The Data Controller of Personal Data of the Internet service available at the address: www.automationtrader.com, hereinafter referred to as the Internet Service, is Maciej Szczotka conducting business under the name „Automation Trader Maciej Szczotka,” with a registered office at ul. Browarowa 21, 43-100 Tychy, entered into the Central Register and Information on Economic Activity, Tax Identification Number (NIP): 6462558521, National Business Registry Number (REGON): 243655030, hereinafter referred to as the Data Controller.
Any inquiries, requests, or complaints related to the processing of personal data by the Data Controller, hereinafter referred to as Notifications, should be directed to the following email address: [email protected] or in writing to Automation Trader, ul. Browarowa 21, 43-100 Tychy. The notification should clearly specify:
The data of the person or persons covered by the Notification,
The event that is the reason for the Notification,
Present your requests and the legal basis for these requests,
Specify the expected way of handling the matter.
In our Internet Service, we collect the following personal data:
Name and surname, company name, email address, phone number – this data may be processed when you provide it to us as a user of our Internet Service through a contact form or chat available on the Service, as well as through email, phone contact, or traditional mail.
IP address of the device and potential personal data contained in Cookies files – information resulting from general principles of Internet connections, such as an IP address (and other information contained in system logs), is used for technical and statistical purposes, including collecting general demographic information (e.g., about the region from which the connection originates). This type of data is also used for marketing and analytical purposes if consent is given in accordance with Article 173 (1) of telecommunications law.
Additionally, other data may be collected as part of specific matters or may be provided by users of our Internet Service via email, chat, or contact form available on the Internet Service, traditional mail, or during phone contact.
We process personal data for the following purposes:
Conclusion and performance of contracts related to the services offered by us (Article 6 (1) (b) of the GDPR) – in this scope, data will cease to be processed upon the completion of the specific contract.
Fulfillment of legal obligations incumbent on the Data Controller, in particular, documentation keeping, issuing invoices, etc. (Article 6 (1) (c) of the GDPR) – in this scope, personal data will be deleted after fulfilling specific legal obligations.
Running the website (Article 6 (1) (f) of the GDPR in connection with Article 173 (1) of telecommunications law) – in this scope, personal data will cease to be processed in case of the expiry of the cookie file, deletion of cookies, or accordingly upon the termination of a specific session.
Ongoing communication related to the operation of the Internet Service (Article 6 (1) (f) of the GDPR, i.e., legitimate interest of the Data Controller) – in this scope, your personal data will cease to be processed upon responding to a specific question or handling a specific matter.
Establishing and pursuing claims or defending against such claims (Article 6 (1) (f) of the GDPR, i.e., legitimate interest of the Data Controller) – in this scope, personal data will be deleted upon the expiry of the claims, but as a rule, after the lapse of a 3-year statute of limitations period.
The source of personal data processed by the Data Controller is individuals whose data is concerned.
In the case of a button or function that is a link to an external website, application, or social media, there is a co-administration relationship between the Administrator of this Internet Service and the administrator of the external website. Co-administration is limited exclusively to data necessary for operations related to the functioning of a specific button or function. The Administrator is not responsible for the policies regarding the further processing of personal data by other entities and organizations or social media service providers. Our Co-Administrators within this Internet Service include:
Meta Platforms Ireland Ltd. (Facebook, Messenger, Instagram) with its registered office at: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland,
Pinterest Europe Limited (Pinterest) with its registered office at: 2nd Floor Palmerston House, Fenian Street, Dublin 2, Dublin, D02WD37, IRELAND, D02WD37,
Google Ireland Ltd. (YouTube, Google Maps) with its registered office at: Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland,
Twitter International Unlimited Company (Twitter) with its registered office at: Fenian Strees DO2 F663 Dublin, Ireland.
We do not provide any personal data to third parties without the explicit consent of the individuals whose data is concerned. Personal data without the consent of the individuals whose data is concerned may only be made available to public authorities, i.e., authorities and administration (e.g., tax authorities, law enforcement authorities, and other entities authorized by universally applicable legal provisions).
Personal data may be entrusted for processing to entities processing such data on our behalf as the Data Controller. In such a situation, as the Data Controller, we conclude a personal data processing entrustment agreement with the data processing entity. The data processing entity processes the entrusted personal data only for the purposes, to the extent, and for the purposes indicated in the entrustment agreement mentioned in the preceding sentence. Without entrusting personal data for processing, we would not be able to conduct our activities within the framework of the Internet Service. As the Data Controller, we entrust personal data for processing, in particular, to the following entities:
Providing hosting services for the website on which our Internet Service operates,
Providing analytical and marketing tools,
Other entities providing services necessary for the operation of the Data Controller.
Personal data is not subject to profiling by us as the Data Controller within the meaning of the GDPR provisions.
In accordance with the GDPR provisions, every person whose personal data we process as the Data Controller has the right to:
Access their personal data as referred to in Article 15 of the GDPR,
Be informed about the processing of personal data as referred to in Article 12 of the GDPR,
Correct, supplement, update, or rectify personal data as referred to in Article 16 of the GDPR,
Withdraw consent at any time as provided in Article 7 (3) of the GDPR,
Have data deleted (the right to be forgotten) as referred to in Article 17 of the GDPR,
Restrict processing as referred to in Article 18 of the GDPR,
Data portability as referred to in Article 20 of the GDPR,
Object to the processing of personal data as referred to in Article 21 of the GDPR,
In the case of the legal basis being consent, the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal,
Not be subject to profiling as referred to in Article 22 in conjunction with Article 4 (4) of the GDPR,
Lodge a complaint with the supervisory authority (i.e., the President of the Office for Personal Data Protection), as referred to in Article 77 of the GDPR.
If you wish to exercise your rights as described in the preceding paragraph, please send an email to the email address or in writing to the correspondence address mentioned in point 2 above.
Each identified case of a security breach is documented, and in the event of one of the situations specified in the GDPR or the Act, individuals whose data is concerned are informed about such violations of personal data protection rules, and – if applicable – the supervisory authority is also informed.