Privacy Policy 

The Privacy Policy informs how we process personal data of users of our services (services, applications), and above all:

  • who is the administrator of your personal data,
  • what data we process,
  • for what purpose and on what basis we process the data,
  • how long do we process data,
  • what rights do our users have as data subjects,
  • who we're sharing data with.

Administrator – Human IT GROUP spółka z ograniczoną odpowiedzialnością spółka komandytowa with its Registered office in Wrocław, KRS: 0000767522 oraz HUMAN IT GROUP spółka z ograniczoną odpowiedzialnością with its Registered office in Wrocław, KRS: 0000764980

Contact with the administrator is possible via e-mail: Hello @ humanit.group or in writing to the administrator's registered office.

Personal data – any information about an identified or identifiable natural person ("the data subject"); an identifiable natural person is a person who can be identified directly or indirectly, in particular on the basis of an identifier such as name, identification number, location data, internet identifier, or one or more specific factors that determine the physical, physiological, genetic, mental, physical, mental or economic, cultural or social identity of a natural person;

Processing – operations or set of operations performed on personal data or sets of personal data in an automated or non-automated way, such as collecting, storing, organizing, ordering, storing, adapting or modifying, downloading, viewing, using, disclosing by sending, distributing or otherwise making available, matching or combining, limiting, deleting or destroying;

User – any individual who visits the site or uses the services or functionality described in this Privacy Policy;

The purposes, legal grounds and periods of processing of your personal data by the controller vary depending on the process in which this processing takes place.

1. Use of the website

During your use of the website, your personal data is processed for the purpose of providing services by electronic means in the area of making available to users the content collected on the website and for analytical and statistical purposes. The data shall be processed in accordance with Article 6 (1) (a). B GDPR-necessity of processing for the conclusion and performance of the contract and Article 6 (1) (a) f GDPR – implementation of the legally justified interest of the administrator, consisting in conducting analyses of user activity, as well as their preferences in order to improve the functionality used and the services provided. The administrator processes the data for the period necessary to perform the service, and then for the period related to the investigation or defense of claims.

2. Tendering

The purpose of processing personal data is to send commercial offers for the conclusion of a contract. The data shall be processed in accordance with Article 6 (1) (a). B GDPR – necessity of processing for the conclusion, execution of the contract; at the request of the data subject – taking action before the conclusion of the contract. If a contract is concluded, personal data are processed for the duration of the contract and then for the period of limitation of claims arising from the contract. In the absence of a contract, we process the data up to 1 month after the end of the offer period. In case of failure to specify the term of validity of the offer-for a period of 3 months from the last contact.

3. Conclusion and execution of a service contract

The purpose of the processing of personal data is to conclude contracts and provide or use services on the basis thereof. The data shall be processed in accordance with Article 6 (1) (a). B GDPR – necessity of processing for the conclusion, execution of the contract; at the request of the data subject – taking action before the conclusion of the contract. Personal data are processed for the duration of the contract and then for the period of limitation of claims arising from the contract.

4. Recruitment

The administrator processes the data of job candidates in the recruitment process in order to hire employees. Data processing shall be carried out in accordance with Article 6 (1) (a). B GDPR – necessity of processing for the conclusion, execution of the contract; at the request of the data subject – taking action before the conclusion of the contract. The data are processed for the duration of the recruitment process. If you give additional consent to the processing of data for future recruitment purposes, we will process your data for a maximum period of 2 years from the date of their entry into the administrator's database or from the date of the last contact with you, whichever is later.

5. Contact form

The administrator processes the data provided in the contact form in order to recruit a candidate or to answer other questions provided in the form. Data processing shall be carried out in accordance with Article 6 (1) (a). a GDPR or article 6 (1) (a) f GDPR – on the basis of the consent / request of the candidate and for the implementation of the legally justified interest of the administrator, which is the need to ensure the proper handling of visitors to the site.

6. Newsletter

The administrator processes the data when sending the newsletter (in the form of electronic messages, which may contain commercial information) for advertising, promotional, marketing purposes related to the administrator's business activities. Data processing is carried out on the basis of the consent of the data subject-article 6 (1) lit. and, Rod. The data are processed for a maximum period of 2 years from the date of entry of your data into the administrator's database or from the date of the last contact with you, whichever is later.

7. Direct Marketing of the administrator's own products and services using electronic means of communication (mail, telephone, sms)

The administrator sends electronic messages containing marketing information for advertising, promotional, marketing purposes related to the administrator's business activities. Data processing is carried out on the basis of consent-article 6 (1) lit. and, Rod. The data are processed for a maximum period of 2 years from the date of entry of your data into the administrator's database or from the date of the last contact with you, whichever is later.

8. Establishment, investigation and defence of claims

The administrator processes your data in order to recover debts and conduct legal proceedings and defend against claims. Processing shall be carried out in accordance with Article 6 (1) (a). f the legitimate interest of the administrator is the need to investigate or defend against claims. Data are processed for the period of limitation of claims, in accordance with the provisions of the generally applicable law.

Use of cookies and similar technologies - you may object to the storage of information about you using the tools described below in the cookie settings from the site and decide which tools the administrator will be able to use when you visit the site.

1. Cookies

The administrator uses the so-called service cookie primarily for the purpose of providing the user with electronic services and improving the quality of these services. Therefore, the administrator and other entities providing analytical and statistical services use cookies to store information or gain access to information already stored in the user's telecommunications terminal equipment (computer, phone, tablet, etc.).). Cookies used for this purpose include: user input cookies (session identifier) for the duration of the session; authentication cookies used for services that require authentication for the duration of the session (authentication cookies); cookies used to ensure security, e.g. used to detect authentication fraud (user centric security cookies); session cookies of media players (e.g. Flash Player cookies), for the duration of the session (Eng. multimedia player session cookies); Persistent cookies used to personalize the user interface for the duration of the session or slightly longer (user interface customization cookies);

2. Google analytics

Your administrator uses Google Analytics, which collects information about your visits to the site, such as the subpages you have viewed, the time you have spent on the site, and the transition time between subpages. For this purpose, Google LLC cookies relating to google analytics are used. Google Analytics collects demographic and interest data. Neither the administrator nor Google uses the data collected to identify you or combine this information to identify you. For details on the scope and rules of data collection in relation to this service, please refer to: https://www.google.com/intl/pl/policies/privacy/partners.

3. Google tag manager

Your administrator uses the Google Tag Manager marketing tool to control your marketing campaigns and how you use the site. Google LLC cookies associated with Google Tag Manager are used for this purpose. Neither the administrator nor Google uses the collected data to identify you or combine this information to enable identification. For details on the scope and rules of data collection in relation to this service, please refer to: https://www.google.com/intl/pl/policies/privacy/partners.

4. LinkedIn insight tag

The administrator uses the LinkedIn Conversion tracking retargeting tool from LinkedIn Ireland, Wilton plaza, Wilton Place, Dublin 2, Ireland ("LinkedIn"). For this purpose, the site is installed with the code LinkedIn Insight Tag, which allows LinkedIn to collect statistical, pseudonymous data about your visits and use of our website and provide aggregated statistical data to the administrator on this basis. This information also allows you to view personalized offers and recommendations. Neither the administrator nor the tool uses the collected data to identify you or combines this information to enable you to identify yourself. For details on the scope and principles of data collection in relation to this tool, see: https://www.linkedin.com/help/linkedin/answer/90274/manage-your-linkedin-ads-settings?lang=en

5. Facebook pixel

Your Facebook pixel marketing tool is used by your administrator to direct personalized ads to you on Facebook. This involves the use of Facebook cookies. The information collected within the Facebook pixel is anonymous, i.e. it does not allow me to identify you. Facebook is a Privacy Shield certified entity and therefore guarantees compliance with European data protection laws https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. For more information on the scope and rules of data collection by Facebook, see the link: at https://www.facebook.com/about/privacy/update. Facebook Pixel specific information and details about how it works and how it works can be found in the help section of the Facebook Portal at https://www.facebook.com/business/help/651294705016616. this feature can be disabled as shown on the page https://de-de.facebook.com/business/help/1415256572060999?helpref=uf_permalink or on the site https://www.facebook.com/settings?tab=adsto do this, you must log in to the Facebook portal.

6. Bitrix24

The administrator uses the Bitrix24 marketing tool provided by bitrix, Inc. (headquarters: 901 N. Pitt St, Suite 325 Alexandria VA 22314 USA), collecting personally identifiable information in accordance with voluntarily provided categories. The data is stored within the European Union (Frankfurt, Germany) on fully GDPR-compliant Amazon Web Services data centres. For more information on the scope and principles of data collection in relation to this tool, please refer to the following link: https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/. at the same time, information on GDPR compliance and the privacy policy document are available at https://www.bitrix24.com/gdpr/.

7. Bazo.io

The Administrator uses the tool BAZO.IO supplied by Bazo SP. z O. O. with its Registered office in Lublin in connection with the use of the product BAZO.IO -to collect the following information about your visits to the site: date and frequency of your visits to the site, IP address of your device, bookmarks visited during visits to the site, contact information. Bazo meets the requirements of the GDPR as an administrator and processor of personal data. For more information on the processing of your data by Bazo SP. z O. o. please visit: https://bazo.io/).

8. Hotjar

The administrator uses the Hotjar tool provided by Hotjar Limited, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian & # 39; s stj 1000, Malta – in order to analyze your behavior on the site, information is stored such as: date and frequency of your visits to the site, IP address of your device, bookmarks visited during visits to the site, contact data. Hotjar, does not use this information for the purpose of your identification. For more information on Hotjar's processing of your data, please visit: https://www.hotjar.com/legal/policies/privacy.

SOCIAL NETWORKS. Instagram Facebook page the administrator processes the personal data of users visiting the administrator's social media profiles (LinkedIn, Facebook, Instagram). This data is processed only in connection with the maintenance of the profile, including for the purpose of informing users about the activities of the administrator and promoting various events, services and products. The legal basis for the processing of personal data by the controller for this purpose is its legitimate interest (article 6 (1) lit. f RODO) to promote their own brand.

CATEGORIES OF PERSONAL DATA PROCESSED

The Administrator processes the following categories of personal data belonging to job candidates, (future / potential) business partners of the administrator, employees or associates of (future / potential) business partners of the administrator and other persons contacting the administrator or persons contacted by the Administrator:

1)identification data (in particular: name, date of Birth, series and number of the identity document, company name, NIP, Regon number) and address data (address of the Registered office, mailing address, addresses of commercial establishments),

  1. contact details (e - mail, phone number),

  2. data on the occupied position, professional experience, qualifications,

  3. financial data, including bank account number, bank/financial institution data, VAT invoice data,

  4. information obtained during the use of our website in particular IP addresses, text files,

  5. other data provided by you in any form-necessary for the purpose for which it was made available;

DATA SOURCES. All data is collected by the administrator as follows:

  1. information provided voluntarily and directly by you (e.g. in the contact form, in the order form, through the exchange of business cards, during a telephone conversation, during the conclusion and execution of the contract, provision of services);

  2. information obtained during the use of our website in particular: IP address, text files;

  3. data of employees or associates of business partners (contractors, subcontractors) of the administrator-come directly from them or from their employer/entity that they represent;

  4. data of candidates to work for the administrator-come directly from them or from external recruitment agencies or were provided by employees and associates of the administrator in the framework of programs and promotional actions, such as the command program,

  5. from widely available sources, in particular databases and registers: the Central Register and information on Business Activity (CEIDG), the National Court register (KRS), the REGON database;

  6. from databases.

DATA RECIPIENTS :

  1. other entities in the group,

  2. entities providing services to the administrator m.in. accounting, human resources, recruitment, legal, recovery, IT, infrastructure, while such entities process data, as subcontractors, on the basis of an agreement with the administrator and only in accordance with his instructions,

  3. entities engaged in postal or courier activities,

  4. bank.

The administrator reserves the right to disclose selected information about you to the competent authorities or third parties who submit a request for such information, based on the relevant legal basis and in accordance with the provisions of applicable law.

RIGHTS OF DATA SUBJECTS :

  1. access to the content of their data, request their rectification, deletion or restriction of their processing;

  2. withdrawal of consent to the processing of personal data to the extent that your personal data is processed on the basis of consent; withdrawal of consent does not affect the lawfulness of the processing that was carried out before its withdrawal;

  3. object to the processing of personal data to the extent that the basis for the processing of personal data is a legally justified interest of the controller;

  4. transfer of personal data, i.e. to receive from the controller information about the personal data being processed, in a structured, commonly used format suitable for machine reading, to the extent that your data is processed for the purpose of concluding and executing a contract or on the basis of consent;

  5. file a complaint with the president of the office for personal data protection at the address: Stawki 2, 00-193 warszawa, if you consider that the processing of your personal data violates the GDPR.

In order to exercise these rights, please contact the data controller or the data protection coordinator at the email address: hello @ humanit.group

DATA PROCESSING OUTSIDE THE EU. Your personal data may be transferred outside the European Economic Area (including the European Union, Norway, Liechtenstein and Iceland) (EEA) in connection with the cooperation of the administrator with business partners located outside the EEA (Ukraine) and the provision of IT and infrastructure services to the administrator. In order to ensure an adequate level of protection in the event of their transfer of your data outside the EEA, the company applies standard contractual clauses issued by the European Commission in accordance with Article 46 (2) lit. c rodo.

SECURITY OF PERSONAL DATA. The controller shall carry out a risk analysis on an ongoing basis in order to ensure that personal data are processed in a secure manner-ensuring, in particular, that only authorised persons have access to the data and only to the extent necessary for the purposes of their tasks. The administrator shall ensure that all operations on personal data are recorded and carried out only by authorised employees and collaborators. The administrator shall take all necessary measures to ensure that its subcontractors and other cooperating entities also guarantee the application of appropriate security measures whenever they process personal data on behalf of the administrator.