Personal Data Protection – Privacy Policy

1. General Information

This Privacy Policy sets out the principles for the processing of personal data of users of the website operated by JM elektronik sp. z o.o., available at www.jm-ems.pl, including the principles for the collection, use and protection of such data.

This Privacy Policy is for informational purposes and has been prepared in connection with the application of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR).

2. Data Controller

The controller of personal data is: JM elektronik sp. z o.o., ul. Karolinki 58, 44-100 Gliwice, Poland, tel. +48 32 339 69 00, www.jm.pl

For matters related to the processing of personal data, the Controller may be contacted at the following e-mail address: iod@jm.pl

The Company has not appointed a Data Protection Officer.

3. Scope of Data Processed

In connection with the use of the website, the Controller may process personal data of users in the following cases:

  • in connection with the submission of an enquiry via the contact form,
  • in connection with the establishment or performance of business cooperation,
  • in connection with the use of the customer portal available on the website,
  • in connection with the use of the functionalities of the website.

The scope of data processed may include in particular: first and last name, company name, e-mail address, telephone number, data related to existing business cooperation, and technical data concerning the use of the website.

4. Purposes and Legal Bases for Data Processing

Personal data may be processed for the following purposes:

a) Handling enquiries and correspondence

Data submitted via the contact form or by e-mail are processed for the purpose of responding to the enquiry and conducting further communication.

Legal basis: Article 6(1)(b) or (f) of the GDPR.

b) Conclusion and performance of a contract

Data may be processed for the following purposes:

  • conclusion of a contract,
  • processing of orders,
  • ongoing business cooperation.

Legal basis: Article 6(1)(b) of the GDPR.

c) Compliance with legal obligations

The Controller may process data in order to fulfil legal obligations arising in particular from tax and accounting regulations.

Legal basis: Article 6(1)(c) of the GDPR.

d) Establishment or defence of legal claims

Data may be processed for the purpose of establishing or defending legal claims related to the business activity conducted.

Legal basis: Article 6(1)(f) of the GDPR.

5. Recipients of Data

Personal data may be transferred to entities cooperating with the Controller to the extent necessary for conducting its business activity, in particular:

  • providers of IT services,
  • providers of legal or advisory services,
  • providers of accounting and auditing services,
  • logistics and transport operators.

Data may also be processed by providers of IT tools used to operate the website and to analyse website traffic.

6. Analytics Tools and Third-Party Technologies

The website uses analytics tools that enable analysis of website usage and its optimisation.

In particular, solutions provided by Google are used (Google Analytics, Google Tag Manager).

In addition, the website may use tools supporting customer relationship management and B2B web traffic analysis.

These tools may use cookies and similar technologies.

7. Cookies

The website uses cookies for the following purposes:

  • ensuring the proper functioning of the website,
  • maintaining the user session after logging into the customer portal,
  • analysing website traffic,
  • adapting the website’s functionalities to the needs of users.

The user may at any time change their cookie settings via their web browser settings or via the consent management mechanism available on the website.

Restricting the use of cookies may affect certain functionalities of the website.

8. Transfer of Data Outside the European Economic Area

In connection with the use of services provided by technology vendors, data collected through the use of the website may be transferred to countries outside the European Economic Area.

In such cases, the transfer of data takes place on the basis of mechanisms ensuring an adequate level of data protection, in particular standard contractual clauses approved by the European Commission or other instruments provided for by applicable law.

9. Data Retention Period

Personal data will be stored:

  • for the period necessary to respond to an enquiry,
  • for the duration of the business cooperation,
  • for the period resulting from applicable legal provisions,
  • for the period necessary to establish or defend legal claims.

10. Rights of Data Subjects

The data subject has the right to:

  • access their personal data,
  • rectification of data,
  • erasure of data,
  • restriction of processing,
  • object to processing,
  • data portability.

The data subject also has the right to lodge a complaint with the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych – UODO).

11. Amendments to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy in the event of changes in legislation, technological changes or changes in the operation of the website.

The current version of this document is published on the website.