Privacy Policy

Personal data protection (RODO)

The principles of personal data processing that guide us when we process personal data. These are:

  • the principle of legality, reliability and transparency: we process personal data in a manner that complies with the law. the principle of data minimization and adequacy: we process only those data (adequate, relevant) that are actually needed
  • data accuracy principle: we take the utmost care to ensure that the data we process is truthful, up-to-date and accurate.
  • the principle of purpose limitation and retention of processed data: we collect personal data only for a specific, explicit and legitimate purpose that we could not achieve otherwise.
  • The principle of data integrity and confidentiality: we provide such IT and organizational solutions that make the personal data we process secure.
  • Accountability principle: we are able to demonstrate (as required by law) that we are acting in accordance with the law with respect to personal data

Most often we process general data such as:

  • name;
  • mailing address, residence and registered address,
  • e-mail, home/mobile phone;
  • customer number (customer ID);
  • tax identification number (NIP); REGON number;
  • other data needed so that we can offer products and services.

We may process personal data when:

  • the data subject has given his or her consent; we process data on this basis when we are marketing products or services
  • we do so in order to perform services and deliver products to the data subject, fulfill complaints, etc.
  • we are fulfilling a legal obligation in this way; on this basis, we process data to prevent abuse

Where do we get the data from?

We process personal data on the basis of forms available on our websites and which have been submitted to us by email. We also process publicly available data.

Do we profile data?

Your personal data will not be processed by automated means, including profiling.

How do we inform you about data processing?

If we collect data directly from the data subject, we provide such information immediately. When the data comes from another source, we provide it to the data subject:

  • within a reasonable period of time, but no later than one month from the acquisition of the data;
  • At the latest at the first communication with the data subject (if we are using the data precisely in communication with the data subject);

unless providing the information proves impossible or would require a disproportionate effort.
We inform you about the processing electronically, including in the information on our website.

What are the rights of those whose data we process?

  • Right of access to data
  • Right to rectify data
  • Right to erasure of data (right to be forgotten)
  • The right to restrict the processing of personal data
  • Right to data portability
  • Right to object to processing

Who is the data controller at OpenIT?

Leszek Kazmierczak, [email protected]

How can you complain about the protection of your personal information?

The customer may file a complaint with the data protection supervisory authority in the manner indicated on the supervisory authority's website at https://www.giodo.gov.pl.

How long do we process data?

We process data for as long as necessary to achieve the purpose of processing. We indicate the specific period in the documentation we provide to data subjects. We apply the principle of storage limitation of personal data, which protects the data from processing for an unlimited period. When we achieve the purpose of processing, we delete or anonymize the data.