Privacy policy
As of May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (commonly referred to as “GDPR”) came into effect. GDPR applies uniformly across all EU countries, including Poland, and introduces a range of changes to the rules governing personal data processing, affecting many aspects of life, including the use of online services.This information provides a summary of the key issues regarding the processing of your personal data that may occur after May 25, 2018, in connection with the use of our services.
Introduction
Your privacy is important to us, and we take all necessary measures to ensure a high level of protection during personal data processing. Within the EU/EEA, GDPR has been in effect since May 25, 2018.
In accordance with applicable data protection laws, MOKO Małgorzata Dądela as the data controller is responsible for processing your personal data as described below. If you have any questions regarding this information or wish to exercise your rights, please contact us at the address above or via email at: kontakt@moko.marketing.
Collection and Processing of Personal Data
“Personal data” refers to information that directly or indirectly identifies you as an individual. Examples include: name and surname, home or correspondence addresses, company names and addresses, tax IDs (NIP, REGON), PESEL number, phone numbers, email addresses, nationality, or IP address.
Processing of personal data includes any actions we or a third party we engage take regarding personal data, such as collection, recording, and storage. Personal data may only be processed for specified and explicit purposes and may not be used later for any purpose beyond these.
At MOKO Małgorzata Dądela, we process personal data provided to us for the following purposes:
For employees, collaborators, and clients:
Employment
Collaboration
Service delivery
Legal Basis and Data Retention
The data controller processes data lawfully, ensuring that the fundamental rights of the data subject are not violated. Data processing is only lawful when at least one of the following conditions is met:
The data subject has given consent for one or more specific purposes;
Processing is necessary for the performance of a contract;
Processing is necessary to comply with a legal obligation or international agreement;
Processing is necessary for the purposes of the legitimate interests of the controller.
Data collected according to the above principles is deleted once the processing purposes have been fulfilled or retained for archival, statistical, or historical purposes. Retention periods include:
20 years for accounting documents of contractors
50 years for employee records
Job applicant data is deleted after the recruitment process, unless the candidate has consented to processing for future recruitment. CVs are retained for no longer than one year.
Data Security
The controller protects your personal data using high-level security measures, including technical and organizational safeguards to prevent unauthorized access, alteration, dissemination, or destruction. The Cookie Policy is available in a separate section on our website.
Restrictions on Data Disclosure
Employee data, family members, interns, or collaborators may be shared with accounting offices, social security (ZUS), tax offices, or insurers if applicable (e.g., group insurance). Contractor data may be shared with accounting offices, tax authorities, graphic design or social media specialists. We do not send personal data to third countries. Profiling is not performed. The controller may disclose personal data to third parties, such as police or other public authorities, if required by law or official decisions.
Under applicable data protection laws, you have the right to:
Access your personal data at any time;
Correct inaccurate personal data;
Request the cessation and deletion of data processing;
Request restriction of processing;
Exercise the right to data portability;
Withdraw consent for specific processing;
Object to the processing of personal data.
To exercise any of these rights, please contact the data controller using the details provided above. You also have the right to lodge a complaint with the relevant supervisory authority if you believe your data has been processed in violation of applicable data protection laws.