If you have any comments or want to ask about the privacy policy, write to us at: [email protected]

Privacy policy of the gsscert.com website

In accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (GDPR, General Data Protection Regulation), we process the data of people using GSS SA services, on the following principles:

The administrator of personal data is GSS SA Wielopole 62, 33-210 Olesno, Poland ([email protected]).

We collect and process personal data in accordance with Art. 6 GDPR:

  1. in order to conclude and perform contracts with our partners, contractors and associates (Article 6 (1) (a) and (b) of the GDPR),
  2. on the basis of separate and express consents granted to GSS SA (Article 6 (1) (a) of the GDPR),
  3. for contact purposes, including providing information about the services provided, as well as to pursue claims or defend own rights – that is, to pursue a legitimate interest (Article 6 (1) (f) of the GDPR).
  4. In cases resulting from the provisions of national and EU law, when data processing is necessary to fulfill the legal obligation incumbent on GSS SA

Please be advised that we protect your personal data on the terms and in accordance with the applicable provisions on the protection of personal data, in particular the GDPR. We use technical and organizational measures to ensure protection of the processed data, appropriate to the threats and categories of data protected, and in particular, we protect your personal data against unauthorized disclosure, loss or damage.

Automated decision making, including profiling, will not be applied to you. Anonymous data about users of the website https://gsscert.com are collected in accordance with the information on “cookies”.

GSS SA will not transfer personal data to a third country, except at the request of the data subject.

Without express consent, GSS SA does not transfer personal data outside the European Economic Area. Regardless of the issue of consent, the transfer of personal data outside the European Economic Area may only take place under the conditions set out in the GDPR.

Personal data will be transferred outside the European Economic Area only if it is necessary for the performance of the contract concluded between GSS SA and our client, contractor or partner.

Personal data may be stored on servers located outside the EEA, however, in each case, these data are secured and processed on the basis of the provisions of the GDPR. No third party has access to data stored on GSS SA servers

The data may be transferred to third parties with the help of which we achieve the above-mentioned purposes, including entities providing IT services to us. In any case, we provide data only after concluding a contract with a third party, guaranteeing the security of your personal data and the liability of such third parties for the performance of obligations under the GDPR.

In the case of projects implemented from European funds, the data of persons participating in the implementation of projects are subject – on the basis of separate agreements – to the authorized Managing Authorities and Intermediate Bodies.

Pursuant to the GDPR, you have the right to request GSS SA to access your personal data, rectify it, delete it or limit its processing. The right to delete data does not apply in the cases specified in art. 17 sec. 3 GDPR. If the processing is based on consent or is necessary to perform the contract, you have the right to transfer data. If the processing is necessary for the purposes of the legitimate interests pursued by GSS SA or by a third party, you have the right to object.

In the case of data processed on the basis of consent, you have the right to withdraw consent at any time, without affecting the lawfulness of the processing which was carried out on the basis of consent before its withdrawal – with the proviso that in the case of contractual relations, the right to process personal data also after the end of the contract, for the period resulting from the provisions on archiving documents and limitation of claims.

If you believe that the processing of personal data by GSS SA violates the law, you have the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office.

Any questions, comments and requests regarding the processing of personal data by GSS SA should be sent to the following e-mail address: [email protected]