in accordance with Article 13 para. 1 and para. 2 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (Official Journal of the European Union L. 2016.119.1), General Data Protection Regulation, hereinafter referred to as "GDPR", we inform that:
The Controller of your personal data gathered during the Survey is:
STX NEXT S.A.
ul. Mostowa 38, 61-854 Poznań
You can contact the Controller directly via email address: email@example.com
or phone: no: +48 61 610 01 92.
While completing the Survey you will be asked to deliberately provide your personal data including: email address.
These personal data will be processed by the Controller in order to send direct marketing from the Controller by email, including sending the results of the CTO Survey, information among others things regarding products and services offered by the Controller, newsletters, special offers from Controller’s partners including discounted courses, tools, consultations or other. Your personal data is also collected for statistical purposes and preparation of anonymous case study & analysis based on your and other Participant’s replies.
The legal basis for processing your personal data is consent expressed by completing and sending the survey. Your data will be processed until you withdraw your consent. Please note, that such consent may be withdrawn at any time without providing any reason. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Providing personal data is voluntary but necessary to take part in the CTO Survey.
Your personal data will not be subject to automated decision making, including profiling.
The recipients of personal data may be IT systems and service providers, accounting firms, legal departments and other entities which provide services to the Controller.
In some cases personal data may be transferred to a third country due to used IT systems. In these cases the Controller ensures an adequate level of protection of transferred data through cooperation with processors in a country for which an adequacy decision has been issued or using standard contractual clauses issued by the European Commission.
The Controller is part of the group of undertakings (STX Next Group). Within STX Next Group personal data may be transferred to third countries such as the United Kingdom and Mexico. Transfer to the United Kingdom is based under adequacy decisions issued by the European Commission, which decided that the United Kingdom ensures an adequate level of protection. Transfer to Mexico is based on Standard Contractual Clauses. The Controller’s assessment of the law and practice of the third country has shown that Mexico ensures an equivalent level of data protection to that guaranteed by the GDPR and the standard contractual clauses will be sufficient mechanism to transfer personal data to Mexico. Information about safeguards implemented by the Controller can be obtained by sending the email to the Controller.