SMM Legal Privacy Protection Policy
Last updated: 24/03/2021
- SMM LEGAL Maciak Mataczyński Czech Sikorski spółka jawna (previously SMM LEGAL Maciak Mataczyński Adwokaci sp.k.) with its registered office in Warsaw (‘SMM Legal’) makes best efforts to protect Users’ personal data against any disclosure to or harvesting by any unauthorised persons, against processing in breach of effective laws and against any modification, loss, damage or destruction. Furthermore, SMM Legal respects the privacy of each and every single User.
- Users’ personal data are processed in compliance with legal requirements, in particular the requirements under the regulation of the European Parliament and the Council (EU 2016/679) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (‘General Data Protection Regulation’ or ‘GDPR’, OJ L 119, 4.5.2016, p.1-88).
- This Privacy Protection Policy (‘Policy’) lays down the rules applicable to the processing and protection of Users’ personal data by SMM Legal. This Policy defines the types of personal data collected by SMM Legal, the manner of use of the data, Users’ rights, the categories of subjects to whom the data is disclosed, as well as information on cookies. What is more, this Policy lays down the personal data protection and security measures and the contact details as regards User’s rights in relation to personal data protection measures and methods applied by SMM Legal.
1. Basic terms
- ‘Personal data’ means any information relating to an identified or identifiable natural person, such as a first and a last name, a telephone number, an address, or an identity card number. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Information is not deemed identifiable if such identification would require excessive cost, time or measures;
- ‘Data processing’ means any operation or a set of operations performed on personal data, such as collection, recording, storage, organisation, adaptation or alteration, disclosure or erasure, in particular with the use of IT systems;
- ‘Personal data protection breach’ means a security breach resulting in accidental or illegal destruction, loss, alteration, unauthorised disclosure or unauthorised access to personal data being transferred, stored or processed in any other way;
- ‘User’ means a natural person whose data is processed by SMM Legal;
- ‘Client’ means an entity to whom SMM Legal provides legal services.
II. Personal Data Controller and Data Protection Officer
- The Personal Data Controller is SMM LEGAL Maciak Mataczyński Czech Sikorski spółka jawna (previously SMM LEGAL Maciak Mataczyński Adwokaci sp.k.) with its registered office in Warsaw (00-560) ul. Mokotowska 33/35, National Court Registration Number: KRS 0000890846, registry court: District Court for the capital city of Warsaw in Warsaw, 12th Commercial Division of the National Court Register, Tax Id. No. ‘NIP’: 7811902800; Statistical Business Id. ‘REGON’: 360050565.
- Data Protection Controller: Tomasz Lewandowski, mailing address: ul. Litewska 3/1, 60-605 Poznań (firstname.lastname@example.org). The Data Protection Controller supervises the compliance with personal data protection and security rules at SMM Legal.
- To the extent allowed by law, SMM Legal can collect information about Users from a variety of sources.
- As an entity processing personal data while providing legal services, SMM Legal obtains Users’ personal data primarily from its own Clients. Whenever professional contact details have not been obtained from the data subject directly (e.g. by giving a business card containing such data to a SMM Legal lawyer) such data could have been disclosed by the entity represented by the data subject or obtained from publicly available sources, such as public registers (e.g. the National Court Register).
- Personal data obtained by SMM Legal include, in particular:
- contact details (such as a last name, a temporary or permanent residence address/mailing address/ business address, e-mail and phone number);
- professional contact details (position or title, department, institution);
- data required to raise a VAT invoice (such as a tax identification number, a REGON number);
- content provided (such as pictures, articles and comments);
- convictions and law violations.
- SMM Legal ensures control of the type and scope of processed personal data, the period and manner of processing, as well as persons authorised to process the data.
- SMM Legal exercises the highest degree of care to protect personal data and information collected by it.
- SMM Legal ensures appropriate administrative, technical and physical protection of the personal data supplied by the User against accidental, illegal or unauthorised damage, loss, alteration, access, disclosure or use.
- SMM Legal stores personal data only as long as necessary to achieve the purpose for which the personal data has been collected, unless effective laws provide otherwise.
- SMM Legal undertakes measures to destroy the data or make them permanently unidentifiable if required by effective law or if the data is no longer needed to achieve the purpose for which it have been collected.
- SMM Legal represents that:
- it processes personal data in compliance with law;
- it collects personal data for specified, legal purposes and does not process such data in any other manner non-compliant with such purposes;
- it stores personal data in a form that allows for the identification of the data subject not longer than necessary to achieve the purpose of processing;
- it processes personal data that are substantially correct and appropriate for the purposes of processing.
- The following subjects have access to personal data: SMM Legal and its employees, collaborators and service providers, upon written authorisation. The foregoing persons can access personal data only for the purposes and in the scope defined by SMM Legal.
- SMM Legal keeps a register of persons authorised to process such data. Persons authorised to process the data are obliged to keep the personal data and the measures securing the data confidential.
- SMM Legal and persons authorised to process the data use technical and organisational measures that ensure the protection of the processed personal data.
- Purposes for which SMM Legal can use the collected data include:
- the provision, the administration of and the information about legal services of SMM Legal under Article 6.1.b in the case of personal data of a User who has initiated activities aimed at entering into a contract with SMM Legal or the performance of such a contract;
- the fulfilment of legal duties of SMM Legal under the Advocates Act or the Legal Advisors Acts or any other legislation governing the provision of legal services, as well as tax and accounting legislation (under Article 6.1.c GDPR)
- risk assessment and the enhancement of SMM Legal operations (including the development of services, managing communications, analysis and improvement of services), which constitutes SMM Legal’s legitimate interest within the meaning of Article 6.1.f GDPR;
- to estimate User’s interest in employment and contact regarding the possibility of employment with SMM Legal, which constitutes SMM Legal’s legitimate interest within the meaning of Article 6.1.f GDPR;
- in compliance with legal requirements or in connection with pending legal proceedings or in connection with a request of a public authority to disclose information held by SMM Legal, which constitutes SMM Legal’s legitimate interest within the meaning of Article 6.1.f GDPR;
- to ensure the compliance of processing with legislation on personal data protection and internal SMM Legal rules, which constitutes SMM Legal’s legitimate interest within the meaning of Article 6.1.f GDPR.
- SMM Legal does not disclose, sell or render personal data concerning Users available in any other way except for the situations accounted for in this Policy or when required to do so by law.
- SMM Legal can outsource the processing of personal data to service providers acting on its behalf. Pursuant to effective contracts to process personal data, SMM Legal requires service providers to ensure a law-compliant high level of protection and security of the personal data processed by service providers on behalf of SMM Legal.
- To the extent stipulated by law, Users have the right to access their personal data, in particular as a form of control of SMM Legal’s processing of the subject’s personal data. In particular, they have the right to obtain information on the purpose, scope and the manner of personal data processing.
- To the extent stipulated by law, Users also have right to alter, supplement, correct and update their personal data processed by SMM Legal.
- To the extent required by law, Users also have right to request that their personal data processed by SMM Legal be deleted.
- If the processing of personal data takes place on the basis of User’s consent, the User has the right to withdraw their consent for the processing of their personal data by notifying SMM Legal of this fact in any form. Should that be the case, SMM Legal shall comply with User’s decision insofar as any future activities are concerned, which means that the withdrawal of consent does not affect the legality of processing before the withdrawal.
- In cases stipulated by law, a User has the right to request that SMM Legal limit the processing of User’s personal data.
- Due to reasons resulting from User’s specific situation and to the extent stipulated by law, a User can raise an objection against the processing of User’s data by SMM Legal where the grounds for such processing is SMM Legal’s legitimate interest.
- To the extent stipulated by law, a User has the right to receive their own data supplied to SMM Legal in a structured, commonly used, machine-readable and interoperable format and has the right to transfer such data to any other controller without any interference by SMM Legal.
- A User can exercise any of their abovementioned rights by sending an e-mail to: email@example.com.
- Should a User conclude that SMM Legal processes User’s personal data in a manner non-compliant with law, the User can submit a complaint to the supervisory authority, in the case of the republic of Poland to the President of the Personal Data Protection Office.
- SMM Legal, its service providers and commercial partners collect certain information with the use of automated measures, such as cookies, concerning the visitors browsing its www.smmlegal.pl website. Information collected in this manner may include: IP address, browser type, operating system, URLs of visited pages, as well as information on the activities performed on the website. SMM Legal encourages all visitors to read its Cookies Policy available at: https://www.smmlegal.pl/pl/polityka-prywatnosci[TL1] .
- To use the www.smmlegal.pl website, visitors are not required to log in, register an account or provide their data.
- To monitor the www.smmlegal.plwebsite, SMM Legal can use analytical software belonging to third parties, e.g. Google Analytics. Google Analytics can be turned off using a browser opt-out add-on that can be downloaded at: https://tools.google.com/dlpage/gaoptout
- To ensure Users’ comfort and provide Users with additional information, the www.smmlegal.pl website contains links to websites administered by independent third parties, such as Twitter or LinkedIn. Such websites may have adopted other clauses and may follow different privacy protection policies. You are encouraged to read such policies. SMM is not liable for the content, the User’s use or privacy policies of any websites linked on the SMM Legal website that are not owned or controlled by SMM Legal.
VIII. Policy modifications and updates
- This Policy can be periodically modified. The purpose of such modifications is to reflect changes to SMM Legal practices regarding the handling of personal data and the improvement of SMM Legal personal data protection system.
- Major Policy alternations will be signalled by easily noticeable communications published on the website. The date of the last update is published at the top of the Policy page.
- A User can contact SMM Legal or Data Protection Officer (firstname.lastname@example.org) at any time in order to obtain information whether and how SMM Legal uses or intends to use User’s personal data, and to submit questions or comments of any kind regarding this Policy.
SMM Legal uses analytical services to find out whether content it publishes is interesting to Users. SMM Legal can use web beacons or tracking pixels to count the visits on the www.smmlegal.pl website and performance cookies to check how many Users visit the website and how often they do it.
By using the www.smmlegal.pl website the User consents to the recording of the abovementioned cookies on their computer or another device. However, a User can always control the installed cookies. The decision to remove or block cookies can affect the use of the www.smmlegal.pl website, as some of its areas can become unavailable.
Cookies can be managed by changing the browser settings. Information on the possibility to modify the browser settings, blocking and filtering cookies can be found at: //www.aboutcookies.org/.
A User can also block the anonymous tracking of their actions on the website via analytical cookies. Privacy rules adopted by SMM Legal service providers and information on the possibility to opt out from their cookies can be found at: Google Analytics: //www.google.com/analytics/learn/privacy.html