Last update 10-05-2021.

GENERAL PROVISIONS

1.1. The administrator of personal data collected via the Website www.msservices.pl (hereinafter “Website”) or other channels of communication with the user is MS Services Sp. z o. o., ul. Bociana 22, 31-231 Kraków, a company registered in the District Court for Kraków – Śródmieście in Kraków, 11th Commercial Division of the National Court Register under KRS number 0000177832, with a share capital of PLN 220,000, e-mail address: sekretariat@msservices.pl (hereinafter : “Administrator”).

1.2. Users’ personal data are processed in compliance with the principles provided for in the GDPR, i.e. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repeal of Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), as well as provided for in the Polish Act on the Protection of Personal Data, executive acts to this Act and the Act on the provision of electronic services of July 18, 2002. (Journal of Laws of 2002, No. 144, item 1204, as amended).

1.3. In order to meet the statutory requirements, the Administrator selects and applies appropriate technical and organizational measures to ensure the protection of the processed data and protects the data against disclosure to unauthorized persons, as well as against their processing in violation of applicable law.

1.4. Phrases written in this document with a capital letter have the meaning assigned to them in the regulations of the Website (hereinafter: “Regulations”), unless there are separate definitions of these phrases in this document.

1.5. The terms used in this Privacy Policy have the following definitions:

• Account – a set of resources and settings created for the User within the Services, used to manage services.
• Regulations – Regulations for the provision of electronic services as part of websites belonging to the company MS Services Sp. z o. o
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation data).
• Website or Websites – websites belonging to MS Services Sp. z o. o., under which MS Services Sp. z o. o. provides its services.
• User – an adult natural person who uses the services offered by MS Services Sp. z o. o., which do not require the creation of an Account.

2. LEGAL BASIS FOR DATA PROCESSING

2.1. All personal data is collected on the Website on a fully voluntary basis.

2.2. The basis for the processing by the Administrator of personal data collected during Registration is art. 6 sec. 1 lit. a GDPR, i.e. the User’s express consent to the processing of this data. The said consent is confirmed by accepting the content of the Regulations and the Privacy Policy. Due to the fact that we provide various services to Users, we process your personal data for various purposes, to a different extent and on a different legal basis specified in the GDPR.

2.3. The basis for the Administrator to process the User’s e-mail address and telephone number in order to send commercial information, job offers, including newsletters to the User to the indicated e-mail address and telephone number, is art. 6 sec. 1 lit. a GDPR, i.e. the User’s express consent given through the appropriate function windows placed on the Website.

2.4. The basis for the processing by the Administrator of personal data collected during the User’s recruitment on the Website, including sending forms by the User, is art. 6 sec. 1 lit. b of the GDPR, i.e. taking actions necessary to conclude the Agreement and the need to perform the Agreement by the Administrator for a given User. Additionally, the possibility of such processing of personal data is confirmed by accepting the content of the Regulations and the Privacy Policy.

2.5. In addition, the Administrator processes personal data voluntarily provided by Users and automatically collected data on how to use the Website (including tools used to use the Website) in accordance with art. 6 sec. 1 lit. f of the GDPR, i.e. due to legally justified purposes pursued by the Administrator, in particular for the purpose of direct marketing of the Administrator’s products or services, as well as in order to optimize, improve and personalize the functions of the Website and to create statistics. The administrator ensures that such processing will not violate the rights and freedoms of data subjects.

2.6. As a rule, personal data provided voluntarily by the User is not combined with automatically collected data on how the User uses the Website. The Administrator informs that due to technical reasons, such a connection may sometimes occur, however, in such a situation, such combined data will be processed by the Administrator only due to legally justified purposes pursued by the Administrator, in particular in order to optimize, improve and personalize the functions of the Website and to creating statistics on the ext. Administrator’s needs.

2.7. If the User gives separate consent, his personal data (e-mail address, telephone number) may be processed in order to send him commercial information about the Services or the Administrator by electronic means, including to the e-mail address provided in the Registration process via the newsletter . The user has the right at any time to request the cessation of sending him commercial information by electronic means or the cessation of using his telephone number for direct marketing purposes.

2.8. Data processed for purposes related to the Registration will be processed until the Account is deleted.

2.9. Data processed in connection with recruitment will be deleted after its completion.

2.10. Data processed in connection with each subsequent participation in the recruitment process, and resulting from a separate consent of the User, will be processed no longer than 3 years from the end of the application.

2.11. Data processed for the purpose of sending commercial information (to the e-mail address or telephone number) will be processed until the relevant consents are withdrawn.

2.12. Personal data for the purposes of contact with the Administrator will be processed during the contact period, and then will be archived for a period of 3 years from the end of contact, which is justified by the need to recreate the content of such contact in connection with the pursuit of possible claims.

2.13. Data processed in connection with the pursuit of possible claims, as well as for archiving purposes will be processed for 3 years from the end of the contract.

3. PURPOSE AND SCOPE OF DATA COLLECTION AND DATA RECIPIENTS

3.1. Each time, the purpose, scope and recipients of data processed by the Administrator result from the User’s consent or legal provisions and are specified as a result of actions taken by the User on the Website or as part of other channels of communication with the User.

3.2. The administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are processed:

• lawfully, fairly and in a transparent manner to the data subject (“lawfulness, fairness and transparency”);
• for specific, explicit and legitimate purposes and not further processed in a manner incompatible with these purposes (“purpose limitation”);
• adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”);
• correctly, and if necessary, personal data is updated (“accuracy”);
• in a form that allows identification of the data subject, for a period not longer than it is necessary for the purposes for which the data are processed. (“storage limitation”);
• in a manner that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).

3.3. The user provides the following personal data:

• in the recruitment process on the Website: name, surname, e-mail address, telephone number, correspondence address and previous employment history, education and additional data in the CV file. The User consents to the Administrator processing his additional personal data for the purposes of recruitment.
• when using the Website: name, surname, telephone number and e-mail address.

3.4. Possible purposes of collecting Users’ personal data by the Administrator:

• submitting the recruitment form,
• conclusion and implementation of the Agreement,
• settlements, possible complaints and archiving,
• ongoing contact related to the recruitment process,
• with a separate consent – for the purpose covered by the statement, e.g. to send Users by electronic means (via the e-mail address or telephone number provided) commercial information regarding services or the Administrator (in the form of a Newsletter) and by accepting the Regulations and this Privacy Policy available at addresses:
  https://www.msservices.pl/en/polityka-prywatnosci/
  https://www.msservices.pl/pl/regulamin

3.6. Possible recipients of Users’ personal data:

• employees, associates of the Administrator,
• entities authorized to receive them under applicable law,
• company or person on the basis of relevant agreements, i.e. data entrustment agreements, e.g. in order to store them, deliver the Newsletter (including sms / mms messages).

3.7. The entities entrusted with the processing of personal data under a separate agreement are obliged to comply with the rules of confidentiality and security of personal data, in particular not to disclose data to unauthorized persons, and to use physical and technical security measures adequate to the method of processing this data. The Administrator provides Users, at their request, with detailed information about the entity entrusted with data processing, the scope of entrusted data and the date of their transfer. In addition, in this mode, the Administrator also provides access to current and detailed information about the technical means used or made available by the Administrator to prevent the acquisition and modification by unauthorized persons of personal data sent by the User electronically.

3.9. Your personal data will not be sold or transferred to third parties for purposes other than those described above.

4. USERS’ RIGHTS

4.1. Each person to whom personal data relates has the right to:

• access to data,
• rectification of data,
• deletion of data,
• data processing restrictions,
• the right to object to data processing,
• the right to lodge a complaint with the supervisory authority.

4.2. Cancellation or objection to the processing of personal data for the purpose of recruitment is made by sending a message via the contact form available on the website or by sending an e-mail to the address protection.danych@msservices.pl, by telephone contact at the telephone number 12 61 45 239 or in the scope of processing data for commercial purposes by clicking on the link at the bottom of the message.

4.3. After revoking the consent or expressing an objection, the User’s personal data will no longer be used for these purposes. The User’s personal data may be changed/supplemented by sending an application from the e-mail address registered by the User on the Website to the address protection.danych@msservices.pl . ochrona.danych@msservices.pl.

4.4. The User has the right to lodge a complaint related to the processing of personal data by the Company to the President of the Office for Personal Data Protection.

4.5. Contact with the person supervising the processing of personal data in the Service Provider’s organization is possible by electronic means at the following e-mail address: protection.danych@msservices.pl . ochrona.danych@msservices.pl.

5. CONTACT WITH THE ADMINISTRATOR AND THE PERSONAL DATA INSPECTOR

5.1. The User may at any time directly contact the Administrator by sending an appropriate message in writing or by e-mail to the Administrator’s address sekretariat@msservices.pl or by telephone at the telephone number indicated at the beginning of this Privacy Policy.

5.2. The User may at any time directly contact the Data Protection Officer by sending an appropriate message in writing, correspondence address: ul. Bociana 22, 31-231 Kraków or e-mail: iod@msservices.pl

5.3. The Administrator stores correspondence with the User for statistical purposes and for the best and fastest response to emerging inquiries, as well as in the scope of complaint settlements and possible decisions on administrative interventions made on the basis of notifications. Addresses and data collected in this way will not be used to communicate with the User for purposes other than the implementation of the application.

5.4. When the User contacts us in order to perform certain activities using the form, the Administrator may again ask the User to provide data, including personal data, e.g. in the form of name, surname, e-mail address, etc., in order to confirm the User’s identity and enable return contact in a given case. The above applies to the same data, including personal data, that were previously provided by the User and for the processing of which the User consented. Providing this data is not mandatory, but it may be necessary to perform activities or obtain information that interests the User.

6. SAFETY

6.1. The Administrator uses appropriate technical and organizational measures to ensure the security of protection of the processed Personal Data, appropriate to the threats and categories of data protected, and in particular, protects the data against unauthorized access, removal by an unauthorized person, processing in violation of applicable regulations and change, loss, damage or destruction. .

6.2. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risk of violating the rights or freedoms of natural persons with different probability of occurrence and severity of the threat, the controller implements appropriate technical and organizational measures to ensure a level of security corresponding to this risk, including inter alia, where applicable:

• personal data encryption,
• the ability to ensure the confidentiality, integrity, availability and resilience of processing systems and services at all times,
• the ability to quickly restore the availability and access to personal data in the event of a physical or technical incident,
• regularly testing, measuring and evaluating the effectiveness of technical and organizational measures to ensure the security of processing.

7. FINAL PROVISIONS

7.1. In order to make the Website even more attractive to the User, MS Services uses “cookies”. A “cookie” file is a small file containing a string of characters that is sent to the User’s computer when using the Website. Information collected automatically using “cookies” allows you to customize the services and content offered by MS Services to the individual needs and preferences of the User, as well as to compile general statistics on the use of the Website by the User. Thanks to the “cookie” file, the User’s browser can be recognized by a website belonging to MS Services. Most of the “cookies” used by MS Services are deleted from the User’s hard drive after the end of the session (“session cookies”). Other “cookies” remain on the User’s computer to enable recognition of the User’s computer during the next visit (“persistent cookies”). The User’s disabling of the option in the web browser that allows saving “cookies” may make it difficult or impossible to use the Website.

7.2. MS Services use various systems for monitoring the User’s activity on the web offered by third parties, such as Google Analytics, the so-called web analysis, a service offered by Google Inc. Google Analytics uses “cookies”, i.e. text files placed on the User’s computer and enabling the analysis of how the Website is used. MS Services also uses standard web server log files to count visitors to the Website and to evaluate its technical capabilities. MS Services uses this information to determine how many people visit the Website, to arrange it in the most user-friendly way and to make the Website simpler and more user-friendly. By deciding to use the services available on the Website,

7.4. Bearing in mind the fact that the market of monitoring services is developing extremely dynamically, MS Services tries to inform Users about the use of services of new entities in this respect, and the User agrees that in the future it may also be other companies. At the same time, MS Services informs that the User may withdraw his consent in this regard at any time by changing his browser settings, in accordance with the procedure set out below.

7.5. Information generated by “cookies” on the use of the Website by the User (including his IP address) is sent, among others, to to Google Inc. server located in the USA and stored in accordance with Google’s privacy policy (available at: http://www.google.com/intl/pl/privacy/privacy-policy.html). Google uses this information to evaluate the use of the Website, to compile reports for website operators on website activity and to provide other services related to the use of the Website and the Internet.

7.6. Below, the Administrator presents the current tools used by him to monitor the operation of the system and the behavior of Website users:

• Google Analytics (www.google.com/analytics/)
• Facebook Pixel (www.facebook.com/business/a/facebook-pixel)

7.7. The Administrator reserves the right to send Users unsolicited messages that are not commercial information.

7.8. Links may be placed on the Website (e.g. in the form of third party logos), which, if clicked, redirect the User to an external website. The fact of using this type of reference cannot be equated with the existence of a relationship between the Administrator and the entity to which the external website belongs. The Administrator is in no way responsible for the effects of such redirects and has no influence on the content of external websites. The Administrator is not responsible for the content of the privacy and security policies in force on these websites, or for the “cookies” used when browsing them. We encourage Users using such links to familiarize themselves with the content of the relevant legal documents applicable on these websites.

7.9. Services and functions within the Website may be extended over time, which means that MS Services reserve the right to make changes to this Privacy Policy, while maintaining the rights previously acquired by Users. Each person using the Website in any way is bound by the current Privacy Policy. Changes may occur e.g. for the following important reasons:

• changes in applicable regulations, in particular in the field of personal data protection, telecommunications law, services provided electronically and regulating consumer rights, affecting our rights and obligations or the rights and obligations of the User,
• development of functionalities or progress of Internet technology, including the use/implementation of new technological or technical solutions affecting the scope of the Privacy Policy.

7.10. The Administrator will each time place on the Website information about changes to the Privacy Policy. With each change, a new version of the Privacy Policy will appear with a new date.

7.11. In the event of doubts or conflicts between the Privacy Policy and the consents given by the User, regardless of the provisions of the Privacy Policy, the basis for undertaking and determining the scope of activities by us are always the consents voluntarily granted by the User or the law.

7.12. The User’s personal data may also be processed in an automated manner, including in the form of profiling. The consequence of profiling will be assigning a profile to a given person for the purposes of analyzing or predicting the User’s preferences, behavior, attitudes and adjusting the information provided to the User via the Website.