The EU regulation on the protection of personal data – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 94/46/EC (referred to as the “GDPR”), and the Polish Personal Data Protection Law of 10 May 2018, became applicable on 25 May 2018.
Crispy Natural Sp. z o.o. Sp. k. with its registered office in ul. Łódzka 145a, 62-800 Kalisz, as the Personal Data Controller, ensures of its responsible attitude to the security of personal data. In order to adapt to the requirements of the new regulations, we have introduced changes in our Personal Data Security Policy and IT systems. We have audited our resources, processes and methods of protecting personal data, and analysed the risk of data security breach. We have improved the organizational and technical protection measures, also in the area of IT and telecommunications infrastructure. We have introduced the duty to conduct internal audits of the compliance of personal data processing with the personal data protection regulations implemented at CRISPY NATURAL, and the duty of conducting regular trainings for our employees supplementing their knowledge on personal data.
As a result, Crispy Natural Sp. z o.o. Sp. k. (hereinafter CRISPY NATURAL), as the Personal Data Controller, processes personal data in a manner that ensures their adequate security, integrity and confidentiality, based on the legal basis and in accordance
with the law, reliably and honestly, in a transparent manner for the data subject,
with care for the correctness of such data, for the specific purposes and not “just in case”, in such an amount and for as long as needed. CRISPY NATURAL:
1. Processes personal data in connection with the sale of goods or provision of services, and for the needs of business contacts carried out for these purposes, in connection with recruitment or employment of staff and the implementation of contracts with cooperating entities. The processing of personal data may also take place when this is necessary for the purposes resulting from the legitimate interests pursued by CRISPY NATURAL, except for situations where the interests and fundamental rights and freedoms of the data subject requiring personal data protection prevail over CRISPY NATURAL’s interests. CRISPY NATURAL also processes personal data when the data subject has given their consent for one or more specic purposes, or when the processing is necessary to fulfil a legal obligation vested in CRISPY NATURAL as the Controller.
2. CRISPY NATURAL enforces the statutory rights of the data subjects regarding the right to obtain information covered by the information obligation, the right of access to data, the right to rectify data, the right to delete data (“the right to be forgotten”), the right to limit processing, the right to transfer data, the right of objection, the right not to be subject to a decision based solely on automated processing, including profiling. The enforcement of the above mentioned rights requires contacting with CRISPY NATURAL, at the e-mail address: email@example.com
3. Personal data is provided only to employees, co-workers and subcontractors supporting CRISPY NATURAL in the implementation of CRISPY NATURAL’s legitimate interests. Personal data is provided on the basis of authorizations, or on the basis of data processing outsourcing agreements, only to entities which guarantee the possession or implementation of appropriate technical and organizational measures for the processing to be compliant with the law and to protect the rights of the data subjects.
4. CRISPY NATURAL provides personal data outside the European Economic Area based on the rules and using the safeguards specified in the applicable law.
In case of any questions, please contact us at the e-mail address: firstname.lastname@example.org