PRIVACY AND PERSONAL DATA POLICY
The Polish Tyre Industry Association
The Polish Tyre Industry Association (PTIA) is committed to protecting privacy. This Privacy and Personal Data Policy (Privacy Policy) applies to all activities carried out by PTIA as part of the implementation of PTIA’s statutory objectives, including the improvement of the quality of services offering Tyre services, PTIA’s certification of Tyre workshops and activities for PTIA members and partners and concerns the processing of personal data and the use of cookies by the Program website.
Whenever the Privacy Policy refers to:
- Data Administrator – the entity deciding how your personal data will be used is PTIA with its registered office in Warsaw at ol. Rejtana 17 lok. 31, 02-516 Warsaw, entered into the register of associations kept by the District Court for m. In ul. Warsaw in Warsaw, 12th Commercial Division of the National Court Register under the number KRS 0000473364, NIP 7010395067;
- Union’s Members – a member of the PTIA;
- Personal data – it shall mean all information regarding an identified or identifiable natural person;
- Program – a Tyre workshop certification program under which PTIA manages activities aimed at granting those workshops a Tyre certificate based on a standard developed by PTIA and the dissemination of this certificate using the Tyre Certificate trademarks reserved for PTIA;
- Processor – an entity, in particular TÜV SÜD, entrusted with Personal Data by the Data Administrator in order to provide certification services and other services related to certification and training;
- RODO – this should be understood as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC;
- PTIA Statute – the PTIA Statute adopted by the Founding Assembly on July 4, 2013;
- Program website – www.certyfikatoponiarski.pl
- TÜV SÜD – TÜV SÜD Polska sp.z o.o. conducting certification and auditing compliance of Workshops with the requirements of the PTIA Standard;
- User – it shall mean a person visiting the Program Website.
- Workshop – a Tyre workshop or general mechanical workshop providing Tyre service, which will submit to the PTIA (via the application form at www.certyfikatoponiarski.pl) the desire to be certified.
Compliance with the GDPR and the personal data protection Act
Personal data is processed in accordance with the GDPR, in particular art. 5 of the GDPR establishing general principles regarding the processing of personal data and the Act of 24 May 2018 on the protection of personal data. PTIA processes the personal data of natural persons representing Workshops, who apply to PTIA via the application form at www.certyfikatoponiarski.pl in order to obtain certification.
In order to carry out the certification and audit process, PTIA cooperates with TÜV SÜD, which executes an agreement with the Workshop regarding certification. Therefore, people filling out the application form and leaving their contact details as name, surname, email address, PESEL, telephone number, position, Workshop location address, also agree that PTIA will forward this data to TÜV SÜD in order to contact with the Workshop and signing the contract for certification.
The above contact details are collected in order to perform the certification service requested by the applicant. PTIA processes this data also on the basis of the legitimate interest of the Data Administrator due to the supervisory role of PTIA over the enTyre certification process and creative role in the development of the PTIA standard, including the Program certification criteria. PTIA may contact persons submitting applications on behalf of Workshops to the certification process to determine details or other matters. PTIA also provides training for TÜV SÜD auditors required to provide the necessary competences.
Information clause. Rights related to the processing of Personal data
According to art. 13 sec. 1 and 2 RODO PTIA informs that:
- PTIA is the Administrator of your Personal data.
- Your Personal data will be processed in order to certify the Workshops, contact and supervise the enTyre certification process and provide information on services, industry information and the implementation of any training based on the application received by PTIA and the legitimate interest of the Data Administrator.
- The legal basis for the processing of your Personal data is art. 6 clause 1 lit. b of GDPR (processing is necessary for the realisation of the application to perform the certification service) and art. 6 clause 1 lit. f of GDPR (processing is necessary for the purposes of legitimate interests pursued by the Data Administrator). Personal data will also be transferred by PTIA to TÜV SÜD in order to contact the Workshop and sign a contract for certification based on the personal data processing agreement concluded between PTIA and TÜV SÜD.
- Type of data: the following categories of your personal data will be processed: name, surname, e-mail address, contact phone number, PESEL, Workshop location address or other address provided by the applicant, person completing the application form, cookies, User’s IP address.
- Categories of data subjects: employees, co-workers of the Workshop, TÜV SÜD, people filling out the application form on the Program Website. participants of trainings and other events implemented as part of the statutory activities of PTIA, users of the Program Website.
- Personal data entrusted by the Data Administrator will be processed by the Processor in order to provide certification services or other related services, information, conduct training, contact and provide information, conclude a contract and other activities popularizing the activities of PTIA.
- Your Personal data may be transferred to third parties cooperating with PTIA to achieve the above-mentioned purposes. Personal data may also be transferred to public entities as well as international organizations and EU bodies in accordance with applicable law.
- Your Personal data will be stored for the duration of the certification and Program services as well as the need to verify and confirm certification, and to the extent applicable on the basis of legal provisions and legitimate interests pursued by the Data Administrator. Personal data will be stored for the time necessary to determine, investigate and defend any claims.
- You have the following rights in connection with the processing of your Personal data:
- right to access your Personal data, including obtaining a copy of the Personal data,
- right to demand rectification of Personal data,
- right to delete Personal data (in certain situations),
- right to lodge a complaint to the supervisory body competent in the scope of personal data protection (the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw), when you believe that the processing of your Personal data violates the provisions of the GDPR,
- right to limit Personal data processing.
- In the case of Personal Data processed as part of the certification process, you can additionally exercise the following rights:
- the right to withdraw consent in so far as they are processed on that basis; the withdrawal of consent does not affect the lawfulness of the processing which has been carried out on the basis of consent before its withdrawal,
- the right to transfer Personal data, i.e. to receive your Personal data from the Data Administrator in a structured, commonly used machine-readable format; you can send this Personal data to another data administrator,
- in the case of Personal data processed on the basis of the Data Administrator’s legitimate interest, you have the right to object to such processing.
- Your Personal data will not be used to make automated decisions in individual cases, including profiling.
In order to exercise the above rights, please contact the Data Administrator: biuro@PTIA.org.pl.
What Personal data we collect
We collect the Personal data of persons representing Workshops or submitting application for Workshops certification via the Program Website. We also process personal data provided to PTIA in the event of contact via the email address: biuro@PTIA.org.pl, Personal data collected during meetings, registration at events and training sessions, or directly, as well as via the Program forms and Program Website. In order for you to take advantage of certain activities as part of the activities carried out by the PTIA, you will have to register or enter selected Personal data. During registration, we will ask you for the data necessary for the implementation of activities, certification. These personal data may also be obtained and provided to us by our partners or other entities cooperating with PTIA in order to carry out the tasks specified in this Privacy Policy. For specific activities, we may collect Personal data directly in order to implement certification, auditing, established activities and PTIA tasks.
Data collected automatically
During your visit to the Program Website, data regarding your visit may be automatically collected, e.g. your IP address, domain name, browser type, operating system type, etc. When you contact us via the Program Website, telephone, e-mail, etc. you provide us with your personal data, e.g. name, surname, e-mail address.
How we use your data
Personal data collected by PTIA will be used only to achieve the purposes set out in this Privacy Policy and the purposes set out in the PTIA Statute, including contacting and sending industry information, regarding certification, auditing, information about changes in the Program. Personal data collected as part of initiatives, events and activities organized by PTIA will be used in accordance with the information provided. Data collected automatically can be used to analyse user behaviour on our websites and to personalize the content of our websites. This data is collected automatically for each user. Data collected in the course of correspondence will be used only to respond to your inquiry. In the event of an inspection, your data may be disclosed to employees of the supervisory body or at the request of other statutorily authorized bodies. We process personal data only for the time necessary to achieve the purposes set out in this Privacy Policy.
How will we contact you
If you have provided us with a contact address, you can receive information from us regarding certification, auditing, ongoing activities or other. We may also contact you by phone if we have important information to be provided regarding the activities carried out.
How can you inform us about the change of Personal data
You can inform us about the change of Personal data by e-mail to the following address: biuro@PTIA.org.pl.
How we protect your Personal data
The Data Administrator makes every effort to ensure all means of physical, technical and organizational protection of Personal data against accidental or intentional destruction, accidental loss, alteration, unauthorized disclosure, use or access in accordance with applicable regulations, including the GDPR and applicable national regulations. Both the data collection process and the database storing them are protected against unauthorized access by third parties.
Cookies
The Program Website uses cookies. Cookies are IT data (usually in the form of text files) that are stored on the User’s end device (e.g. in the computer’s memory), among others in order to adapt the Program Website to the needs of Users and for statistical purposes. More information on what cookies are can be obtained at the IAB Poland Internet Industry Employers’ Association: http://wszystkoociasteczkach.pl (in Polish) and www.aboutcookies.org (in English).
Types of cookies:
– session cookies: stored on your computer only during an internet session and automatically deleted after closing the browser – they usually store an anonymous session ID number allowing you to browse the website without having to log in to each page, but do not download any information from your computer or
– persistent cookies: a persistent cookie file is stored on your computer and stays there when you close your browser. The cookie file can be read by the website that created it on the next visit.
Users can specify the conditions for storing and accessing cookies using the settings of their web browser. These settings can be changed at any time, e.g. in such a way as to block the acceptance of cookies or inform the User of any cookies posted. The user can also delete cookies from his / her terminal device.
The storage of cookies and access to them requires the User’s consent. Such consent is made by accepting cookies that can be used by the Platform Website. Please note that blocking “own” cookies of the Program Website may prevent the proper functioning of the Program Website.
Changes to our Privacy Policy
We reserve the right to amend this Privacy Policy by publishing new rules on the Program Website with additional information (pop-up) on the Program Website when the update took place. If you have additional questions regarding the protection of privacy and Personal data, please contact: biuro@PTIA.org.pl
By using the Program Website, as well as by participating in the activities carried out, you confirm that you have read this Privacy Policy, including the Information clause regarding the processing of your Personal data by the PTIA.
This post is also available in: polski (Polish)