Skip to main content

Politique de confidentialité

Privacy Policy considering the obligations under the so-called GDPR

Dominik Matczak, operating under the name SILVERHAND Dominik Matczak, with the main place of business: Poznań (61-868), ul. Garbary 35/9 (hereinafter referred to as SILVERHAND, “We” or “Us/Our”), makes every effort to protect and respect your privacy.

This Policy (along with other documents referred to herein) describes what personal data we collect and how it is processed.

**Personal data that we may collect from you:**

We will collect personal data about your use of the website www.silverhand.eu, including information about website traffic, location information, login log data, content of contact forms and surveys, and other communication information and resources you use. By collecting this personal data, we will facilitate your future visits to our website and also be able to suggest useful content tailored to you based on the location from which you access the website.

We will collect any information you provide to us through our contact forms (e.g., “Contact,” “Send a message,” “Landing Page,” “Contact us regarding a job”). The submission of your personal data through our forms is not a legal or contractual requirement; however, please note that fields marked with an asterisk (*) are mandatory because we need this data to process your request. Other data or personal information you share with us when filling out our contact forms is provided at your sole discretion. If you contact us, we will keep a record of that correspondence.

We use your personal data to send you marketing materials via email if you consent to this by using the appropriate contact form or newsletter sign-up form. You can change your decision regarding future marketing communications at any time.

We may also store cookies in accordance with the detailed provisions of our Cookie Policy.

**How do we use your personal data?**

Your personal data will be collected and processed by us for the following purposes:

– To tailor content and resources as closely as possible to your preferences;
– To respond to your request or questions when you contact us;
– To send you additional information, such as upcoming SILVERHAND events or newsletters;
– To help us create, publish, and improve content that is relevant to you;
– To ensure that the content delivered through the website is presented in the most effective way for you and your device;
– To allow you to participate in interactive features of our website when you choose to do so;
– To further develop and improve the website and the systems operating on it.

The use of your personal data as described above is permitted under applicable data protection laws because it is

– necessary for our legitimate interests in achieving the purposes outlined above, but in no case will these interests override your privacy interests;
– necessary in some cases to comply with our legal and regulatory obligations, such as making disclosures to authorities, regulators, or government bodies;
– necessary in some cases to perform tasks in the public interest, and necessary – when we use special categories of personal data – to establish, exercise, or defend legal claims, or where the processing concerns personal data in the public domain;
– processed with your consent in the indicated circumstances, which we obtain each time, e.g., when you agree to receive marketing information and messages via email.

In one case, we make decisions based solely on automated processing, including profiling, which may significantly affect your situation, e.g., by displaying a suitable job offer that results in employment or indicating that there are no matching offers for you.

In no case do we make decisions based solely on automated processing, including profiling.

We process your personal data for the period required to fulfill our legal obligations. The retention periods for your personal data depend on the specific purpose of the data processing and the specific tool used to process the data.

**The criteria used to determine the appropriate retention period include:**

– the need to achieve the specific purpose,
– the need to deliver our services to you,
– the duration for which you have given consent, or
– legal provisions.

**Sharing with third parties**

To facilitate the processing of your personal data by us and to provide you with content or resources, we disclose your data to third parties. However, such disclosure occurs only under the following circumstances and to the following categories of entities:

– **Service providers, contractors:** We may periodically cooperate with other companies or individuals to provide services on our behalf. Examples include: hosting or maintaining website content, or providing specific services through the website, providing marketing services. These recipients are generally located in Poland or the European Economic Area. Such recipients only have access to your personal data to the extent necessary, in line with the performance of their duties, and are not allowed to use such personal data for other purposes. These recipients will also be subject to confidentiality obligations arising from contracts;
– **Other entities within the SILVERHAND Capital Group:** (e.g., any companies directly or indirectly controlled by SILVERHAND).
– **State authorities, regulators, or law enforcement agencies.**

**IP addresses and cookies**

We collect data about your computer, including (if available) your IP address, operating system, and browser type for system administration purposes. This is statistical data about browsing activities and patterns of our users and does not identify you or any other individual.

For the same reason, we may collect data about your internet usage through the use of cookies stored on the device you use. For more information on our use of cookies on the website, please refer to our Cookie Policy.

If you share a computer or other device with internet access with others, we recommend that you do not select the “Remember my details” option when offered by the website.

**Where is your personal data stored and processed?**

As explained in the “Sharing with third parties” section, we share your personal data with the following entities:

– **Service providers, contractors:** When we use a service provider or contractor, your personal data remains under our control, and we have implemented procedures to ensure that your personal data is adequately protected;
– **Other companies within the SILVERHAND Group:**

We make efforts to ensure that your personal data is processed securely and in accordance with the provisions of this Policy.

**Do we transfer your data outside Poland?**

Your data may be transferred and processed in one or more other countries outside Poland. We will only transfer your data to countries that provide an adequate level of protection for your data as required by applicable law, or where the SILVERHAND Group has implemented appropriate safeguards to protect your data’s privacy.

**Data security**

Although we do our best to protect your personal data, you should be aware that transmitting personal data over the internet is not completely secure, and we cannot guarantee the security of your personal data transmitted through the website or to third parties; therefore, any transmission of personal data is at your own risk. We use operational procedures as well as appropriate technical and organizational security measures to prevent unauthorized access, alteration, deletion, or transmission of these personal data.

**Your rights. How can you access, correct, and delete your personal data?**

Under data protection laws, you have the following rights:

– **Right of access and to receive a copy of your personal data:** You have the right to obtain information about whether we process your personal data. If we process your data, you may gain access to a copy of the personal data we hold about you and how it is processed. In some cases, you may request to receive an electronic copy of your data from us.
– **Right to rectify your personal data:** If you can demonstrate that the personal data we hold about you is incorrect, you can request that the processed information be updated or corrected.
– **Right to be forgotten/deleted:** In certain circumstances, you have the right to request the deletion of your data. You can make this request at any time, and SILVERHAND will assess whether your request is granted, taking into account legal and regulatory obligations concerning the processing of that data. If we lawfully determine that your request to delete your personal data is justified, SILVERHAND will delete the data without undue delay.

To exercise your rights, please contact us at the following address: rodo@silverhand.eu

To the extent that our processing of your personal data is based on your consent, you also have the right to withdraw that consent at any time. Withdrawal of your consent will not affect the legality of data processing activities conducted while your consent was in effect, i.e., before we received notification of your withdrawal.

Furthermore, you have the right to file a complaint about our processing of your personal data with the local supervisory authorities.

We will only send you marketing communications via email that you have consented to.

We will usually offer you a choice in the forms we use to collect your personal data, which you must select if you consent to receive marketing communications. When we send you marketing information via email, you can opt out of receiving it by clicking the “Unsubscribe” or “Opt-out” function in the email. Additionally, you can exercise your right to withdraw consent at any time by contacting us at rodo@silverhand.eu and providing the following information: name, email address, contact phone number, marketing information you wish to opt out of.

**Changes to this Policy**

The terms of this Policy may change. We will publish any significant changes to this Policy in the form of notices on this website or by contacting you through other communication channels.

**Contact**

Questions, comments, and requests regarding this Policy are welcome and should be directed to SILVERHAND Dominik Matczak, ul. Garbary 35/9, 61-868 Poznań, email address: rodo@silverhand.eu.

Detailed information on how we process your personal data can be obtained at rodo@silverhand.eu.

You can also contact our local Data Protection Officer at the following address: rodo@silverhand.eu.

**GDPR Information**
concerning the Facebook Fanpage

I

[Content of the administrator’s privacy policy]

1. The administrator’s

privacy policy includes information on the processing of personal data and other information regarding users of the Facebook portal on the administrator’s fanpage. In this privacy policy, the administrator has also included all the information that data subjects should receive in accordance with the GDPR.

2. The privacy policy concerns the processing of data related to the fanpage on the social networking site Facebook.

II

[Data Controller]

The data controller of the personal data of the fanpage users is:

Dominik Matczak, operating under the name SILVERHAND Dominik Matczak, main place of business: Poznań (61-868), ul. Garbary 35/9 (hereinafter referred to as SILVERHAND).

Users can contact the administrator:

1) by mail at the above address;

2) by email at: rodo@silverhand.eu

III

[Purposes, legal basis, and duration of data processing]

1. **Operating the fanpage**

The administrator processes personal data of users to enable them to use the fanpage. The administrator has information about:

1) “Likes” on the fanpage;

2) Activities on the fanpage;

3) Content of comments and posts submitted by users.

These data are processed in accordance with Article 6(1)(b) of the GDPR for the purpose of providing services, i.e., the contract for the provision of services electronically.

2. **Contact with users – Messenger**

To enable contact between the administrator and the user, the administrator processes information about persons contacting the administrator through the Facebook Messenger, in particular the name and the Facebook username, the content of the correspondence (messages, threads). Messages are not stored by the administrator in places other than Facebook.

These data are processed in accordance with Article 6(1)(f) of the GDPR, in the legitimate interest of the administrator and the users, which consists in ensuring contact between users and the administrator, and the processing of this data does not violate the rights and freedoms of the users.

The content of the correspondence and the information about the contact are processed for the time necessary to address the user’s issue and no longer than 3 months after the issue is resolved for archiving purposes in case protection against potential claims against the administrator is required. After this time, they are deleted from the administrator’s fanpage, and the administrator will no longer be able to access these data.

3. **Investigating breaches, asserting claims**

In the case of initiating an investigation into a possible breach of the terms of service or the law, principles of social coexistence, or good morals, proceedings to assert claims by the administrator or by other users or entities, and defense against claims by users or other entities, the administrator may process personal data of specific users until the ongoing proceedings are completed and until the statute of limitations for claims by the administrator against the user, which usually is 3 years according to Article 118 of the Civil Code, although in specific cases provided by law this period may be longer.

If personal data are processed for the purpose of asserting claims by other users, this data may be made available in this context to another user or entity, an authorized public authority, e.g., courts, police, prosecution.

This data will then be processed and disclosed in accordance with Article 6(1)(c) of the GDPR, i.e., to fulfill the obligation under Article 8 of the Act on the Provision of Electronic Services, or in accordance with Article 6(1)(f) of the GDPR, i.e., in the legitimate interest of the administrator in asserting claims against the user. The legitimate interest of the administrator will then take precedence over the rights and freedoms of the service recipient.

4. **Usage statistics of the services**

To improve the quality of its services, the administrator processes statistical information about the use of the fanpage and uses statistical tools provided by Facebook.

These data are processed in accordance with Article 6(1)(f) of the GDPR, in the legitimate interest of the administrator in facilitating the use of services, improving the quality, and functionality of the services provided, and the processing of this data does not violate the rights and freedoms of the users, because due to the nature of Facebook’s activities, users are aware of statistical activities and sharing their results with professional users, and even expect that the services provided will be improved and developed according to their needs.

This data is processed as part of the administrator’s ongoing activities, but not longer than 60 days after receiving the information. After this time, the administrator may continue to process general statistical data that is stripped of any information about individual users.

However, the availability of statistical data in Facebook’s tools may be longer than 60 days, which means that the administrator has access to this data, but this remains outside their decision-making scope. Regardless, the administrator will no longer use this data.

5. **Marketing and PR activities of the administrator**

The administrator may post marketing information on the fanpage regarding their products, services, and events that they organize or participate in.

The display of this content is performed by the administrator in accordance with Article 6(1)(f) of the GDPR, in the legitimate interest of the administrator in carrying out their own marketing activities. This action does not violate the rights and freedoms of the users, who expect to receive similar content and sometimes even anticipate it, especially due to the nature of Facebook’s operations.

6. **Marketing activities of other products or services**

The administrator may also post marketing information regarding products or services of their contractors, with whom they have entered into a cooperation agreement in the field of marketing.

The display of this content is performed by the administrator in accordance with Article 6(1)(f) of the GDPR, i.e., in the legitimate interest of the administrator in carrying out marketing activities for products or services of their contractors. This action does not violate the rights and freedoms of the users, especially due to the sporadic nature of these activities, and users expect to receive similar content due to the nature of the social network Facebook. The user has the right to object to the processing of their personal data for marketing purposes.

IV

**[Recipients of user data]**

In connection with the fanpage, due to the specificity of the Facebook portal, information about people who follow the fanpage, “likes,” as well as comments, posts, and other information provided by users are public.

The administrator does not disclose other information to other entities.

V

**[Rights of data subjects]**

Each data subject has the right:

1) **Access** – to obtain from the administrator confirmation as to whether their personal data is being processed. If data about the person is being processed, they have the right to access it and obtain the following information: the purposes of the processing, categories of personal data, recipients or categories of recipients to whom the data has been or will be disclosed, the period of data retention or the criteria for determining this, the right to request rectification, deletion, or restriction of personal data processing that the data subject has, and the right to object to such processing (Article 15 GDPR);

2) **To obtain a copy of the data** – to receive a copy of the processed data, with the first copy being free of charge, and the administrator may charge a reasonable fee for additional copies based on administrative costs (Article 15(3) GDPR);

3) **Rectification** – to request the rectification of their personal data that is inaccurate, or the completion of incomplete data (Article 16 GDPR);

4) **Data deletion** – to request the deletion of their personal data if the administrator no longer has a legal basis for processing it or the data is no longer necessary for the purposes of processing (Article 17 GDPR);

5) **Restriction of processing** – to request the restriction of personal data processing (Article 18 GDPR) when:

a) the data subject disputes the accuracy of the personal data – for a period allowing the administrator to verify the accuracy of this data,

b) the processing is unlawful, and the data subject objects to its deletion and instead requests the restriction of its use,

c) the administrator no longer needs the data, but it is required by the data subject for the establishment, exercise, or defense of legal claims,

d) the data subject has objected to the processing – pending verification of whether the legitimate grounds of the administrator override those of the data subject;

6) **Data portability** – to receive the personal data concerning them, which they have provided to the administrator, in a structured, commonly used, and machine-readable format, and to request that this data be transmitted to another administrator if the data is processed on the basis of the data subject’s consent or a contract with them and if the data is processed by automated means (Article 20 GDPR);

7) **Objection** – to object to the processing of their personal data for legitimate purposes of the administrator on grounds relating to their particular situation, including profiling. The administrator will then assess whether there are compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or grounds for the establishment, exercise, or defense of legal claims. If, based on this assessment, the interests of the data subject outweigh the administrator’s interests, the administrator will be obliged to stop processing the data for these purposes (Article 21 GDPR).

To exercise the above rights, the data subject should contact the administrator using the provided contact details and inform them of which right and to what extent they wish to exercise.

VI

**[President of the Office for Personal Data Protection]**

The data subject has the right to lodge a complaint with the supervisory authority, which in Poland is the President of the Office for Personal Data Protection, based in Warsaw, ul. Stawki 2, who can be contacted as follows:

1) by post: ul. Stawki 2, 00-193 Warsaw;

2) via the electronic mailbox available on the website: https://www.uodo.gov.pl/pl/p/kontakt;

3) by phone: (22) 531

03 00.

VII

**[Data Protection Officer]**

In any case, the data subject can also contact the administrator’s data protection officer directly:

1) by email at: rodo@silverhand.eu;

2) at the above postal address with the note: Data Protection Officer.

VIII

**[Changes to the privacy policy]**

The privacy policy may be supplemented or updated as needed by the administrator to provide users with up-to-date and reliable information about their personal data and information about them. Users will be informed of any changes to the privacy policy on the fanpage.

IX

**[Legal acts referenced in the clause]**

1) GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ L 2016 No. 119, p. 1);

2) Articles 118 et seq. of the Act of 23 April 1964 – Civil Code (consolidated text: Dz.U. 2018, item 1025, as amended);

3) Article 8 of the Act of 18 July 2002 on the provision of electronic services (consolidated text: Dz.U. 2017, item 1219, as amended).

For more information, please refer to our subpage on the data protection policy for candidates.