PRIVACY POLICY
General information
We respect the right to privacy of people whose personal data we store, in particular using appropriate technological solutions and legislative measures that prevent unauthorized entities from intruding on their privacy.
The Policy contains information about what you can expect when we contact you or you contact us or use one of our services or services from our Partners.
By reading the following content you will learn about:
- why do we process your personal data
- why do we do it
- whether the provision of data is mandatory
- how long do we have to store data
- are there other recipients of your personal data
- what rights do you have
Our activities related to storing and processing of all data aim to guarantee you a sense of complete security and lawful processing at a level appropriate to the data protection law applicable in EU, including Regulation of the European Parliament and of the Council 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – called GDPR.
Please be advised that our websites may also include external links which unable direct access to other websites, or when using our services, you may place cookies files in the User’s end device in order to enable you to take advantage of integrated functions (for instance: Facebook, LinkedIn, YouTube). Each of the suppliers defines the rules of using cookies in their privacy policy, therefore we have no influence on the privacy policy of the providers and their use of Cookies.
Personal Data Controller
The entity deciding on the purposes and methods of using your personal data (meaning their controller according to GDPR) is Thorium Space S.A. from Wroclaw (Poland).
You can contact us via:
- e-mail office@thorium.space
- mail Bierutowska 57-59, 51-317 Wrocław
- phone +48 71 756 27 00
Security
We conscientiously approach the protection of data concerning you and constantly develop our systems and security processes. The security measures we use include:
- limited physical access to our buildings and user access to our systems – only for those who are entitled
- control mechanisms such as firewall, user verification, data encryption and separation of roles, systems and data
- proactive monitoring
We also use the highest standards in the industry to support the maintenance of a solid information security management system.
What data do we process?
We collect or process data only to the extent necessary to achieve the purposes for which they are used. The scope of data will vary depending on the purpose of the processing. Most of the personal data processed by us is passed directly to us due to one of the following reasons:
- You are our contractor/employee or participate in recruitment process
- You are our client, or your data has been provided to us by your employer
- We obtained it directly from you or from a third party authorized to provide us with your information
- You have filed a complaint or inquiry
- You have asked us for information
- You represent your organization
- You use one of our services
The basis for the processing
In any case, when we process your personal data, we must have so-called “Legal basis”. The legal bases result directly from the law (article 9, article 9 of the GDPR), below are those on which we most often rely:
– Consent: You have indicated to us that you agree to the processing of your data for a specific purpose e.g. for future recruitment, dispatch of subscribed material
– Legitimate interests: only if processing is necessary for us to conduct our business and it does not interfere with the right to respect your privacy g. to verify the quality of our products or services, ensure security in the area of our offices etc.
– Performance of the contract: we need to process your personal data in order to be able to perform the contract concluded
– Legal claims: when data processing is necessary to establish, enforce or defend legal claims
– Legal obligation: when we are obliged under law to process your personal data g. if you are our employee, we are obliged to process your data in accordance with labor law
How we use your personal data?
We use the data only for the purpose for which they may be processed in accordance with the law. There are many ways and possibilities to use personal data regarding you, depending on how you interact with us. For example, if you do not provide us with your details, we will not be able to contact you in this way, if you do not provide us with your contact details, address of the company you work in, or represent when negotiating or purchasing one of our products or services, we will not be able to sell you this product or service.
Who might we share your personal information with?
In addition to us, access to data may have a number of entities. They may be service providers with whom we cooperate, and who help us in delivering products and services that you expect from us or support us in your business. These entities process personal data on our behalf and must meet high security standards. We only share information that allows them to provide us services or facilitate their provision to You.
In some circumstances, we may also be legally obliged to disclose information about you – for example, by court order, law or public authority decision. In any case, we make sure that we have a legal basis to share information about you and document our decisions.
International transfers of personal data
In the scope of achieving the processing purposes described in this policy, we may transfer your personal information to our suppliers, partners or service providers located outside the European Economic Area (EEA). In any case, if your data can be found outside the EEA, we will inform you about it.
At the same time taking care of the security of your data we strictly follow the rules of their transfer resulting directly from the GDPR and provide data only where the degree of security is guaranteed in accordance with the decisions of the European Commission (eg. to the USA only to entities located on the so-called Privacy Shield list) or guarantees respect for privacy principles and effective legal protection measures are in force.
How long we keep your personal data?
As a rule, we store data only for the period necessary to achieve the purposes in relation to which they are processed, strictly specified in this privacy policy, other regulations or contracts and in accordance with the law (GDPR) and relevant provisions.
We never store personal data longer than necessary. In most cases, the storage period ends after 6 years from the end of cooperation with us due to the limitation periods for certain claims.
Is there an obligation to provide personal data?
As a rule, providing your personal data is completely voluntary, however, it may be necessary for the implementation of specific services or your requests, e.g. in terms of contact, conclusion of a contract, execution of your processing rights, etc. Providing data may also be necessary due to the applicable law.
Your rights
In accordance with the provisions of the law on the protection of personal data, you have specific rights depending on the basis for processing your data.
Right to access personal data
You have the right to know if and how we use or store your personal data – the so-called right to access personal data. By using this right, you can also ask us for a copy of your data.
Right to correct personal data
You may question the accuracy of the data we process and ask us to correct it. This is the so-called “right to correct personal data”. If your data is incomplete, you can also ask us to complete it, e.g. by adding new information.
Right to erasure
You can ask us to delete your data and in some circumstances we must do so. This entitlement is also known as so-called “The right to erasure”. This right is not absolute and applies, among others in the following circumstances when:
- We do not require your data anymore
- You initially agreed to the processing, but now you have withdrawn it
- You opposed the use of your data
- We processed your data unlawfully
We may deny you the right to “erasure” in the following circumstances:
- when we are legally obliged to store your data
- data storage is necessary to establish, enforce or defend legal claims
Right to restrict use of your data
You have the authority to limit the way we use your data, especially if you are concerned about the accuracy of the data or how it is used. If necessary, you can also submit a request to delete certain information about you. This right is closely related to your rights to question the accuracy of your data and the ability to object to their use.
The right to export the data
You have a right to gain the access to your personal data in a version which can be open on the computer, e.g. csv file. You can also ask the company for sending your personal data to the other economic subject. We can do this only if, as it was said in GDPR, it will be technically possible. It concerns only the information given for us on your own and the export goes in electronic format.
The right to withdraw the consent
If the processing of personal data is based on the sign consent, you can withdraw the permission at any moment. However, it doesn’t involve the data processed earlier.
The right to make a complaint to supervisory authority
The processing of personal data in our company covers the highest standards of security.
If you have some questions or doubts, please contact with us and we answer.
If you still be unpleased by the given answer or the execution of your privileges, you can make a complaint to supervisory authority (in Poland to the President of the Personal Data Protection Office).
The execution of your rights
If you want to ask about data processing, contact us via:
- e-mail office@thorium.space
- mail Bierutowska 57-59, 51-317 Wrocław
- phone +48 71 756 27 00
Cookies files
Our website may use the cookies files, which are the IT data, especially text files, which are stored on the Data Terminal Equipment (DTE). In general, cookie files contain the www address of the page from which they came from, the time of storing in DTE and the unique number.
The usage
The cookies files are used to:
- provide service;
- make browsing the website in an easy way;
- identify the device, on which the files were already downloaded, in case of reconnecting with the website;
- create the statistics, which help in understanding how the users browse the website or what can make the structure and content of the website better;
- adjust the content of website to the specific preferences and optimize browsing the web pages, all adjusted to the individual needs of users;
- exchange information with our business partners in order to broker in supplying their services while using the website.
The types of cookies files
We can use the following types of the cookie files on our website:
- “sessional”- they are stored on the DTE till the user leaves the page or closes the browser;
- “permanent”- they are stored on users DTE for the time which is determined in their parameters or to the deleting them by the user;
- “performance testing”- they record the information how the web pages are used;
- “functional”- they make possible to remember settings chosen by the user and the personalization of the interface;
- “internal”- provided by the website;
- “external”- sourced on the other site than our website.
The website settings management
The software to browse the website, i.e. web browser, usually by default allows storing the cookies files on DTE. You can change those settings.
The web browser allows delaying the cookies files. You can also automatically block the cookies. More detailed information about the case might be found in “help” option or in the records of your browser.