Privacy Policy

Privacy Policy

§ 1

  1. This document sets out the purposes, legal basis and scope of the processing of personal data processed by Aurora Creation sp. z o.o..
  2. The controller of personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: GDPR) is Aurora Creation sp. z o.o. with its registered office in Białystok, ul. Dąbrowskiego 28, 15-872 Białystok, NIP: 542-326-75-81, REGON: 366533862, registered in the register of entrepreneurs kept by the District Court in Białystok, XII Economic Division of the National Court Register under KRS number 0000662567 (hereinafter: Controller). The Controller may be contacted at the address of its registered office or by e-mail at [email protected].

§ 2

The controller processes your personal data for the following purposes and on the basis of legal principles:

  1. For the purpose of responding to your enquiry or handling your request sent to the Company – where the legal basis for data processing is the legitimate interest of the Controller i.e. Article 6 paragraph 1 letter f) of GDPR.
  2. For the purpose of recruiting employees – where the legal basis for processing the data is the candidate’s consent, i.e. Article 6 paragraph 1 letter a) of GDPR. We process the data for 12 or 24 months, depending on your decision on whether you wish to participate in future recruitments. The scope of the data should be adequate to the information required by the employment legislation, broader information will not be taken into account by the Controller.
  3. For the purpose of hiring an employee based on an employment contract or a civil law contract (commission or work). The specific clauses of the information obligation in these cases will be implemented when the relevant contract is signed.
  4. For the purpose of establishing and performing cooperation with sole traders – where the legal basis for data processing is the performance of a contract or taking actions related to the conclusion of a contract, i.e. Article 6 paragraph 1 letter b of GDPR; the fulfilment of obligations under tax law and accounting regulations, i.e. Article 6 paragraph 1 letter c of GDPR; the pursuit of potential claims; ensuring the security of the Company, where the legal basis is Article 6 paragraph 1 letter f of GDPR.The scope of the data is adequate to the data entered in the CEIDG and the personal data of employees or cooperators provided by the contractor.
  5. For the purpose of establishing and implementing cooperation with legal entities – where the legal basis is the performance of a contract or taking actions related to the conclusion of a contract, i.e. Article 6 paragraph 1 letter b) of GDPR; the performance of obligations arising from tax laws and accounting regulations, i.e. Article 6 paragraph 1 letter c) of GDPR; the pursuit of potential claims; ensuring the security of the Company where the legal basis is Article 6 paragraph 1 letter f) of GDPR.
    The scope of the data is adequate to the data entered in the KRS and the personal data of employees or associates provided by the contractor.
    In the case of access to personal data of employees or customers of the contractor, we process personal data on the basis of the contract of entrustment of processing of personal data with the contractor binding us. The data processing period, categories and scope are defined in the relevant agreement. The entrustment or provision of such data (made by the Counterparty) is necessary for the performance of the contract and the Company acts as processor.
  6. For the purpose of maintaining business contacts or initiating them – the Controller may process the data received e.g. in the course of business meetings to the extent found on the received business cards, where the legal basis is the legitimate interest of the Controller, i.e. Article 6 paragraph 1 letter f of GDPR consisting in building a network of contacts.

The scope of the data is limited to the contact details provided by the data subject.

Your personal data will be stored for the duration of the contract and after this period for the period of limitation of possible claims (not applicable to the entrustment of data processing, where the period is determined by the relevant contract). In addition, your personal data will be stored for the period required by tax law and accounting regulations and, in the case of individuals employed under labour law, for the period required by these regulations.

The provision of your personal data is voluntary, but necessary to ensure contact with the Company.

§ 3

In connection with the performance of activities which require the processing of personal data, personal data may be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems, entities providing accounting services, legal advisers, postal operators, marketing or recruitment agencies.

The Controller reserves the right to disclose selected information concerning the Data Subject to competent authorities or third parties who request such information on the appropriate legal basis and in compliance with the provisions of the applicable law.

§ 4

The User’s rights towards the Controller with regard to the processed data

The User, with regard to the processing of their data, has the rights:

  • to access the data,
  • to rectify the data,
  • to erase or restrict processing,
  • to data portability,
  • to object,
  • to be informed on request – about whether data is being processed, and other matters set out in Article 15 of the GDPR, including the right to a copy of the data,
  • to be informed of a data breach,
  • to lodge a complaint to the supervisory authority in the field of personal data protection – the President of the Office for Personal Data Protection (ul. Stawki 2, 00-193 Warsaw).

§ 5

The Controller informs you that they do not make decisions by automated means, including profiling as referred to in Article 22 paragraphs 1 and 4 of the GDPR.

§ 6

Use of cookies

Pursuant to Article 173 and Article 174 of the Telecommunications Act, the Website (auroracreation.pl website) uses cookies which are IT data, in particular text files stored on the User’s terminal equipment. Cookies usually contain the name of the website they come from, the time they are stored on the terminal device and a unique number.

Cookies are used in order to:

  • make it easier for the User to use the Website while browsing;
  • subsequently associate the User when the Website is reconnected to the device on which they are stored;
  • compile statistics which help us to understand how visitors use the Website so that we can improve its structure and content;
  • adapt the content of the Website’s pages to the User’s specific preferences and optimise the use of the websites, tailored to the individual needs of the User;

The information is in no way linked to the personal data of the Website User and is not used to determine the identity of the User. The extent of the information collected automatically depends on the User’s browser settings. The User should check the settings of their browser to find out what information is made available by the browser automatically or to change these settings. In order to do so, we recommend reading the “Help” of the Internet browser used.

You can change the conditions for storing or receiving cookies by configuring the settings of your web browsers.

The web browsing software, i.e. the web browser, usually allows the storage of cookies on the User’s terminal device by default. Users of the Website may change their settings in this respect. The Internet browser makes it possible to delete Cookies. It is also possible to automatically block cookies. For details, please refer to the help or documentation of the Internet browser used by the User.
If the User does not wish to receive Cookies, they can change their browser settings. However, disabling Cookies that are essential for authentication processes, security or maintaining User preferences may make it difficult and, in extreme cases, impossible to use the Website.