PRIVACY AND PERSONAL DATA POLICY
The Polish Tyre Industry Association
- Data Administrator – the entity deciding how your personal data will be used is PTIA with its registered office in Warsaw at ol. Rejtana 17 lok. 31, 02-516 Warsaw, entered into the register of associations kept by the District Court for m. In ul. Warsaw in Warsaw, 12th Commercial Division of the National Court Register under the number KRS 0000473364, NIP 7010395067;
- Union’s Members – a member of the PTIA;
- Personal data – it shall mean all information regarding an identified or identifiable natural person;
- Program – a Tyre workshop certification program under which PTIA manages activities aimed at granting those workshops a Tyre certificate based on a standard developed by PTIA and the dissemination of this certificate using the Tyre Certificate trademarks reserved for PTIA;
- Processor – an entity, in particular TÜV SÜD, entrusted with Personal Data by the Data Administrator in order to provide certification services and other services related to certification and training;
- RODO – this should be understood as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC;
- PTIA Statute – the PTIA Statute adopted by the Founding Assembly on July 4, 2013;
- Program website – www.certyfikatoponiarski.pl
- TÜV SÜD – TÜV SÜD Polska sp.z o.o. conducting certification and auditing compliance of Workshops with the requirements of the PTIA Standard;
- User – it shall mean a person visiting the Program Website.
- Workshop – a Tyre workshop or general mechanical workshop providing Tyre service, which will submit to the PTIA (via the application form at www.certyfikatoponiarski.pl) the desire to be certified.
Compliance with the GDPR and the personal data protection Act
Personal data is processed in accordance with the GDPR, in particular art. 5 of the GDPR establishing general principles regarding the processing of personal data and the Act of 24 May 2018 on the protection of personal data. PTIA processes the personal data of natural persons representing Workshops, who apply to PTIA via the application form at www.certyfikatoponiarski.pl in order to obtain certification.
In order to carry out the certification and audit process, PTIA cooperates with TÜV SÜD, which executes an agreement with the Workshop regarding certification. Therefore, people filling out the application form and leaving their contact details as name, surname, email address, PESEL, telephone number, position, Workshop location address, also agree that PTIA will forward this data to TÜV SÜD in order to contact with the Workshop and signing the contract for certification.
The above contact details are collected in order to perform the certification service requested by the applicant. PTIA processes this data also on the basis of the legitimate interest of the Data Administrator due to the supervisory role of PTIA over the enTyre certification process and creative role in the development of the PTIA standard, including the Program certification criteria. PTIA may contact persons submitting applications on behalf of Workshops to the certification process to determine details or other matters. PTIA also provides training for TÜV SÜD auditors required to provide the necessary competences.
Information clause. Rights related to the processing of Personal data
According to art. 13 sec. 1 and 2 RODO PTIA informs that:
- PTIA is the Administrator of your Personal data.
- Your Personal data will be processed in order to certify the Workshops, contact and supervise the enTyre certification process and provide information on services, industry information and the implementation of any training based on the application received by PTIA and the legitimate interest of the Data Administrator.
- The legal basis for the processing of your Personal data is art. 6 clause 1 lit. b of GDPR (processing is necessary for the realisation of the application to perform the certification service) and art. 6 clause 1 lit. f of GDPR (processing is necessary for the purposes of legitimate interests pursued by the Data Administrator). Personal data will also be transferred by PTIA to TÜV SÜD in order to contact the Workshop and sign a contract for certification based on the personal data processing agreement concluded between PTIA and TÜV SÜD.
- Type of data: the following categories of your personal data will be processed: name, surname, e-mail address, contact phone number, PESEL, Workshop location address or other address provided by the applicant, person completing the application form, cookies, User’s IP address.
- Categories of data subjects: employees, co-workers of the Workshop, TÜV SÜD, people filling out the application form on the Program Website. participants of trainings and other events implemented as part of the statutory activities of PTIA, users of the Program Website.
- Personal data entrusted by the Data Administrator will be processed by the Processor in order to provide certification services or other related services, information, conduct training, contact and provide information, conclude a contract and other activities popularizing the activities of PTIA.
- Your Personal data may be transferred to third parties cooperating with PTIA to achieve the above-mentioned purposes. Personal data may also be transferred to public entities as well as international organizations and EU bodies in accordance with applicable law.
- Your Personal data will be stored for the duration of the certification and Program services as well as the need to verify and confirm certification, and to the extent applicable on the basis of legal provisions and legitimate interests pursued by the Data Administrator. Personal data will be stored for the time necessary to determine, investigate and defend any claims.
- You have the following rights in connection with the processing of your Personal data:
- right to access your Personal data, including obtaining a copy of the Personal data,
- right to demand rectification of Personal data,
- right to delete Personal data (in certain situations),
- right to lodge a complaint to the supervisory body competent in the scope of personal data protection (the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw), when you believe that the processing of your Personal data violates the provisions of the GDPR,
- right to limit Personal data processing.
- In the case of Personal Data processed as part of the certification process, you can additionally exercise the following rights:
- the right to withdraw consent in so far as they are processed on that basis; the withdrawal of consent does not affect the lawfulness of the processing which has been carried out on the basis of consent before its withdrawal,
- the right to transfer Personal data, i.e. to receive your Personal data from the Data Administrator in a structured, commonly used machine-readable format; you can send this Personal data to another data administrator,
- in the case of Personal data processed on the basis of the Data Administrator’s legitimate interest, you have the right to object to such processing.
- Your Personal data will not be used to make automated decisions in individual cases, including profiling.
In order to exercise the above rights, please contact the Data Administrator: biuro@PTIA.org.pl.
What Personal data we collect
Data collected automatically
During your visit to the Program Website, data regarding your visit may be automatically collected, e.g. your IP address, domain name, browser type, operating system type, etc. When you contact us via the Program Website, telephone, e-mail, etc. you provide us with your personal data, e.g. name, surname, e-mail address.
How we use your data
How will we contact you
If you have provided us with a contact address, you can receive information from us regarding certification, auditing, ongoing activities or other. We may also contact you by phone if we have important information to be provided regarding the activities carried out.
How can you inform us about the change of Personal data
You can inform us about the change of Personal data by e-mail to the following address: biuro@PTIA.org.pl.
How we protect your Personal data
The Data Administrator makes every effort to ensure all means of physical, technical and organizational protection of Personal data against accidental or intentional destruction, accidental loss, alteration, unauthorized disclosure, use or access in accordance with applicable regulations, including the GDPR and applicable national regulations. Both the data collection process and the database storing them are protected against unauthorized access by third parties.
Types of cookies:
– session cookies: stored on your computer only during an internet session and automatically deleted after closing the browser – they usually store an anonymous session ID number allowing you to browse the website without having to log in to each page, but do not download any information from your computer or
– persistent cookies: a persistent cookie file is stored on your computer and stays there when you close your browser. The cookie file can be read by the website that created it on the next visit.
Users can specify the conditions for storing and accessing cookies using the settings of their web browser. These settings can be changed at any time, e.g. in such a way as to block the acceptance of cookies or inform the User of any cookies posted. The user can also delete cookies from his / her terminal device.
The storage of cookies and access to them requires the User’s consent. Such consent is made by accepting cookies that can be used by the Platform Website. Please note that blocking “own” cookies of the Program Website may prevent the proper functioning of the Program Website.
This post is also available in: polski (Polish)