I. INTRODUCTION    

In our organisation we care about your personal data, so we want to provide you with the most important information related to its processing, storage and why some of it is necessary so that we can provide a high standard of service.

As a responsible organisation that is aware that information has a certain value and is a resource that needs to be properly protected, we are committed to duly informing you on matters related to the processing of personal data, especially in view of the content of data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“RODO”).

The information contained in this Policy is intended to provide an overview of what happens to your data when you use our website and key information about the legal basis for processing personal data, how it is collected and used, and the rights of data subjects in relation to it. When processing personal data, we adhere to the following guidelines, fulfilling at least one condition for processing personal data.

II. WHEN DOES THIS POLICY APPLY?

This privacy policy applies to all cases in which Projekt-Solartechnik S.A. (“Company”) is the controller of personal data and processes personal data. It applies both to cases in which we process personal data obtained directly from the data subject and to cases in which we have obtained personal data from other sources. The company fulfils its information obligations in both of the above cases, as set out in Article 13 and Article 14 respectively of the RODO in accordance with these provisions. The full details of the company are set out below:

Projekt-Solartechnik S.A.
ul. Barlickiego 2
97-200 Tomaszów Mazowiecki
NIP: 5252819771
REGON: 385870553
KRS: 0000834759

III. CONTACT

If you have any questions regarding the processing of your personal data, we encourage you to contact us via e-mail at and in writing to our registered address.

IV. PRINCIPLES RELATING TO THE PROCESSING OF PERSONAL DATA

In our operations, we aim to be transparent about how and on what legal basis we process personal data, as well as the purposes for which we process personal data.

As a Controller, we assure you that whenever we process personal data on the basis of a legitimate interest of the controller, we try to analyse and balance our interest and the potential impact on the data subject and their rights. We do not process personal data where the impact on the data subject would outweigh our interest.

Principles of personal data processing:

• We process personal data lawfully fairly and transparently.
• Personal data is collected for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.
• Personal data is only collected to the extent necessary to fulfil the purposes.
• Personal data shall be updated as necessary.
• Personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed.
• Personal data shall be processed in such a way as to ensure appropriate security of personal data: protection against unauthorised or unlawful processing and accidental loss, destruction or damage by means of appropriate technical and organisational measures.

Basis for processing personal data:

When collecting personal data, we always inform you of the legal basis for processing it. This is derived from the provisions of the RODO. When we inform about:

• Art.6(1)(a) RODO – this means that we process personal data on the basis of consent received,
• Art.6(1)(b) RODO – this means that we process personal data because it is necessary for the performance of a contract or for taking action prior to entering into a contract, at the request received,
• Art.6(1)(c) RODO – this means that we process personal data in order to comply with a legal obligation,
• Art.6(1)(f) RODO – this means that we process personal data in order to pursue legitimate interests.

Automated decision-making:

Your personal data will not be processed by automated means, including profiling.

Period of retention of personal data:

The period for which your personal data will be stored depends on the purpose for which the data is processed. The period for which your personal data will be stored depends:

• on legislation that may oblige the Company to keep the data for a certain period of time,
• on the period that is necessary to protect the interests of the controller,
• on the length of time for which consent has been given.

Data recipients:

Recipients of your data may be:

• IT service providers,
• couriers,
• delivery companies,
• security companies
• entities entitled to receive Personal Data on the basis of legal regulations,
• other PST GROUP companies on the basis of entrustment of Personal Data.

Transfers of data outside the European Economic Area:

Your personal data will not be transferred to a third country or international organisation.

Rights in relation to data processing:

You have the right to:

• access to the content of your personal data,
• to rectify (amend, complete) them,
• restriction of their processing or deletion,
• portability of the personal data you have provided to us, i.e. to receive this personal data in a structured, commonly used, machine-readable format, you have the right to have this data sent to another controller; if technically possible, you have the right to request that the personal data be sent by us directly to another controller,
• to object to further processing of your personal data.

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing of your data carried out on the basis of the consent given before its withdrawal.

If you have doubts about the correctness of the Company’s processing of your personal data, you have the right to lodge a complaint with the President of the Personal Data Protection Authority.

V. HOW WE SECURE YOUR PERSONAL DATA:

We take appropriate technical measures in accordance with Article 32 of the RODO, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different likelihood and severity of the risks to the rights and freedoms of individuals and organisational measures to ensure a level of protection appropriate to the risks.

The safeguards that have been applied to protect your data comply with the requirements of the law and guarantee an appropriate level of data confidentiality.

VI. INFORMATION ON DATA PROCESSING FOR THE CONCLUSION AND PERFORMANCE OF CONTRACTS, POSSIBLE REDRESS AND DEFENCE OF CLAIMS

We may process personal data necessary for the performance of the contract concluded with you. However, even before the conclusion of the contract, we may process personal data necessary to take action at your request. The processing of this data is based on Article 6(1)(b) of the DPA.

In the case of the performance of a contract for the provision of paid services, we may process the data in order to fulfil our accounting and tax obligations. The processing of this data takes place on the basis of Article 6(1)(c) of the DPA.

During and after the performance of the contract, we process the personal data of a party to the contract for the purpose of possible claims processing and also for the assertion of claims. Our legitimate interest is, for example, to be able to respond to a possible complaint, which we are obliged to do on the basis of separate civil law provisions. In this case, we will process personal data based on the legitimate interest of defending against or asserting possible claims. We will process this data on the basis of Article 6(1)(f) RODO.

We will store this data for the period of time necessary for the fulfilment of the designated purposes, no later than until the statute of limitations for claims under separate legal provisions.

The provision of this data is voluntary; however, failure to provide this data will prevent the conclusion of a contract or its execution.

VII. COOKIES/TOOLS:

The Company’s website uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g. computer, laptop, tablet, smartphone) used when visiting it. The information is sent to the memory of the browser used, which sends it back the next time the website is accessed. We can categorise cookies according to three methods of division.

In terms of the purposes for which cookies are used, we can distinguish between:

• Indispensable cookies – these cookies enable the proper functioning of the website and its functionalities, e.g. authentication or security cookies. Without their storage on the device, the use of the website will be impossible.
• Analytical files – these files enable the monitoring of the websites opened, traffic sources, time spent on the website. Without saving them, the use of the website functionality will not be restricted.
• Advertising files – these files enable the display of personalised advertisements within or outside the website area. Without saving them, the use of the functionality of the website will not be restricted.
• Social media files – these files allow you to display a fanpage in the website area and also to like it. Without saving them, the use of the functionality of the website will not be restricted.

In terms of their duration of validity, we can distinguish between cookies:

• session files – existing until the end of a given session,
• permanent files – existing after the end of the session.

In terms of the distinction between the entity administering the cookies, we distinguish:

• our cookies,
• third-party cookies.

With the exception of essential cookies, their processing is based on your consent. You can change your cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of your web browser or to inform you each time they are placed on your device. Detailed information on the possibility and ways of handling cookies is available in the settings of your software (web browser).

Detailed information on the possibility and ways of handling cookies is available in the settings of your software, i.e. your web browser.

• Firefox browser
• Chrome browser
• Internet Explorer browser
• Opera browser
• Safari browser

We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the services:

Google Analytics – this service uses cookies that are stored on your computer to analyse how you use the website. Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide other services to us relating to website use. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.

You can prevent the transmission to Google and the processing by Google of the data generated by the cookies and relating to your use of the website; to do so, you must load and install the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout?hl=pl.

Google Maps – a service that allows us to display interactive maps directly on the website, enabling you to use the map functions conveniently.

More information:

https://policies.google.com/privacy
https://support.google.com/analytics/answer/9019185?hl=pl&ref_topic=2919631

The Company and Facebook are joint controllers of the data of Users who have liked the Company’s fanpage. Accordingly, the Company, as administrator of the fanpage, can obtain anonymous statistical data on visitors to the page using a function provided by Facebook. This data is collected through cookies, each of which contains a unique user code (which are active for two years and stored by Facebook on the hard drive of the computer or any other medium of visitors to the fanpage). The user code, which can be linked to the connection data of users registered on Facebook, is downloaded and processed when the fanpage is opened. Although this data is anonymous, the Company may request Facebook to process it to the extent of:

• demographic data
• information on lifestyles, interests;
• geographical data;

At the same time, the data of people who have liked the Company’s fanpage may be processed in a non-anonymised form in the case of:

• Communication via Messenger available on Facebook,
• Commenting on posts shared on the fanpage,
• Participation in promotional activities and competitions, in which case the processing will be carried out on the basis of the User’s unambiguous consent, in accordance with the rules contained in the regulations of the further action.

In any case, the data of people who have liked the fanpage will not be used for any other purpose than the one for which they were provided. Their processing will be carried out exclusively on Facebook and in accordance with the general rules of use of the portal.

VIII. CHANGES TO THIS POLICY

We are committed to regularly reviewing this Privacy Policy and amending it when it becomes necessary or desirable due to: new legislation, new guidelines from authorities responsible for overseeing personal data protection processes, best practices in the area of personal data protection.

We also reserve the right to amend this Privacy Policy in the event of changes in the technology by which we process personal data (insofar as the change affects the wording of this document), as well as in the event of changes in the ways, purposes or legal basis for our processing of personal data.

The Privacy Policy takes effect on the date of publication on the Company’s website.

The Privacy Policy is amended by publishing its new content on the Company’s website.

We publish information about the change of the Privacy Policy in the area of our website, no later than 3 days before the date its new wording becomes effective.

Information obligations

CONTRACTORS:

We inform you that:

1. the administrator of your personal data is Projekt-Solartechnik S.A., based in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS No.: 0000834759, Regon: 385870553, NIP: 5252819771.
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Officer, which can be done via e-mail: or in writing to the address of our registered office marked “Data Protection Officer”.
3. Your personal data will be processed in order to take action at the request of the data subject prior to the conclusion of a contract, in the event that your offer is selected, in order to sign and perform the contract on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council and the legitimate interest pursued by the controller in connection with the assertion or defence of claims on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract, as well as after the termination of the contract and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
7. Selected data may be made available to the following entities: Business Information Bureau (BIG), law firms, bailiffs, insurance companies, debt collection companies, software providers, technical support providers.
8. The provision of data is voluntary, but necessary for the execution of the contract.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

CONTRACTOR’S EMPLOYEES:

We would like to inform you that:

1. The administrator of your personal data is Projekt-Solartechnik S.A. with its registered office in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS No.: 0000834759, Regon: 385870553, NIP: 5252819771.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail: or in writing to the address of our registered office, marked “Data Protection Officer”.
3. Personal data will be processed in order to verify the identity of persons authorised by the Parties to exchange information, make arrangements on behalf of the Parties and undertake other activities indicated in the agreement using the provided e-mail addresses, telephone numbers of individual employees/co-workers which results from the legitimate interest pursued by the Administrator and is necessary for the performance of the agreement to which your employer/principal is a party; Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract with your employer, as well as after its termination and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
7. Recipients of your data may be IT service providers, and other entities authorised under separate legislation.
8. Provision of data is voluntary, but necessary for the performance of the contract or order.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

SHAREHOLDERS:

We would like to inform you that:

1. The administrator of your personal data is Projekt-Solartechnik S.A., with registered office in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS No.: 0000834759, Regon: 385870553, NIP: 5252819771.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail: or in writing to the address of our registered office, marked “Data Protection Officer”.
3. The data will be processed in order to fulfil the legal obligation incumbent on the Company in accordance with the provisions of the Act of 15 September 2000. Commercial Companies Code (Article 6(1)(c) of Regulation (EU) 2016/679 of the European Parliament and of the Council), in view of which their provision is mandatory.
4. Your personal data will not be processed by automated means, including profiling.
5. Recipients of your data may be law firms.
6. Your personal data will be kept until the time necessary to comply with the legal obligations imposed on the Company and the time required to establish, assert or defend claims.
7. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
8. The provision of data is mandatory, necessary for the fulfilment of a legal obligation incumbent on the Company.
9. You are informed that you have the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS TO WHOM THE NOTIFICATION APPLIES (Article 14 RODO)

 We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik SA, with its registered seat in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS: 0000834759, Regon: 385870553, NIP: 5252819771.      
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the note “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfillment of the controller’s legal obligation to clarify the notification of an infringement (Article 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679) in connection with the required time to establish, assert or defend claims.
4. Your personal data was obtained from the whistleblower.
5. Your personal data will not be processed by automated means, including profiling.
6. Your personal data will be kept for a period of 3 years after the end of the calendar year in which the follow-up action has been completed, the external notification has been forwarded to the public authority competent for the follow-up action or after the end of the proceedings initiated by this action.
7. The recipients of your data may be legal service providers.
8. At the same time, we inform you that you have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS MAKING NOTIFICATIONS (Article 13 of RODO)

We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik S.A., with its registered seat in Tomaszów Mazowiecki (97-200), ul. Barlickiego 2, KRS: 0000834759, Regon: 385870553, NIP: 5252819771.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the annotation “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfilment of the controller’s legal obligation to protect the identity of whistleblowers on the basis of the law (Art. 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Art. 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council) in connection with the required time for establishing, pursuing or defending claims, or your freely given consent if you do not choose to remain anonymous (pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council).
4. Your personal data will not be processed by automated means, including profiling.

5. Your personal data will be kept for a period of 3 years after the end of the calendar year in which a follow-up action has been completed, an external notification has been forwarded to the public authority competent to take follow-up action or after the end of the proceedings initiated by that action.

6. Your data processed on the basis of consent will be stored until you withdraw that consent. You may withdraw your consent to the processing of your personal data at any time by email to The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal. The withdrawal of consent does not imply the withdrawal of the breach notification. Withdrawal of consent makes the whistleblower who provided his/her personal data anonymous from the moment of withdrawal of consent.

7. The recipients of your data may be legal service providers.
8. Provision of data is voluntary.
9. At the same time, we inform you that you have the right to request access to your personal data, their rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
10. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

NON-IDENTIFIABLE DATA

We would like to inform you that if you make a notification anonymously, the Personal Data Controller is not able to identify the data of the notifier, which means that there is a non-identifiable processing under Article 11 RODO. Accordingly, we inform you that Articles 15,16,17,18,19, 20 RODO do not apply (unless the data subject, in order to exercise his/her rights under these articles, provides additional information allowing him/her to be identified).

• Article 15 RODO – the right to access the content of one’s personal data and to be informed of, inter alia about the categories of data and purposes of the processing, and to obtain a copy of the data
• Art. 16 RODO – the right to rectify inaccurate or complete incomplete personal data
• Art. 17 RODO – the right to erasure of data (“right to be forgotten”), i.e. the erasure of data which are no longer necessary for the purposes for which they were collected, as well as data processed without a legal basis (the person has withdrawn consent to data processing) or unlawfully
• Article 18 RODO – the right to restrict data processing, i.e. to suspend data operations or not to delete data, as requested
• Art. 19 RODO – obligation to notify rectification or erasure of personal data or restriction of processing
• Art. 20 RODO – right to data portability of data processed by automated means

I. INTRODUCTION  

In our organisation we care about your personal data, so we want to provide you with the most important information related to its processing, storage and why some of it is necessary so that we can provide a high standard of service.

As a responsible organisation that is aware that information has a certain value and is a resource that needs to be properly protected, we are committed to duly informing you on matters related to the processing of personal data, especially in view of the content of data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“RODO”).

The information contained in this Policy is intended to provide an overview of what happens to your data when you use our website and key information about the legal basis for processing personal data, how it is collected and used, and the rights of data subjects in relation to it. When processing personal data, we adhere to the following guidelines, fulfilling at least one condition for processing personal data.

II. WHEN DOES THIS POLICY APPLY?

This privacy policy applies to all cases in which PST Trade S.A. (“Company”) is the controller of personal data and processes personal data. It applies both to cases in which we process personal data obtained directly from the data subject and to cases in which we have obtained personal data from other sources. The company fulfils its information obligations in both of the above cases, as set out in Article 13 and Article 14 respectively of the RODO in accordance with these provisions. The full details of the company are set out below:

PST Trade S.A.
ul. Grunwaldzka 472
80-309 Gdańsk
NIP: 5842837416
REGON: 525666184
KRS: 0001046679

III. CONTACT

If you have any questions regarding the processing of your personal data, we encourage you to contact us via e-mail at and in writing to our registered address.

IV. PRINCIPLES RELATING TO THE PROCESSING OF PERSONAL DATA

In our operations, we aim to be transparent about how and on what legal basis we process personal data, as well as the purposes for which we process personal data.

As a Controller, we assure you that whenever we process personal data on the basis of a legitimate interest of the controller, we try to analyse and balance our interest and the potential impact on the data subject and their rights. We do not process personal data where the impact on the data subject would outweigh our interest.

Principles of personal data processing:

• We process personal data lawfully fairly and transparently.
• Personal data is collected for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.
• Personal data is only collected to the extent necessary to fulfil the purposes.
• Personal data shall be updated as necessary.
• Personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed.
• Personal data shall be processed in such a way as to ensure appropriate security of personal data: protection against unauthorised or unlawful processing and accidental loss, destruction or damage by means of appropriate technical and organisational measures.

Basis for processing personal data:

When collecting personal data, we always inform you of the legal basis for processing it. This is derived from the provisions of the RODO. When we inform about:

• Art.6(1)(a) RODO – this means that we process personal data on the basis of consent received,
• Art.6(1)(b) RODO – this means that we process personal data because it is necessary for the performance of a contract or for taking action prior to entering into a contract, at the request received,
• Art.6(1)(c) RODO – this means that we process personal data in order to comply with a legal obligation,
• Art.6(1)(f) RODO – this means that we process personal data in order to pursue legitimate interests.

Automated decision-making:

Your personal data will not be processed by automated means, including profiling.

Period of retention of personal data:

The period for which your personal data will be stored depends on the purpose for which the data is processed. The period for which your personal data will be stored depends:

• on legislation that may oblige the Company to keep the data for a certain period of time,
• on the period that is necessary to protect the interests of the controller,
• on the length of time for which consent has been given.

Data recipients:

Recipients of your data may be:

• IT service providers,
• couriers,
• delivery companies,
• security companies
• entities entitled to receive Personal Data on the basis of legal regulations,
• other PST GROUP companies on the basis of entrustment of Personal Data.

Transfers of data outside the European Economic Area:

Your personal data will not be transferred to a third country or international organisation.

Rights in relation to data processing:

You have the right to:

• access to the content of your personal data,
• to rectify (amend, complete) them,
• restriction of their processing or deletion,
• portability of the personal data you have provided to us, i.e. to receive this personal data in a structured, commonly used, machine-readable format, you have the right to have this data sent to another controller; if technically possible, you have the right to request that the personal data be sent by us directly to another controller,
• to object to further processing of your personal data.

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing of your data carried out on the basis of the consent given before its withdrawal.

If you have doubts about the correctness of the Company’s processing of your personal data, you have the right to lodge a complaint with the President of the Personal Data Protection Authority.

V. HOW WE SECURE YOUR PERSONAL DATA:

We take appropriate technical measures in accordance with Article 32 of the RODO, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different likelihood and severity of the risks to the rights and freedoms of individuals and organisational measures to ensure a level of protection appropriate to the risks.

The safeguards that have been applied to protect your data comply with the requirements of the law and guarantee an appropriate level of data confidentiality.

VI. INFORMATION ON DATA PROCESSING FOR THE CONCLUSION AND PERFORMANCE OF CONTRACTS, POSSIBLE REDRESS AND DEFENCE OF CLAIMS

We may process personal data necessary for the performance of the contract concluded with you. However, even before the conclusion of the contract, we may process personal data necessary to take action at your request. The processing of this data is based on Article 6(1)(b) of the DPA.

In the case of the performance of a contract for the provision of paid services, we may process the data in order to fulfil our accounting and tax obligations. The processing of this data takes place on the basis of Article 6(1)(c) of the DPA.

During and after the performance of the contract, we process the personal data of a party to the contract for the purpose of possible claims processing and also for the assertion of claims. Our legitimate interest is, for example, to be able to respond to a possible complaint, which we are obliged to do on the basis of separate civil law provisions. In this case, we will process personal data based on the legitimate interest of defending against or asserting possible claims. We will process this data on the basis of Article 6(1)(f) RODO.

We will store this data for the period of time necessary for the fulfilment of the designated purposes, no later than until the statute of limitations for claims under separate legal provisions.

The provision of this data is voluntary; however, failure to provide this data will prevent the conclusion of a contract or its execution.

VII. COOKIES/TOOLS:

The Company’s website uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g. computer, laptop, tablet, smartphone) used when visiting it. The information is sent to the memory of the browser used, which sends it back the next time the website is accessed. We can categorise cookies according to three methods of division.

In terms of the purposes for which cookies are used, we can distinguish between:

•  Indispensable cookies – these cookies enable the proper functioning of the website and its functionalities, e.g. authentication or security cookies. Without their storage on the device, the use of the website will be impossible.
• Analytical files – these files enable the monitoring of the websites opened, traffic sources, time spent on the website. Without saving them, the use of the website functionality will not be restricted.
• Advertising files – these files enable the display of personalised advertisements within or outside the website area. Without saving them, the use of the functionality of the website will not be restricted.
• Social media files – these files allow you to display a fanpage in the website area and also to like it. Without saving them, the use of the functionality of the website will not be restricted.

In terms of their duration of validity, we can distinguish between cookies:

• session files – existing until the end of a given session,
• permanent files – existing after the end of the session.

In terms of the distinction between the entity administering the cookies, we distinguish:

• our cookies,
• third-party cookies.

With the exception of essential cookies, their processing is based on your consent. You can change your cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of your web browser or to inform you each time they are placed on your device. Detailed information on the possibility and ways of handling cookies is available in the settings of your software (web browser).

Detailed information on the possibility and ways of handling cookies is available in the settings of your software, i.e. your web browser.

• Firefox browser
• Chrome browser
• Internet Explorer browser
• Opera browser
• Safari browser

We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the services:

Google Analytics – this service uses cookies that are stored on your computer to analyse how you use the website. Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide other services to us relating to website use. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.

You can prevent the transmission to Google and the processing by Google of the data generated by the cookies and relating to your use of the website; to do so, you must load and install the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout?hl=pl.

Google Maps – a service that allows us to display interactive maps directly on the website, enabling you to use the map functions conveniently.

More information:

https://policies.google.com/privacy
https://support.google.com/analytics/answer/9019185?hl=pl&ref_topic=2919631

The Company and Facebook are joint controllers of the data of Users who have liked the Company’s fanpage. Accordingly, the Company, as administrator of the fanpage, can obtain anonymous statistical data on visitors to the page using a function provided by Facebook. This data is collected through cookies, each of which contains a unique user code (which are active for two years and stored by Facebook on the hard drive of the computer or any other medium of visitors to the fanpage). The user code, which can be linked to the connection data of users registered on Facebook, is downloaded and processed when the fanpage is opened. Although this data is anonymous, the Company may request Facebook to process it to the extent of:

• demographic data
• information on lifestyles, interests;
• geographical data;

At the same time, the data of people who have liked the Company’s fanpage may be processed in a non-anonymised form in the case of:

• Communication via Messenger available on Facebook,
• Commenting on posts shared on the fanpage,
• Participation in promotional activities and competitions, in which case the processing will be carried out on the basis of the User’s unambiguous consent, in accordance with the rules contained in the regulations of the further action.

In any case, the data of people who have liked the fanpage will not be used for any other purpose than the one for which they were provided. Their processing will be carried out exclusively on Facebook and in accordance with the general rules of use of the portal.

VIII. CHANGES TO THIS POLICY

We are committed to regularly reviewing this Privacy Policy and amending it when it becomes necessary or desirable due to: new legislation, new guidelines from authorities responsible for overseeing personal data protection processes, best practices in the area of personal data protection.

We also reserve the right to amend this Privacy Policy in the event of changes in the technology by which we process personal data (insofar as the change affects the wording of this document), as well as in the event of changes in the ways, purposes or legal basis for our processing of personal data.

The Privacy Policy takes effect on the date of publication on the Company’s website.

The Privacy Policy is amended by publishing its new content on the Company’s website.

We publish information about the change of the Privacy Policy in the area of our website, no later than 3 days before the date its new wording becomes effective.

Information obligations

CONTRACTORS:

We inform you that:

1. the administrator of your personal data is PST Trade S.A., based in Gdańsk (80-309), 472 Grunwaldzka Street, KRS No.: 0001046679, Regon No: 525666184, NIP No: 5842837416.
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Officer, which can be done via e-mail: or in writing to the address of our registered office marked “Data Protection Officer”.
3. Your personal data will be processed in order to take action at the request of the data subject prior to the conclusion of a contract, in the event that your offer is selected, in order to sign and perform the contract on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council and the legitimate interest pursued by the controller in connection with the assertion or defence of claims on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council.
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract, as well as after the termination of the contract and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
7. Selected data may be made available to the following entities: Business Information Bureau (BIG), law firms, bailiffs, insurance companies, debt collection companies, software providers, technical support providers.
8. The provision of data is voluntary, but necessary for the execution of the contract.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

CONTRACTOR’S EMPLOYEES:

We would like to inform you that:

1. The administrator of your personal data is PST Trade S.A., based in Gdańsk (80-309), 472 Grunwaldzka Street, KRS No.: 0001046679, Regon No: 525666184, NIP No: 5842837416.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail: or in writing to the address of our registered office, marked “Data Protection Officer”.
3. Personal data will be processed in order to verify the identity of persons authorised by the Parties to exchange information, make arrangements on behalf of the Parties and undertake other activities indicated in the agreement using the provided e-mail addresses, telephone numbers of individual employees/co-workers which results from the legitimate interest pursued by the Administrator and is necessary for the performance of the agreement to which your employer/principal is a party; Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract with your employer, as well as after its termination and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
7. Recipients of your data may be IT service providers, and other entities authorised under separate legislation.
8. Provision of data is voluntary, but necessary for the performance of the contract or order.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

SHAREHOLDERS:

We would like to inform you that:

1. The administrator of your personal data is PST Trade S.A., with registered office in Gdańsk (80-309), Aleja Grunwaldzka 472, nr KRS: 0001046679, Regon: 525666184, NIP: 5842837416
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail:  or in writing to the address of our registered office, marked “Data Protection Officer”.
3. The data will be processed in order to fulfil the legal obligation incumbent on the Company in accordance with the provisions of the Act of 15 September 2000. Commercial Companies Code (Article 6(1)(c) of Regulation (EU) 2016/679 of the European Parliament and of the Council), in view of which their provision is mandatory.
4. Your personal data will not be processed by automated means, including profiling.
5. Recipients of your data may be law firms.
6. Your personal data will be kept until the time necessary to comply with the legal obligations imposed on the Company and the time required to establish, assert or defend claims.
7. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
8. The provision of data is mandatory, necessary for the fulfilment of a legal obligation incumbent on the Company.
9. You are informed that you have the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection.

You are informed that you have the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS TO WHOM THE NOTIFICATION APPLIES (Article 14 RODO)

We inform you that:

1. The administrator of your personal data is PST Trade S.A., registered in Gdańsk (80-309), Aleja Grunwaldzka 472, KRS: 0001046679, Regon: 525666184, NIP: 5842837416
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the note “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfillment of the controller’s legal obligation to clarify the notification of an infringement (Article 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679) in connection with the required time to establish, assert or defend claims.
4. Your personal data was obtained from the whistleblower.
5. Your personal data will not be processed by automated means, including profiling.
6. Your personal data will be kept for a period of 3 years after the end of the calendar year in which the follow-up action has been completed, the external notification has been forwarded to the public authority competent for the follow-up action or after the end of the proceedings initiated by this action.
7. The recipients of your data may be legal service providers.
8. At the same time, we inform you that you have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS MAKING NOTIFICATIONS (Article 13 of RODO)

We inform you that:

1. The administrator of your personal data is PST Trade S.A., registered in Gdańsk (80-309), Aleja Grunwaldzka 472, KRS: 0001046679, Regon: 525666184, NIP: 5842837416
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the annotation “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfilment of the controller’s legal obligation to protect the identity of whistleblowers on the basis of the law (Art. 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Art. 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council) in connection with the required time for establishing, pursuing or defending claims, or your freely given consent if you do not choose to remain anonymous (pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council).
4. Your personal data will not be processed by automated means, including profiling.

5. Your personal data will be kept for a period of 3 years after the end of the calendar year in which a follow-up action has been completed, an external notification has been forwarded to the public authority competent to take follow-up action or after the end of the proceedings initiated by that action.

6. Your data processed on the basis of consent will be stored until you withdraw that consent. You may withdraw your consent to the processing of your personal data at any time by email to The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal. The withdrawal of consent does not imply the withdrawal of the breach notification. Withdrawal of consent makes the whistleblower who provided his/her personal data anonymous from the moment of withdrawal of consent.

7. The recipients of your data may be legal service providers.
8. Provision of data is voluntary.
9. At the same time, we inform you that you have the right to request access to your personal data, their rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
10. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

 NON-IDENTIFIABLE DATA

 We would like to inform you that if you make a notification anonymously, the Personal Data Controller is not able to identify the data of the notifier, which means that there is a non-identifiable processing under Article 11 RODO. Accordingly, we inform you that Articles 15,16,17,18,19, 20 RODO do not apply (unless the data subject, in order to exercise his/her rights under these articles, provides additional information allowing him/her to be identified).

• Article 15 RODO – the right to access the content of one’s personal data and to be informed of, inter alia about the categories of data and purposes of the processing, and to obtain a copy of the data
• Art. 16 RODO – the right to rectify inaccurate or complete incomplete personal data
• Art. 17 RODO – the right to erasure of data (“right to be forgotten”), i.e. the erasure of data which are no longer necessary for the purposes for which they were collected, as well as data processed without a legal basis (the person has withdrawn consent to data processing) or unlawfully
• Article 18 RODO – the right to restrict data processing, i.e. to suspend data operations or not to delete data, as requested
• Art. 19 RODO – obligation to notify rectification or erasure of personal data or restriction of processing
• Art. 20 RODO – right to data portability of data processed by automated means

I. INTRODUCTION 

In our organisation we care about your personal data, so we want to provide you with the most important information related to its processing, storage and why some of it is necessary so that we can provide a high standard of service.

As a responsible organisation that is aware that information has a certain value and is a resource that needs to be properly protected, we are committed to duly informing you on matters related to the processing of personal data, especially in view of the content of data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“RODO”).

The information contained in this Policy is intended to provide an overview of what happens to your data when you use our website and key information about the legal basis for processing personal data, how it is collected and used, and the rights of data subjects in relation to it. When processing personal data, we adhere to the following guidelines, fulfilling at least one condition for processing personal data.

II. WHEN DOES THIS POLICY APPLY?

This privacy policy applies to all cases in which Projekt-Solartechnik Group sp. z o.o. (“Company”) is the controller of personal data and processes personal data. It applies both to cases in which we process personal data obtained directly from the data subject and to cases in which we have obtained personal data from other sources. The company fulfils its information obligations in both of the above cases, as set out in Article 13 and Article 14 respectively of the RODO in accordance with these provisions. The full details of the company are set out below:

Projekt-Solartechnik Group sp. z o.o.
ul. Barlickiego 2
97-200 Tomaszów Mazowiecki
NIP: 7732473517
REGON: 101590762
KRS: 0000468833

III. CONTACT

If you have any questions regarding the processing of your personal data, we encourage you to contact us via e-mail at and in writing to our registered address.

IV. PRINCIPLES RELATING TO THE PROCESSING OF PERSONAL DATA

In our operations, we aim to be transparent about how and on what legal basis we process personal data, as well as the purposes for which we process personal data.

As a Controller, we assure you that whenever we process personal data on the basis of a legitimate interest of the controller, we try to analyse and balance our interest and the potential impact on the data subject and their rights. We do not process personal data where the impact on the data subject would outweigh our interest.

Principles of personal data processing:

– We process personal data lawfully fairly and transparently.

– Personal data is collected for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.

– Personal data is only collected to the extent necessary to fulfil the purposes.

– Personal data shall be updated as necessary.

Personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed.

– Personal data shall be processed in such a way as to ensure appropriate security of personal data: protection against unauthorised or unlawful processing and accidental loss, destruction or damage by means of appropriate technical and organisational measures.

Basis for processing personal data:

When collecting personal data, we always inform you of the legal basis for processing it. This is derived from the provisions of the RODO. When we inform about:

– Art.6(1)(a) RODO – this means that we process personal data on the basis of consent received,

– Art.6(1)(b) RODO – this means that we process personal data because it is necessary for the performance of a contract or for taking action prior to entering into a contract, at the request received,

– Art.6(1)(c) RODO – this means that we process personal data in order to comply with a legal obligation,

– art.6(1)(f) RODO – this means that we process personal data in order to pursue legitimate interests.

Automated decision-making:

Your personal data will not be processed by automated means, including profiling.

Period of retention of personal data:

The period for which your personal data will be stored depends on the purpose for which the data is processed. The period for which your personal data will be stored depends:

– on legislation that may oblige the Company to keep the data for a certain period of time,

– on the period that is necessary to protect the interests of the controller,

– on the length of time for which consent has been given.

Data recipients:

Recipients of your data may be:

– IT service providers,

– couriers,

– delivery companies,

– security companies

– entities entitled to receive Personal Data on the basis of legal regulations,

– other PST GROUP companies on the basis of entrustment of Personal Data.

Transfers of data outside the European Economic Area:

Your personal data will not be transferred to a third country or international organisation.

Rights in relation to data processing:

You have the right to:

– access to the content of your personal data,

– to rectify (amend, complete) them,

– restriction of their processing or deletion,

– portability of the personal data you have provided to us, i.e. to receive this personal data in a structured, commonly used, machine-readable format, you have the right to have this data sent to another controller; if technically possible, you have the right to request that the personal data be sent by us directly to another controller,

– to object to further processing of your personal data.

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing of your data carried out on the basis of the consent given before its withdrawal.

If you have doubts about the correctness of the Company’s processing of your personal data, you have the right to lodge a complaint with the President of the Personal Data Protection Authority.

V. HOW WE SECURE YOUR PERSONAL DATA:

We take appropriate technical measures in accordance with Article 32 of the RODO, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different likelihood and severity of the risks to the rights and freedoms of individuals and organisational measures to ensure a level of protection appropriate to the risks.

The safeguards that have been applied to protect your data comply with the requirements of the law and guarantee an appropriate level of data confidentiality.

VI. INFORMATION ON DATA PROCESSING FOR THE CONCLUSION AND PERFORMANCE OF CONTRACTS, POSSIBLE REDRESS AND DEFENCE OF CLAIMS

We may process personal data necessary for the performance of the contract concluded with you. However, even before the conclusion of the contract, we may process personal data necessary to take action at your request. The processing of this data is based on Article 6(1)(b) of the DPA.

In the case of the performance of a contract for the provision of paid services, we may process the data in order to fulfil our accounting and tax obligations. The processing of this data takes place on the basis of Article 6(1)(c) of the DPA.

During and after the performance of the contract, we process the personal data of a party to the contract for the purpose of possible claims processing and also for the assertion of claims. Our legitimate interest is, for example, to be able to respond to a possible complaint, which we are obliged to do on the basis of separate civil law provisions. In this case, we will process personal data based on the legitimate interest of defending against or asserting possible claims. We will process this data on the basis of Article 6(1)(f) RODO.

We will store this data for the period of time necessary for the fulfilment of the designated purposes, no later than until the statute of limitations for claims under separate legal provisions.

The provision of this data is voluntary; however, failure to provide this data will prevent the conclusion of a contract or its execution.

VII. COOKIES/TOOLS:

The Company’s website uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g. computer, laptop, tablet, smartphone) used when visiting it. The information is sent to the memory of the browser used, which sends it back the next time the website is accessed. We can categorise cookies according to three methods of division.

• In terms of the purposes for which cookies are used, we can distinguish between:
  Indispensable cookies – these cookies enable the proper functioning of the website and its functionalities, e.g. authentication or security cookies. Without their storage on the device, the use of the website will be impossible.
• Analytical files – these files enable the monitoring of the websites opened, traffic sources, time spent on the website. Without saving them, the use of the website functionality will not be restricted.
• Advertising files – these files enable the display of personalised advertisements within or outside the website area. Without saving them, the use of the functionality of the website will not be restricted.
• Social media files – these files allow you to display a fanpage in the website area and also to like it. Without saving them, the use of the functionality of the website will not be restricted.

In terms of their duration of validity, we can distinguish between cookies:

• session files – existing until the end of a given session,
• permanent files – existing after the end of the session.

In terms of the distinction between the entity administering the cookies, we distinguish:

• our cookies,
• third-party cookies.

With the exception of essential cookies, their processing is based on your consent. You can change your cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of your web browser or to inform you each time they are placed on your device. Detailed information on the possibility and ways of handling cookies is available in the settings of your software (web browser).

Detailed information on the possibility and ways of handling cookies is available in the settings of your software, i.e. your web browser.

• Firefox browser
• Chrome browser
• Internet Explorer browser
• Opera browser
• Safari browser

We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the services:

Google Analytics – this service uses cookies that are stored on your computer to analyse how you use the website. Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide other services to us relating to website use. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.

You can prevent the transmission to Google and the processing by Google of the data generated by the cookies and relating to your use of the website; to do so, you must load and install the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout?hl=pl.

Google Maps – a service that allows us to display interactive maps directly on the website, enabling you to use the map functions conveniently.

More information:

https://policies.google.com/privacy
https://support.google.com/analytics/answer/9019185?hl=pl&ref_topic=2919631

The Company and Facebook are joint controllers of the data of Users who have liked the Company’s fanpage. Accordingly, the Company, as administrator of the fanpage, can obtain anonymous statistical data on visitors to the page using a function provided by Facebook. This data is collected through cookies, each of which contains a unique user code (which are active for two years and stored by Facebook on the hard drive of the computer or any other medium of visitors to the fanpage). The user code, which can be linked to the connection data of users registered on Facebook, is downloaded and processed when the fanpage is opened. Although this data is anonymous, the Company may request Facebook to process it to the extent of:

• demographic data
• information on lifestyles, interests;
• geographical data;

At the same time, the data of people who have liked the Company’s fanpage may be processed in a non-anonymised form in the case of:

• Communication via Messenger available on Facebook,
• Commenting on posts shared on the fanpage,
• Participation in promotional activities and competitions, in which case the processing will be carried out on the basis of the User’s unambiguous consent, in accordance with the rules contained in the regulations of the further action.

In any case, the data of people who have liked the fanpage will not be used for any other purpose than the one for which they were provided. Their processing will be carried out exclusively on Facebook and in accordance with the general rules of use of the portal.

VIII. CHANGES TO THIS POLICY

We are committed to regularly reviewing this Privacy Policy and amending it when it becomes necessary or desirable due to: new legislation, new guidelines from authorities responsible for overseeing personal data protection processes, best practices in the area of personal data protection.

We also reserve the right to amend this Privacy Policy in the event of changes in the technology by which we process personal data (insofar as the change affects the wording of this document), as well as in the event of changes in the ways, purposes or legal basis for our processing of personal data.

The Privacy Policy takes effect on the date of publication on the Company’s website.

The Privacy Policy is amended by publishing its new content on the Company’s website.

We publish information about the change of the Privacy Policy in the area of our website, no later than 3 days before the date its new wording becomes effective.

Information obligations

CONTRACTORS:

We inform you that:

1. the administrator of your personal data is Projekt-Solartechnik Group
   sp. z o.o., based in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS: 0000468833, Regon: 101590762, NIP: 7732473517.
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Officer, which can be done via e-mail: or in writing to the address of our registered office marked “Data Protection Officer”.
3. Your personal data will be processed in order to take action at the request of the data subject prior to the conclusion of a contract, in the event that your offer is selected, in order to sign and perform the contract on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council and the legitimate interest pursued by the controller in connection with the assertion or defence of claims on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract, as well as after the termination of the contract and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
7. Selected data may be made available to the following entities: Business Information Bureau (BIG), law firms, bailiffs, insurance companies, debt collection companies, software providers, technical support providers.
8. The provision of data is voluntary, but necessary for the execution of the contract.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

CONTRACTOR’S EMPLOYEES:

We would like to inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Group
   sp. z o.o., based in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS: 0000468833, Regon: 101590762, NIP: 7732473517.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail: or in writing to the address of our registered office, marked “Data Protection Officer”.
3. Personal data will be processed in order to verify the identity of persons authorised by the Parties to exchange information, make arrangements on behalf of the Parties and undertake other activities indicated in the agreement using the provided e-mail addresses, telephone numbers of individual employees/co-workers which results from the legitimate interest pursued by the Administrator and is necessary for the performance of the agreement to which your employer/principal is a party; Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract with your employer, as well as after its termination and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
7. Recipients of your data may be IT service providers, and other entities authorised under separate legislation.
8. Provision of data is voluntary, but necessary for the performance of the contract or order.

We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS TO WHOM THE NOTIFICATION APPLIES (Article 14 RODO)

 We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Group Sp. z o.o. its registered seat in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS: 0000468833, Regon: 101590762, NIP: 7732473517.      
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the note “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfillment of the controller’s legal obligation to clarify the notification of an infringement (Article 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679) in connection with the required time to establish, assert or defend claims.
4. Your personal data was obtained from the whistleblower.
5. Your personal data will not be processed by automated means, including profiling.
6. Your personal data will be kept for a period of 3 years after the end of the calendar year in which the follow-up action has been completed, the external notification has been forwarded to the public authority competent for the follow-up action or after the end of the proceedings initiated by this action.
7. The recipients of your data may be legal service providers.
8. At the same time, we inform you that you have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS MAKING NOTIFICATIONS (Article 13 of RODO)

We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Group sp. z o.o., with its registered seat in Tomaszów Mazowiecki (97-200), ul. Barlickiego 2, KRS: 0000468833, Regon: 101590762, NIP: 7732473517.      
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the annotation “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfilment of the controller’s legal obligation to protect the identity of whistleblowers on the basis of the law (Art. 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Art. 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council) in connection with the required time for establishing, pursuing or defending claims, or your freely given consent if you do not choose to remain anonymous (pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council).
4. Your personal data will not be processed by automated means, including profiling.

5. Your personal data will be kept for a period of 3 years after the end of the calendar year in which a follow-up action has been completed, an external notification has been forwarded to the public authority competent to take follow-up action or after the end of the proceedings initiated by that action.

6. Your data processed on the basis of consent will be stored until you withdraw that consent. You may withdraw your consent to the processing of your personal data at any time by email to The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal. The withdrawal of consent does not imply the withdrawal of the breach notification. Withdrawal of consent makes the whistleblower who provided his/her personal data anonymous from the moment of withdrawal of consent.

7. The recipients of your data may be legal service providers.
8. Provision of data is voluntary.
9. At the same time, we inform you that you have the right to request access to your personal data, their rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
10. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

 NON-IDENTIFIABLE DATA

 We would like to inform you that if you make a notification anonymously, the Personal Data Controller is not able to identify the data of the notifier, which means that there is a non-identifiable processing under Article 11 RODO. Accordingly, we inform you that Articles 15,16,17,18,19, 20 RODO do not apply (unless the data subject, in order to exercise his/her rights under these articles, provides additional information allowing him/her to be identified).

• Article 15 RODO – the right to access the content of one’s personal data and to be informed of, inter alia about the categories of data and purposes of the processing, and to obtain a copy of the data
• Art. 16 RODO – the right to rectify inaccurate or complete incomplete personal data
• Art. 17 RODO – the right to erasure of data (“right to be forgotten”), i.e. the erasure of data which are no longer necessary for the purposes for which they were collected, as well as data processed without a legal basis (the person has withdrawn consent to data processing) or unlawfully
• Article 18 RODO – the right to restrict data processing, i.e. to suspend data operations or not to delete data, as requested
• Art. 19 RODO – obligation to notify rectification or erasure of personal data or restriction of processing
• Art. 20 RODO – right to data portability of data processed by automated means

I. INTRODUCTION 

In our organisation we care about your personal data, so we want to provide you with the most important information related to its processing, storage and why some of it is necessary so that we can provide a high standard of service.

As a responsible organisation that is aware that information has a certain value and is a resource that needs to be properly protected, we are committed to duly informing you on matters related to the processing of personal data, especially in view of the content of data protection legislation, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“RODO”).

The information contained in this Policy is intended to provide an overview of what happens to your data when you use our website and key information about the legal basis for processing personal data, how it is collected and used, and the rights of data subjects in relation to it. When processing personal data, we adhere to the following guidelines, fulfilling at least one condition for processing personal data.

II. WHEN DOES THIS POLICY APPLY?

This privacy policy applies to all cases in which Projekt-Solartechnik Development sp. z o.o. (“Company”) is the controller of personal data and processes personal data. It applies both to cases in which we process personal data obtained directly from the data subject and to cases in which we have obtained personal data from other sources. The company fulfils its information obligations in both of the above cases, as set out in Article 13 and Article 14 respectively of the RODO in accordance with these provisions. The full details of the company are set out below:

Projekt-Solartechnik Development sp. z o.o.
ul. Barlickiego 2
97-200 Tomaszów Mazowiecki
NIP: 7732491662
REGON: 385103279
KRS: 0000819926

III. CONTACT

If you have any questions regarding the processing of your personal data, we encourage you to contact us via e-mail at and in writing to our registered address.

IV. PRINCIPLES RELATING TO THE PROCESSING OF PERSONAL DATA

In our operations, we aim to be transparent about how and on what legal basis we process personal data, as well as the purposes for which we process personal data.

As a Controller, we assure you that whenever we process personal data on the basis of a legitimate interest of the controller, we try to analyse and balance our interest and the potential impact on the data subject and their rights. We do not process personal data where the impact on the data subject would outweigh our interest.

Principles of personal data processing:

• We process personal data lawfully fairly and transparently.
• Personal data is collected for specific, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.
• Personal data is only collected to the extent necessary to fulfil the purposes.
• Personal data shall be updated as necessary.
• Personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the data are processed.
• Personal data shall be processed in such a way as to ensure appropriate security of personal data: protection against unauthorised or unlawful processing and accidental loss, destruction or damage by means of appropriate technical and organisational measures.

Basis for processing personal data:

When collecting personal data, we always inform you of the legal basis for processing it. This is derived from the provisions of the RODO. When we inform about:

• Art.6(1)(a) RODO – this means that we process personal data on the basis of consent received,
• Art.6(1)(b) RODO – this means that we process personal data because it is necessary for the performance of a contract or for taking action prior to entering into a contract, at the request received,
• Art.6(1)(c) RODO – this means that we process personal data in order to comply with a legal obligation,
• Art.6(1)(f) RODO – this means that we process personal data in order to pursue legitimate interests.

Automated decision-making:

Your personal data will not be processed by automated means, including profiling.

Period of retention of personal data:

The period for which your personal data will be stored depends on the purpose for which the data is processed. The period for which your personal data will be stored depends:

• on legislation that may oblige the Company to keep the data for a certain period of time,
• on the period that is necessary to protect the interests of the controller,
• on the length of time for which consent has been given.

Data recipients:

Recipients of your data may be:

• IT service providers,
• couriers,
• delivery companies,
• security companies
• entities entitled to receive Personal Data on the basis of legal regulations,
• other PST GROUP companies on the basis of entrustment of Personal Data.

Transfers of data outside the European Economic Area:

Your personal data will not be transferred to a third country or international organisation.

Rights in relation to data processing:

You have the right to:

• access to the content of your personal data,
• to rectify (amend, complete) them,
• restriction of their processing or deletion,
• portability of the personal data you have provided to us, i.e. to receive this personal data in a structured, commonly used, machine-readable format, you have the right to have this data sent to another controller; if technically possible, you have the right to request that the personal data be sent by us directly to another controller,
• to object to further processing of your personal data.

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing of your data carried out on the basis of the consent given before its withdrawal.

If you have doubts about the correctness of the Company’s processing of your personal data, you have the right to lodge a complaint with the President of the Personal Data Protection Authority.

V. HOW WE SECURE YOUR PERSONAL DATA:

We take appropriate technical measures in accordance with Article 32 of the RODO, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different likelihood and severity of the risks to the rights and freedoms of individuals and organisational measures to ensure a level of protection appropriate to the risks.

The safeguards that have been applied to protect your data comply with the requirements of the law and guarantee an appropriate level of data confidentiality.

VI. INFORMATION ON DATA PROCESSING FOR THE CONCLUSION AND PERFORMANCE OF CONTRACTS, POSSIBLE REDRESS AND DEFENCE OF CLAIMS

We may process personal data necessary for the performance of the contract concluded with you. However, even before the conclusion of the contract, we may process personal data necessary to take action at your request. The processing of this data is based on Article 6(1)(b) of the DPA.

In the case of the performance of a contract for the provision of paid services, we may process the data in order to fulfil our accounting and tax obligations. The processing of this data takes place on the basis of Article 6(1)(c) of the DPA.

During and after the performance of the contract, we process the personal data of a party to the contract for the purpose of possible claims processing and also for the assertion of claims. Our legitimate interest is, for example, to be able to respond to a possible complaint, which we are obliged to do on the basis of separate civil law provisions. In this case, we will process personal data based on the legitimate interest of defending against or asserting possible claims. We will process this data on the basis of Article 6(1)(f) RODO.

We will store this data for the period of time necessary for the fulfilment of the designated purposes, no later than until the statute of limitations for claims under separate legal provisions.

The provision of this data is voluntary; however, failure to provide this data will prevent the conclusion of a contract or its execution.

VII. COOKIES/TOOLS:

The Company’s website uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g. computer, laptop, tablet, smartphone) used when visiting it. The information is sent to the memory of the browser used, which sends it back the next time the website is accessed. We can categorise cookies according to three methods of division.

In terms of the purposes for which cookies are used, we can distinguish between:

• Indispensable cookies – these cookies enable the proper functioning of the website and its functionalities, e.g. authentication or security cookies. Without their storage on the device, the use of the website will be impossible.
• Analytical files – these files enable the monitoring of the websites opened, traffic sources, time spent on the website. Without saving them, the use of the website functionality will not be restricted.
• Advertising files – these files enable the display of personalised advertisements within or outside the website area. Without saving them, the use of the functionality of the website will not be restricted.
• Social media files – these files allow you to display a fanpage in the website area and also to like it. Without saving them, the use of the functionality of the website will not be restricted.

In terms of their duration of validity, we can distinguish between cookies:

• session files – existing until the end of a given session,
• permanent files – existing after the end of the session.

In terms of the distinction between the entity administering the cookies, we distinguish:

• our cookies,
• third-party cookies.

With the exception of essential cookies, their processing is based on your consent. You can change your cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of your web browser or to inform you each time they are placed on your device. Detailed information on the possibility and ways of handling cookies is available in the settings of your software (web browser).

Detailed information on the possibility and ways of handling cookies is available in the settings of your software, i.e. your web browser.

• Firefox browser
• Chrome browser
• Internet Explorer browser
• Opera browser
• Safari browser

We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the services:

Google Analytics – this service uses cookies that are stored on your computer to analyse how you use the website. Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide other services to us relating to website use. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.

You can prevent the transmission to Google and the processing by Google of the data generated by the cookies and relating to your use of the website; to do so, you must load and install the browser plug-in available at the following address: https://tools.google.com/dlpage/gaoptout?hl=pl.

Google Maps – a service that allows us to display interactive maps directly on the website, enabling you to use the map functions conveniently.

More information:

https://policies.google.com/privacy
https://support.google.com/analytics/answer/9019185?hl=pl&ref_topic=2919631

The Company and Facebook are joint controllers of the data of Users who have liked the Company’s fanpage. Accordingly, the Company, as administrator of the fanpage, can obtain anonymous statistical data on visitors to the page using a function provided by Facebook. This data is collected through cookies, each of which contains a unique user code (which are active for two years and stored by Facebook on the hard drive of the computer or any other medium of visitors to the fanpage). The user code, which can be linked to the connection data of users registered on Facebook, is downloaded and processed when the fanpage is opened. Although this data is anonymous, the Company may request Facebook to process it to the extent of:

• demographic data
• information on lifestyles, interests;
• geographical data;

At the same time, the data of people who have liked the Company’s fanpage may be processed in a non-anonymised form in the case of:

• Communication via Messenger available on Facebook,
• Commenting on posts shared on the fanpage,
• Participation in promotional activities and competitions, in which case the processing will be carried out on the basis of the User’s unambiguous consent, in accordance with the rules contained in the regulations of the further action.

In any case, the data of people who have liked the fanpage will not be used for any other purpose than the one for which they were provided. Their processing will be carried out exclusively on Facebook and in accordance with the general rules of use of the portal.

VIII. CHANGES TO THIS POLICY

We are committed to regularly reviewing this Privacy Policy and amending it when it becomes necessary or desirable due to: new legislation, new guidelines from authorities responsible for overseeing personal data protection processes, best practices in the area of personal data protection.

We also reserve the right to amend this Privacy Policy in the event of changes in the technology by which we process personal data (insofar as the change affects the wording of this document), as well as in the event of changes in the ways, purposes or legal basis for our processing of personal data.

The Privacy Policy takes effect on the date of publication on the Company’s website.

The Privacy Policy is amended by publishing its new content on the Company’s website.

We publish information about the change of the Privacy Policy in the area of our website, no later than 3 days before the date its new wording becomes effective.

Information obligations

CONTRACTORS:

We inform you that:

1. the administrator of your personal data is Projekt-Solartechnik Development sp. z o.o., based in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, NIP: 7732491662, REGON: 385103279, KRS: 0000819926.
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Officer, which can be done via e-mail: or in writing to the address of our registered office marked “Data Protection Officer”.
3. Your personal data will be processed in order to take action at the request of the data subject prior to the conclusion of a contract, in the event that your offer is selected, in order to sign and perform the contract on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council and the legitimate interest pursued by the controller in connection with the assertion or defence of claims on the basis of Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract, as well as after the termination of the contract and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, and the right to data portability.
7. Selected data may be made available to the following entities: Business Information Bureau (BIG), law firms, bailiffs, insurance companies, debt collection companies, software providers, technical support providers.
8. The provision of data is voluntary, but necessary for the execution of the contract.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

CONTRACTOR’S EMPLOYEES:

We would like to inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Development sp. z o.o., based in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, NIP: 7732491662, REGON: 385103279, KRS: 0000819926.
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Officer, which is possible via e-mail: or in writing to the address of our registered office, marked “Data Protection Officer”.
3. Personal data will be processed in order to verify the identity of persons authorised by the Parties to exchange information, make arrangements on behalf of the Parties and undertake other activities indicated in the agreement using the provided e-mail addresses, telephone numbers of individual employees/co-workers which results from the legitimate interest pursued by the Administrator and is necessary for the performance of the agreement to which your employer/principal is a party; Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679
4. Your personal data will not be processed by automated means, including profiling.
5. The personal data in question will be stored during the performance of the contract with your employer, as well as after its termination and the time required to establish, assert or defend claims.
6. You have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
7. Recipients of your data may be IT service providers, and other entities authorised under separate legislation.
8. Provision of data is voluntary, but necessary for the performance of the contract or order.

We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS TO WHOM THE NOTIFICATION APPLIES (Article 14 RODO)

We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Development Sp. z o.o. its registered seat in Tomaszów Mazowiecki (97-200), 2 Barlickiego Street, KRS: 0000819926, Regon: 385103279, NIP: 7732491662.      
2. If you have any questions regarding the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the note “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfillment of the controller’s legal obligation to clarify the notification of an infringement (Article 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Article 6(1)(f) of the Regulation of the European Parliament and of the Council (EU) 2016/679) in connection with the required time to establish, assert or defend claims.
4. Your personal data was obtained from the whistleblower.
5. Your personal data will not be processed by automated means, including profiling.
6. Your personal data will be kept for a period of 3 years after the end of the calendar year in which the follow-up action has been completed, the external notification has been forwarded to the public authority competent for the follow-up action or after the end of the proceedings initiated by this action.
7. The recipients of your data may be legal service providers.
8. At the same time, we inform you that you have the right to request access to your personal data, rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
9. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

PERSONS MAKING NOTIFICATIONS (Article 13 of RODO)

We inform you that:

1. The administrator of your personal data is Projekt-Solartechnik Development sp. z o.o., with its registered seat in Tomaszów Mazowiecki (97-200), ul. Barlickiego 2, KRS: 0000819926, Regon: 385103279, NIP: 7732491662.      
2. If you have any questions related to the processing of your personal data, you are welcome to contact the Data Protection Inspector, which is possible via e-mail: or in writing to the address of our registered office with the annotation “Data Protection Inspector”.
3. Your personal data, will be processed in connection with the fulfilment of the controller’s legal obligation to protect the identity of whistleblowers on the basis of the law (Art. 6(1)(c) of the Regulation of the European Parliament and of the Council (EU) 2016/679), the controller’s legitimate interest (Art. 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council) in connection with the required time for establishing, pursuing or defending claims, or your freely given consent if you do not choose to remain anonymous (pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council).
4. Your personal data will not be processed by automated means, including profiling.

5. Your personal data will be kept for a period of 3 years after the end of the calendar year in which a follow-up action has been completed, an external notification has been forwarded to the public authority competent to take follow-up action or after the end of the proceedings initiated by that action.

6. Your data processed on the basis of consent will be stored until you withdraw that consent. You may withdraw your consent to the processing of your personal data at any time by email to The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal. The withdrawal of consent does not imply the withdrawal of the breach notification. Withdrawal of consent makes the whistleblower who provided his/her personal data anonymous from the moment of withdrawal of consent.

7. The recipients of your data may be legal service providers.
8. Provision of data is voluntary.
9. At the same time, we inform you that you have the right to request access to your personal data, their rectification, erasure or restriction of processing, the right to object to processing, as well as the right to data portability.
10. We inform you that you have the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.

 NON-IDENTIFIABLE DATA

 We would like to inform you that if you make a notification anonymously, the Personal Data Controller is not able to identify the data of the notifier, which means that there is a non-identifiable processing under Article 11 RODO. Accordingly, we inform you that Articles 15,16,17,18,19, 20 RODO do not apply (unless the data subject, in order to exercise his/her rights under these articles, provides additional information allowing him/her to be identified).

• Article 15 RODO – the right to access the content of one’s personal data and to be informed of, inter alia about the categories of data and purposes of the processing, and to obtain a copy of the data
• Art. 16 RODO – the right to rectify inaccurate or complete incomplete personal data
• Art. 17 RODO – the right to erasure of data (“right to be forgotten”), i.e. the erasure of data which are no longer necessary for the purposes for which they were collected, as well as data processed without a legal basis (the person has withdrawn consent to data processing) or unlawfully
• Article 18 RODO – the right to restrict data processing, i.e. to suspend data operations or not to delete data, as requested
• Art. 19 RODO – obligation to notify rectification or erasure of personal data or restriction of processing
• Art. 20 RODO – right to data portability of data processed by automated means