Information on the processing of personal data  in business relations

1. Who is the controller of  of personal data?

   1. Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: RODO), we inform you that the controller of your personal data is Axabee Sp. z o.o. with its registered office in Opole at ul. Reymonta 39, registered in the District Court in Opole, VIII Economic Division of the National Court Register under the KRS number 0000445964, NIP: 7543069399, REGON: 161505318 (hereinafter: Administrator).
      
      Contact with the Administrator is possible via the following address  e-mail: info@axabee.com.
      
      The controller is responsible for the security of the personal data provided and for processing it in accordance with the law.

2. For what purpose and on what legal basis do we process personal data?

   1. Your personal data may be used by the Administrator for the following purposes:
      
      • developing and maintaining business relationships (legal basis: Article 6(1)(f) RODO - legitimate interest),
      • carrying out marketing communication by means of electronic communication (in particular e-mail, telephone calls, SMS messages) on the basis of your separate consent to the processing of data for this purpose and on the basis of the legal provisions in force in this regard, in particular the Act of 12 July 2024. - Electronic Communications Law (legal basis: Article 6(1)(a) RODO - consent),
        
      • implementation of direct marketing, including personalisation of marketing content (legal basis: Article 6(1)(f) RODO - legitimate interest),
        
      • the performance of activities carried out at your request prior to the conclusion of a cooperation agreement, in particular for the purposes of communication and the presentation of a dedicated offer (legal basis: Article 6(1)(b) RODO - taking action at the request of the data subject prior to the conclusion of a contract),
        
      • to assert or defend against possible claims, or in connection with the need to prove certain facts that are of  
        relevant to the Administrator in this regard (legal basis: Article 6(1)(f) RODO - legitimate interest); the time limits for the assertion of contractual claims are set out in detail in the Civil Code,
        
      • fulfilment of the Administrator's legal obligations (legal basis: Article 6(1)(c) RODO - legal obligation).
        
      The provision of personal data is voluntary, but necessary to establish and maintain a business relationship and to fulfil the other purposes of the Administrator indicated above. Refusal to provide data may result in the inability to build business relationships and fulfil other designated purposes.
      

3. Will the data be subject to profiling?

   1. Your personal data will not be used to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 of the DPA.
      

4. How long will we use the data obtained?

   1. Personal data will be used for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
      
      • period until an effective objection can be lodged,
      • period until any effective withdrawal of consent to process personal data,
        
      • limitation period for claims,
        
      • period prescribed by law.
        

5. What rights does the person whose data we process have?

   1. You have the right to make a request concerning:
      
      • access to the data (including obtaining information on what data is processed by the Controller and to what extent, as well as obtaining a copy of the data) - details: article 15 RODO,
      • to rectify data (i.e. correct it if the data processed by the Controller is incorrect or incomplete) - details: article 16 of the DPA,
        
      • erasure (if, for example, the data are no longer necessary for the purposes for which they were collected or the Controller has no legal basis for processing the data) - details: article 17 RODO,
        
      • limitation of data processing (if, for example, you question the accuracy of the personal data used by the Controller, if the data are no longer needed by the Controller but need to be processed because you are pursuing a claim) - details: article 18 RODO,
        
      • object to the processing of personal data, including profiling (where personal data is processed on the basis of the legitimate interest of the Controller, or is used  for direct marketing purposes) - details: article 21 RODO,
        
      • transfer of data to another controller (if the processing of the data provided to the Controller is carried out by automated means, on the basis of consent or on the basis of a contract) - details: article 20 RODO.
        
      If the processing is carried out on the basis of consent (e.g. consent to the use of data for marketing purposes), you have the right to withdraw consent at any time by any means.  
      The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal.
      
      In addition, you have the right to lodge a complaint with the President of the Data Protection Authority (supervisory authority) if you believe that the processing of your personal data violates the law (for more information: https://uodo.gov.pl/pl/83/155).
      

6. How do I withdraw my consent to data processing?

   1. The withdrawal of consent for the processing of personal data may be carried out  in particular by contacting the Controller or the Data Protection Officer (DPO) via the contact details indicated in this clause.
      

7. With whom do we share data?

   1. Subject to all data security guarantees, we may pass your data on to other entities, including entities entitled to receive them under applicable law, entities processing them on our behalf (e.g. technical service providers, hosting providers, analytics providers, entities providing us with consultancy services) and other administrators (e.g. notary or law firms).
      

8. Do we transfer data outside the European Economic Area (EEA)?

   1. If necessary for the purposes indicated above, we may transfer your personal data to our recognised subcontractors or contractors in countries outside the EEA.
      
      Bearing in mind that the level of protection of personal data in these countries may differ from that provided by the RODO within the European Union, the transfer of data shall be carried out with an adequate degree of protection, primarily by:
      
      • cooperation with processors of personal data  in countries outside the EEA for which the European Commission has determined that they provide an adequate level of protection (this includes  this includes US companies certified under the approved EU-US Data Protection Framework, such as Microsoft),
      or, in the absence of such a decision by the European Commission:
      
      • the use of standard contractual clauses in contracts with such companies,
      • the application of binding corporate rules approved by the competent supervisory authority,
        
      • the application of the conditions set out in Article 49 RODO.
        
      The controller shall ensure that any transfer of personal data is carried out on the basis of appropriate agreements, in a secure and controlled manner.
      
      In any of the cases described in points 2-4 above, you may request further information about the safeguards in place  in this respect, obtain a copy of these safeguards, and obtain information  where they are available.
      

9. How can you contact  us on matters relating to  related to data protection?

   1. You can contact our appointed Data Protection Officer (DPO) on matters relating to data protection, via:
      
      • e-mail address: info@axabee.com.
      • the Administrator's mailing address indicated above.
        

10. Additional information for  persons whose data are processed in connection with  in connection with activities aimed at  to establish and develop a business relationship.

    1. The Administrator may also process data obtained from business partners, contractors, potential contractors (whereby the data is provided on the basis of your consent), as well as data obtained from publicly available sources (e.g. KRS, CEIDG, company websites, social networks).
       
       Dane osobowe będą przetwarzane przez Administratora w zakresie niezbędnym do nawiązania i rozwijania relacji biznesowych (tj. imię, nazwisko, stanowisko, służbowe dane kontaktowe).