At IDEAS NCBR Sp. z o.o. we take your privacy very seriously and will never disclose, share or sell your data without your consent, unless required to do so by law. Therefore, we have established the following basic principles to ensure the lawfulness of processing and the proper level of security.
The rules are settled to ensure:
As the Administrator of the processed personal data, we would like to inform you that:
We always inform you about the processing at the time when personal data is obtained, specifying the purpose and legal basis for processing. This obligation may be fulfilled in several layers, and the purpose of the adopted solution is to limit the scope of information provided at once, enabling you to return to information at any time and reduce the costs of distributing the content of the information provided in the form of a printout.
We make sure that the scope of the processed personal data is adequate in relation to the purpose of their processing, and that the personal data is stored for the period necessary. We conduct regular adequacy assessments, on the basis of which we assess the proportionality of the obtained data in relation to the purpose of their processing, in a situation where we believe that the scope of personal data being processed is too wide, we change it so that it does not infringe your right to privacy.
We ensure the security and confidentiality of processed personal data to an extent adequate to the risk and the potential impact of a data breach on you. We conduct regular security audits, on the basis of which we assess the risk of breaching the security of your personal data processed by us, and in a situation where the risk assessment is high, we take the necessary steps to minimize it. Everything with concern for the maximum security of your personal data.
We ensure the implementation of the rights of a natural person under the provisions of the GDPR whose data we process. if you can read more about your rights and if you want to find out how to exercise any of your rights.
In the event of a breach of personal data, which may result in negative consequences for you, as a natural person affected by the breach, we will inform you about the occurrence of such an event in the form of:
In the notification, we will always inform you about the violation, its possible consequences, and we will provide information on steps that should be taken to minimize the risk of the those consequences.