Privacy Policy

Kolej Bałtycka S.A. Privacy Policy

Pursuant to Art. 13.1 and Art. 13.2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), we would like to inform you that:

  1. The data controller of your data is Kolej Bałtycka S.A. with its registered office in Szczecin at ul. Zbożowa 4, entered into the Register of Entrepreneurs under the KRS number: 0000022450, for which the registration files are kept by the District Court Szczecin Centrum, 13th Commercial Division, NIP: 851-27-19-974, REGON: 812322560. Data protection is carried out in accordance with the requirements of generally applicable law, and data are stored on secured servers.
  2. Contact details of Kolej Bałtycka S.A. can be found at: https://kolejbaltycka.pl/kontakt/dane-kontaktowe/.
  3. The legal basis for the processing of your personal data is Article 6.1(a) or (b) or (f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
  4. The legitimate interest pursued by the data controller is to establish or maintain business relations with you and to market the services of Kolej Bałtycka S.A.
  5. The processed categories of your personal data are personal data that come directly from you (or were provided on your behalf) or personal data that were collected from publicly available sources, in particular: name and surname, e-mail address, contact telephone number, correspondence address.
  6. The recipients of your personal data are authorized employees and collaborators of Kolej Bałtycka S.A. and entities processing personal data on behalf of the administrator, including: IT service providers, marketing agencies, research companies – only on the basis of an appropriate contract.
  7. The data controller does not process special categories of data. The data controller makes every effort to protect data against unauthorized access by third parties and in this respect applies high organizational and technical security measures. The data controller does not share data with any unauthorized recipients in accordance with the mandatory provisions of law in this regard.
  8. Your personal data will not be transferred to a third country or international organization.
  9. You have the following rights in connection with the processing of your personal data:
    a) the right to access your data, including obtaining a copy of the data,
    b) the right to request rectification of data,
    c) the right to delete data (in certain situations),
    d) the right to lodge a complaint with the supervisory authority responsible for the protection of personal data,
    e) the right to limit data processing.
  10. To the extent that your data are processed on the basis of consent, you can additionally exercise the following rights:
    a) the right to withdraw consent to the extent that they are processed on this basis. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
    b) the right to transfer personal data, i.e. to receive your personal data from the data controller in a structured, commonly used, machine-readable format.
  11. You have the right to lodge a complaint with the President of the Personal Data Protection Office (www.uodo.gov.pl), if you consider that the processing of your personal data violates the provisions of the General Data Protection Regulation.