- The controller of personal data collected, in particular, through a website operating at https://pgebaltica.pl (hereinafter referred to as: Site), i.e. the entity deciding on how your personal data will be used, is PGE Baltica Sp. z o.o. with its registered office at ul. Mokotowska 49, 00-542 Warsaw (hereinafter referred to as: the Controller). You may contact the Controller by phone: 22 340 50 60 and by e-mail address: email@example.com. The controller shall be responsible for the security of the personal data provided
and for the processing thereof in accordance with the provisions of law.
- The Controller has appointed the Data Protection Officer (hereinafter referred to as: DPO) who can be contacted in matters related to the processing of personal data and the exercise of rights of users in accordance with the provisions of law on personal data protection:
- Your data shall be processed pursuant to the provisions of Regulation (EU) 2016/679
of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as: the GDPR), and other generally applicable provisions of law on personal data protection.
- While visiting the Site, the following shall be collected:
II. DATA COLLECTED – BASIC INFORMATION
- The following information shall apply to all uses by the Controller of the personal data provided by you, as specified in sections III and IV.
- Your data shall not be used to decision-making based solely on automated processing of personal data, including profiling within the meaning of Article 22 of the GDPR.
- Subject to all data security guarantees, personal data processed through the Website may be transferred - in addition to persons authorized by the Controller - to other entities, including
- The Controller informs that your data, as a rule, will not be transferred to countries outside the European Economic Area (hereinafter: "EEA"), i.e. countries other than European Union Member States and Iceland, Norway and Liechtenstein. However, taking into account the IT services provided to the Controller by PGE Systemy S.A., performance of specific tasks or activities by the indicated entity may result in the transfer of data outside the EEA. More information on possible data transfer and the method of its protection can be obtained from PGE Systemy S.A
- The Controller hereby informs that in connection with the processing of personal data obtained through the Site, each data subject shall have the right to submit an application concerning:
- Each and every data subject has the right to lodge a complaint with the supervisory authority (President of the Office for Personal Data Protection, https://uodo.gov.pl/pl/83/155) if they believe that the processing of personal data is carried out against the provisions of law.
- The data was obtained by the Controller directly from you. The Controller may also process:
- personal data obtained from entities with which the Controller cooperates on the basis
of concluded agreements (e.g. business data of employees to be contacted for purposes related to the performance of the agreement),
- personal data obtained from entities and third parties cooperating with the Controller, whereas the data have been rendered available to the Controller on the basis of your consent,
- data obtained from publicly available sources, e.g. from the National Court Register, Central Register and Information on Economic Activity, websites, social media.
III. PERSONAL DATA PROVIDED BY THE USER
III. A. E-MAIL OR TELEPHONE CONTACT
- The Controller shall process personal data, in particular first and last name and contact telephone number or e-mail address and other information provided by you, to the extent necessary
to handle requests and execute an inquiry, including communication and answering
questions asked via the contact telephone number and e-mail address provided on the Site
(legal basis - Article 6 (1) (f) of the GDPR) - "legitimate interest".
- The Controller shall have the right to process personal data for the period necessary to execute the inquiry, including to respond to communication sent or the request/question submitted during the telephone conversation.
- The provision of data is voluntary, however it is necessary in order to respond to the submitted question or for the proper handling of the request and the execution of the inquiry. Failure
to provide personal data may result in the inability to provide an answer or execute an inquiry.
III. B. MARKETING COMMUNICATION
- The Controller shall process your personal data in order to carry out:
- Providing data to receive marketing communication via the selected communication channel is voluntary, however necessary to receive commercial information. Failure to provide personal data will result in the unavailability of marketing content to be received.
- The Controller shall have the right to process personal data for the period necessary to execute the aforementioned purposes. Depending on the legal basis, this shall be respectively:
- time until the objection is made,
- time until the consent is withdrawn.
- Withdrawal of consent may take place in particular by contacting the Controller or the DPO
(via the contact channels indicated herein above). Withdrawal of the consent shall not affect
the lawfulness of the use of data during the period when such consent was in force.
IV. AUTOMATICALLY COLLECTED DATA
- Using the Site involves sending queries to the server, which are automatically recorded in event logs.
- Event logs shall record user session data. In particular, these are: IP address, type and name
of the device, date and time of visit to our Site, information about the web browser
and operational system.
- The data recorded in event logs shall not be associated with the particular individuals.
- The contents of event logs shall be made accessible to persons authorized by the Controller
to administrate the Site.
- Chronological recording of information about events shall only be construed as an auxiliary material used for administrative purposes. The analysis of event logs enables, in particular,
the detection of threats, ensuring adequate security of the Site and the generation of statistics
in order to better understand how the users use the Site.
- User session data are used to diagnose problems with the functioning of the Site and to analyze possible security breaches, to manage the Site and to generate statistics (legal basis - Art. 6 (1) (f) of the GDPR) - "legitimate interest".
to the "Cookies Policy" available at https://pgebaltica.pl/polityka-cookies.
V. FINAL PROVISIONS
- The Site may contain links to other websites, including websites of companies from the PGE Capital Group cooperating with the Controller of partners, service providers and other external entities (e.g. LinkedIn, Facebook, Twitter, PGE purchasing platform, YouTube).
The Controller recommends that each user, after switching to other websites, should read privacy policies in force there.
in particular in the case of:
- For information regarding the processing of personal data by PGE Polska Grupa Energetyczna S.A. and selected companies of the PGE Capital Group please consult: https://www.gkpge.pl/rodo.