data is processed]

  1. Every data subject has the right to:
  1. access – obtaining confirmation from the controller as to whether his or her personal data is being processed. If data about a person is being processed, he or she is entitled to access it and obtain the following information: about the purposes of processing, categories of personal data, recipients or categories of recipients to whom the data has been or will be disclosed, the period of data storage or the criteria for determining it, the right to request the rectification, deletion or restriction of the processing of personal data of the data subject and to object to such processing (Article 15 of the GDPR);
  2. to receive a copy of the data – to obtain a copy of the data being processed, the first copy being free of charge, and for subsequent copies the controller may impose a reasonable fee resulting from administrative costs (Article 15 paragraph 3 of the GDPR);
  3. to rectify – to request the rectification of personal data concerning him/her that is incorrect or the completion of incomplete data (Article 16 of the GDPR);
  4. to delete data – to request the deletion of his or her personal data if the controller no longer has a legal basis for their processing or the data are no longer necessary for the purposes of processing (Article 17 of the GDPR);
  5. to restrict processing – request to restrict the processing of personal data (Article 18 of the GDPR), when:
  1. the data subject questions the accuracy of the personal data – for a period enabling the controller to verify the accuracy of such data,
  2. the processing is unlawful and the data subject opposes their deletion, requesting the restriction of their use,
  3. the administrator no longer needs the data, but the data subject requires it to establish, pursue or defend legal claims,
  4. the data subject has objected to the processing – until it is determined whether the legitimate grounds on the part of the controller override the grounds for objection of the data subject;
  1. to transfer data – to receive personal data concerning him/her, which he/she has provided to the controller, in a structured, commonly used and machine-readable format and to request the transmission of such data to another controller, if the data are processed on the basis of the consent of the data subject or of a contract concluded with him/her and if the data are processed by automated means (Article 20 of the GDPR);
  2. to object – to object to the processing of their personal data for the legitimate purposes of the controller, for reasons related to their particular situation, including profiling. In such a case, the controller assesses the existence of important legitimate grounds for processing that override the interests, rights and freedoms of the data subjects, or grounds for establishing, pursuing or defending claims. If, according to the assessment, the interests of the data subject are more important than the interests of the controller, the controller will be obliged to cease processing the data for these purposes (Article 21 of the GDPR);
  3. to withdraw consent at any time and without giving any reason, but the processing of personal data carried out before the withdrawal of consent will continue to be lawful. Withdrawal of consent will result in the controller ceasing to process personal data for the purpose for which the consent was given.
  4. to lodge a complaint - the data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office with its registered office in Warsaw, ul. Stawki 2.
  1. In order to exercise the aforementioned rights, the data subject should contact the controller using the contact details provided and inform him/her which right he/she wishes to exercise and to what extent.

§ 2 Information on the processing of personal data for customers and contractors

I [Data Administrator]

  1. Oliwia Chłopek, running a business under the name PICTOPLAN, entered into the Central Register and Information on Economic Activity kept by the minister responsible for the economy, with the Tax Identification Number (NIP): 6322039494, National Business Registry Number (REGON): 540750562 is the administrator of personal data of contractors and customers.
  2. You can contact the data administrator:
  1. at the correspondence address: ul. Filomatów 15B, 43-600 Jaworzno
  2. at the e-mail address: biuro@pictoplan.com.pl
  3. by phone: +48 792 805 800.

II [Purposes, legal basis and data processing period]

The personal data of contractors will be processed by the administrator for the following purposes:

  1. performance of the contract – to the extent necessary to perform the contract (Article 6, paragraph 1, letter b of the GDPR) – for the period of cooperation;
  2. making settlements of the performance of the contract between the parties, including making payments – to the extent necessary to perform the contract (Article 6, paragraph 1, letter b of the GDPR) – for the period of cooperation;
  3. fulfilling obligations related to the enforcement of claims – in order to fulfill obligations related to the enforcement of receivables resulting from the Code of Civil Procedure, the Act on Enforcement Procedure in Administration, the Act on Court Bailiffs (Article 6, paragraph 1, letter c of the GDPR) – for 3 years from the last deduction;
  4. fulfilment of accounting obligations – in order to fulfil the obligations arising from the Accounting Act (Article 6, paragraph 1, letter c of the GDPR) – for 5 years from the end of the year in which the event occurred;
  5. fulfillment of tax obligations – in order to fulfill obligations resulting from tax regulations, in particular the Tax Ordinance, the Corporate Income Tax Act, the Goods and Services Tax Act (Article 6, paragraph 1, letter c of the GDPR) – for 5 years from the end of the tax year;
  6. pursuing claims or defending against claims – in order to fulfil the legitimate interest of the controller consisting in pursuing its property or non-property rights or protecting against claims against the controller, in accordance with general provisions, in particular the Civil Code (Article 6, paragraph 1, letter f of the GDPR) – for 3 years from the end of cooperation.

III [Data recipients]

  1. The Administrator provides personal data of contractors and customers in the following cases:
  1. when such an obligation results from the provisions of applicable law, including to the National Revenue Administration, court bailiffs, other state authorities;
  2. postal operators, courier companies.
  1. In addition, personal data of contractors and customers may be disclosed to entities processing on behalf of and at the request of the controller, on the basis of a concluded personal data processing agreement, in order to provide services specified in the agreement, e.g.:
  1. ICT services such as hosting, provision or maintenance of IT systems;
  2. accounting services;
  3. traditional mail handling, reception;
  4. legal and advisory services.

IV [Rights of persons whose personal data is processed]

  1. Every data subject has the right to:
  1. access – obtaining confirmation from the controller as to whether his or her personal data is being processed. If data about a person is being processed, he or she is entitled to access it and obtain the following information: about the purposes of processing, categories of personal data, information about the recipients or categories of recipients to whom the data has been or will be disclosed, the period of data storage or the criteria for determining it, the right to request the rectification, deletion or restriction of the processing of personal data of the data subject and to object to such processing (Article 15 of the GDPR);
  2. to receive a copy of the data – to obtain a copy of the data being processed, the first copy being free of charge, and for subsequent copies the controller may impose a reasonable fee resulting from administrative costs (Article 15 paragraph 3 of the GDPR);
  3. to rectify – to request the rectification of personal data concerning him/her that is incorrect or the completion of incomplete data (Article 16 of the GDPR);
  4. to delete data – to request the deletion of his or her personal data if the controller no longer has a legal basis for their processing or the data are no longer necessary for the purposes of processing (Article 17 of the GDPR);
  5. to restrict processing – request to restrict the processing of personal data (Article 18 of the GDPR), when:

i. the data subject questions the accuracy of the personal data – for a period enabling the controller to verify the accuracy of such data,

ii. the processing is unlawful and the data subject opposes their deletion, requesting the restriction of their use,

iii. the controller no longer needs the data, but the data subject requires it to establish, pursue or defend legal claims,

iv. the data subject has objected to the processing – until it is determined whether the legitimate grounds on the part of the controller override the grounds for objection of the data subject;

  1. to transfer data – to receive personal data concerning him/her, which he/she has provided to the controller, in a structured, commonly used and machine-readable format and to request the transmission of such data to another controller, if the data are processed on the basis of the consent of the data subject or of a contract concluded with him/her and if the data are processed by automated means (Article 20 of the GDPR);
  2. to object – to object to the processing of their personal data for the legitimate purposes of the controller, for reasons related to their particular situation, including profiling. In such a case, the controller assesses the existence of important legitimate grounds for processing that override the interests, rights and freedoms of the data subjects, or grounds for establishing, pursuing or defending claims. If, according to the assessment, the interests of the data subject are more important than the interests of the controller, the controller will be obliged to cease processing the data for these purposes (Article 21 of the GDPR).
  3. to lodge a complaint - the data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office with its registered office in Warsaw, ul. Stawki 2.

2. In order to exercise the aforementioned rights, the data subject should contact the controller using the contact details provided and inform him/her which right he/she wishes to exercise and to what extent.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ( OJ EU L 2016 No. 119, p. 1, as amended).

 

Last update: 02/03/2025

 

 

Cookie Policy

COOKIE POLICY

PICTOPLAN

 

§ 1 Cookies

  1. The pictoplan.com.pl website uses cookies . These are small text files sent by the www server and stored by the browser software. When the browser reconnects to the site, the site recognizes the type of device the user is connecting from. The parameters allow only the server that created them to read the information contained in them. Cookies therefore facilitate the use of previously visited sites.

The information collected includes IP address, browser type, language, operating system type, Internet service provider, time and date information, location and information sent to the website via the contact form.

  1. The collected data is used to monitor and verify how users use our websites, to improve the functioning of the service, providing more effective and problem-free navigation. We monitor information about users using the Google Analytics tool , which records user behavior on the site.

Cookies identify the user, which allows the content of the website they are using to be tailored to their needs. By remembering their preferences, it enables the appropriate matching of advertisements directed to them. We use cookies to guarantee the highest standard of convenience of our service, and the collected data is used only within NEWPEST Sp. z o. o. to optimize activities.

  1. cookies on our website :
  1. “essential” cookies , enabling the use of services available on the website, e.g. authentication cookies used for services that require authentication on the website;
  2. cookies used to ensure security, e.g. used to detect abuse of authentication within the website;
  3. “performance” cookies , enabling the collection of information on how the website pages are used;
  4. "functional" cookies , which enable "remembering" the settings selected by the user and personalising the user interface, e.g. in terms of the selected language or region the user comes from, font size, appearance of the website, etc.;
  5. “advertising” cookies , enabling the provision of advertising content to users that is more tailored to their interests.
  1. The user can disable or restore the option of collecting cookies at any time by changing the settings in the web browser. Cookie management instructions are available at http://www.allaboutcookies.org/manage-cookies

 

Last update:

02/03/2025

 

 

Privacy Policy

Copyright: © Oliwia Chłopek 2025

tel. +48 792 805 800 

email: biuro@pictoplan.com.pl 

Oliwia Chłopek