We care about the security of your personal data
Pursuant to art. 13(1) and art. 13(2) of the General Data Protection Regulation of 27 April 2016, please be informed that we process your personal data. The controller of your personal data is ATM S.A. with its registered office in Warsaw at ul. Grochowska 21A, 04-186 Warsaw, KRS: 0000034947, VAT No. PL1130059989, REGON: 012677986.
If you are our customer, we process your personal data for the purpose of:
- The performance of a service, on the basis of art. 6(1)(b) of the Regulation where the processing is necessary for the performance of a contract, including but not limited to the preparation and configuration of a service, handling your requests, removing failures, as well as providing technical support throughout the entire term of the contract, unless laws provide otherwise;
- The performance of financial and accounting services, handling claims, complaints, requests and notifications, on the basis of art. 6(1)(f) of the Regulation as a legitimate interest of the controller, for a period that will allow us to review claims, if any;
- The compliance with legal obligations, on the basis of art. 6(1)(c) of the Regulation, in particular also under the Act on Telecommunications of 16 July 2004;
- The maintenance and ongoing service of the website, on the basis of art. 6(1)(f) of the Regulation as a legitimate interest of the controller;
- Trading and marketing, on the basis of art. 6(1)(a) of the Regulation, including but not limited to the distribution of the newsletter, handling communication by use of online forms, handling incoming helpline calls, implementation of training webinars and other industry events, by obtaining your consent and until your consent is withdrawn.
If you are a potential business partner/customer, we process your personal data for the purpose:
- Related to initiating and maintaining business contacts. In this case the legal basis for the data processing is the legally justified interest of the Administrator [Article 6(1)(f) of the GDPR], consisting in the creation of a contact network in connection with the conducted activity.
If you visit the Atman Data Center, we process your personal data for the purpose of:
- Physical protection and maintenance of the facility – on the basis of art. 6(1)(f) of the Regulation as a legitimate interest of the controller, including but not limited to CCTV monitoring, access management and personal flow control in the data center facilities.
If you are a job candidate, we process your personal data for the purpose of:
- The implementation of the recruitment process, on the basis of art. 6(1)(a) of the Regulation, by obtaining your consent until the end of the recruitment process, or – if you agree to the addition of your personal data to our database of candidates – until you withdraw your consent.
If you are our supplier, contractor or business partner, we process your personal data for the purpose of:
- The performance of a contract, on the basis of art. 6(1)(f) of the Regulation, for a period that will allow us to review claims, if any;
- The assessment of a supplier, development of a supply channel or development of a sales process, on the basis of art. 6(1)(f) of the Regulation as a legitimate interest of the controller, for a period that will allow us to review claims, if any.
Your personal data may be transferred to:
1. the Controller’s employees/co-workers authorized to process them at the Controller’s instruction
2. other data recipients, including:
- IT and telecommunication service providers with whom we work
- Marketing companies and law firms
- Authorized entities on a documented request, e.g. public order services
with all guarantees ensuring the security of the data transferred.
You have the following rights in respect of our processing of your personal data:
- The right to access your data and receive copies thereof
- The right to data rectification
- The right to erasure of data, restriction of data processing
- The right to object to data processing
- The right of data portability
- The right to withdraw your consent to data processing, without affecting the legitimacy of the processing carried out before such withdrawal, which means that the withdrawal of consent is not retroactive
- The right to lodge a complaint to a supervisory body – the President of the Personal Data Protection Office.
You will be provided with all information regarding the processing of your personal data, including the exercise of the rights arising from the processing of your data by sending an e-mail to the following address: email@example.com. Data Protection Officer is Monika Jagodzińska.
On our websites, we use solutions that monitor user behavior that allow profiling, but do not carry out automated decision-making that produces legal effects. These mechanisms are used by the Controller to manage and improve websites.
Do we have access to your data?
If you use our services such as Cloud or Dedicated Servers, we can access data in ICT systems operating in the cloud or dedicated servers of ATM, especially when performing administrative tasks in the operating system, tasks ensuring security of the solution or when destroying the contents of the hard disk. If you process personal data as part of the service, it means that – within the meaning of the Regulation – we become their processor and it is necessary to conclude a data processing agreement.
How to conclude a data processing agreement with ATM?
1. Ask the person whom you contact at ATM for a model data processing agreement, or send such request at firstname.lastname@example.org. Then fill in the received document.
2. Sign the filled in agreement in two copies.
3. E-mail the filled in and unilaterally signed agreements at email@example.com, or send them by post at the address of the Data Protection Officer at ATM S.A., ul. Grochowska 21A, 04-186 Warsaw.
4. When we have received your copies, we will process them and send them back at the address indicated in the agreement.