Obligation to provide information

1. The controller of the personal data is ASTEK Polska sp. z o.o. with its registered office in Warsaw, ul. Mokotowska 1, 00-640 Warszawa, Poland, under KRS no. 0000271963 (hereinafter referred to as the “Controller”).
2. The Controller has appointed a Data Protection Officer, who can be contacted via e-mail address: privacy@astek.pl or by correspondence to the address: ASTEK Polska sp. z o.o., Mokotowska 1, 00-640 Warszawa.
3. Your personal data are processed:
a) for the purpose of implementing the recruitment process on the basis of your consent (Article 6(1)(a) of the GDPR/RODO);
b) for the purpose of future recruitment processes insofar as you have given your consent (Article 6(1)(a) of the GDPR/RODO);
c) in connection with the implementation of projects carried out for the clients of Astek Polska sp. z o.o. on the basis of the Controller’s legitimate interest (Article 6(1)(f) of the GDPR/RODO).
4. In terms of recruitment, we will keep your data for up to 3 months after the end of the recruitment process. If you have consented to the processing of your data for the purposes of future recruitment processes, we will process your data for a period of 36 months counting from the end of the year in which consent was given or until you withdraw your consent to the processing of your personal data. For all other purposes, for the period necessary to implement the purposes for which the personal data were collected or for which they are processed.
5. The Recipients of the data may be, e.g. entities operating the Controller’s ICT systems or providing the Controller with ICT tools, entities providing advisory or consultancy services to the Controller, etc.
6. Your data will be processed by automated means, but will not be subject to profiling.
7. In relation to the processing of your personal data, you have the right:
a) to access to the content of your personal data, including the right to obtain a copy of that data;
b) to request the rectification (amendment) of your personal data where the data are inaccurate or incomplete;
c) to request the deletion of your personal data (the so-called the “right to be forgotten”);
d) to request the restriction of your personal data processing;
e) to object to the processing of your personal data;
f) to data portability;
g) to withdraw consent to the processing of your personal data, to the extent that consent has been given, at any time without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
8. If you consider that the Controller’s processing of personal data violates the provisions of the GDPR/RODO, you have the right to lodge a complaint with the appropriate supervisory authority, i.e. the President of the Personal Data Protection Office.