Privacy Policy

I. INTORDUCTION

  1. The administrator of personal data collected in particular via the website https://baltica.energy  (hereinafter referred to Website) is the entity that decides how your personal data will be used, is PGE Baltica Sp. z o.o. with headquarters at ul. Mokotowskiej 49, 00-542 Warszawa (hereinafter referred to:Administrator). Contact with the Administrator is possible via the telephone number: 22 340 50 60 and/or via e-mail: sekretariat.pgebaltica@gkpge.pl.
    The Administrator is responsible for the security of the provided personal data and its processing in accordance with the law.
  2. The Administrator has chosen the Data Protection Officer (hereinafter: IDO) who can be contacted via the e-mail address iod.pgebaltica@gkpge.pl in matters related to the processing of personal data, and the exercise of rights of users in accordance with the provisions on the protection of personal data.
  3. Your personal data is processed in accordance with the Regulation of the European Parliament, and the EU Council (2016/679, issued on 27 April 2016) on the protection of individuals with regard to the processing of personal data, on the free movement of such data, as well as repealing the Directive 95/46 / WE (hereinafter: RODO) and other currently applicable provisions of the law on the protection of personal data.
  4. During the visit the Website collects data such as:
    1. personal data provided by the Website user,
    2. data obtained and registered automatically.
  5. The purpose and scope of personal data used by the Administrator is specified in detail in the further part of the privacy policy.

 

II. COLLECTED DATA - BASIC INFORMATION

  1. The following information applies to all ways of using your personal data indicated in chapter III and IV by the Administrator.
  2. Your data will not be used to make decisions based solely on the automated processing of personal data, including profiling within the meaning of art. 22 RODO.
  3. With all the guarantees data security, personal data is processed through the Service may be transferred - in addition to those authorized by the Administrator – to  other entities, including:
    1. entities authorized to receive them in accordance with the law,
    2. podmiotom przetwarzającym je w imieniu Administratora, np. dostawcom usług technicznych i hostingowych, dostawcom usług analitycznych, podmiotom świadczącym usługi doradcze,
    3. other data administrators to the extent necessary to perform the contract, provide services and legal requirements, e.g. notary or legal offices, contractors providing services to the Administrator on the basis of concluded contracts.
  4. The Administrator informs that your personal data will not be transferred to countries outside the European Economic Area.
  5. The administrator informs that in connection with the processing of personal data obtained through the Website, each data subject has the right to submit an application regarding:
    1. access to data (information on the processing of personal data or a copy of the data),
    2. rectification of data (if they are incorrect),
    3. deletion of personal data (the right to be forgotten),
    4. restrictions on the processing of personal data,
    5. transferring data to another administrator,
    6. objecting to data processing, when the basis for processing is the legitimate interest of the Administrator,
    7. withdrawal of consent in the event that the Administrator will process personal data based on consent, at any time and by any means, without affecting compliance with the right to process based on consent before its withdrawal - on the terms set out in the GDPR.
  6. Every data subject has the right to lodge a complaint with the supervisory body (the President of the Office for Personal Data Protection, https://uodo.gov.pl/pl/83/155) if they believe that the processing of personal data is inconsistent with regulations.
  7. The data was obtained by the Administrator directly from you. The administrator may also process:
    1. data of other persons provided by the user when using the services described in this privacy policy,
    2. personal data obtained from entities with which the Administrator cooperates, based on concluded contracts (e.g. business data of employees indicated for contact in order to perform the contract),
    3. personal data obtained from entities and third parties cooperating with the Administrator, the data has been made available to the Administrator based on your consent,
    4. data obtained from publicly available sources, e.g. from the National Court Register, Central Register and Information on Economic Activity, websites, social networks.

III. PERSONAL DATA PROVIDED BY THE USER

III. A. E-MAIL AND PHONE CONTACT

  1. The administrator processes personal data, in particular: name, surname, contact telephone number, e-mail address and other information provided by you, to the extent necessary to handle requests and process inquiries, including communication and answering questions asked via the contact telephone number and e-mail address provided on the Website (legal basis - Article 6 (1) (f) of the GDPR) - " legitimate interest ".
  2. The administrator has the right to process personal data for the period necessary to fulfill the inquiry, including to answer the correspondence sent or the notification / question provided during a telephone conversation.
  3. Providing data is voluntary, but necessary to answer the question sent or for the proper handling of the request and implementation of the inquiry. The consequence of not providing personal data may be the inability to answer or process the inquiry.

III. B. MARKETING COMMUNICATION

  1. The administrator processes your personal data for the purpose of:
    1. marketing communication by means of electronic communication (mainly: e-mails, telephone calls, SMS messages, RSS channels) on the basis of a separate consent to the processing of data for this purpose (legal basis - Article 6 (1) (a) of the RODO) - "consent";
    2. implementation of direct marketing, including sending information about the Administrator's products and services and entities from the PGE Group and partners cooperating with the Administrator (legal basis - Article 6 (1) (f) of the GDPR) - "legitimate interest", taking into account the provisions of the Telecommunications Law and the provisions of the Act on the provision of electronic services.
  2. Providing data in order to receive marketing communication via the selected communication channel is voluntary, but necessary to receive commercial information. The consequence of not providing personal data will be the inability to receive marketing content.
  3. The administrator has the right to process personal data for the period necessary to achieve the above-mentioned purposes. Depending on the legal basis, it will be respectively:
    1. the time until the objection is expressed,
    2. time until consent is withdrawn.
  4. The consent may be withdrawn, in particular, by contacting the Administrator or the DPO (via the contact details indicated above). Withdrawal of consent does not affect the lawfulness of the use of data during the period in which such consent was in force.

IV. AUTOMATICALLY COLLECTED DATA

  1. Using the Website involves sending queries to the server, which are automatically saved in the event logs.
  2. Data on user sessions are stored in the event logs. These are mainly: IP address, type and name of the device, date and time of visits to our website, information about the web browser as well as the operating system.
  3. The data recorded in the event logs are not associated with specific individuals.
  4. Access to the content of the event logs is granted to persons authorized by the Administrator to administer the Website.
  5. Chronological record of information about events is only auxiliary material, used for administrative purposes.
  6. The analysis of event logs enables, in particular, the detection of threats, ensuring adequate security of the Website and the performance of statistics in order to better understand how the Website is used by users.
  7. The website uses cookies for its operation.

V. FINAL PROVISIONS

  1. This privacy policy is informative and applies in particular to the website operating at https://baltica.energy.
  2. The website may contain links to other websites: for example companies from the PGE Capital Group, partners cooperating with the Administrator, service providers and other external entities (e.g. LinkedIn, Facebook, Twitter, Marketplanet OnePlace shopping platform). The administrator recommends that each user, after switching to other websites, read the privacy policies in force there.
  3. The Administrator reserves the right to introduce changes to the applicable privacy policy, in particular in the case of:
    1. technology development,
    2. changes to generally applicable legal provisions; including changes in the field of personal data protection or information security,
    3. development of the Website.
  4. Changes to your privacy policy administrator notify users by posting an announcement on the Website