Sarego Finanse sp. z o.o. Sarego 2, 31-047 Kraków . with its headquarter in Krakow (hereinafter: "SF") shall make every effort to protect the processed personal data against unauthorized disclosure, from being taken away by an unauthorized person, processed in violation of applicable law and from being changed, lost, damaged or destructed and with respect of the privacy of any person whose personal data is processed.
1. Data controller
The controller of your personal data Sarego Finanse sp. z o.o. with its headquarter in Krakow, . Sarego 2, 31-047 Kraków, entered into the Register of Entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, 11th Commercial Division of the National Court Register, under KRS number: 0000395813, NIP: 6762449084, REGON: 122418140.
2. Purposes of data processing
Your personal data will be processed by SF only in connection with the provision of services rendered by SF under the contract concluded between SF and the client (pursuant to Article 6(1) (b) of the GDPR/RODO) as well as on the basis of the consent granted for processing of data within the range indicated in the consent and for the purpose strictly indicated in the consent (pursuant to Article 6(1) (a) of the GDPR/RODO) and if it is necessary for the purpose of the legitimate interests pursued by Controller (pursuant to Article 6(1) (f) of the GDPR/RODO)SF and when it is necessary for compliance with a legal obligation to which the Controller is subject(pursuant to Article 6 (1) (c) of the GDPR/RODO).
Examples of processing purposes are: provision of financial services, meeting the requirements of tax and accounting regulations, including maintaining tax documentation and accounting records; archiving purposes.
Typical categories of data are: your name and surname, correspondence address, contact details, information necessary to providefinancial services, depending on the nature of provided services.
3. Data protection measures
SF shall ensure the application of the technical and organisational measures necessary to ensure legality, transparency, minimization, adequacy, processing limits, timeliness, integrity and confidentiality.
4. The exercise of rights
SF shall ensure the implementation of your rights in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation) (Official Journal of the European Union L 119, p. 1), hereinafter: "GDPR/RODO ", including:
- the right to information on the Processing of Personal Data (Articles 13, 14 and 34 of the GDPR/RODO),
- the right of access to Personal Data (Article 15 of the GDPR/RODO),
- the right to rectify Personal Data (Article 16 of the GDPR/RODO),
- the right to delete Personal Data, the so-called "The right to be forgotten" (Article 17 of the GDPR/RODO),
- the right to limit the processing of Personal Data (Article 18 of the GDPR/RODO),
- the right to be informed about the rectification or removal of Personal Data or the restriction of their Processing (Article 19 of the GDPR/RODO),
- the right to transfer Personal Data (Article 20 of the GDPR/RODO),
- the right to object (Article 21 of the GDPR/RODO),
- the right to lodge a complaint to the President of the Personal Data Protection Office (Article 77 of the GDPR/RODO).
5. Data processing period
We will store your personal data. Individual legal provisions may require us to store individual personal data for different periods of time.
If your consent to the processing of personal data expires, we will ask for your further consent. If the consent is not given, we will stop processing your personal data.
Your personal data will be processed as long as necessary and in relation to the purposes for which it was collected, in particular in the case of a concluded financial services contract - for the duration of this contract, and after its termination or its expiration, for the period of limitation of claims resulting from the relevant legal provisions.
In case of data processing based on your consent, we will ask you for your further consent when this consent expires. If consent is not given, we will stop processing your personal data.
In the case of data processing based on the legitimate interest of the Controller, the data will be processed until you object, whereas the data processed for accounting purposes will be processed for the period resulting from the relevant legal provisions.
6. Recipients of data
The recipients of your personal data shall be SF employees and associates as well as the entities entrusted with the processing of your personal data by SF and the employees and associates of these entities, ICT services providers, couriers and postal companies, other entities supporting the provision of legal and/or financial services - to the extent that it is necessary to achieve the purposes of data processing.
The Controller shall make every effort to ensure that the processing of your data by these entities is carried out in accordance with the GDPR/ RODO, in a manner that ensures an adequate level of protection.
7. Data transfer
Personal data may be transferred to a third party only if it is necessary for the provision of legal and financial services by SF, and the Controller shall ensure that in the case of data transfer to a third party, it is done in a way that provides an adequate level of protection.