Privacy Policy
1. Data protection at a glance
General information
The following summary presents the most important information regarding the processing of your personal data when you use our website. Personal data is any information that allows you to be identified. Detailed information can be found in the full text of the document below.
Collection of data on the site
- Who is responsible for data collection? The data controller is the operator of the website. Contact details can be found in the “Information about the data controller” section.
- How do we collect data? We collect data in two ways:
- Directly from you: e.g. through the information you enter in the contact form.
- Automatically: our IT systems record technical data (e.g. browser type, operating system, time of visit) when you browse the website.
- What do we use your data for? Some of the data ensures a correct and secure display of the page, others are used for statistical analysis of user behavior or handling of requests for quotations and orders.
- What rights do you have? You have the right to free information about the source, recipients and purpose of data storage at any time. You also have the right to request their rectification, restriction of processing or deletion, as well as the right to withdraw consent and lodge a complaint with a supervisory authority (UODO).
2. Hosting and infrastructure (Webflow)
The content of our website is hosted by a third party provider: Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.
When you visit the website, Webflow collects log files (logs), including IP addresses. This service is necessary for the stable and secure functioning of the website (Article 6 (1) (f) of the GDPR).
- Data transfer to the USA: This is done on the basis of the Standard Contractual Clauses and the Data Privacy Framework (DPF) certificate, which guarantees compliance with European data protection standards.
- Details: Webflow Privacy Policy.
3. Mandatory information and contact details
Data protection
We take the protection of your data as a priority. All processes are carried out confidentially, in accordance with the provisions of the GDPR and the Polish laws on the protection of personal data. However, we remind you that the transmission of data on the Internet (e.g. e-mail) is not always 100% free of security vulnerabilities.
Data Administrator
MM Systemy Sp. z o.o. ul. Kościelna 34, 46-050 Katy Opolskie, Poland Tel: +48 77 54 00 271 | E-mail: info@mm-systemy.pl
Data Protection Officer
We have appointed a Data Protection Officer who can be contacted for all privacy matters: Andreas Klimach Tel: +49 160 97563933 | E-mail: a.klimach@mmuhr-metalltechnik.de
Storage period and legal basis
We only store the data for as long as it is necessary to fulfill the purpose (e.g. to handle an inquiry) or until you withdraw your consent, unless legal regulations (e.g. tax) impose an obligation on us to archive them further. We base our processing on:
- User consent (Art. 6 para. 1 lit. a GDPR).
- Execution of a contract or pre-contractual activities (Article 6 (1) (b) of the GDPR).
- Legal obligation (Article 6 (1) (c) of the GDPR).
- The legitimate interest of the controller (Article 6 (1) (f) of the GDPR).
4. User rights (Objection and Complaint)
RIGHT TO OBJECT: If we process data on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR), you have the right to object to such action at any time. In the case of direct marketing, the objection is absolutely binding.
In addition, you are entitled to:
- The right to data portability (issue data in machine format).
- Right to complain to the President of the Office for Personal Data Protection (UODO).
- SSL/TLS encryption: For transmission security, our website uses an SSL certificate.
5. Analytical tools and social media
- Google Analytics: Used to analyze website traffic. We use IP anonymization, which means that IP addresses are truncated before being sent to servers in the USA.
- Hotjar: A tool for visual analysis of behavior (heat maps, mouse movements), helping us optimize the usability of the website.
- Meta (Facebook/Instagram): The page contains elements of the Meta platforms. Together with Meta Platforms Ireland Ltd. we are responsible for the stage of data collection and transmission (in accordance with Art. 26 GDPR).
- Vimeo: We use the Vimeo plugin to display video content. Playing the video involves a connection to the provider's servers.
6. Recruitment and Candidate Data
We allow you to apply for jobs electronically or by traditional means.
- Objective: To select a candidate and carry out the recruitment process.
- Legal basis: Article 6 (1) (b) GDPR (pre-contractual action) and Article 6 (1) (a) (consent to future recruitment).
- Retention period: In case of rejection of the application, we store the data for 6 months (evidentiary purposes), after which it is permanently deleted. If you agree to participate in future proceedings, this period may be extended.
