Privacy Policy

Table of Contents

  1. Who is the Controller of my personal data?
  2. How can I obtain information regarding the processing of my personal data?
  3. How were my data obtained?
  4. What data of mine are collected?
  5. For what purpose are my data collected?
  6. How long will my personal data be processed?
  7. Is providing my personal data necessary to use eSign.tech services?
  8. Will anyone other than the Controller have access to my personal data?
  9. What rights do I have?
  10. How long can it take to enforce my rights?
    Table 1 Summary of processing information
  11. How are cookies managed?
  12. What if I have doubts or questions regarding the privacy policy?
  13. Who is the Controller of my personal data?
    … The Controller of your personal data is ZACHODNIA SPÓŁKA PRODUKCYJNO HANDLOWO USŁUGOWA Spółka z o.o. with its registered office in Zielona Góra (65-066), at Żeromskiego 19/1 Street, entered in the National Court Register under number KRS 0001163322, NIP 9292088583, REGON 541241093 (hereinafter referred to as the Controller).

Contact details of the Personal Data Controller:

INSPARO POLSKA Spółka z o.o. with its registered office in Wrocław (53-633), at Kazimierza Michalczyka 5 Street, entered in the National Court Register under number KRS 0001146077, NIP 8971947060, REGON 540486964

email: info-pl@insparo.ch

phone: +48 797 423 233

  1. How can I obtain information regarding the processing of my personal data?

For matters related to the processing of your personal data, you can contact the person designated by the Controller as the Data Protection Officer (DPO):

  1. How were my data obtained?

Your personal data are collected at the stage of preparing an offer for you and at the stage of signing the contract. If personal data were obtained based on your consent – your personal data were collected after you gave consent.

  1. What data of mine are collected?

The personal data we obtain from you include:

  • first name,
  • last name,
  • residential address,
  • email address,
  • mobile phone number;
  1. For what purpose are my data collected?

Your personal data are collected and processed for the purpose of preparing an offer or developing and providing a response to an inquiry, as well as for the performance of the contract – based on Article 6(1)(b) GDPR.
… To systematize the information about the nature of the collected and processed data, this information is presented in Table 1 below.

  1. How long will my personal data be processed?

Your personal data will be processed for the period necessary to achieve the purpose for which they were collected. Your data will be processed for the following periods:

a) data collected for the purpose of providing services – data will be stored for the time necessary to perform the service (for the duration of the contract) and after the contract expires, but no longer than until the limitation period for claims arising from the contract.
… b) data collected for the purpose of preparing an offer for you – will be processed for the duration of the contract and after its expiration, but no longer than until the limitation period for claims arising from the contract. If the contract is not concluded, your data will be processed no longer than the validity period of the offer, as specified in the offer;

c) personal data processed based on consent will be processed until the consent is withdrawn by the data subject.

For better systematization, Table 1 below specifies situations and corresponding periods for which personal data will be stored and/or processed.

  1. Is providing my personal data necessary to use the services?
    … Providing your personal data is a condition for preparing an offer or responding to inquiries or concluding a contract. Failure to provide your personal data will make it impossible for us to process your inquiry or contract or to prepare an offer. Also, without providing the necessary personal data, it will not be possible to provide services to you.
  2. Will anyone other than the Controller have access to my personal data?

The Personal Data Controller safeguards the security of your personal data, ensuring their confidentiality and an appropriate level of data storage security. Only authorized employees appointed to work on services will have access to your personal data on the Controller’s side. All of them are obliged to sign a confidentiality agreement before starting their duties.
… Your personal data will not be disclosed to other entities without your explicit consent, except when necessary for proper service delivery or when a competent state authority requests access. Such authorities may include prosecutors, police, President of the Personal Data Protection Office, President of the Office of Competition and Consumer Protection, or President of the Office of Electronic Communications. Recipients of your personal data may also include entities that process personal data on behalf of INSPARO POLSKA Spółka z o.o. based on appropriate agreements signed with the Controller.

Your personal data will not be transferred to entities outside the European Union.

  1. What rights do I have?
    … Regarding the processing of your personal data, you may exercise your rights by contacting the Controller or directly the appointed Data Protection Officer. Your rights arise from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter GDPR).

Right to withdraw consent.
You have the right to withdraw your previously given consent to the processing of personal data.

Withdrawal of consent takes effect from the moment of withdrawal and does not affect the lawfulness of processing carried out by the Controller based on consent before its withdrawal.

Right to object to data use… You have the right to object at any time to the use of your personal data if we process your data based on our legitimate interest, e.g., in connection with handling complaints, requests, reporting errors, and responding to your questions.

If your objection is justified and we have no other legal basis for processing your personal data, we will delete your data subject to the objection (legal basis: Article 21 GDPR).

Right to erasure (“right to be forgotten”).
You have the right to request deletion of your personal data.
… Despite such a request, the Controller has the right to retain certain personal data necessary for establishing, pursuing, or defending claims. This concerns, in particular, personal data such as first name, last name, PESEL number, residential address. These data may be retained due to the necessity of handling complaints and potential claims related to the use of services (legal basis: Article 17 GDPR).

Right to restriction of processing.
You have the right to request restriction of data processing. Upon such a request, until it is resolved, we will disable use of certain functionalities or services involving processing of the data subject to the request.

You have the right to request restriction of your personal data processing in the following cases:
… when you contest the accuracy of your personal data – we will restrict their use while verifying accuracy;
when processing is unlawful but you oppose deletion and request restriction instead;
when your data are no longer necessary for processing purposes but are needed by you to establish, pursue, or defend claims;
when you objected to processing – restriction applies while we verify whether the Controller’s legitimate grounds override your objection (legal basis: Article 18 GDPR).

Right of access to data.
You have the right to obtain confirmation whether we process your personal data. If so, you have the right to:

  • access your personal data,
  • obtain information about processing purposes, categories of personal data processed, recipients or categories of recipients, planned storage period or criteria for determining it, your rights under GDPR, and the right to lodge a complaint with a supervisory authority,
  • if data were not collected from you, information about their source,
  • obtain information about automated decision-making, including profiling,
  • obtain a copy of your personal data (legal basis: Article 15 GDPR).

Right to rectification.
You have the right to request correction of your personal data if inaccurate or completion if incomplete (legal basis: Article 16 GDPR).

Right to data portability… You have the right to receive your personal data provided to us and transmit them to another data controller, e.g., another operator of similar services. You also have the right to request direct transmission to another controller if technically feasible (legal basis: Article 20 GDPR).

  1. How long can it take to enforce my rights?

We consider your requests promptly and provide an appropriate response no later than within one month of receipt. However, due to the complexity of the case or the number of requests received, this period may be extended, and you will be informed of the new deadline for handling your request.

Table 1 Summary of processing information…

No. AT WHAT STAGE WILL DATA BE PROCESSED? FROM WHAT SOURCE WILL DATA BE OBTAINED? FOR WHAT PURPOSE WILL DATA BE PROCESSED? WHAT DATA WILL BE PROCESSED? HOW LONG WILL DATA BE PROCESSED / STORED?
1 Customer inquiry regarding offer preparation. Inquiry by phone or email. Preparation of the offer, analysis of the customer’s purchasing needs. First name, last name, phone number, email address. Until the customer makes a decision, but no longer than the validity period of the offer.
2 Contact with the customer to prepare the offer. By phone, email, direct contact with a sales representative. Preparation of the offer, analysis of the customer’s purchasing needs. First name, last name, phone number, email address, customer number (if assigned).
3 Preparation, conclusion, and archiving of the contract. By phone, email, direct contact with a sales representative. Enabling activities necessary for the preparation, conclusion, and archiving of the service contract. First name, last name, phone number, email address, date of birth, place of birth, citizenship, country of residence registration, PESEL, NIP (not required for application completion), father’s name, mother’s name, registered address, identity document data (type, number, and series). Processing: before signing the contract, throughout its duration.
Storage: up to 10 years after its termination.
  1. Regarding the privacy policy?

If you have questions or any doubts, please contact the Personal Data Controller or directly the Data Protection Officer by phone at +48 797 423 233 or by email at info-pl@insparo.ch.

Attachments:
… attachment no. 1 – TEMPLATE FOR REQUEST TO RECTIFY, COMPLETE, DELETE, RESTRICT PROCESSING, DATA PORTABILITY, DATA DISCLOSURE,
attachment no. 2 – TEMPLATE FOR OBJECTION TO PERSONAL DATA PROCESSING.

Attachment no. 1

TEMPLATE FOR REQUEST TO RECTIFY, COMPLETE, DELETE, RESTRICT PROCESSING, DATA PORTABILITY, DATA DISCLOSURE

I hereby request:

“rectification of my personal data by …………………….. the inaccuracy consists of …………………..”

or

“completion of my personal data by ……………………….”

or

“deletion of my personal data in whole/in part ………..”

or

“restriction of processing of my personal data in the scope of ……………….. due to ……………”

or

“transfer to me of personal data in a machine-readable format in the scope of ……………”

or

“providing information about my personal data processed by the Company, i.e., providing information about: …………………………..”

or
… “disclosure of my personal data in the form of ……………..”

………………………………………………………………..

/signature of the person making the request/

Attachment no. 2

TEMPLATE FOR OBJECTION TO PERSONAL DATA PROCESSING

Objection to the processing of personal data

“I hereby object to the processing of my personal data for the purposes of direct marketing, including profiling – if the Company carries out such profiling, to the extent that processing is related to such direct marketing.”

TEMPLATE FOR WITHDRAWAL OF CONSENT TO PERSONAL DATA PROCESSING

“I, ……………. hereby withdraw the consent given to the Company …………….. for processing my personal data in whole/in part …………………”

……………………………………………………………………..

/signature of the authorized person/