Autenti contractor – Information obligation under article 13 of the GDPR
The administrator of your personal data is: Autenti spółka z ograniczoną odpowiedzialnością with its registered office in Poznań at ul. Święty Marcin 29/8, entered into the register of entrepreneurs kept by the District Court for Poznań – Nowe Miasto and Wilda in Poznań under the following number: KRS 0000436998 (hereinafter “Autenti”) – operator of the website available under the name “Autenti” – an internet platform available at www.autenti.com (hereinafter the “Autenti Platform”).
Personal data processed by Autenti may come from the Client or Autenti’s contractor or another entity contacting Autenti, or from publicly available sources – in particular from the National Court Register and the Court and Economic Monitor.
The categories of personal data of persons associated with commercial companies or other entities (e.g. members of the bodies of these entities), including beneficial owners, are the same as the categories derived from publicly available sources (e.g. KRS) or categories provided by the client or contractor of Autenti or by another entity contacting Autenti.
What is the purpose and legal basis for the processing of your personal data by Autenti?
Autenti processes personal data for the purpose of:
- conclusion or performance of a contract between Autenti and an entity with which a given natural person is related or on behalf of which it acts, as well as for the purposes of verification of this entity (e.g. Customer, Autenti Contractor or other entity contacting Autenti) and ongoing contact with this entity – (6 it. 1 let. b and f of the GDPR.
- performance of activities resulting from generally applicable legal provisions in connection with running a business activity, in particular in connection with the fulfilment of obligations arising from tax and accounting regulations, as well as provisions regulating the conduct of proceedings by authorized bodies – (Art. 6 it. 1 let. c) of the GDPR);
- pursuing or securing claims or defending against them – (art. 6 it. 1 let. f of the GDPR);
- archival (evidence) consisting in securing information in the event of the need to prove facts or demonstrate fulfilment of the obligation incumbent on Autenti – (6 it. 1 let. f of the GDPR).
Authorization to Autenti in the field of processed data.
Under the GDPR, a natural person has the right to:
- access to its data and rectify it,
- remove it,
- limit the processing,
- transfer their data,
- lodge an objection to processing of personal data for the purposes of the legitimate interests of the Autenti, or to processing for direct marketing purposes,
- the right to withdraw the consent granted to us at any time without affecting the legality of the current processing (if the processing is based on consent),
- lodge a complaint to the supervisory authority when you believe that the processing of your personal data violates the provisions of the GDPR.
If you have any questions, wish to exercise the above rights or have any other doubts – please contact the Data Protection Officer. The contact details are below.
Who do we share personal data with?
Personal data may be made available to the following entities:
- public authorities, institutions or third parties authorized to request access or receive personal data on the basis of applicable law;
- entities entrusted with the processing of personal data by Autenti or made available this data on the basis of concluded contracts, e.g. IT service providers or providing technical services, including hosting companies, debt collection companies, consulting and auditing companies, law firms, companies providing postal or courier services, accounting offices.
How long do we retain personal data?
Personal data will be kept for the period necessary to establish cooperation and then the validity of the contract, and after its expiry, depending on the purpose for which the data is processed. The period during which your personal data shall be stored is calculated based on the following criteria:
- accounting, for a period of 5 years from the beginning of the year following the financial year in which the operations, transactions or proceedings related to the concluded contract were finally completed, paid off, settled or expired;
- tax, for a period of 5 years, counting from the end of the calendar year in which the tax obligation resulting from the settlement of the concluded contract arose;
- within the scope of Autenti’s performance of activities resulting from generally applicable legal regulations – for the period resulting from these provisions
- to fulfil the legitimate interests of Autenti constituting the basis for such processing for the period necessary to fulfil this purpose or until an objection to such processing is raised, unless there are legitimate grounds for further data processing by Autenti;
- in the scope of establishing and pursuing own claims or defence against reported claims – until the potential claims under the contract or otherwise are time-barred.
Your personal data will be processed in an IT environment, which means that it may also be temporarily stored and processed in order to ensure the security and proper functioning of IT systems, e.g. in connection with backing up, testing changes in IT systems, detecting irregularities or protecting against abuse and attacks.
Do we transfer your data to countries outside of the European Economic Area?
Your personal data may be transferred outside the European Economic Area (EEA) to entities that meet an adequate level of protection, through:
- cooperation with bodies processing personal data in countries with reference to which a specific decision has been issued by The European Commission;
- use of standard contractual clauses issued by the European Commission;
- using binding corporate rules, approved by a proper supervisory body;
- other security that meets the appropriate level of protection based on appropriate legal security.
Do we process personal data automatically (including through profiling) in a way that affects the rights of the data subject?
Autenti does not process personal data in an automated manner.
How to contact us for additional information on the processing of your personal data?
If you have any questions, please contact the Personal Data Inspector appointed by Autenti, using the contact details provided below:
- Data Protection Officer: Agata Kolorz,
- e-mail address: iod@autenti.com,
- postal address: Data Protection Officer Autenti sp. z oo, ul. Leona Henryka Sternbacha 1 (Building L1), 30-394 Kraków