Privacy Policy www.rst.software

Personal Data collected during the use of the www.rst.software website (hereinafter referred to as the “Website”) is administered by RST sp. z o.o. sp. k., with registered office at the following address: ul. Esperantystów 17, 58-100 Świdnica, registered in the register of entrepreneurs of the National Court Register by the District Court in Wroclaw, IX Commercial Division of the National Court Register, under KRS number: 0000354129, Tax ID (NIP): 8842711131, National Business Registry Number (REGON): 02123240600000 (“Personal Data Administrator”).

 

  1. With respect to your rights as personal data subjects (i.e. people to whom the data relates) and with respect to the mandatory rules of law, including in particular the Regulation of the European Parliament and the Council (EU) 2016/679 of 27 April 2016 on protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/WE (General Data Protection Regulation), hereinafter referred to as “GDPR”, the Polish personal data protection Act of 10 May 2018 (hereinafter referred to as the “Act”), and other relevant personal data protection laws, we commit to maintaining the confidentiality and security of all personal data that you share with us. All our employees have been properly trained in personal data protection, and our company, as the Personal Data Administrator, has introduced new security measures, as well as technical and organisational means in order to ensure the highest possible level of personal data protection. We have introduced appropriate procedures and policies to process personal data in accordance with the GDPR, so that the processing of personal data is conducted in a lawful and reliable manner, and you as the persons to whom the data relates may execute all your relevant rights. Additionally, if needed, we cooperate with the regulatory body within the territory of the Republic of Poland, i.e. the President of the Data Protection Authority (hereinafter referred to as the “PDPA”).
  2. Our company as the Personal Data Administrator has appointed the Data Protection Officer. Any questions, requests or complaints relating to personal data processing in our company (the Personal Data Administrator), hereinafter referred to as “Applications”, should be sent via e-mail to the following e-mail address: jakub.szajdzinski@rst.com.pl, or in writing to the postal address of the Personal Data Administrator, i.e. ul. Esperantystów 17, 58-100 Świdnica.
  3. The Applications should clearly contain:
    • the data of the person or persons to whom the Application relates,
    • the event that the Application relates to,
    • the filed requests and their legal basis
    • the desired means of solving the issue.
  4. The www.rst.software Website is provided for informational purposes only and no personal data is collected through the Website. Our site uses cookies to personalise its functionalities. Owners of third-party websites do not have access to any such data and information. However, if you do not agree to having the Website personalised, we suggest that you disable cookies in your browser.
  5. You may use the addresses, e-mail addresses and telephone numbers provided on the Website to contact us; in this case, the personal data you provide will be processed in order to respond to your message or to contact you otherwise.
  6. Every person using our Website may individually choose whether and how they wish to use our services, and share their data and information within a certain scope, as per this Privacy Policy.
  7. As per the rule of minimisation, we only process the categories of personal data that are considered necessary for the purposes specified in this Policy
  8. We process personal data for the time necessary to achieve the purposes mentioned in this Policy. The personal data may be processed for a period longer than indicated in the preceding sentence, if such powers or obligations imposed on the Administrator arise from special provisions of law, or if it is necessary to provide the services on an ongoing basis.
  9. The personal data processed by the Personal Data Administrator is provided by data subjects, i.e. the persons to whom the data relates.
  10. The legal basis for the processing of your personal data is primarily:
    • Art. 6 § 1 point b of the GDPR, i.e. the necessity to perform the contract to which you are a party, or to act on your demand before the conclusion of the contract,
    • Art. 6 § 1 point f of the GDPR, i.e. the Administrator’s legitimate interest in determining, pursuing or defending claims until their statute of limitations, or until the completion of relevant proceedings, if they were initiated during this period,
    • Art. 6 § 1 point a of the GDPR, i.e. your consent to the processing of personal data for specific purposes, when other legal grounds for the processing of personal data do not apply.
  11. Your personal data is not transferred to a third country or an international organization within the meaning of the provisions of the GDPR. In the event that personal data is transferred to a third country or an international organization, you will be informed in advance, and the Administrator will apply the safeguards referred to in Chapter V of the GDPR.
  12. No personal data is shared with any third parties without explicit consent of the person to whom the data relates. Personal data may be shared without the consent of the person to whom it relates only with legal public bodies, i.e. government and administrative bodies (e.g. tax offices, judicial authorities, and other entities with a mandate stipulated by the relevant mandatory rules of law).
  13. Personal data may be shared with entities that process the data on our request, i.e. on the request of the Personal Data Administrator. In such cases, as the Personal Data Administrator, we conclude a contract for personal data processing with such an entity. The processing entity processes the shared personal data solely for the purposes specified in the aforementioned contract. Without sharing the personal data with such entities, we would not be able to conduct our business activity in our Website. As the Personal Data Administrator, we share the personal data for processing with entities:
    • providing hosting services for the Website,
    • providing other services to us, the Personal Data Administrator, which are necessary for the proper functioning of the Website.
  14. The Personal Data Administrator does not use personal data for the purposes of profiling.
  15. According to the GDPR, each person whose personal data is being processed by the Personal Data Administrator has the right to:

    1. be informed of the processing of their personal data, as per Art. 12 of the GDPR – the Administrator is obliged to share information specified in the GDPR (incl. relating to data itself, contact details, purposes and legal basis for personal data processing, personal data recipients or categories of recipients, if any, or the period for which the data shall be processed, or criteria, based on which such a period is set) with the person to whom the data relates; this obligation should be executed immediately at the moment when the data is first acquired, and if the data is not acquired from the person to whom it relates, but from another source, then it should be executed within a reasonable time frame, depending on the circumstances; the Administrator may choose to not provide this information to the person to whom the data relates if this person has already been informed;
    2. access their personal data, as per Art. 15 of the GDPR – when providing your personal data to us, you have the right to access and review it; it does not mean, however, that you have access to all documents that contain your data, as such documents may contain confidential information; you do have the right to be informed as to which of your data is being processed and how, as well as the right to receive copies of your personal data, with the first copy being issued free of charge, and for each subsequent one, according to the GDPR, we may charge a relevant administrative fee relating to the making of the copy;
    3. rectification of the personal data, as per Art. 16 of the GDPR – if your personal data has changed, please inform us, as the Personal Data Administrator, of this fact, so that the personal data we are holding corresponds to the actual information and is up to date; also, in situations where the personal data has not changed, but for some reason the data we hold is incorrect or has been incorrectly saved (e.g. due to an editorial mistake), please inform us of this, so that we may correct the relevant data points;
    4. erasure of the data (the “right to be forgotten”), as per Art. 17 of the GDPR – in other words, you have the right to demand that we “erase” the data held by us, as the Personal Data Administrator, and the right to request that we, as the Personal Data Administrator, inform other administrators we shared your data with, of your wish to have it erased. You may request the erasure of your personal data first and foremost when:
  • the purposes for which the personal data had been shared have been fulfilled, e.g. we fully executed the sale contract we had concluded,
  • the processing of your personal data was based on an explicit consent that was subsequently withdrawn, and there is no other legal basis for us to further process your personal data,
  • you filed an objection to the processing of your personal data by us, as per Art. 21 of the GDPR, and believe that we have no underlying legal basis allowing us to further process your personal data,
  • your personal data was being processed illegally, i.e. for purposes that were against the law or without any legal basis for its processing – please remember that in such cases you will need to provide a basis for such a request,
  • the need to delete your personal data results from the mandatory rules of law,
  • the personal data relates to a minor and was collected as part of an information society service,5. restrict the processing, as per Art. 18 of the GDPR – you may request from our company that we limit the scope of the processing of your personal data (meaning that until the matter is clarified, we would limit ourselves to merely storing the data), if:
  • you question the accuracy of your personal data, or
  • you believe that we process your personal data without a legal basis, but simultaneously you do not want us to delete the personal data (i.e. you are not realising the aforementioned right), or
  • you filed an objection, as per the letter h) of this point, or
  • your personal data is needed for the establishment, exercise or defence of legal claims, e.g. before a court of law;6. data portability, as per Art. 20 of the GDPR – you have the right to receive your data in a format allowing you to review it on your computer, and the right to transfer the data in such format to another administrator; you have this right only when the basis for the processing of your personal data was an explicit consent or the data was processed automatically;g) file an objection to the processing of the personal data, as per Art. 21 of the GDPR – you have the right to file an objection if you do not agree to us processing your personal data that we had processed thus far for specific purposes, in accordance with the mandatory rules of law;h) refuse profiling, as per Art. 22, relating to Art. 4.4 of the GDPR – in our Website you shall not be subject to automated decision-making or profiling, as per the GDPR, unless you provide us with an explicit consent to do so; additionally, you shall always be informed of any instances of profiling, should they occur;

    7. file a complaint to a regulatory body (i.e. to the President of the Data Protection Authority), as per Art. 77 of the GDPR – if you believe that we process your personal data illegally or in a way that violates your rights resulting from the mandatory rules of personal data protection laws.8. In relation to the right to erasure of the data (the “right to be forgotten”), please note that, according to the GDPR, this right is not applicable, if:
    a) the processing of your personal data is necessary in order to exercise the right to freedom of speech, e.g. if you placed your data in a blog or comments, etc.b) the processing of your personal data is necessary for our company to fulfil its statutory legal duty – we cannot delete your data, as long as we are bound by certain legal (e.g. tax-related) obligations.c) the processing of your personal data is performed for the establishment, exercise or defence of legal claims.

  1. Should you wish to exercise any of your abovementioned rights, please send an e-mail or contact the Personal Data Administrator, as per point 3 above.
  2. Each ascertained instance of security breach is documented, and should any of the events  described in the GDPR or the Act occur, the persons to whom the data relates, as well as the PDPA, if applicable, shall be informed of it.
  3. All matters not regulated by this Privacy Policy shall be regulated by the relevant mandatory rules of law. Should any of the provisions of this Privacy Policy not comply with the abovementioned rules of law, the rules of law shall take precedence.
RST Software Masters 🥇 | Clutch | Reviews

FIRST PARTNER
In POLAND

OFFICIAL
CONSULTING PARTNER

FORBS AWARD
2018

WW FORM A GROUP

RST Group 🥇

Newsletter

Newsletter

Thank you!
Your email has been sent.

Our website uses cookies to work correctly. Using this website with current settings means that cookies will be stored in the browser’s memory. Cookies settings can be changed in the browser’s options. For more information please visit Cookies policy.