Privacy Policy

General information

1.1. This Privacy Policy is applicable to the personal data of the users of an Internet website (hereinafter “Users”) operating under the address www.jsw.pl (hereinafter: “Website”) and other categories of persons named in this Privacy Policy.

1.2. The controller of the Website Users’ personal data is the Service Provider, i.e. Jastrzębska Spółka Węglowa S.A. with its registered office in Jastrzębie-Zdrój (44-330) at Al. Jana Pawła II 4, entered in the register of commercial undertakings kept by the District Court in Gliwice, 10th Commercial Division of the National Court Register, under file no. KRS 0000072093 (hereinafter: “Company”).

1.3. Personal data of Website Users are processed by the Service Provider in order to operate the Website and in particular to: A. ensure efficient operation of the Website; B. explain the circumstances of any forbidden use of the Website; C. create internal reports and analyses (including viewing statistics of the Website’s sub-pages); D. improve the quality of the Website and E. possibly for the Service Provider to send an electronic newsletter requested by the User to a specified e-mail address in an electronic form.

1.4. Contact details of the Data Protection Officer in the Company: Jastrzębska Spółka Węglowa S.A., Al. Jana Pawła II 4, 44-330 Jastrzębie-Zdrój.

1.5. This person should be contacted in any matter relating to the protection of personal data processed by the Service Provider.

Exercise of rights of data subjects

1.6. Any natural person (hereinafter “Applicant”) may submit a request to the Service Provider to: (A) confirm that the Service Provider processes his or her personal data and to make good on the right to provide access to his or her personal data; (B) rectify personal data; (C) erase or restrict processing of personal data; (D) transfer personal data, which includes the right to receive data and send it to another controller or to demand, if technically possible, that the data be sent to another controller directly (to the extent to which the data is processed automatically or in order to perform the agreement or based on a consent); (E) object to personal data processing (to the extent the data is processed in the Company’s legitimate interest).

1.7. These requests will be performed by the Service Provider in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation, hereinafter referred to as the “GDPR”);

This means that, in certain cases listed in GDPR, these rights will not be vested in the data subject.

1.8. The request should be submitted in writing to the following address: Jastrzębska Spółka Węglowa S.A. (44-330) Jastrzębie-Zdrój, Al. Jana Pawła II 4. If the Service Provider does not process the Applicant’s personal data (other than the processing of data for the purposes of the request itself), the request will not be granted and the Applicant’s data will be erased immediately.

1.9. Immediately after receipt of the request, the Service Provider will notify the Applicant about that fact and places information about the request in the records it keeps.

1.10. The Service Provider reserves the right to verify the Applicant’s identity. If the Applicant’s identity cannot be effectively verified due to reasons for which the Applicant is responsible, the Service Provider will not grant the request, of which the Applicant will be notified immediately.

1.11. The request is examined in the Service Provider’s designated substantive unit without undue delay, but no later than within 10 days of the date of receipt of the request by the Service Provider. The Data Protection Officer appointed by the Service Provider will be consulted on how the submitted request should be handled.

1.12. The Service Provider will respond to the Applicant’s request within three (3) weeks of the date of its receipt. In cases that are objectively complicated (i.e. require much work on the Company’s part), the above deadline will be extended to two (2) months, of which the Applicant will be notified immediately. At the same time, the Service Provider will make every effort to ensure that the deadline is not extended.

1.13. The right of access to data will be exercised by providing the Applicant with his or her data in the scope stated in the request. The scope of information includes:

  • the purpose of the processing,
  • the categories of personal data to be processed,
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations,
  • the planned period of storing the personal data and, where impossible, the manner of calculating this period,
  • where the personal data are not collected from the data subject – any available information as to their source;
  • automated decision-making, including profiling and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
  • the right to request from the Company rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing (if the data subject has such a right);
  • the right to lodge a complaint with the supervisory authority.

1.14. Where the right of access and the right to data portability are exercised, a reply to the Applicant should come with an attached copy of the personal data relating to the Applicant, in generally known and accessible machine-readable formats.

1.15. Any complaints relating to the performance of this procedure should be sent to the Data Protection Officer (DPO) to the following address: Jastrzębska Spółka Węglowa S.A. (44-330) Jastrzębie-Zdrój, Al. Jana Pawła II 4.

The complaint will be examined immediately, but no later than within 7 days of the date of its delivery and the Applicant will be notified immediately about this fact. The Applicant will also be notified of receipt of the complaint. Details of the complaint are registered in the records kept by the DPO.

Miscellaneous

1.16. If the Service Provider requests consent for sending commercial information electronically (e.g. by e-mail, SMS, Bluetooth and other means), a person who has given such consent has the right to withdraw the consent by sending an e-mail to the address specified in item 1.4. above, entering the word “rezygnacja” [resignation] in the title. The above also applies to any other consent obtained by the Service Provider through the Website.

1.17. The Service Provider declares that it will do its utmost to ensure high level of security of the Users who are using the Website. All events affecting the security of transmission of information should be reported to the address specified in item 1.4 above.

1.18. The Service Provider reserves the right to disclose selected information about the User to relevant authorities or third parties who request such information on an appropriate legal basis and in accordance with the applicable law.

1.19. Except as provided in item 1.18 above, information about the User will not be disclosed to any third party or authority without consent of the information subject.

Cookie files and system logs

1.20. The Service Provider asserts that at the moment the User connects to the Website, information about the number (including IP) and type of the User’s end device used by the User to connect to the Website is recorded in the Website’s system logs. The Service Provider asserts that, acting in accordance with the applicable law, it will also process data comprised of the number (including IP) and type of the User’s end device and the time of connection of those persons with the Website and other operational details the User’s activity. These data are processed in particular for technical purposes and to collect general statistical information. 1.21. The Service Provider uses cookies (i.e. small text files sent to the User’s device, identifying the User in a way needed to simplify or cancel an operation) in order to collect information about the use of the Website by the User. The cookies enable: maintenance of the User’s session; adaptation of the Website to the User’s needs; development of viewing statistics for the Website’s sub-pages. 1.22. The User may change cookie settings at any time. To do this, the web browser’s cookie settings must be modified. In particular, the settings may be changed to block the automatic handling of cookies by the web browser or to inform the User each time they are saved in the User’s device. Detailed information about the options for and methods of handling cookies is available in the settings of the software (web browser). 1.23. Some of the Website’s sub-pages and other means of communication with Users may contain so-called “web beacons” (electronic images also known as “empty gifs”). Web beacons may supply information such as the IP (Internet Protocol) address of the computer on which the website with the embedded web beacon was loaded, the website’s URL, loading time, browser type as well as information contained in cookies, to assess effectiveness of our advertising.

Hosting

1.24. The Service Provider, based on a written contract, entrusts the processing of all the personal data provided by the User and other data mentioned in this Policy to Advicom Sp. z o.o., for the purposes of correct performance by that company of the Website hosting, administration, maintenance and management activities.

1.25. Date of last revision of the Privacy Policy: 25 May 2018.