Information on processing of personal data

Pursuant to Article 13 (1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L 119) (hereinafter referred to as “GDPR”) – we provide the following information:

I. Data Controller

The controller of your personal data is:

Miilux Poland Spółka z ograniczoną odpowiedzialnością

ul. Hutnicza 5-9

42-600 Tarnowskie Góry

REGON no.: 243481646

NIP (tax ID): 6452539338

In matters relating to your personal information, the following contact options are available:

  • at the following e-mail address: office [@]
  • by phone: 696 381 596
  • by mail to the following address: ul. Hutnicza 5-9, 42-600 Tarnowskie Góry, Poland,
  • in person at the Controller’s office

II. Purpose and legal basis of data processing

Your personal data will be processed for the following purposes:

  • in order to perform contracts concluded with customers using the Controller’s services, with regard to such contracts as confidentiality agreements, contracts for the performance of elements, consignment storage contracts, within the framework of the Controller’s business activities in connection with the conclusion and performance of these contracts (Article 6(1)(b) of the GDPR);
  • in order to conduct negotiations and other activities prior to the conclusion of the aforementioned agreements within the framework of the Controller’s business activity on the basis of your request (Article 6(1)(b) GDPR);
  • in order to conduct marketing activities via electronic communication and telephone by sending commercial information – on the basis of consent voluntarily given by you (Article 6(1)(a) GDPR);
  • for archiving purposes after the execution of the aforementioned agreements, in connection with the performance of the legal obligation imposed on the Controller by virtue of the conclusion of the agreements – i.e. the obligation arising from tax law, in particular Article 32 of the Tax Ordinance Act (Article 6(1) (c) GDPR);
  • in connection with the legitimate interests pursued by – i.e. processing may take place to the extent necessary to establish, assert and protect claims, until&nbspthe date of expiration of possible claims (Article 6(1)(f) GDPR).

III. Requirement to provide data

  • Providing your personal data within the scope of agreements concluded within the Controller’s business activity is voluntary, however, their lack will result in the impossibility to perform (or conclude) the contract.
  •  The provision of personal data by you within the scope of the consent referred to in item 2 above (within the scope of marketing by means of electronic communication and by phone) is voluntary, and the lack of this consent shall not cause any consequences for you, in particular it shall not affect the conclusion and performance of any agreements, however the activities covered by the consent shall not be performed by the Controller.

IV. Data recipients

  • Your personal information may be shared with:
  • Entities providing accounting and bookkeeping services to the Controller
  • Entities providing legal services to the Controller
  • Entities providing IT services to the Controller
  • Courier service providers
  • Entities providing security and monitoring services to the Controller

V. Data retention period

  • Your data will be stored for the period of the statute of limitations for claims, not longer than 10 years from the date of maturity of claims and the period necessary for archiving documents for tax purposes.

VI. Authorisations

You have the right to:

  • access to your personal information;
  • correct your personal data;
  • delete your personal data, however, the Controller may continue to process your personal data despite your request for deletion for the purpose of establishing, investigating or protecting claims, and for archival purposes;
  • restrict the processing of your personal data;
  • object to further processing of your personal data;
  • withdraw consent to the processing of personal data (where such consent has been given) – the exercise of the right to withdraw consent does not affect processing that has taken place up to the point of withdrawal of consent;
  • to transfer your data.

You also have the right to lodge a complaint to the supervisory authority – i.e. the President of the Office for Personal Data Protection.