Information concerning processing of personal data for employees and persons cooperating with IdoBooking

  1. The controller of personal data of the Employee is IdoBooking sp. z o. o. (also referred to as ‘Operator’) with its registered office at 30 Piastów Avenue, 71-064 Szczecin, entered the Register of Entrepreneurs kept by the District Court Szczecin-Centrum in Szczecin, XIII Business Division of the National Court Register under the number 00001118562 NIP: 8522710288; REGON: 529324888; with a share capital of PLN 200,000.00.
  2. In matters concerning personal data, IdoBooking may be contacted by e-mail: sales@idobooking.com and by phone: +48 91 443 66 00.
  3. The Data Protection Officer at IdoBooking is Rafał Malujda, e-mail address: gdpr-inspector@idobooking.com.
  4. Personal data shall be processed for the purpose of establishing and performing cooperation understood, in particular, as the performance of an employment relationship or cooperation on the basis of a civil law contract (natural person, natural person conducting business activity). Personal data will be processed on the basis of:
    1. Article 6(1)(c) and Article 9(2)(b) GDPR, i.e. when the processing is necessary for the fulfillment of a legal obligation incumbent on the employer and the processing is necessary for the fulfillment of obligations and the exercise of specific rights by the controller or the data subject in the field of labour law, social security and social protection, including in connection with the performance of obligations imposed by Article 22 (1) § 1 and 3 of the Labour Code, Articles 1, 6 and 6a of the Act of 13 October 1998 on the social security system,
    2. Article 6(1)(b) GDPR - processing is necessary for the conclusion and performance of a contract to which the data subject is a party,
    3. Article 6(1)(a) GDPR, i.e. on the basis of consent granted for the purposes specified each time in the consent forms provided, in particular for the purposes of realisation of employee benefits declared by the employee, image processing for promotional, advertising and information purposes, building the company's image and brand, as well as to enable proper administration of the company's employee data.
  5. Recipients of the personal data processed by IdoBooking are IdoBooking's business partners, hosting companies, software providers, marketing agencies, online and card payment operators, accounting firms, law firms and other entities to whom IdoBooking entrusts the Employee's personal data or makes them available under an appropriate agreement for the purpose of providing services.
  6. The Employee's personal data will be stored for 50 years from the termination of the employment relationship or 10 years from the end of the calendar year in which the Employee terminates his/her employment, in the case of employment after 31 December 2018 or where an information report has been filed, as referred to in Article 4(6a) of the Social Security Act of 13 October 1998. In other cases, the personal data will be kept for the period necessary for the performance of the contract and, after its termination or expiry, for the obligatory period of archiving the documentation, established by separate regulations, taking into account the period of limitation of claims.
  7. (Co)Employee has the right to request from the Controller access to his/her personal data, rectification, erasure or restriction of processing, as well as the right to data portability.
  8. The (Co)Employee has the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection, if the (Co)Employee considers that the Administrator's processing of his/her personal data violates the provisions on personal data protection.
  9. The provision of personal data by the (co)Employee, as specified in the applicable legislation, i.e. indicated in Article 22 (1) § 1 and 3 of the Labour Code, is a statutory requirement and is necessary for the conclusion of the employment contract. Failure to provide the data results in the refusal to establish an employment relationship. In other respects, the provision of data is voluntary. In the case of cooperation on the basis of a civil law contract, providing personal data is voluntary, and the consequence of failing to provide personal data will be the inability to conclude and implement the contract.