November 28th | Meetup: AI in finance 🦾 | Register now
Chaos Gears S.A.

Information for our customers and business partners

Acting pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the ‘GDPR’, I hereby inform that:

1) Chaos Gears S.A., Goraszewska 19 street, 02-910 Warsaw, tel. +48 222630101, email: daneosobowe@chaosgears.com is the personal data controller.

2) Personal data may be processed for the purpose of:
a. the conclusion and performance of obligations under the agreement,
b. the fulfilment of obligations arising from the law,
c. the performance of marketing activities,
d. customer satisfaction surveys,
e. ensuring security of property and personnel (including through CCTV),
f. communication with business partners,
g. the establishment, pursuing or defence of claims,
h. the performance of educational activities.

3) The legal basis for the processing of data is:
a. the conclusion and performance of an agreement with the controller (Article 6(1)(b) of the GDPR),
b. the fulfilment of obligations arising from the law (Article 6(1)(c) of the GDPR),
c. the consent in respect of data not necessary for the conclusion and performance of the agreement with the controller, in particular with respect to marketing activities (Article 6(1)(a) of the GDPR),
d. the legitimate interest of the controller with respect to marketing activities, customer satisfaction surveys, ensuring security of property and personnel, establishing, pursuing or defending claims and communication with business partners (Article 6(1)(f) of the GDPR).

4) Recipients of personal data may include:
a. entities to which the controller entrusts services related to the processing of personal data, e.g. business associates, IT, accounting, legal, audit service providers, as well as companies, bodies and institutions to which the controller will send correspondence or enquiries on behalf of the parties,
b. bodies authorised under the law, including courts and other public administration bodies,
c. entities with which the controller cooperates and to which it makes personal data available, while acting for the purposes of the legitimate interests pursued by the controller or by a third party.

5) Personal data will be stored for a period required by law and until the termination of the agreement with the controller and the expiry of the limitation period for claims arising therefrom, and in the case of data processed on the basis of consent – until the withdrawal of that consent; data processed within the monitoring system will be stored for a period of up to 3 months from registration, and in the case of customer satisfaction surveys – until the party raises an objection.

6) Where processing is based on consent, the party has the right to withdraw the consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

7) The party has the right to access its data and the right to data rectification, erasure, restriction of processing, the right to data portability and the right to object – only on the terms and conditions set forth in the GDPR.

8) The party has the right to lodge a complaint with the President of the Personal Data Protection Office if the party considers that the processing of personal data infringes the provisions of the GDPR.

9) The provision of personal data is voluntary, but to the extent that the processing of data is necessary for the conclusion and performance of the agreement with the controller, failure to provide such data will result in the inability to conclude the agreement with the controller.

10) In the event of an intention to transfer data to a third country or an international organisation, this intention will be communicated by a separate communication.

Information for persons designated for contact or cooperation by our business partners

In accordance with Article 14 of the General Data Protection Regulation (hereinafter referred to as the ‘GDPR’), we hereby inform you that:

1) Chaos Gears S.A., Goraszewska 19 street, 02-910 Warsaw, tel. 48 222630101, email: daneosobowe@chaosgears.com is the Controller of your personal data.

2) Your personal data have been obtained by the Controller from its business partner in connection with the performance of the agreement, in particular your identification and contact details.

3) Your personal data will be processed in order to ensure the proper performance of the agreement on the basis of Article 6(1)(f) of the GDPR, i.e. in a situation where it is necessary for the purposes of the legitimate interests pursued by the Controller.

4) Recipients of your personal data may include:
a. entities entitled to receive data under the law;
b. other entities which process personal data under relevant agreements, including IT, accounting, legal and audit companies;
c. companies, bodies and institutions to which the Controller will send correspondence or enquiries on behalf of the parties;
d. entities with which the Controller cooperates and to which it makes personal data available, while acting for the purposes of the legitimate interests pursued by the controller or by a third party.

5) Your personal data will be stored for a period necessary to fulfil the purposes of the processing, i.e. until the claims arising from the agreement referred to in item 3 become time-barred.

4) Recipients of your personal data may include:
a. entities entitled to receive data under the law;
b. other entities which process personal data under relevant agreements, including IT, accounting, legal and audit companies;
c. companies, bodies and institutions to which the Controller will send correspondence or enquiries on behalf of the parties;
d. entities with which the Controller cooperates and to which it makes personal data available, while acting for the purposes of the legitimate interests pursued by the controller or by a third party.

6) In connection with the processing of your personal data, you have the following rights:a. the right to access your data and to obtain a copy thereof in accordance with Article 15 of the GDPR;b. the right to rectify (correct) your data in accordance with Article 16 of the GDPR;c. the right to restrict data processing in accordance with Article 18 of the GDPR;d. the right to object in accordance with Article 21 of the GDPR.

7) If you become aware of unlawful processing of your personal data, you have the right to lodge a complaint with the supervisory authority competent for personal data protection matters, i.e. President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.

8) In the event of a personal appearance at the registered office of the Controller, I kindly inform you that the company’s premises are monitored by CCTV. Monitoring is used to protect property and ensure security, including the security of personnel. Camera recordings from the monitoring system are the source of data. Only entities authorised to obtain personal data under the law will be the recipients of the personal data recorded. Monitoring data will be processed for up to 3 months. More information on CCTV monitoring can be obtained at the company’s front office.

9) In the event of an intention to transfer your data to a third country or an international organisation, you will be informed thereof in a separate communication.

We'd like to keep improving our site - and your anonymous analytical cookies would help with that. Is that OK with you?
Analytics
These items help us understand how our website performs, how visitors interact with the site, and whether there may be technical issues. The information we collect for this purpose is fully anonymous.
Confirm