Privacy policy

Personal data protection and information security have always been a priority in the operations of PBSG S.A. As an example of a responsible and aware organization, we are committed to properly informing you about matters related to the processing of personal data, especially in light of the new data protection regulations, including the European Parliament and Council Regulation (EU) 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). We are aware that information has a certain value that must be protected in an appropriate manner. With your data security in mind, this document presents key information about the legal grounds for processing personal data, its use, and acquisition.

This privacy policy applies to all instances in which PBSG S.A. is the data controller and processes personal data. It applies to both personal data obtained directly from the data subject and cases where personal data has been obtained from other sources. PBSG S.A. fulfills its information obligations in both of the above situations, as specified in Articles 13 and 14 of the GDPR, in accordance with these provisions.

PBSG S.A. is the controller of marketing processes (including managing accounts on social media platforms), IT (including information systems where personal data is collected, such as from contractors), security incidents, and coordinates employee recruitment processes. The company also manages the website www.pbsg.pl, and therefore coordinates the processing of personal data submitted through forms on the site (e.g., via the contact form).

We want all information regarding the methods and legal grounds for processing personal data, as well as the purposes for which we process it, to be clear and understandable. We encourage you to familiarize yourself with the list of personal data processing operations presented below.

1. General Information

Each individual using our electronic services or visiting our website has control over the personal data they provide to us. We hereby inform you that the personal data we collect in this way is limited to the minimum necessary for providing services at the expected level.

2. Cookies

To a limited extent, we may automatically collect personal data through cookies on our websites. Cookies are small data files stored on a computer, tablet, or smartphone used to access websites. Cookies typically contain the website name, the duration of their storage on the device, and a unique identifier.

On the website, visitors will be presented with information about cookies in accordance with legal requirements until the visitor accepts or closes the information. The data about the acceptance of this information will be saved in cookies on the visitor’s computer.

Our website and the services it offers use cookies for the following purposes:

• Statistical purposes
• Website and service configuration (enabling us to place functions and services on the website)
• Authentication (they may inform users, including yourself, that they are logged in, allowing the website to display relevant information and functions)
• Analyzing and studying your (as a portal user) behavior—this allows us to read preferences related to the services we provide and, consequently, analyze, improve, and develop the products and services offered.
• Advertising purposes—thanks to cookies, we can deliver more interesting and personalized advertisements to you, which may appear in remarketing campaigns after visiting our website, such as Facebook ADS, LinkedIn ADS, Google ADS.

Collected information includes the IP address, browser type, language, operating system type, Internet service provider, time and date of location, and information sent to the website via the contact form.

The collected data is monitored by us. We use tools related to contact profiling through a Marketing Automation system, and for analyzing the use of our website, we use tools like Google Analytics, which record your activity on the site.

The service uses two types of cookies: “session” cookies and “persistent” cookies. Session cookies are temporary files stored on the user’s device until they log out, leave the website, or close the browser. Persistent cookies are stored on the user’s device for a specified time or until they are deleted by the user.

The following types of cookies are used on the service:

a) “Necessary” cookies, enabling the use of services available on the website; b) Security cookies; c) “Performance” cookies, collecting information about how the website is used; d) “Functional” cookies, allowing the user’s selected settings and interface customization to be “remembered.”

In many cases, the software used to browse websites (browser) by default allows the storage of cookies on the user’s device. Users of the service can change cookie settings at any time. These settings can be adjusted to block automatic handling of cookies in the browser settings or to inform the user of each instance of cookie placement. Detailed information on cookie management is available in the browser settings. Deleting or blocking cookies is always possible, and the user can do so in the appropriate settings of their browser.

Please note that restricting the use of cookies may affect some functionalities available on the service’s websites.

Cookies placed on the user’s device may also be used by advertisers and partners cooperating with us.

3. Submissions and Online Forms

Visitors to the PBSG S.A. website have the option to contact the company by filling out a contact form. In using the forms, it is necessary to provide personal data. This data is processed only for the purpose for which it was provided and with your explicit consent. Consent for contact forms is given through your deliberate action (so-called implied consent), i.e., by submitting the form and providing personal data.

4. Use of Social Plugins

On the website https://pbsg.pl/, we use so-called Social Plugins (“Plugins”) from the social networks Facebook and LinkedIn. If the user interacts with the plugin, cookies will be used to identify the user and initiate the request.

Once the plugin is activated, the user’s personal data is transferred to the respective plugin provider and stored on their servers. Since the plugin provider collects this data primarily through cookies, we recommend deleting all cookies via the browser security settings.

PBSG S.A. has no influence over the data collected and the data processing processes, nor knowledge of the full extent of data collection, the purpose of processing, or the retention period. We also do not have information about the deletion of data collected by the plugin providers. Through the plugin mechanism, the user can integrate with social networks and other users, which allows us to improve our offerings and make them more aligned with user preferences.

The legal basis for using the plugins is defined in Article 6(1)(f) of the GDPR.

Further information on the purpose and scope of data collection and processing by Facebook or LinkedIn can be found in the privacy policies of the plugin providers:

Facebook: http://www.facebook.com/about/privacy/
LinkedIn: https://pl.linkedin.com/legal/privacy-policy

These also provide information on user rights and settings to protect privacy.

5. Photos

The photos and icons displayed on the website are the property of PBSG S.A. or come from image and icon banks such as Freepik, Flaticon, or were purchased from agencies as materials for the website.

From individuals contacting PBSG S.A. for information about the offer, providing feedback, or intending to enter into a contract, we collect the following personal data: first name, last name, email address, and phone number.

We kindly request that you do not provide any sensitive personal data through our websites, as defined in Article 9(1) of the GDPR (such as information about race or ethnic origin, political opinions, religious or philosophical beliefs, membership in trade unions, data concerning physical or mental health, genetic data, biometric data, information about sexual life or sexual orientation, and criminal history). If such information is provided for any reason, it will be considered explicit consent for us to collect and use such information in the manner outlined in this document or specified at the place where the information was disclosed.

PBSG S.A. processes the personal data of its clients and potential clients. This may also include the personal data of contact persons on the side of clients and potential clients (their employees). Such personal data is processed in the information systems used by PBSG S.A., including the CRM system. The personal data processed for these purposes includes, among others: first name, last name, employer’s name, position of the contact person, phone number, email address, or other business contact details.

IV.4. Processing of personal data of individuals who like the PBSG S.A. business profile

The personal data of individuals who like the PBSG S.A. business profile, available on Facebook at the address: https://www.facebook.com/pl.pbsg/ or LinkedIn at the address: https://pl.linkedin.com/company/pbsg-sa/, will be processed for the purpose of managing and administering the PBSG S.A. business profile, communicating with users, responding to questions, interacting, informing about organized events, sharing interesting information, and offering services and products by the Administrator, as well as creating a community on Facebook.

In this regard, PBSG S.A., as the Administrator of the business profiles on Facebook and LinkedIn, may generate anonymous statistical data about visitors using the features provided by Facebook or LinkedIn. The basis for processing the data is consent. Users voluntarily decide to like/follow/interact with the profile/page/group on the respective social media platform.

The rules governing the PBSG S.A. business profile on Facebook/LinkedIn are established by the Administrator, but the terms for participating in the Facebook platform are governed by Facebook’s terms of service (joint administrator), and for LinkedIn, by LinkedIn’s terms of service. At any time, users may stop following or even block the Administrator’s profile on Facebook/LinkedIn. Due to the specific nature of the platforms used by the Administrator, only using the “block user” option will prevent content created by the Administrator from being displayed to the user. Other content available on the social media platform remains public. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

The Administrator processes publicly available personal data, such as name, surname, and general information, which are posted on users’ profiles and are publicly accessible. Processing of other personal data is done by the social media platform Facebook/LinkedIn in accordance with the terms and conditions set forth in its regulations. Under no circumstances will the data of individuals who liked the PBSG S.A. business profile on Facebook/LinkedIn be used for any purpose other than the one for which they were provided. Personal data may be transferred outside of Poland, the European Union, and the European Economic Area as part of the operation of these social media platforms.

Additionally, the Administrator points out that data from Facebook is collected via cookies, each containing a unique user code (active for two years and stored by Facebook on the computer’s hard drive or any other medium of individuals visiting the profile). The user code, which can be linked to connection data from users registered on Facebook, is retrieved and processed when the business profile is opened. Although this data is anonymous, PBSG S.A. may request Facebook to process it in the following areas:

• Demographic data (e.g., trends in age, gender, marital status, and professional status)
• Information about lifestyle and interests
• Geographical data that allows determining where to conduct special promotions or organize events, and how to best target the informational offer.

Additional information regarding electronic correspondence

If you wish to send us an email, please note that unencrypted email messages transmitted over the Internet are not adequately protected from unauthorized access by third parties.

The personal data of job applicants is collected for the purpose of ongoing recruitment and taking actions prior to entering into a contract. The company may also process data if the job applicant has given consent for their data to be processed, including for future recruitment purposes.

The data of job applicants will be processed during the recruitment process and for a maximum of three years after its completion, i.e., until the time when potential claims can be made.

If the processing is based on consent for participation in future recruitment processes, the personal data will be processed until the consent is withdrawn.

PBSG S.A. processes and stores personal data for periods depending on the legal basis for data processing. We inform you that PBSG S.A. processes personal data based on the following grounds:

1. Consent
   The processing period lasts until the consent is withdrawn by the data subject or the purpose of processing is completed.
2. Legitimate Interest of the Data Controller
   The processing period lasts until the legitimate interest ceases (e.g., the statute of limitations for civil claims) or until the data subject objects to further processing, in situations where such objection is granted by law.
3. Applicable Legal Provisions
   The processing periods for data based on legal provisions are determined by those regulations.

In the absence of specific legal or contractual requirements, the basic retention period for data, including records and other documentary evidence created during the performance of a contract, is a maximum of 6 years.

Personal data is shared with other entities based on legal requirements or in connection with the purpose for which the data was provided to us. We declare that we only use services from reliable entities, known in the local market, and that guarantee data security. The contracts under which we entrust the processing of personal data include provisions on the required protection measures to ensure the confidentiality, integrity, and availability of the data provided.

We may share personal data with companies or other trusted business partners who provide services on behalf of the company, as well as with entities we cooperate with. Additionally, data may be shared with providers of services such as debt collection, tax, legal, or accounting services. Personal data is shared with these entities and other third parties only when necessary to perform the services requested or authorized by the individuals whose data is concerned, to protect rights, property, or safety, or when the company is required to do so under applicable laws, court orders, or regulations from other authorities, or if disclosure is otherwise necessary to support legal or criminal proceedings or a court process.

Furthermore, access to personal data will be granted to authorized employees of the company.

The rights of individuals regarding the processing of personal data include:

a) Right of Access to the content of their personal data;
b) Right to Rectification of data;
c) Right to Restrict Processing of data;
d) Right to Erasure of data;
e) Right to Data Portability to another data controller.

These rights can be exercised by contacting us via email at rodo@pbsg.pl or by mail at: PBSG S.A., ul. Szyperska 14, Poznań 61-754.

Individuals have specific rights concerning their personal data, and PBSG S.A. as the data controller is responsible for ensuring the fulfillment of these rights in accordance with applicable laws.

We would also like to inform you that each individual has the right to object to the processing of their personal data. In the case of data processed based on a legitimate interest, the individual has the right to object on grounds related to their particular situation. If this right is exercised, the company will cease processing the data for that purpose unless it demonstrates the existence of compelling legitimate grounds for processing, overriding the interests, rights, and freedoms of the individual, or the grounds for establishing, exercising, or defending legal claims.

The right to object can be exercised by contacting us via email at rodo@pbsg.pl or by mail at: PBSG S.A., ul. Szyperska 14, Poznań 61-754.

We are committed to regularly reviewing this Privacy Policy and making changes when necessary or desirable due to: new legal regulations, new guidelines from supervisory authorities responsible for personal data protection processes, or best practices applied in the field of personal data protection.