Privacy Policy

1. general principles of personal data processing
The administrator of personal data is Bolix S.A. with its registered office at 8 Stolarska Street, 34-300 Żywiec.
Bolix S.A. processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter: “RODO”.
In particular, Bolix S.A. adheres to the following principles of personal data processing:
collects data for specific, explicit and legitimate purposes and does not further process it in a manner incompatible with those purposes;
limits the collected data to the minimum necessary to fulfill the purpose for which they are collected;
keeps the data in a form that allows the identification of the data subject for the period resulting from the purpose for which they were collected, and thereafter for the period after which claims arising from that purpose become time-barred and for the period for which the law prescribes the retention of the data; the controller may also keep personal data longer only in justified cases if the law permits such retention;
processes data in a manner that ensures adequate security of personal data.
If personal data is collected on the basis of consent, the data subject may withdraw it at any time, but this will not affect the legality of the use of the data before the withdrawal of such consent. Voluntary and informed submission of data by the data subject is also considered as consent.
Data subjects have rights to access, rectify, erase, limit processing of their personal data, or to object. These rights can be exercised by submitting a request to the controller’s office. The scope of each of these rights and the situations in which they can be exercised are determined by law.
Data subjects have the right to lodge a complaint with the President of the Office for Personal Data Protection (2 Stawki Street, 00-193 Warsaw) if they consider that the processing of their personal data violates the law.
The Administrator has appointed a Data Protection Officer, who can be contacted on matters concerning the processing of personal data via e-mail: iod@bolix.pl or in writing to the Administrator’s address.
2 Detailed principles of personal data processing
2.1 Personal data of contractors (customers, recipients, suppliers, contractors, subcontractors) of BOLIX S.A. and their representatives
Personal data of contractors and their representatives are obtained directly from the data subject, but may also be provided to the controller by his/her employer or the entity he/she represents.
Personal data may also come from other sources in accordance with the law, such as:
from company websites;
from banks (bank account numbers from which payments were made to Bolix S.A.);
From public sources, including KRS, CEIDG registers;
from sources with limited access, e.g. BIK, BIG.
Personal data collected by the administrator may be used for the following purposes:
taking action before concluding a contract;
executing concluded agreements;
performing the administrator’s legal obligations, including those related to tax, social security and health insurance obligations;
arising from the administrator’s legitimate interests, including:
providing contact in ongoing matters arising from the administrator’s activities;
providing answers to questions or matters addressed to the administrator;
building and maintaining relations with the administrator’s contractors by sending information about the administrator’s activities, offers or other content informing about the possibility of cooperation with the administrator;
searching for new clients;
searching for new suppliers, contractors and subcontractors;
offering their goods, services and products;
to take care of the high reputation of Bolix products by ensuring their proper use;
handling complaints and claims;
detecting and preventing fraud;
ensure the security of persons, property and information, including by conducting various forms of monitoring;
establish, assert and defend claims;
to create compilations, analyses and statistics for internal purposes;
within the group to which the controller belongs, for reporting and reporting purposes.
The provision of personal data is in most cases voluntary, but necessary to fulfill the purpose for which it is collected. In some cases, the obligation to provide personal data may result from legal regulations.
Personal data may also be processed based on the consent of the data subject for the purpose specified in the consent.
Personal data will be kept for the period resulting from the purpose for which they were collected, and thereafter for the period after which the

Translated with www.DeepL.com/Translator (free version)