Privacy Policy

The Privacy Policy explains how we process your personal data when you use our website and the functionalities available on it. It also applies to situations in which your data may be processed for other purposes related to our business. In the Policy you will also find information about cookies and similar technologies used on the website.

Personal data controller

Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“RODO“).

The administrator of the personal data is TiA spółka z ograniczoną odpowiedzialnością with its registered office in Przeworsk (37-200), Głęboka 34 Street, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court in Rzeszów, XII Economic Department of the National Court Register under KRS number: 0000401518, NIP: 7941513356, REGON: 650893664, e-mail: kontakt@tia.com.pl (“Administrator” or “TiA“).

Contact with the Administrator is possible by letter or e-mail to the addresses listed above.

Categories of people whose data TiA processes

The Privacy Policy applies to the Administrator’s processing of personal data of the following categories of persons:

1. people who contact TiA through communication channels such as e-mail address, telephone, contact forms, instant messaging, mail;
2. individuals who have consented to TiA sending marketing information (newsletters);
3. visitors to TiA’s social media profiles, including those who contact the Administrator through the functionalities available within these profiles;
4. visitors to the TiA website available at https://tia.com.pl/ (the “Website“);
5. persons who are potential customers (“PotentialCustomers“) or potential contractors of TiA (“Potential Contractors”) or their employees/co-workers (“Contact Persons“);
6. persons who are customers (“Customers“) or contractors (“Counterparties“) of TiA or persons representing customers or contractors of TiA (“Representatives“),
7. candidates for employment or cooperation sending application documents to TiA (“Candidates“).

Purposes and legal basis for processing personal data

The Administrator processes personal data of the persons indicated in point. 2 of the Privacy Policy for the following purposes and on the following legal grounds:

1. in the case of persons contacting TiA via communication channels such as e-mail address, telephone, contact forms, instant messaging, mail, the Administrator processes personal data for the purpose of correspondence with such persons, including responding to inquiries sent to TiA, which constitutes the Administrator’s legitimate interest pursuant to Article 6(1)(f) of the RODO;
2. for individuals who have consented to TiA sending marketing information (newsletters), the Administrator shall process data for marketing purposes and sending marketing information in the event of the individual’s consent (within the meaning of Article 398 of the Electronic Communications Law of July 12, 2024) in accordance with Article 6(1)(a) of the RODO;
3. in the case of visitors to TiA’s social media profiles, the Administrator processes the data in order to inform, through the social media profiles maintained, about activities, services, products, events, to share knowledge, as well as to build and maintain communities and to communicate through the available functionalities of a given service (comments, messages, including event sign-ups), and furthermore to conduct analyses of the functioning, popularity, use of social media profiles, which constitutes the Administrator’s legitimate interest in accordance with Article 6(1)(f) of the RODO;
4. in the case of visitors to the Website, the Administrator processes data in order to enable the use of the Website and its functionalities, which is the Administrator’s legitimate interest under Article 6(1)(f) RODO (in the case of the use of essential cookies or similar technologies) or for analytical, advertising and other purposes, depending on which cookies have been authorized by the user under Article 6(1)(a) RODO, i.e. on the basis of consent (in the case of non-essential cookies or similar technologies);
5. in the case of Potential Customers, Potential Contractors or Contact Persons, the Administrator processes personal data in order to learn the specifics of the Potential Customer’s or Potential Contractor’s industry activities and establish a business relationship with them, which constitutes the Administrator’s legitimate interest pursuant to Article 6(1)(f) of the RODO;
6. in the case of Clients or Contractors, the Administrator processes personal data in order to: (i) entering into or executing a contract with these entities, on the basis of Article 6(1)(b) RODO, (ii) making settlements with the Client or Contractor and keeping accounting records, i.e. fulfilling the Administrator’s legal obligations, on the basis of Article 6(1)(c) RODO in connection with accounting and tax regulations;
7. in the case of Representatives, the Administrator processes personal data in order to: (i) entering into or executing a contract with the entities represented by the Representative, which constitutes the legitimate interest of the Administrator pursuant to Article 6(1)(f) of the RODO, (ii) making settlements with the Customer or Contractor whom the Representative represents and maintaining accounting records, i.e. fulfilling legal obligations incumbent on the Administrator, pursuant to Article 6(1)(c) of the RODO in connection with accounting and tax regulations;
8. in the case of Candidates, the Administrator processes personal data in order to: (i) carrying out the recruitment process, based on Article 6(1)(c) RODO – in the scope of personal data indicated in Article²²¹ § 1 of the Labor Code (first or first names, surname, date of birth, contact data, education, professional qualifications, course of previous employment) – the processing of personal data is necessary to fulfill a legal obligation incumbent on the Administrator; in the case where employment is to take place on the basis of a contract of mandate, the Administrator processes data for the above purpose and in the scope indicated above based on Art. 6(1)(b) RODO, i.e. the processing is necessary to take action at the request of the data subject prior to entering into a contract, (ii) to fulfill obligations and exercise specific rights of the Administrator or the data subject in the field of labor law, social security and social protection, based on Art. 9(2)(b) RODO. (b) RODO in connection with the provisions of the Law on Vocational and Social Rehabilitation and Employment of Persons with Disabilities – with regard to data on disability (in case a contract of employment is to be concluded and the candidate provides such data on his/her own initiative in the application documents), (iii) to carry out the recruitment process, on the basis of consent for the processing of personal data, i.e. personal data other than those indicated in the points above, provided in the resume, form, cover letter and other documents; the basis for the processing is the aforementioned consent (Art. 6(1) lit. (a) RODO, and in the case of special categories of data – Article 9 (2) (a) RODO), (iv) realization of the legitimate interest of the Administrator with regard to the data obtained from the Candidate during the recruitment process in connection with the verification of the skills and abilities needed to work in the position specified in the advertisement; the basis for the processing of this data is our legitimate interest (Art. 6(1)(f) RODO), (v) to carry out future recruitment processes, based on your consent to the processing of personal data provided in your resume, form, cover letter and other documents. The basis for processing is this consent (Article 6(1)(a) RODO, and in the case of special categories of data, Article 9(2)(a) RODO);
9. In addition, the Administrator may process the personal data of all persons identified above for the purpose of establishing, asserting and defending claims, which constitutes the Administrator’s legitimate interest under Article 6(1)(f) of the DPA.

Source of data acquisition and scope of personal data processed

As a rule, the controller receives personal data directly from the data subject.

In the case of Potential Customers, Potential Contract ors or Contact Persons, TiA may obtain personal data from its own Customers, Contractors or their Representatives, as well as from publicly available sources, such as websites of Potential Customers or Potential Contractors or purchasing groups to which these entities belong. In the case of Representatives, the Administrator may receive data from the Customer or Contractor represented by a given Representative. The Administrator then processes the data of the above-mentioned persons to the following extent: first name, last name, business contact information, position/function, information about the affiliation with the respective entity.

In the case of visitors to TiA’s social media profiles, the Administrator may process the following categories of personal data: user ID (which may include first and last name, job title and other information), identification and other information to the extent published by the individual on a given social media platform, profile photo (image), content of comments posted on the Administrator’s social media profile and content of a conversation held with the individual by TiA through a given portal, statistical data on visits to the Administrator’s social media profile.

In the case of processing personal data of visitors to the Website, the Administrator may process the following types of information that may constitute personal data: IP address, Internet identifiers, information about activity on the Website, time of arrival of the request, time of sending the response, name of the user’s station (identification carried out by the HTTP protocol), information about errors that occurred during the execution of HTTP transactions, URL address of the page previously visited by the user (referer link) – in case the passage to the Website occurred through a link, information about the user’s browser.

Voluntariness or obligation to provide personal data

Where personal data is processed for the purpose of fulfilling TiA’s legal obligations, the provision of such data is mandatory and follows from applicable laws. Provision of personal data is also necessary for the conclusion and execution of the contract – without such data it will not be possible to conclude or execute the contract, or to take part in the recruitment process (to the extent of the data required under the Labor Code or necessary to take action before concluding the contract). Provision of data in the remaining scope is needed to achieve the purposes of processing, but is voluntary.

Period of personal data processing

Personal data will be kept for the period necessary for the purposes for which they are processed (in particular, for the duration of the contract, until the end of the recruitment process, until the expiration of the periods provided for by the relevant laws).

If the basis for processing is the legitimate interest of the Administrator, the data will be processed until that legitimate interest is realized or until an effective objection is made – whichever comes first. If processing is based on consent – data will be processed until the consent is withdrawn.

The Administrator may store personal data in particular when the processing is necessary for the establishment or assertion of claims or defense against claims, and thereafter only if and to the extent required by law.

Information contained in private messages sent via social media profiles will be stored for the message retention period specified by the operator of the respective portal.

Personal data processed in connection with the use of necessary cookies or similar technologies will be stored for the period of their validity. Personal data processed in connection with the use of cookies or similar technologies other than essential will be kept for the period of their individual validity, but no longer than until you withdraw your consent.

Recipients of data and transfer of data outside the EEA

Personal data processed by the Administrator may be disclosed to the following entities: TiA’s employees and associates, IT service providers, hosting providers, and other providers of services related to the processing of personal data, on the basis of an appropriate agreement. These entities will be disclosed only those personal data that are necessary for the performance of the contract linking TiA with such entity.

Personal data processed by the Administrator may be made available to entities and authorities authorized to process such data under the law.

In connection with TiA’s social media profiles and use of cookies or similar technologies on the Website, your personal data is transferred to the operator of the relevant social media platform or to the providers of cookies or similar technologies, respectively. The indicated entities may, in turn, transfer personal data to companies in the USA or in other countries outside the European Economic Area, which requires them to provide adequate safeguards for data transfer in accordance with the provisions of Chapter V of the RODO. Detailed information on the privacy policies of the above entities is available in their privacy policies.

The Administrator does not intend to transfer the personal data it processes to countries outside the European Economic Area or international organizations. Any transfer of data outside the European Economic Area may only take place if it is necessary for the purposes of processing, and the transfer will take place in accordance with the provisions of Chapter V of the RODO.

Rights of persons related to the processing of personal data

A person whose personal data is processed by TiA has the following rights:

1. The right to access your data;
2. The right to request rectification of your data;
3. The right to request deletion of your data;
4. The right to request restrictions on the processing of your data;
5. The right to portability of his/her data, i.e. to receive from TiA personal data concerning him/her, which he/she has provided to TiA, in a structured, commonly used machine-readable format, in case personal data is processed on the basis of consent or contract by automated means; the data subject may request TiA to send his/her personal data, which he/she has provided to TiA, to another controller;
6. The right to object to the processing of personal data due to the particular situation of a person, to the extent that the processing is based on the premise of TiA’s legitimate interest;
7. The right to withdraw consent to the processing of personal data, if the data is processed on the basis of consent; consent may be withdrawn at any time, which, however, does not affect the lawfulness of processing carried out before its withdrawal.

In order to exercise the above-mentioned rights, you should contact the Administrator by letter or e-mail to: rodo@tia.com.pl

In addition, a person whose personal data is processed has the right to lodge a complaint with the supervisory authority in charge of personal data protection (the President of the Office for Personal Data Protection) if he or she believes that the processing of data violates the RODO.

Cookies or similar technologies

Depending on the settings of the person visiting the Website (the user) via the banner displayed when first visiting the Website, in addition to technically necessary cookies or similar technologies (hereinafter collectively referred to as “cookies“), the Administrator may use cookies for statistical, analytical or advertising purposes.

Cookies are small packets of data that are stored locally in the cache or hard drive of the device from which a person accesses the Website. In addition to cookies, other technologies that collect information about a user’s behavior on the Website are also used.

In accordance with applicable law, the Administrator may store cookies on a user’s device if it is necessary for the functioning of the Website (these cookies are described below as necessary). For the use of any other type of cookies (especially analytical or advertising cookies), the Administrator needs the user’s prior consent.

Necessary cookies are automatically installed on your device when you access the Website or make certain choices/activities on the Website.

If the user consents to it during the first visit to the Website or later through the cookie settings panel, the Administrator may also use statistical, analytical or advertising cookies. Detailed information about the cookies used on the Website (their type, purpose, provider, period of information storage) can be found in the settings panel available on the Website. The Website user may change his/her cookie settings at any time, using the settings panel available on the Website (if the Administrator has implemented it on the Website in connection with the use of non-essential cookies) or through the settings of his/her web browser