This document is an expression of care for the rights of persons using the www.altimi.com website,  as well as an expression of the Company’s compliance with the principles of personal data protection and diligence in guaranteeing the security of Users’ data along with information on online activity, in particular the possibility of exercising the User’s rights in connection with the GDPR (General Data Protection Regulation).

This document describes the rules for our processing of information about you, including personal data and cookies.

1. DEFINITIONS

This privacy policy has the following meanings of the terms:

Administrator – the administrator of personal data is Altimi Sp. z o.o. Sp. k. with its registered office at 3 Na ostatni Groszu Street, 54-207 Wrocław

Personal Data – Any information relating to an identified User.
Policy – This is a privacy policy.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on protecting natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Who is the controller of your data?

The administrator of your data and the operator of the www.altimi.pl Website is Altimi Sp. z o.o. Sp. k. with its registered office at Na Ostatnim Groszu 3, 54-207 Wrocław, entered into the register of entrepreneurs of the National Court Register kept by the District Court in Wrocław, VI Commercial Division in Wrocław, KRS 0000457283, NIP 8943045641, hereinafter referred to as the “Administrator” or “Company”. 

How can you contact the personal data administrator?

You can contact the Personal Data Controller at the following e-mail address: offer@altimi.com 

Who does the Privacy Policy apply to and what is its scope?

The Privacy Policy applies to you as a User of the website. Users may provide their data to the Administrator through forms available on the website, such as the contact form.

The data provided to the Administrator via the contact form include name and surname, e-mail address, telephone number, and company name – optional. 

The data provided to the Administrator via the contact form are processed in order to respond to inquiries sent by the User via the contact form. These data will be processed until the matter related to the inquiry is clarified.

The Administrator guarantees the confidentiality of all personal data provided to him.

Providing data is always voluntary, but necessary to take the actions for which the form is intended. 

In the case of data processing based on the User’s consent, we inform you that such consent can be withdrawn at any time by contacting the Company using the above-mentioned forms of contact, i.e. by sending information about the withdrawal of consent to the offer@altimi.com address.

When and for what purpose do we process your data? 

We collect your personal data, i.e. e-mail address, name and surname, telephone number and company name using the contact form. We process the data obtained in this way based on the legitimate interest pursued by the administrator, to correspond with you and for the purpose for which they were made available by you, i.e. to prepare an offer, respond to an inquiry, draw up a contract, in which you contact us by e-mail. 

On our website, in the “CAREER” tab, you will find current offers for ongoing recruitment. Interested persons have the opportunity to apply for these positions. We use the data obtained in this way for current and future recruitment. 

The legal basis for the processing of your data is:

• Article 6(1)(b) of the GDPR – processing is necessary for the performance of a contract or to take action at the request of the data subject prior to entering into a contract,

• Article 6(1)(c) GDPR – processing is necessary to comply with a legal obligation to which the PDC is subject,

• Article 6(1)(f) GDPR – processing is necessary for the legitimate interests pursued by the PDC, consisting in the determination, investigation, or defense against claims in proceedings before courts or state authorities.

In connection with your use of the Website, data is also collected automatically. These are data about your activity on the Website, i.e. the number and source of visits to the Website, the time of the visit, the content viewed, the number and type of subpages opened, the use of referrals, or the IP number of the computer. We do not use this information to identify you. This data is in the form of cookies (more about cookies in the further content of the Policy).

How long do we keep your data?

We retain personal data in a form that permits identification of the data subject for as long as we need it for the purposes set out in this Privacy Policy. 

This period will vary depending on your contacts and cooperation with us. 

We process data related to the recruitment process for the duration of the recruitment process, and then for 6 months after its completion. If you agree to participate in future recruitment processes, we will process your data for 12 months from the moment of giving this consent. 

After such a period, the data is anonymized (de-identified or deleted). The deletion of personal data is complete and permanent.

We will store personal data collected based on consent until the consent is withdrawn or until the purpose of processing ceases to exist. We would like to point out that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

How do we protect your data?

All your data obtained through our Website are processed in a manner that ensures their security, under the provisions of generally applicable law, in particular following Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Do we share your data?

Your data may be disclosed to persons authorized by the Company, entities providing services to the Company, including technical and organizational services, IT services and hosting services, courier services, as well as other entities/persons/bodies to the extent and on the terms specified by law. 

If we need to share your personal information with third parties, we require them to keep your information confidential and secure and only use it to provide us with the service in question.

We have concluded appropriate data processing agreements with the entities to which we entrust personal data.

Website visitor data

The data we collect from visitors to our websites is collected passively (automatically). This data is collected by the server in an anonymous manner (it is not possible to identify the user’s identity). The data collected includes:

• The browser from which you recorded your visit to our website.
• The operating system used by the visitor to our website.
• Information about Java support enabled or disabled.
• The version of Flash used in the visitor’s browser.
• The type of Internet connection used by the website visitor.
• The screen resolution used by the website visitor.
• The country/city from which the visit was recorded.
• The language used by the website visitor.

• Time spent browsing our website.

The data is collected from our website for analytical purposes. In this way, we can best adapt the appearance and functionality of the website to the hardware capabilities and preferences of visitors. This data is not shared with third parties and is not supplemented with data from other sources.

The type of data collected by the server from visitors to our website does not allow us to contact them (the data is anonymous). We also don’t run a newsletter, so we don’t have a database of email from visitors.

Cookie/Tools Policy.

Cookies are IT data, in particular text files, which are stored on the Website user’s end device and are intended for the use of the Website. Cookies usually contain the name of the website from which they originate, the time of their storage on the end device and a unique number.

A website can use two basic types of files:

• Session cookies: these are stored on the User’s device and remain there until the end of the browser session. The saved information is then permanently deleted from the Device’s memory. The mechanism of session cookies does not allow for the collection of any personal data or any confidential information from the User’s Device.

• Persistent cookies: these cookies are stored on the User’s device and remain there until they are deleted. Ending a browser session or turning off a Device does not remove them from the User’s Device. The mechanism of persistent cookies does not allow for the collection of any personal data or any confidential information from the User’s Device.

The following types of cookies are used on the Website:

• Strictly necessary cookies – contribute to the usability of the website by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

• Statistics cookies – help the website owner understand how different users behave on the website by collecting and reporting anonymous information.

• Marketing cookies – are used to track users on websites. The goal is to display ads that are relevant and interesting to individual users and thus more valuable to publishers and third-party advertisers.

The law states that cookies may be stored on the user’s device if it is necessary for the functioning of the Website. For all other types of cookies, the Controller needs the user’s permission.

Necessary cookies are processed by the Administrator on the basis of the legitimate interest of the Administrator and users. Other cookies are processed based on your consent.

When entering the Website for the first time, the user www.altimi.com information about cookies (at the bottom of the page) is displayed. The user here has the opportunity to choose which types of cookies he or she consents to the use of.

In addition, you can withdraw your consent or change your preferences at any time by clicking on the cookie widget on each page (in the bottom left corner) and then changing the settings in the banner that appears.

In addition, by default, the software used to browse websites (browser) allows cookies to be served on the user’s device on which it is running. In most cases, you can configure the software in this area yourself, including, among other things, forcing the automatic blocking of cookies. Issues related to the configuration of the method of handling cookies can be found in the software settings (web browsers). Please note that cookie restriction settings may affect the functionality of some of the site’s functionality.

What are your rights about data processing?

The user decides on the scope and purpose of the processing. At any time, he has the right to: 

• access to the data and to receive a copy of it. You have the right to obtain confirmation from us as to whether or not you are processing your data and, if so, you also have the right to:

• access your data,
• obtain information about the purposes of processing, categories of personal data processed, recipients or categories of recipients of such data, the planned period of storage of the User’s data or the criteria for determining this period, the User’s rights under the GDPR and the right to complain with the supervisory authority, the source of such data, automated decision-making, including profiling, and the safeguards applied in connection with the transfer of such data; data outside the European Union,

• u obtain a copy of your data
• to rectify (correct) data. You have the right to rectify and complete the personal data you have provided. Has the right to request that this data be rectified (if it is incorrect) and completed (if it is incomplete);
• to delete data (the right to be forgotten) – if, in the opinion of the User, there are no grounds for processing the User’s data, they may request the deletion of personal data if:

• the User has given consent to the extent that the personal data has been processed based on their consent,
• the User’s data are no longer necessary for the purposes for which they were collected or processed,
• You have objected to the use of your data for marketing purposes,
• the User has objected to the use of their data to keep statistics on the use of the Website, and the objection is justified,
• The User’s data is processed unlawfully.

Despite the request to delete personal data, in connection with the objection or withdrawal of consent, the Company may retain certain personal data to the extent necessary for the purpose of establishing, pursuing, or defending claims. This applies in particular to personal data including name, surname, e-mail address, and application history, which are stored to handle complaints and claims related to the use of the Company’s services.

• restriction of data processing – the User may request that the processing of His/her data be limited only to the storage or performance of activities agreed with the Company, if, in the opinion of the User, the Company has incorrect data about the User or processes them unjustifiably, or the User does not want them to be deleted, because they are needed to establish, pursue or defend claims, or for the time of objecting to the processing of data. You have the right to request the restriction of the use of your data in the following cases:
• when the User questions the accuracy of their data – then the Company limits their use for the time necessary to verify the accuracy of the User’s data,
• when the processing of the User’s data is unlawful and instead of deleting the data, you request the restriction of their use,
• when the User’s data are no longer necessary for the purposes for which they were collected or used, but they are needed by the User to establish, exercise, or defend claims,
• if the User has objected to the use of His/her data – then the restriction is for the time necessary to consider whether, due to the User’s particular situation, the protection of the User’s interests, rights, and freedoms outweighs the interests that are pursued when processing the User’s data;
• to object to the processing of the User’s data for direct marketing. If the objection turns out to be justified and the Company has no other legal basis for the processing of the User’s data, the Company will delete the User’s data to the use of which the User objected;
• data portability – the User has the right to receive from the Company in a structured, commonly used and machine-readable format, np. CSV, personal data concerning the User, which he or she has provided based on consent. It may also instruct the Company to send this data directly to another entity;
• complain to the supervisory authority.  You may submit complaints, inquiries and requests to the Company regarding the processing of Your personal data and the exercise of Your rights. If the User believes that the processing of their data is unlawful, they may lodge a complaint in this matter with the President of the Office for Personal Data Protection with its registered office at 2 Stawki Street in Warsaw.

In the event of a notification, the Company will make reasonable efforts to recognize the request as soon as possible. However, it is not always possible to fulfill the request. For example, the right to erasure cannot be exercised if the retention obligation is based on a legal provision. The User will be informed about the consideration of the request in writing or by e-mail.

Personal data profiling

Personal data is not processed in an automated manner, including in the form of profiling.

Security of personal data.

The Administrator makes every effort to protect the website against unauthorized access by third parties and controls the methods of collecting, storing, and other activities of processing the User’s data. It uses, among others, firewalls, server security devices, encryption devices, and physical security measures. The www.altimi.com website also has an SSL certificate. An SSL certificate is a tool that ensures the protection of a website, as well as a guarantee of confidentiality of data sent electronically. An SSL certificate is a type of security that encrypts data before it is sent from the User’s browser and decodes it after it reaches the website safely. The information sent from the server to the User is also encrypted, and after reaching the destination, it is decoded. It should be noted that access to personal data is granted only to those employees of the Company and entities that need to have access to them in order to process them only for the purposes described in the Privacy Policy.

The Administrator undertakes to take care of all information provided by the User when visiting the website following the provisions of generally applicable law, in particular the GDPR (General Data Protection Regulation).

Update of the Privacy Policy.

In connection with the needs that may arise from the development of the services offered by the Company or regulatory changes, the Administrator is entitled to make changes to this Privacy Policy. Changes will be made available to Users by publication on the website. It is recommended that you check this page frequently and refer to the date of the last modification above.