Main page  »  Privacy policy

PRIVACY POLICY

  1. Data Controller

We hereby inform you that the Controller of your personal data is Piotr Gajlewicz, conducting business under the name Piotr Gajlewicz – Kancelaria Radcy Prawnego (Legal Advisor’s Office), ul. Piotra Skargi 15, 71-422 Szczecin, e-mail address: office@pgplegal.eu (contact details) [hereinafter: the “Controller”].

  • Purposes of Processing Personal Data and Legal Basis for Processing

Your personal data may be processed:

  1. for the purpose of performing contracts concluded with you or taking steps (at your request) prior to entering into such contracts, on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ EU L 2016, No. 119, p. 1) (“the GDPR”) (“processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract”);
  • for the purpose of performing contracts concluded with an entity for which you act as a representative in contacts with the Controller, or of which you are an employee, contractor, or further subcontractor, on the basis of Article 6(1)(f) GDPR (“processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data — in particular where the data subject is a child”);
  • for the purpose of communication and conducting promotional and marketing activities by the Controller, including: providing information about the Controller and its activities, sending information and invitations regarding events organised or co-organised by the Controller, and sending greeting cards, on the basis of Article 6(1)(f) GDPR (“processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data — in particular where the data subject is a child”).
  • Legitimate Interest

The legitimate interest pursued by the Controller in processing your personal data is:

a. with regard to the case referred to in point 2(b) above – enabling communication with the Controller’s business partner/contracting party and performing the contract concluded with that entity;

b. with regard to the case referred to in point 2(c) above – communication as well as the Controller’s marketing and promotional activities.

  • Recipients of Personal Data / Categories of Recipients

Your personal data will be disclosed to entities authorised under applicable legislation, as well as to entities authorised under agreements concluded by the Controller, to the extent necessary for the performance of the referenced obligations/contracts, as well as to you.

  • Transfer of Personal Data to a Third Country or to an International Organisation

The Controller will not transfer your personal data to a third country or to an international organisation.

  • Data Retention Period / Criteria for Determining the Period

Your personal data will be stored for the duration of the cooperation between you and the Controller or the entity you represent, and after its termination for the period of limitation of claims arising from such cooperation, or for the period necessary for the Controller to fulfil its obligations under generally applicable laws.

Your personal data processed on the basis of consent will be stored for the duration of such consent, i.e. until it is withdrawn, and thereafter for the period necessary for the Controller to fulfil its obligations under generally applicable laws.

7. Rights

The detailed scope of your rights as a data subject is set out in Chapter III of the GDPR, entitled “Rights of the Data Subject.”

You have the right at any time to:

a) request access to the personal data concerning you,

b) request rectification of the personal data concerning you,

c) request erasure of the personal data concerning you, except in cases where processing is necessary:

i) for compliance with a legal obligation requiring processing under Union or Member State law to which the Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller,

ii) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes,

iii) for the establishment, exercise or defence of legal claims,

d) request restriction of processing of the personal data concerning you,

e) object to the processing of the personal data concerning you based on the legal grounds indicated in point 2(b) and 2(c) above,

f) request the transfer of the personal data concerning you, on the basis indicated in point 2(a) above, provided that the processing is carried out by automated means,

g) lodge a complaint with a Supervisory Authority (in Poland this is the President of the Personal Data Protection Office, formerly the Inspector General for the Protection of Personal Data),

h) where processing is based on consent – withdraw your consent at any time, without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.

8. Information on the Requirement/Conditions for Providing Personal Data and the Source of the Data

With regard to the case referred to in point 2(a) above, providing personal data is not a statutory requirement, but it constitutes a condition for entering into or performing a contract. Failure to provide the data will result in the refusal to conclude or perform a contract with you.

With regard to the case referred to in point 2(b) above, providing personal data is not a statutory requirement, but failure to provide it may make it impossible to perform a contract with the entity you represent in contacts with the Controller.

If, in the case referred to in point 2(b), the personal data was not provided directly by you, the source of the data is the entity you represent in contacts with the Controller or publicly accessible sources from which the Controller obtained the data. In such cases, the Controller processes your contact details, including: first name, last name, telephone number, e-mail address, the organisation you represent, and your role/function within that organisation (i.e., the relevant categories of personal data).

With regard to the case referred to in point 2(c) above, providing personal data is not a statutory requirement and does not constitute a condition for concluding a contract. You are not obliged to provide such data; however, failure to do so will make it impossible for the Controller to contact you.

9.  Automated Decision-Making

Your personal data may be processed in an automated or partially automated manner.

However, your personal data will not be used for decision-making based solely on automated processing, including profiling, which would produce legal effects concerning you or similarly significantly affect you.

10. Use of Cookies

The Controller, being the operator of the website www.pgplegal.eu (hereinafter: the “Website”), does not automatically collect any personal data of users, except for information stored in cookies.
Cookies are small text files containing IT data, sent by a server and stored on the user’s end device (e.g., computer, tablet, or smartphone). They enable proper use of the Website and support its essential functions.

These files are used in particular to ensure the correct functioning and configuration of the Website, to enhance security, to monitor session activity, as well as to conduct statistical analyses, research, and viewership audits. They typically contain, among other things, the name of the website from which they originate, the duration of their storage on the device, and a unique identifier.

Two types of cookies are used on the Website:
· session cookies – stored temporarily in the device’s memory until the user logs out, closes the browser, or leaves the Website;
· persistent cookies – stored on the user’s device for the time specified in their parameters or until manually deleted.

11. Rules for Using Cookies

The default settings of most web browsers allow cookies to be stored on a user’s device. However, it is possible to change these settings — for example, to block the automatic handling of cookies or to enable notifications each time cookies are saved. Detailed information on cookie management is available in the settings of the browser you use.

Please note that restricting the use of cookies may affect the proper functioning of certain features of the Website.

12. Amendments to the Policy

The Controller reserves the right to amend and update this Policy/statement.