Polityka prywatności

GDPR stands for the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016), which regulates the protection of personal data of individuals within the European Union. The purpose of the GDPR is to strengthen and unify the rules concerning the protection of personal data across the European Union.

This Policy aims to provide information on what personal data we collect, for what purposes, how we use them, and who we are. It also aims to indicate the rights you have concerning our processing of your personal data. This Privacy Policy does not apply to the processing of personal data of employees and collaborators.

Who is the data controller?

We hereby inform you that the controller of your personal data is: RNRS COMPANY Limited Liability Company with its registered office in Warsaw at Złota 75A / 7, registered in the District Court in Warsaw under KRS number: 0001104064, NIP: 5273111273, REGON: 528559690, hereinafter referred to as the “Data Controller.”

Contact regarding data protection is possible via email at: hello@rnrs.solutions or RNRS COMPANY Limited Liability Company, Złota 75A / 7, 00-819 Warsaw, with the note “GDPR.”

Data Protection Officer

The Administrator has not appointed a Data Protection Officer.

What are our purposes and legal grounds for processing personal data?

To provide services in accordance with the scope of our activities, the Data Controller processes your personal data for various purposes, but always in accordance with the law. Below are the specified purposes of processing personal data along with the legal bases:

1. To take actions at your request before concluding a service agreement in accordance with our scope of activity, we process the following personal data:

• Name and surname, company name, PESEL number, company headquarters, correspondence address, email address, phone number, NIP, REGON, KRS, website address, information contained in public registers, bank account number, employees’ data: name, surname, contact details, position.
• The legal basis for such data processing is Article 6(1)(b) of the GDPR, which allows the processing of personal data when necessary for the performance of a contract or to take steps at the request of the data subject before entering into a contract, but also Article 6(1)(f) of the GDPR (i.e., the legitimate interest of the data controller) when processing personal data of persons other than the other party to the future contract, e.g., persons acting on behalf of the contractor.

1. To conclude and perform the contract, i.e., provide services, we process the following personal data:

• Name and surname, company name, PESEL number, company headquarters, correspondence address, email address, phone number, NIP, REGON, KRS, website address, information contained in public registers, bank account number, employees’ data: name, surname, contact details, position, but also other personal data included in the documentation you provide to us.
• The legal basis for such data processing is Article 6(1)(b) of the GDPR, which allows the processing of personal data when necessary for the performance of a contract or to take steps at the request of the data subject before entering into a contract between us.

1. To fulfill our legal obligations, e.g., issuing VAT invoices, accounting documents, and making tax settlements, we process the following personal data:

• Name and surname, company name, PESEL number, company headquarters, correspondence address, email address, phone number, NIP, REGON, KRS, website address, information contained in public registers, bank account number, employees’ data: name, surname, contact details, position.
• The legal basis for such data processing is Article 6(1)(c) of the GDPR, which allows the processing of personal data when such processing is necessary for the Administrator to comply with legal obligations.

1. To store unanswered offers/queries, we process the following personal data:

• Name and surname, company name, email address, phone number, or other data you provided to us.
• The legal basis for such data processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data when the Administrator pursues a legitimate interest (in this case, the Administrator’s interest is to allow the use of our services for a specified period without the need to repeat the offer).

1. To present your candidacy to an employer, we process the following personal data:

• First name(s) and surname, CV, contact details, documents created during the recruitment process. The legal basis for such data processing is Article 6(1)(a) of the GDPR, which allows the processing of personal data based on your consent.

1. To present your candidacy to a new employer in the future, we process the following personal data:

• First name(s) and surname, CV, contact details, documents created during the recruitment process. The legal basis for such data processing is Article 6(1)(a) of the GDPR, which allows the processing of personal data based on your consent.

1. For website administration (automatic logging of the following data in server logs each time you use our website www.rnrs.solutions), we may process the following personal data:

• IP address, server date and time, information about the web browser, information about the operating system. The legal basis for such data processing is Article 6(1)(f) of the GDPR, which allows the processing of personal data if this is necessary for the legitimate interest of the Administrator (in this case, the Administrator’s interest is to have the ability to administer the website). More information can be found in our Cookies Policy.

1. For direct marketing, we process the following data:

• First name and surname, company name, email address, phone number, correspondence address, data contained in public registers such as KRS, CEIDG, or other data you provided to us; The legal basis for such data processing is Article 6(1)(a) of the GDPR, which allows the processing of personal data based on voluntarily given consent, and Article 6(1)(f) of the GDPR, which allows the processing of personal data if this is necessary for the legitimate interest of the Administrator.

How to exercise the right to withdraw consent?

If the processing of personal data is based on your consent, you can withdraw this consent at any time at your discretion. If you wish to withdraw consent for the processing of personal data, you can:

• Send a letter directly to the Data Controller at the address: RNRS COMPANY Limited Liability Company, Złota 75A / 7, 00-819 Warsaw;
• Send an email to: hello@rnrs.solutions with the note “GDPR.”

If the processing of your personal data was based on consent, the withdrawal of consent does not render the processing of personal data that took place before the withdrawal illegal. In other words, until the consent is withdrawn, we have the right to process your personal data, and the withdrawal does not affect the lawfulness of the processing carried out before the withdrawal.

Requirement to provide personal data

The provision of any personal data is voluntary and depends on your decision. However, in some cases, providing certain personal data is necessary to meet your expectations regarding the service provided by the Data Controller.

To receive a commercial offer, it is necessary to provide an email address — without this, we are unable to meet your expectations and maintain the highest quality of service, which we highly value.

Do we conduct automated decision-making and profiling?

To carry out marketing activities, the Administrator sometimes uses profiling (Facebook Ads campaigns, Google Ads). This means that by automatic data processing, the Administrator evaluates selected factors related to individuals to analyze their behavior or create a forecast for the future. When performing such profiling, the Administrator does not take actions intended to have legal effects on the User or similarly significantly affect them.

To whom can we transfer your personal data?

We may transfer your data to our employees and collaborators who need access to the data to fulfill our obligations or actions on your behalf. Like most businesses, we also use the assistance of other entities, which often involves the transfer of personal data. Therefore, when necessary, we transfer your personal data to the following recipients:

• Entities providing marketing services, training, event organization to us;
• Entities managing our IT and telecommunication systems;
• Entities conducting payment activities (banks, payment institutions);
• Entities conducting postal and courier activities;
• Agencies/research institutes acting on our behalf.
• Entities providing us with advisory, consulting, auditing, legal, tax, accounting, HR, or training services;
• Entities seeking employees for their own needs.

Additionally, it may happen that, for example, based on the appropriate legal provision or decision of the competent authority, we will have to transfer your personal data to other entities, whether public or private, such as the Social Insurance Institution, Tax Office, National Tax Administration, etc. However, we assure you that we carefully and thoroughly analyze each request for the disclosure of personal data to ensure that we do not accidentally disclose information to an unauthorized person.

Do we transfer your personal data to third countries?

We hereby inform you that your personal data may be transferred outside the European Economic Area in connection with our use of cloud services from providers outside the EEA.

How long can we store your personal data?

In accordance with applicable law, we process your personal data for the time necessary to achieve the designated purpose. After this period, your personal data will be irreversibly deleted or destroyed. Regarding the specific periods of data processing, we kindly inform you that personal data is processed for the period:

• Of the contract duration, but also after its termination, but not longer than 5 years — in relation to personal data processed for the purpose of concluding and performing the contract; in relation to personal data related to the fulfillment of obligations under tax law, e.g., storing invoices, receipts;
• 1 year — in relation to personal data collected in connection with the submission of an offer, but where no contract has been concluded;
• Until consent is withdrawn or the purpose of processing is achieved, but not longer than 2 years — in relation to personal data processed based on consent; in relation to personal data processed based on the Administrator’s legitimate interest or for marketing purposes;
• Until it becomes outdated, loses its usefulness, or consent is withdrawn, but not longer than 5 years — in relation to personal data processed based on consent to present your candidacy to future employers.

Periods are calculated in years from the end of the year in which we started processing personal data, to streamline the process of deleting or destroying personal data. Separate counting of the term for each event would involve significant organizational and technical difficulties, as well as a significant financial outlay, so establishing a single date for deleting or destroying personal data allows us to manage this process more efficiently.

Right to be forgotten:

Of course, in the event that you exercise your right to be forgotten, such situations are considered on an individual basis.

What rights do you have?

We kindly inform you that you have the right to:

• The right to access the content of your personal data — that is, obtaining information about the purpose and manner of processing your personal data and a copy of the data.
• The right to rectify data — that is, correcting data when it is incorrect, has changed, or has become outdated.
• The right to partial or complete deletion of data (“Right to be forgotten”) — that is, deleting data that is processed without a justified legal basis.
• The right to limit processing — that is, limiting the processing of data solely to its storage.
• The right to data portability — that is, obtaining your personal data that you have provided to us or indicating another controller to whom we should transfer it, provided that this is technically possible.
• The right to object to personal data whose provision is voluntary — that is, for example, for direct marketing purposes.
• The right to withdraw consent — you can withdraw any consent you have given at any time. Please note that from the time you give the instruction, we will no longer process data for the purpose indicated by you, but until the consent is withdrawn, we have the right to process your data.

We respect your rights under data protection regulations and strive to facilitate their implementation to the greatest possible extent. We point out that the listed rights are not absolute, and therefore, in some situations, we may legally refuse to fulfill them. However, if we refuse to comply with a request, it is only after careful analysis and only in situations where refusal to comply is necessary.

Regarding the right to object, we explain that at any time you have the right to object to the processing of personal data based on the Data Controller’s legitimate interest in connection with your particular situation. However, you must remember that, according to the regulations, we may refuse to comply with the objection if we demonstrate that:

• There are legitimate grounds for processing that are superior to your interests, rights, and freedoms, or;
• There are grounds for establishing, pursuing, or defending claims.

Additionally, at any time, you can object to the processing of your personal data for marketing purposes. In such a situation, upon receiving your objection, we will stop processing your data for this purpose.

You can exercise your rights by:

• Sending a letter directly to the Data Controller at the address: RNRS COMPANY Limited Liability Company, Złota 75A / 7, 00-819 Warsaw, or
• Sending an email to: hello@rnrs.solutions with the note „GDPR.”

You have the right to file a complaint with the Data Protection Office

If you believe that your personal data is being processed unlawfully, you can file a complaint with:

• The President of the Personal Data Protection Office
• Personal Data Protection Office
• ul. Stawki 2, 00-193 Warsaw

Final Provisions In matters not covered by this Privacy Policy, the provisions of data protection regulations shall apply, including but not limited to:

• General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016)
• The Act of 10 May 2018 on the Protection of Personal Data
• The Act of 18 July 2002 on the Provision of Electronic Services
• The Act of 16 July 2004 – Telecommunications Law

You will be notified of any changes made to this Privacy Policy by email or via notices on our website: www.rnrs.solutions.

This Privacy Policy is effective from 1 August 2024.

Cookies Policy

RNRS COMPANY Limited Liability Company, Złota 75A / 7, 00-819 Warsaw

What are „cookies”?

„Cookies” are short pieces of information/text files that are stored on your computer, phone, tablet, or other device by websites you visit. Cookies are encrypted in such a way that unauthorized persons do not have access to them. They can be read by us, as the Data Controller, and also by systems belonging to other trusted entities whose technologies we use.

What is the purpose of using „cookies”?

Cookies perform many functions on the website, often useful ones, which we will try to describe below (if the information is insufficient, please contact us):

• Ensuring security — cookies are used to authenticate users and prevent unauthorized use of the client panel. They are therefore used to protect the user’s personal data from unauthorized access;
• Influencing processes and website performance — cookies are used to ensure that the website works efficiently and that you can use the available functions, which is possible, among other things, by remembering settings between subsequent visits to the site. This way, you can navigate the website and its subpages more easily;
• Session status — cookies often store information about how visitors use the website, such as which subpages are most frequently displayed. They also allow the identification of errors displayed on some subpages. Cookies used to save the so-called „session state” help to improve services and enhance the browsing experience;
• Maintaining session status — if a client logs into their panel, cookies enable maintaining the session. This means that when navigating to another subpage, there is no need to re-enter the login and password each time, which enhances the comfort of using the website;
• Creating statistics — cookies are used to analyze how users use the website (how many people open the website, how long they stay on it, which content attracts the most attention, etc.). This allows us to constantly improve the website and adapt its operation to user preferences. To track activity and create statistics, we use Google’s tools, such as Google Analytics; in addition to reporting website usage statistics, the Google Analytics pixel may also be used, along with some of the cookies described above, to help display more relevant content to the user in Google services (e.g., in Google Search) and across the network;
• It is important to note that many cookies are anonymized — without additional information, we are unable to identify your identity based on them.

How can you control cookies?

Your web browser typically allows the use of cookies on your device by default; therefore, during your first visit, we ask for your consent to use cookies. However, it is possible to control and manage the installed cookies. How to do it?

Control – web browser:

If you do not wish to use cookies while browsing the website, you can change the settings in most web browsers—completely blocking the automatic handling of cookies or requesting notification each time cookies are placed on your device. You can change the settings at any time. More information on this topic can be found on the website: https://www.aboutcookies.org/.

What happens if you do not consent to our use of cookies?

Respecting the autonomy of all persons using the website, we feel obligated to inform you that disabling or limiting the handling of cookies may cause significant difficulties in using the website, such as the necessity to log in on each subpage, longer page loading times, limitations in using functionality, or limitations in liking pages on Facebook, LinkedIn, Instagram, etc.

How long will we use cookies?

Cookies remain on your device:

• Until you leave the website or disable the software (web browser) — this mainly applies to technical cookies;
• Some cookies may remain on your device until they are manually deleted by you.

A brief guide on how to disable cookies in your web browsers:

• For Firefox browser: https://support.mozilla.org/pl/kb/W%C5%82%C4%85czanie%20i%20wy%C5%82%C4%85czanie%20obs%C5%82ugi%20ciasteczek
• For Google Chrome browser: https://support.google.com/chrome/answer/95647?hl=pl
• For Internet Explorer 9 browser: https://support.microsoft.com/pl-pl/hub/4338813/windows-help

Additional information about processing your data

Other information related to the processing of your personal data and the rights you have can be found in our Privacy Policy or obtained by contacting us: RNRS COMPANY Limited Liability Company, Złota 75A / 7, 00-819 Warsaw, email: hello@rnrs.solutions.