This Policy is valid from May 25, 2018.
The personal data administrator is STX Next sp. z o.o. sp. k. (from now on called “Administrator”) with headquarters in Poland (ul. Mostowa 38, 61-854 Poznań) registered in the VIII Division of the National Entrepreneurs Court in Poznań (KRS 0000731810; NIP 7781424849; REGON 300013306) represented by: Maciej Dziergwa. Email address: firstname.lastname@example.org, Phone number: +48 61 610 01 92; Fax number: +48 61 610 03 18
Customers’ and Users’ personal data is stored and processed in accordance with the GDPR requirements. The term “Personal Data” is used according to GDPR’s personal data definition.
The administrator makes all the necessary efforts to protect the interests of individuals and organizations sharing their personal and corporate information. As well, ensures that the data is gathered and stored in agreement with GDPR, and will serve only the specific purposes for which a specific consent has been provided.
The administrator understands the importance of the privacy levels demanded from the site visitors and users in current and potential cooperation agreements, as well as customers, sharing personal data making use of the following:
The official website stxnext.com and all its subpages
Everytime personal information is gathered, stored and/or processed by the Administrator, it is done strictly according to the GDPR regulations.
The most common cases for which the Administrator gathers, stores and process personal data are:
In case personal data is planned to be collected for other purposes, a special consent from customers and/or users for each specific purpose will be requested.
All personal data collected is strictly for internal use only, and won’t be shared with any other external parties.
After the proper consent has been granted, the Administrator can collect, process and store the following data:
Name and Surname
URL addresses linking to personal data
Previous Employment and Education details
Bank account number (for customers only)
Any other invoicing data (for customers only)
Company details (for customers only)
Contact person details (for customers only)
Customers and users have the right to request access their personal data and request it’s edition at anytime.
Customers and users have the right to re-define the scope in which their personal data can be processed and stored.
Customers and users have the right to request the deletion of their personal data from the Administrator’s database at anytime.
Customers and users have the right to request to be forgotten according to the GDPR’s Art. 17.
In the case a customer or user is requesting to access, edit or delete their personal data, the administrator can ask for additional information in order to verify the identity of the requester and to avoid any misuse of the editing and/or deleting rights.
For security and tracking purposes, customers and users must request to perform any of the changes mentioned in 3.1 and 3.2 or to request the deletion of their personal data by sending the request in a written form to: email@example.com.
All requests mentioned in point number three, sent directly to the administrator in a written form, will be treated within a month.
Customers and users have the right to contact the administrator at anytime, making use of any of the communication means stated in the point number one of the Policy. However all official requests should be done in written form making use of the e-mail address firstname.lastname@example.org.
The Administrator will store all correspondence with customers and users for statistical purposes and also in the frame of potential allegations regarding edition or deletion requests.
The Administrator makes sure all necessary technical means are implemented in order to keep all stored Customers and Users data safe from external agents. Specially to avoid:
Data disclosure to non-authorized persons
Data leaks out of the Administrator’s business tools
The Administrator makes sure all necessary technical means are implemented to avoid data edition or deletion by non-authorized persons
The security measures to comply with 5.1 and 5.2 are:
The Administrator reserves the right to perform any changes in the Policy, which can be necessary (but not limited) due to legal changes, especially in the frame of the GDPR requirements, having impact in our obligations and/or customers and users rights.
If any change in the Policy is performed, a clear announcement informing about the changes implemented will be published.
The current Policy should be treated as a general reference document, for general information purposes only. It is not a legal document or a contract. In case any doubts, concerns or questions emerge after reading it, please contact the Administrator.