LERG S.A. Privacy Policy

According to Article 13 of Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR“), please be advised as follows:

This Privacy Policy sets out the rules for the processing of personal data by LERG S.A. with its registered office in Pustków-Osiedle 59D, 39-206 Pustków 3, Poland.

  1. Personal Data Controller

The Controller of your personal data is LERG S.A. with its registered office in Pustków-Osiedle 59D, 39-206 Pustków 3, Poland, entered into the Register of Entrepreneurs kept by the District Court in Rzeszów, 12th Commercial Division of the National Court Register under the number KRS: 0000033727, VAT No. (NIP): 8720003568, REGON 850022800, share capital of PLN 3 813 981.60 paid up in full (“Controller”, “we”, “us”).

  1. Data subjects and personal data we collect

The Controller processes personal data of the following entities: visitors to the Controller’s website and those who choose to contract the Controller via the contact form.

We collect the following personal data:

  • Data provided in the contact form: e-mail address, telephone number, personal data contained in the message submitted
  • Data collected automatically when visiting the website: IP address, browser type, operating system, pageview tracking information, time of visit, referrer information (source of our website traffic).
  1. Purpose and legal basis of processing

We process your personal data for the following purposes:

  • Handling contact inquiries: responding to your questions and messages sent via the contact form. The legal basis for processing is our legitimate interest (Article 6(1)(f) GDPR) for handling inquiries from customers and potential customers.
  • Direct marketing: sending commercial and marketing information electronically (e.g. via newsletter), if you consent to it. The legal basis for processing is our legitimate interest (Article 6(1)(f) GDPR) for direct marketing.
  • Statistical analytics: analyzing website traffic, improving the quality of our services. The legal basis for processing is our legitimate interest (Article 6(1)(f) GDPR) for improving our services.
  • Establishment, exercise or defence of legal claims: Article 6(1)(f) GDPR, i.e. a legitimate interest of the Controller for enabling the Controller to establish, exercise or defend against claims.
  1. Data recipients

Your data may be transferred to:

  • Third-party processors that process data on our behalf (e.g. IT service providers, marketing agencies), but only to the extent necessary to meet the purpose of processing.
  • Government agencies or other entities authorized under the law.

All persons authorized to process personal data are under an obligation to keep the data confidential and safeguard it against disclosure to unauthorized persons.

The Controller may disclose personal data that it processes for the purposes described in this Privacy Policy among the  Lerg Group companies or other subsidiaries of the Controller. The disclosure will be made solely for intra-enterprise management purposes (e.g. for the purpose of transferring an inquiry contained in the contact form). 

  1. Data storage period

Your personal data will be stored for the period necessary to meet the purpose of processing, and thereafter:

  • Data contained in the contact form: for the period of limitation of potential claims.
  • Data collected automatically: for the period necessary for statistical analytics, no longer however than one year.
  • Data processed for direct marketing purposes: until you exercise your right to object.
  1. Your rights

You have the right to:

  • access to your personal data,
  • rectification of your data,
  • erasure of your data,
  • restriction of processing of your data,
  • transmit your data,
  • object to processing of your data,
  • withdraw your consent to processing at any time, save that the withdrawal does not affect the lawfulness of data processing based on a granted consent before the withdrawal.
  • lodge a complaint with the competent supervisory authority in connection with the processing of personal data by the Controller – the supervisory authority is the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw, Poland. 
  1. Data transfer to third countries

The Controller stores personal data processed through the website in the IT infrastructure provided by external entities, including in e-mail boxes operated through servers that may be located outside the European Economic Area, and thus may transfer personal data to recipients outside the European Economic Area.

In other cases, the Controller transfers personal data through mechanisms consistent with applicable law, including the requirements of the GDPR as contained, among other, in Article 46 GDPR, in particular on the basis of standard contractual clauses. You can learn more about existing safeguards put in place by the Controller to ensure that the processing of personal data complies with applicable laws regulations, and about your options to obtain a copy of such safeguards or the place and method of making such safeguards available, by contacting the Controller in the manner described in this Privacy Policy. 

  1. Automated decision-making, including profiling

The Controller does not make decisions on the basis of automated processing, including profiling, based on Users’ personal data. 

  1. Contact details

If you have any questions regarding the processing of your personal data, please contact us at the e-mail address: lerg@lerg.pl or by sending traditional correspondence to the address of the Controller’s registered office. 

  1. Changes to the Privacy Policy

We reserve the right to change this Privacy Policy. We will inform you about any changes on our website.