LEGAL NOTICE

Please read the content of the legal notice which regulates the processing of personal data, i.e. Article 13 GDPR – (General Data Protection Regulation) – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 with regard to the processing of personal data of natural persons and on the free movement of such data and repealing Directive 95/46/EC.

1. The controller of the provided personal data is: 

Amplus Sp. z o.o. 

Niegardów 26 

32-104 Koniusza 

Contact information for the Controller:

abi@amplusfoods.com 

Prandocin Iły 62a, 32-090 Słomniki 

2. Purposes and methods of processing personal data:

Customer/Supplier Data

1.  Processing method

Purchase, sale of products offered by/for the Controller

Purpose of processing

  • Execution of the concluded contract, i.e. purchase, sale of products (legal basis: Article 6(1)(b) "GDPR");
  • Fulfillment of legal obligations of the Data Controller in connection with the need to keep accounting evidence (legal basis: Article 6(1)(c) "GDPR" in connection with tax regulations);
  • In order to pursue possible claims (legal basis: Article 6(1)(f) "GDPR")
  • Marketing and promotion of own and group companies' products and services, commercial offers (legal basis: Article 6(1)(a) and (f) "GDPR");
  • Internal administrative purposes – conducting statistics, reporting, customer satisfaction surveys (legal basis: Article 6(1)(f) "GDPR").

2. Processing method

Contact form on the website

Purpose of processing

  • Execution of the concluded contract or prior to its conclusion (legal basis: Article 6(1)(b) "GDPR");
  • Marketing and promotion of own and group companies' products and services, commercial offers (legal basis: Article 6(1)(a) and (f) "GDPR");
  • Providing answers to questions sent, conducting correspondence (legal basis: Article 6(1)(f) "GDPR");
  • Internal administrative purposes – conducting statistics, reporting (legal basis: Article 6(1)(f) "GDPR").

3. Processing method

Data received during calls, telephone contacts, e-mail correspondence, correspondence within electronic forms

Purpose of processing

  • Execution of the concluded contract or prior to its conclusion (legal basis: Article 6(1)(b) "GDPR");
  • Marketing and promotion of own and group companies' products and services, commercial offers (legal basis: Article 6(1)(a) and (f) "GDPR");
  • Providing answers to questions sent, conducting correspondence (legal basis: Article 6(1)(f) "GDPR");
  • Internal administrative purposes – conducting statistics, reporting (legal basis: Article 6(1)(f) "GDPR").

4. Processing method

Data received during meetings and found in the concluded Contracts

Purpose of processing

  • Execution of the concluded contract, i.e. purchase, sale of a product, services (legal basis: Article 6(1)(b) "GDPR");
  • For the purpose of ongoing contact resulting from a concluded contract or from actions taken to conclude a contract (legal basis: Article 6(1)(f) "GDPR");
  • Fulfillment of legal obligations of the Data Controller in connection with the need to keep accounting evidence (legal basis: Article 6(1)(c) "GDPR" in connection with tax regulations);
  • In order to pursue possible claims (legal basis: Article 6(1)(f) "GDPR")
  • Marketing and promotion of own and group companies' products and services, commercial offers (legal basis: Article 6(1)(a) and (f) "GDPR");
  • Internal administrative purposes – conducting statistics, reporting (legal basis: Article 6(1)(f) "GDPR").

Data of Contractors/Suppliers and other persons contacting the Controller

5. Processing method

Data received during meetings and found in the concluded Contracts

Purpose of processing

  • Performance of the concluded contract (legal basis: Article 6(1)(b) "GDPR");
  • For the purpose of ongoing contact resulting from a concluded contract or from actions taken to conclude a contract (legal basis: Article 6(1)(f) "GDPR");
  • Fulfillment of legal obligations of the Data Controller in connection with the need to keep accounting evidence (legal basis: Article 6(1)(c) "GDPR" in connection with tax regulations);
  • In order to pursue possible claims (legal basis: Article 6(1)(f) "GDPR”);
  • Internal administrative purposes – conducting statistics, reporting (legal basis: Article 6(1)(f) "GDPR").

6. Processing method

Data found in electronic and paper correspondence

Purpose of processing

  • Ongoing contact with our Contractors and Cooperating Entities with whom I have contracts, for the purpose of their implementation
  • Contact with companies and their representatives with whom we negotiate before concluding a contract;
  • Responding to any other inquiries that come to us at official addresses that allow electronic communication (Legal basis: Article 6(1)(a), (b) or (f) "GDPR").

7. Processing method

Use of GGN numbers in the Controller's business activities

Purpose of processing

  • Placement of an individual Global Gap certificate (GGN number) on the packaging labels of products offered to business associates,
  • Ensuring that the Controller can identify the supplier and transparency in the procurement process,
  • Enhancing the security of commercial cooperators by enabling verification of the origin of products supplied to commercial cooperators, and data verification by commercial cooperators,
  • Ensuring transparency in communications between the Controller and entities in the field of commercial activities,
  • Strengthening the confidence of the Controller's customers who are purchasers of products sold by the Controller in the performance of the contract concluded between the entity in the field of commercial activities and the Controller,
  • Shaping a positive image of the Controller by striving to provide entities in the field of commercial activities with safe, easily identifiable, high-quality products. (legal basis for processing Article 6(1)(f) "GDPR")

3. Period of retention of Personal Data:

Personal data will be processed by the Controller for the period necessary for the purposes indicated in point 2:

a) in connection with the execution of the concluded contract, until its completion, and after that time for the period and to the extent required by law, in particular for the storage of accounting evidence or to secure possible claims,

b) in connection with the marketing of products and services offered by the Controller, until the withdrawal of consent to such processing or until objecting if the marketing was direct and related to the Controller's own products or services;

c) in connection with the processing of GGN numbers – at least for the duration of the contract concluded between the Controller and entities cooperating in commercial activities. Where necessary for evidentiary purposes, Personal Data may also be stored until the statute of limitations for claims arising from business activities or the completion of court proceedings related to the aforementioned Contract.

4. Recipients of Personal Data:

Access to Personal Data may be provided to service providers who have been contractually entrusted with the processing of Personal Data for the performance of services provided to the Controller, in particular: entities operating IT systems or providing IT tools, entities cooperating with the Controller in accounting, tax and legal matters, however only to the extent necessary for the proper performance of those services – access to Personal Data is provided only to persons who are authorized to process Personal Data and who are obliged to maintain the confidentiality of the data and protect it against disclosure to unauthorized persons.

Access to Personal Data may also be available to business associates who are purchasers of products sold by the Controller in performance of the Contract entered into between the business associate and the Controller, to the extent of Personal Data affixed to the packaging of products sold by the Controller in performance of the Contract entered into between the business associate and the Controller.

5. Principles of Personal Data Collection:

Personal Data is generally obtained from you/the Supplier.

Personal data may also be obtained from publicly available sources such as the GLOBALG.A.P. register and the CEIDG or KRS business registers to verify the information provided by you/the Provider. The scope of the processed data will then be limited to the data publicly available in the relevant registers.

1) Where Personal Data will be obtained from publicly available records, the Controller will process the following categories of Personal Data:

a. In the case of an individual entrepreneur: name, business address, NIP, REGON, business registration number, Global Gap certificate (GGN number)

b. In the case of partners of a civil partnership: name, business name, business address, NIP, REGON, business registration number, Global Gap certificate (GGN number)

c. In the case of corporations and partnerships: name, registered office address, NIP, REGON, KRS, Global Gap certificate (GGN number).

2) In the event that Personal Data is provided to the Controller by the Customer/Contractor/Supplier as part of the contracts performed, the Controller will process the following categories of Personal Data:

a. Full name,

b. Role,

c. Email address or phone number.

6. Rights related to the processing of Personal Data:

The data subject may exercise the following rights against the Controller:

a) the right to request access to his Personal Data and obtain information about its processing, and if it is incorrect, he has the right to request its rectification (pursuant to Articles 15 and 16 GDPR),

b) the right to request the restriction of the processing of his data in the situations and on the terms indicated in Article 18 GDPR (the data subject may request the restriction of the processing of his personal data for the period of verification of its accuracy or until his objection to the processing is considered. This right also applies when, in the opinion of the data subject, the processing of his data is unlawful, but he does not want the data to be deleted immediately, or when he needs the data for longer than the assumed period of processing, due to issues of establishing or defending claims),

c) the right to request deletion of its Personal Data pursuant to Article 17 GDPR ("right to be forgotten"),

d) the right to object at any time to the processing of his Personal Data on grounds related to his particular situation (pursuant to Article 21(1) GDPR),

e) the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal, if the processing is carried out on the basis of previously issued consent to processing under Article 6(1)(a) GDPR.

In matters relating to the processing of Personal Data and the exercise of the rights of data subjects, you can contact the Controller (contact: abi@amplusfoods.com). A person who has made a request or demand for the processing of his Personal Data, in the exercise of his rights, may be asked to answer a number of questions to verify his identity.

In addition, the Data Subject has the right to lodge a complaint against the processing of his Personal Data by the Controller to the President of the Office for Personal Data Protection (address: 2 Stawki Street, 00-193 Warsaw).

7. Processing by the Personal Data Controller:

a) may be a contractual requirement and is necessary for the conclusion and performance of the contract,

b) may be voluntary for marketing of the Controller's products and services,

c) may be a statutory requirement and is necessary by law.

8. The Processed Personal Data is not transferred to a third country or international organization.