under the terms of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of the Directive 95/46 /EC (General Data Protection Regulation), so-called GDPR.
This information refers to personal data processed by BURY Group based in: BURY Sp. z o.o., Wojska Polskiego Street 4, 39-300 Mielec, Poland; BURY GmbH & Co KG, Robert-Koch Street 1-7, 32584 Löhne, Germany; BURY-Tlaxcala S. DE. R.L. DE C.V., Avenida Virgen de la Caridad Street 104, Parque Industrial Xicotencatl II, CP. 90500, Huamantla, Tlaxcala, Mexico; (hereinafter referred to as „Company" or „we”) as the administrator of personal data, manners and purposes, in and for which they are processed, as well as the rights of natural persons with regards to collecting and using such data. If you have any questions or comments, please contact rodo@bury.com.
The Company hereby informs about all forms of using information identifying natural persons, hereinafter referred to as "personal data" ("processing") in respect of natural persons who are:
a) customers, including potential customers of the Company,
b) partners, associates, employees, statutory representatives, proxies or representatives of such customers, and
c) other persons whose data we process in order to perform a contract between customers and the Company, including the purpose of issuing or performing invoices
(collectively referred to in this information as "You" or "Customers").
We would like to inform You:
• about the purpose and manner in which the Company collects, uses and stores your personal data;
• on what legal basis this personal data are processed, and
• about your rights and our obligations related to the processing of your personal data.
Types of personal data
Data provided by Customers
In relation to the cooperation between You and the Company, as well as cooperation by intermediaries, including entities related within the capital group, we may process personal data provided by You. These data are:
a) name and surname, company, business address and correspondence addresses,
b) numbers held in the relevant registers (e.g. Tax Identification Number or National Official Business Register number),
c) PESEL number,
d) contact details, such as e-mail address, or telephone or fax number,
e) job position occupied by You within Your organization,
f) bank account number.
In the case of concluding a contract directly between You and the Company, providing the data specified above is voluntary, but necessary for the purpose of concluding the contract and the cooperation between the Customer and the Company. In the event that You do not enter into a contract directly with the Company, providing personal data may be Your official duty.
The consequence of the lack of data provision is the inability to implement cooperation between the Company and the Customer.
Data collected from other sources
We may collect Your personal data from publicly available sources, such as business registers CEIDG (Business Activity Central Register and Information Record) or KRS (National Court Register), REGON register (Statistical Identification Number) in order to verify information provided by Customers. The scope of data processed will in this case be limited to data available to the public in the relevant registers.
We can also obtain Your personal data from the entities which you are employed in or which you represent. In such case, the scope of data processed shall include information necessary for the performance of a contract between the Company and such entity, e.g. information about the modification of contact details or an official position.
We can also obtain Your data from internal databases maintained by our related parties within the capital group. This applies to data enabling a contact with a specific Customer that was the recipient or the supplier of products of one of the entities related to the Company.
Legal basis for data processing
We may process personal data if we have an important legal ground. Therefore, we process personal data only when:
• processing is necessary to fulfill contractual obligations towards You, if You are a party to an agreement concluded with the Company or You place orders for products or services of the Company, or You process the Company orders for Your products or services;
• processing is necessary in order to comply with our legal obligations, e.g. the obligation to issue an invoice or other document required by law, or if we are explicitly required by law to do so;
• processing is necessary for exercising the justified interests of the Company or a third party and does not unduly affect Your business or fundamental rights and freedoms, e.g. for the purpose of:
• concluding and performing contracts with Customers being organizational units without legal personality or being legal persons;
• determining or recovering the civil law claims by the Company as part of its operations, as well as defense against such claims;
• verifying Customers in public registers;
• contacting Customers, including keeping internal registers of Customers to enable contact with the Customers;
• exchanging data about Customers in a group of entities related to the Company.
Periods of data processing
Personal data are processed only for a specific purpose and to the extent necessary to achieve it and for as long as it is necessary.
Your personal data shall be stored for the duration of the contract concluded with the Company, and after the termination of the contract for the period of time necessary to secure potential claims pursued, and fulfill the obligations under the law, and in the case of withdrawing a consent to the processing of personal data or submitting an objection - until the moment of, accordingly, withdrawing a consent or submitting an objection. If the processing of personal data is carried out on the basis of legal provisions, the data will be stored for a period resulting from specific provisions, e.g. for 5 years since the end of the calendar year in which the tax payment deadline has expired.
Transmission of personal data
Transmission of personal data within the group of entities related to the Company
We may transmit personal data to our employees and associates, as well as to other entities associated with the Company. This applies to the following situations:
• providing and servicing the systems and IT solutions used for processing data about Customers by related entities;
• sharing contact details of Customers with affiliated companies;
• sharing Customer data with affiliated companies as part of the cooperation between these companies and the implementation of mutual consideration in the sale of products and services, such as transport, warehousing, logistics services, and the legal service.
Transmission of personal data to other recipients
The data may be transmitted to recipients and other third parties in connection with the implementation of the objectives listed above, to the extent that these objectives are necessary for them in order to perform the Company’s tasks, if required by law or if the Company has another legal basis. The recipients or other third parties may be recognized as:
• the entities that process personal data at the request of the Company, such as suppliers of IT systems or entities providing services of document archiving;
• any public administration authorities, authorities of other EU Member States, courts, bailiffs, if required by applicable national or Union law or at their request;
• courier or postal service providers;
• transport and forwarding companies;
• companies providing legal services;
• debt collection agencies;
• receivables insurance companies;
• other entities.
Data transfer outside the European Economic Area
Your personal data may be subject to cross-border transfer to countries outside the European Economic Area ("EEA") and to countries where provisions specifying a special protection of personal data are not in force. The Company has taken steps to ensure that all personal data are adequately protected and that the transfer of personal data outside the EEA is lawful.
In the case of transferring personal data outside the EEA to a country which, according to the European Commission, does not ensure an adequate level of personal data protection, the transfer shall take place on the basis of an agreement which takes into account the EU requirements for the transfer of personal data outside the EEA, such as standard contract clauses approved by the European Commission.
Customer rights
You are entitled to:
• access to your personal data processed by the Company. If You deem any information about You incorrect or incomplete, You can apply for correction.
• withdraw Your consent if the Company has obtained such consent for the processing f personal data; basically we do not process personal data on the basis of the consent (as we usually act on the basis of other legal bases).
• request the removal of Your personal data in the cases determined by the GDPR provisions;
• request the restriction of processing Your personal data in the cases determined by the GDPR provisions;
• express the opposition to the processing,
Natural persons have the right to limit the processing or to object to the processing of their personal data at any time, due to their exceptional situation, unless such processing is required by law.
In this case, we will no longer process personal data or we will restrict processing provided that we are able to demonstrate a legitimate basis for processing or determining, exercising or protecting our rights.
• transfer data, i.e. receive the personal data provided to the Company in a structured, commonly used and readable machine format and to request such personal data to be transferred to another administrator of personal data, without obstruction on the part of the Company and subject to its own confidentiality obligations
• submit a complaint to the competent supervisory authority, that is the President of the Personal Data Protection Office.
The above rights are not absolute; the provisions provide for exceptions to their application.
To exercise the above rights, please send an e-mail to rodo@bury.com, or contact the Company by correspondence at the address ul. Wojska Polskiego 4, 39-300 Mielec, Poland.
Updates of the information clause
This clause was updated on May 25, 2018 and may be subject to further changes. If required by law, we will inform You about any significant changes via our website or other customarily used channels of communication with Customers.