at the Łucznik Arms Factory - Radom sp. z o.o.
Łucznik Arms Factory - Radom sp. z o.o., located in Radom, A. Grobickiego Street 23, 26-17 Radom, entered in the National Court Register kept by the Lublin - East District Court in Lublin with its registered office in Świdnik – VI Economic Department of the National Court Register under the number KRS 0000031426, NIP 9482182612, REGON 672021450, share capital of PLN 89,618,500.00, hereinafter referred to as the Company, in order to properly secure its interests, has appointed a Data Protection Officer, who can be contacted via email: firstname.lastname@example.org.
We attach great importance to the privacy protection of our customers, contractors, and employees. One of its key aspects is the protection of the rights and freedoms of individuals in connection with the processing of their personal data.
We ensure that the processing of your data is in compliance with the General Data Protection Regulation 2016/679/EU (hereinafter "GDPR"), the Personal Data Protection Act, and specific regulations (including labor law or accounting law).
The Company is the data controller within the meaning of Article 4(7) of the GDPR and also uses the services of data processors, as mentioned in Article 4(8) of the GDPR – entities that process personal data on behalf of the controller (such as IT companies, security, occupational health clinics, etc.).
The Company implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk of infringement of the rights or freedoms of natural persons of varying likelihood and severity. We also develop policies and procedures, as well as organize regular training to enhance the knowledge and skills of our employees in this area.
How we use your personal data
As an employer, we process the data of employees and individuals who cooperate with us on a basis other than an employment relationship. Contact details obtained from contractors (e.g., their employees) are used for concluding and efficiently implementing contracts. We also engage in marketing activities, aiming to reach a wider audience to provide them with current information about our products and services.
We disclose your data to third parties with your consent or when required by law.
On what principles and on what basis we process your data
We take due care to protect the interests of the individuals whose data we process, ensuring that such data is:
We typically process your data based on your consent, which can be withdrawn at any time. Another situation is when the processing of your data is necessary for the performance of a contract of which you are a party or for taking pre-contractual steps at your request.
In some situations, processing is necessary to fulfill a legal obligation that applies to us as the Data Controller. Such obligations arise, for example, from labor law or accounting regulations.
Processing may also be necessary for purposes arising from our legitimate interests, such as pursuing claims from our business activities.
We take appropriate measures to provide you with concise, transparent, understandable, and easily accessible information in a clear and plain language concerning your right to:
To contact us regarding the exercise of your rights, send a message to email@example.com.
How we will contact you
We provide information in writing or by other means, including, where appropriate, electronically. If you request, we may provide information orally, provided we confirm your identity by other means. If you submit your request electronically, to the extent possible, information will also be provided electronically, unless you indicate another preferred form of communication.
When we will fulfill your request
We strive to provide information without undue delay – generally within one month of receiving the request. If necessary, we may extend this period by an additional two months due to the complex nature of the request or the number of requests. However, in any case, within one month of receiving the request, we will inform you of the actions taken and (where applicable) the extension of the deadline, stating the reason for such delay.
If we cooperate with entities that process personal data on our behalf, we only use the services of such data processors that provide sufficient guarantees to implement appropriate technical and organizational measures to meet the GDPR requirements and protect the rights of the individuals whose data is processed. We carefully examine the entities to which we entrust the processing of your data. We conclude detailed agreements with them and periodically verify compliance with the content of such agreements and legal regulations.
How we ensure the processing of your data
To meet the requirements of the law, we have developed detailed procedures covering issues such as:
We regularly check and update our documentation to demonstrate compliance with legal requirements in accordance with the accountability principle defined in the GDPR. Additionally, we strive to incorporate the best market practices into our documentation, also for the benefit of the individuals whose data is processed.
We store personal data in a form that allows the identification of the data subject for no longer than necessary for the purposes for which such data is processed. After this period, we anonymize the data (remove features allowing the identification of a specific person) or delete it. The deletion of personal data is complete and permanent. In the retention procedure, we ensure:
The period of data processing is determined primarily based on legal regulations (e.g., the retention period for employee documentation, accounting documents), as well as the legitimate interests of the controller (e.g., marketing activities). The retention policy covers both data processed in paper and electronic form.
We ensure that each person acting on our behalf and having access to your personal data processes it only on our instructions, unless other requirements arise from Union law or the law of a Member State.