in accordance with Article 13 para. 1 and para. 2 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons in regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 /EC (Official Journal of the European Union L. 2016.119.1), General Data Protection Regulation, hereinafter referred to as "GDPR", we inform that:
The Controller of your personal data gathered during the Survey is:
STX NEXT Sp. z o.o.
ul. Mostowa 38, 61-854 Poznań
You can contact the Controller directly via email address: firstname.lastname@example.org
or phone: no: +48 61 610 01 92.
While completing the Survey you will be asked to deliberately provide your personal data including: name & surname, email address, name of your company.
These personal data will be processed by the Controller in order to maintain or establish business relations with you, direct marketing of the Controller's products or services, as well as to send you from time to time commercial information (eg. in the form of a newsletter) within the meaning of the Act on the provision of services by electronic (but only if you have agreed to receive it in a separate clause). Your personal data is also collected for statistical purposes and preparation of anonymous case study & analysis based on your and other Participant’s replies.
The legal basis for processing your personal data is consent expressed by completing and sending the survey. Your data will be processed until you withdraw your consent. Please note, that such consent may be withdrawn at any time without providing any reason.
Your personal data may be transferred to data recipients, i.e. the companies which provide services to the Controller and need your data for them. They shall be, among others subjects supporting the Controller in a scope of managing IT tools, including hosting and email providers.
Your data may be processed on servers located outside of the country of your residence.
Your personal data may be transferred outside the European Economic Area (EEA) to a third party country, i.e. the United States, to entities fulfilling a required protection level based on the European Commission’s decision from 12 July 2016, the so-called Privacy Shield. This means that your data shall be transferred only to entities that comply with the rules determined by the United States Department of Commerce within the EU-US Privacy Shield Framework programs regulating collecting, using and storing personal data from the Member States of the EU.
In an event of sending data from EEA to other countries, e.g. the United States, data processors comply with the law regulations that ensure an adequate level of security to that of the EU regulations. Here, you can find up-to-date decisions of the European Commission regarding the adequate level of data protection (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en#dataprotectionincountriesoutsidetheeu).