The owner of the website on the domain www.krgroup.pl together with all the functions, subpages and tools offered by the site (the “Site”) is KR Group sp. z o.o. with its registered office at ul. Skaryszewska 7, 03-802 Warsaw (“KR Group” or “Company”).
The information provided on the Site is prepared by KR Group or its partners and is published with their consent.
All information, data and materials included in the Site are offered free of charge and solely for informational and promotional purposes. No information on the site shall constitute financial, account, tax, legal or HR/payroll advice. Persons interested in obtaining more detailed information or accounting, tax, legal or HR/payroll advice are invited to contact KR Group directly. KR Group makes all reasonable efforts to ensure the accuracy of information, materials and publications on the Site, but cannot exclude the risk of inaccuracies.
KR Group shall not be liable for the consequences of actions, including losses, resulting from any interpretation and/or use of information, materials or publications on the Site or in the Newsletter published by KR Group.
The Site includes links to other websites belonging to third parties. KR Group shall not be liable for information found on such sites.
KR Group shall not be liable for any defects in the Site that could expose users to injury, in particular as a result of the activity of computer viruses or malware.
All materials and publications included in the KR Group Site are subject to protection under the Act on Copyright and Related Rights of 4 February 1994 (Journal of Laws Dz.U. 2017 item 880, as amended) and other commonly binding regulations governing the protection of intellectual property. Use of materials and publications included in the Site, including text, graphics or programming code, in whole or part, for purposes other than personal use, shall require the prior written consent of KR Group in each instance.
Users may print or distribute content included in the Site (e.g. via links in social media) only when the use of the content is of a private and non-commercial nature and the user retains all information about copyright or trademarks or other disclaimers included in the materials or copies.
The name and logo of KR Group are registered trademarks of KR Group. Use of such marks shall require the prior written consent of KR Group.
KR Group places great importance on protecting the confidentiality and privacy of information entrusted to it. We aim to ensure users of the Site protection of their privacy at a level at least as stringent as that provided for in applicable legal regulations. We hereby state that by using the Site, users consent to collection, processing and use of the data indicated hereinbelow.
An IP address is a number assigned to the user’s computer when it connects to the internet, enabling communication between the computer and the server. The IP addresses of users visiting the Site may be recorded in order to ensure the security of the IT system or for diagnostic purposes. This information may also be used for analysis of internet trends and for evaluation of the operation of the Site.
The Site uses Google Analytics, a web analysis service of Google Inc. This means that data concerning for example the geographical location of the computer or the user’s mobile device may be recorded and evaluated anonymously for statistical purposes. Such data are collected for the purpose of improving our services and tailoring the service to the users’ needs.
Online applications and forms
The Site offers various options for users to contact KR Group. In the case of the contact form, service estimate, or form for subscription to the KR Group Newsletter, users may be requested to provide basic personal data and other information enabling contact to respond to inquiries or pursue requests. If users make use of a form available at the Site, the personal data and other information provided by the user will be forwarded automatically by the server by email to the KR Group employee responsible for the given form. Personal data and other information obtained by KR Group by this route will be collected, processed and used only for responding to the user’s inquiry.
Widgets and social media apps
Functions have been implemented in the KR Group Site enabling content to be shared using social media apps of third parties such as LinkedIn, Facebook and Twitter. These social media apps may collect and use data concerning the activity of users on the KR Group Site. Personal data provided by users via such social media apps may be collected and used by other users of such social media apps, and the interactions conducted through them will be subject to the privacy policies of the providers of those apps. KR Group has no influence over and does not assume responsibility for the actions of such entities or their use of users’ data.
- The Personal Data Controller (PDC)
- The scope and purposes of personal data processing
- The manner in which personal data are acquired and collected
- The rights of data subjects
- The making available and entrusting of personal data to others
- The measures to safeguard personal data.
Please note the following:
The Controller of your personal data submitted when using the Website services is: KR GROUP Sp. z o.o. with its seat in Warsaw at Skaryszewska 7, represented by the President of the Board, hereinafter referred to as KR GROUP Sp. z o.o. or Company.
Personal data of Website Users are processed in accordance with the Personal Data Protection Act dated 29 August, 1997 (J. of Laws of 2016, Item 922), the Electronic Supply of Services Act dated 18 July, 2002 (J. of Laws of 2017, Item 1219), REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union L 119 of 4 May, 2016).
- Personal Data Controller (PDC) – shall mean a body, organisational unit, entity or person deciding about the purposes and means of the processing of personal data. The Personal Data Controller is KR GROUP Sp. z o.o. with its seat in Warsaw at Skaryszewska 7, 03-802 Warszawa, represented by the President of the Board;
- Personal data – shall mean any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
- Website notices (check box) – notices which should be located beneath the contact form through which PDC collects user personal data;
- Website – all services supplied through the www.krgroup.eu website, in particular the Newsletter service and the ability to use the Contact Form to contact the site;
- Electronically supplied services – all services performed through the sending and receiving of data through IT systems at an individual request of service recipient (customer), without the simultaneous physical presence of the parties, transmitted via public networks, in accordance with the Electronic Supply of Services Act dated 18 July, 2002 (J. of Laws of 2017, Item 1219);
- Website User – a person who voluntarily avails of the services available at the Website, i.e. browses the web pages of the Website, subscribes to a free Newsletter, or contacts the Website owner via the Contact Form;
- Data processing – the carrying out of any operation on personal data, such as data collection, data modification, data archiving, or data erasure.
The Scope and Purpose of Personal Data Processing
The provisions of this Policy refer to all groups using the Website and the services provided at www.krgroup.eu, in particular the following:
- persons who order free subscription (Newsletter);
- person who communicate via the Contact Form.
Your personal data is processed with the intention of providing a free-of-charge Newsletter service and replying to the questions submitted via the Contact Form.
The submission of personal data is requisite, for the nature of the services provided via the Website renders their performance – i.e. replying to a question submitted via the Contact Form or sending the Newsletter – impossible, if anonymous.
The scope of the personal data processed is reduced to a minimum required to provide the Website services. The submission of any additional data, not requisite to provide the service, is voluntary and requires an express consent of the Website User to their further processing.
Data required when subscribing to the Newsletter:
- Email address;
- Full name used to personalize the message;
- Name of the company on behalf of which you contact us.
Even though the submission of personal data is voluntary, it is requisite to provide subscription services.
The free-of-charge Newsletter service involves the communication of information form area of finances, accountancy, tax law, HR & payroll, Company activities, and up-to-date events and offers related to the services provided.
The service User is notified thereof at the time of subscribing to the Newsletter. Personal data are processed pursuant to Article 23(1)(1) of the Regulation of the European Parliament and of the Council on the protection of personal data (General Data Protection Regulation), which means that the Controller may process said data only when the data subject gives his consent thereto.
KR GROUP Sp. z o.o. does not introduce personal data to the Newsletter data base. The Users themselves introduce themselves into the list. The User (owner of the email address) must confirm his subscription by clicking on the activation link, which is sent to the email address provided. This is the only way in which confirmed emails are introduced into the Newsletter data base.
The person which subscribed to the Newsletter may, at any time, update his data by contacting the Data Controller via the Contact Form.
Personal data of the User availing of the Contact Form are processed pursuant to Article 23(1)(1) of the Regulation of the European Parliament and of the Council on the protection of personal data (General Data Protection Regulation), which means that the Controller may process said data to answer any question you asked using the Form. Personal data of persons who do not enter into a contract with Personal Data Controller are erased.
Even though data are provided voluntarily, their provision is requisite to send a question and receive a reply. In addition, the provision of personal data serves the purpose of User personalisation.
Email addresses submitted via the Contact Form are not automatically introduced to the Newsletter data base. The service may be subscribed to independently by the Website User.
How Personal Data Are Acquired
Personal data of the Users of our Website are collected directly from data subjects, i.e. through
- The filling in of the Contact Form when submitting a question via the web page;
- The filling in of the Newsletter subscription form.
The Rights of Data Subjects
Irrespective of the purpose of personal data processing, at any time, as the Users of our Website, you have the following rights:
- The right to access the contents of the personal data provided;
- The right to demand that the provided personal data be supplemented, updated, corrected, and that the processing of data be temporarily or permanently suspended;
- The right to remove the data provided, should the data be incomplete, outdated, untrue, or collected in violation of the law, or no longer required for their designated purpose;
- To right to be forgotten;
- The right to limit the processing of personal data;
- The right to transfer the personal data provided, should the data be processed in an automated way subject to a consent or contract;
- The right to object;
- The right to be excluded from profiling;
- The right to withdraw the consent to process one’s personal data at any time, should the processing of such data be subject to a consent;
- Every 6 months, the right to verify the processing of personal data with respect to the existence of the filling system wherein data are processed, to obtain up-to-date information regarding the controller of data and the purpose, scope and method of their processing, and about their contents, source, and the way of data provision, and the recipients or categories of recipients of the personal data provided;
- The right to file a complaint with the inspector general for personal data protection, should the data controller not account for:
- Your right to verify data, or will process data despite a written and justified request to stop processing said data in view of your special circumstances;
- Your objection to personal data processing in the event that the Data Controller processes data because it would be requisite to meet legally justified aims, and the processing does not infringe the rights and freedoms of the data subject, such as the marketing of own products and services of Personal Data Controller.
Making Available and Entrusting Personal Data
We hereby inform you that your personal data shall not be made available to other entities, except for the event when the Data Controller making available said data or the Data Controller acquiring data the way they were provided, have an appropriate legal basis to justify the above.
The Website owner, as the Personal Data Controller, shall refuse to make available personal data in the event that would cause a substantial infringement of personality rights of data subjects or other persons, and in a situation when personal data are not substantially related to the indicated grounds of actions of the entity applying for data provision.
Pursuant to Article 31 of the personal protection Act, your data may be entrusted to other entities with the intention of performing certain services conducted at the request of Data Controller, in particular the service of hosting, or newsletter automation, only subject to a contract agreement.
Entities whose data is entrusted are obliged to avail of any and all technical and organisational measures to safeguard said data.
It is recommended that one examines the privacy policies available on external web pages after clicking on the links, e.g. when redirected to websites via which the Data Controller communicates information or organises own events.
Links to external resources are placed on the Controller’s web pages with the sole purpose of allowing the User to examine requisite information or full details of an event etc., should it be organised or carried out via external services.
Measures to Safeguard Personal Data
The Data Controller applies technical and organisational measures to safeguard the processing of personal data, ensuring protection suited to the risks and the category of data under protection, and above all, protects data against their provision to any unauthorised parties, their taking by an unauthorised party, their processing with the infringement of the law, and their change, loss, damage or destruction.
The Data Controller has developed and implemented all and any requisite personal data files in the form of the policy of information safety and the manual of IT system management.
Access to personal data is limited only to parties authorised by the Data Controller, who are bound by obligation of secrecy as to the data and the measures to safeguard them, upon the signing of a confidentiality statement.
To exercise your right to verify data, to access data contents, and to correct them, you may contact the Data Controller via the Contact Form available at our Website.
Document for download: