Privacy Policy

I. Introduction

The protection of personal data and information security have always been treated as a priority in the operations of BCMLogic Solutions sp. z o.o. Setting an example as a responsible and aware organization, we are committed to properly informing you about matters related to personal data processing, particularly in light of new personal data protection regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). We are aware that information holds a specific value that must be appropriately protected. Bearing in mind the security of your data, this document presents key information regarding the legal basis for processing personal data, its use, and collection.

II. BCMLogic Solutions sp. z o.o.

BCMLogic Solutions sp. z o.o., with its registered office at Al. Jerozolimskie 123a, 02-017 Warsaw, Poland, is a company developing IT solutions that support risk management, security, and business continuity processes.

III. When does this Privacy Policy apply?

This privacy policy applies to all cases where BCMLogic Solutions sp. z o.o. acts as a data controller and processes personal data. This applies to both personal data obtained directly from the data subject and cases where we have obtained personal data from other sources. BCMLogic Solutions sp. z o.o. fulfills its information obligations in both of the aforementioned situations, as specified respectively in Art. 13 and Art. 14 of the GDPR, in accordance with these provisions.

BCMLogic Solutions sp. z o.o. is the controller of marketing processes (including managing accounts on social media portals), IT operations (including IT systems where personal data, e.g., of Contractors, are collected), security incidents, and coordinates employee recruitment processes. The Company also operates the website www.bcmlogic.com and therefore coordinates the processing of personal data submitted through forms contained on the website (e.g., within the contact form and material downloads).

IV. Scope, methods, and purposes of data processing

We want all information regarding the methods and legal bases of personal data processing, as well as the purposes for which we process them, to be clear and understandable. We encourage you to review the list of personal data processing operations presented below.

IV.1. Processing of personal data of individuals visiting websites operated by BCMLogic Solutions sp. z o.o. or using services provided electronically

1. General Information
Every natural person using our electronically provided services or visiting our website has control over the personal data they provide to us. We hereby inform you that the user data collected in this way is limited to the absolute minimum necessary to provide services at the expected level.

2. Cookies
The website does not automatically collect any information, except for information contained in cookie files.
Cookies are digital data, in particular text files, stored on the Website User’s end device. They are intended for using the website’s pages. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique key-value pair of attributes.
Cookies are used to:
a) adapt the content of the Website’s pages to the User’s preferences; in particular, these files allow for the recognition of the Website User’s device and the proper display of the webpage;
b) create statistics, which allows for the improvement of the structure and content.

The website uses two types of cookies: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the User’s end device until logging out, leaving the website, or turning off the software (web browser). “Persistent” cookies are stored on the User’s end device for the time specified in the cookie parameters or until they are deleted by the User.

The following types of cookies are used within the website:
a) “strictly necessary” cookies, enabling the use of services available within the website;
b) cookies used to ensure security;
c) “performance” cookies, enabling the collection of information on how the website pages are used;
d) “functional” cookies, enabling the “remembering” of settings selected by the User and the personalization of the User interface.

In many cases, the software used for browsing websites (web browser) allows cookies to be stored on the User’s end device by default. Website Users can change their cookie settings at any time. These settings can be changed in particular to block the automatic handling of cookies in the web browser settings or to inform about their every placement on the Website User’s device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.

Please note that restrictions on the use of cookies may affect some functionalities available on the website.
Cookies placed on the Website User’s end device may also be used by advertisers and partners cooperating with us.

4. Online requests and forms
Visitors to the BCMLogic Solutions sp. z o.o. website have the opportunity to contact the company by filling out a contact form. In order to use the aforementioned options, it is necessary for the contacting person to provide us with their personal data. We inform you that this data will be used only for the purpose for which it was provided.

IV.2. Processing of personal data of individuals contacting BCMLogic Solutions sp. z o.o. to obtain information about the offer or share feedback regarding services, as well as contacting to conclude a contract

From natural persons contacting BCMLogic Solutions sp. z o.o. to obtain information about the offer, express their opinion, or provide comments, as well as those contacting with the intention of concluding a contract, we collect the following personal data: name and surname, email address, and phone number.

Providing the aforementioned data is voluntary but necessary for the purpose of providing information about the offer.

We request that you do not provide, via our websites, information containing special categories of personal data listed in Art. 9(1) of the GDPR (information about race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information regarding physical or mental health, genetic data, biometric data, information concerning a person’s sex life or sexual orientation, and criminal history). If such information is provided for any reason, it will constitute explicit consent for us to collect and use such information in the manner specified in this document or specified in the place where this information was disclosed.

IV.3. Processing of personal data of clients and prospective clients

BCMLogic Solutions sp. z o.o. processes the personal data of its clients and prospective clients. This may also include the data of contact persons on the side of clients and prospective clients (their employees). Such personal data is processed in the IT systems used by BCMLogic Solutions sp. z o.o., including the CRM system. Personal data processed for these purposes includes, but is not limited to: name and surname, employer’s name, contact person’s position, phone number, email address, or other business contact details.

V. Legal basis for processing

The processing of data of individuals visiting the website operated by BCMLogic Solutions sp. z o.o. (Al. Jerozolimskie 123a, 02-717 Warsaw), using services provided electronically, or engaging on the business profile of BCMLogic Solutions sp. z o.o. on social media portals is based on various legal bases for processing, depending on the category of personal data we process and the purpose of the processing.

  1. We process the personal data of visitors to our websites based on the legitimate interest of the data controller (Art. 6(1)(f) GDPR) or based on consent if we have requested such consent from the data subject (Art. 6(1)(a) GDPR).
  2. We process the data of individuals who fill out an online/contact form because it is necessary for the performance of a contract or in order to take steps prior to entering into a contract at the request of the person providing their data (Art. 6(1)(b) GDPR), or based on the legitimate interest of the controller, which is to respond to the inquiry (Art. 6(1)(f) GDPR).
  3. The data of visitors to our fan page is processed in accordance with the rules of using the Facebook portal, based on the User’s consent (Art. 6(1)(a) GDPR).
  4. The processing of personal data of natural persons who are prospective clients is based on the legitimate interest of BCMLogic Solutions sp. z o.o. as a data controller (especially regarding database creation and direct marketing of its own products) (Art. 6(1)(f) GDPR); or consent (including, in particular, consent for email marketing or telemarketing) (Art. 6(1)(a) GDPR).
  5. In connection with the use of Facebook Ads, LinkedIn Ads, and Google Ads on our website, we inform you that your data may be subject to profiling in order to display personalized advertisements to you, provided you have consented to their display (Art. 6(1)(a) GDPR).

VI. Data processing period

BCMLogic Solutions sp. z o.o. processes personal data and stores it for a period dependent on the legal basis constituting the lawful premise for processing personal data. We inform you that BCMLogic Solutions sp. z o.o. processes personal data based on:

  1. Consent: the processing period lasts until this consent is withdrawn by the data subject or the purpose of processing is fulfilled;
  2. The legitimate interest of the data controller: the processing period lasts until the aforementioned interest ceases to exist (e.g., the limitation period for civil law claims, or until a response is provided to a question asked in the contact form) or until the data subject objects to further such processing – in situations where such an objection is permitted by law;
  3. Applicable legal provisions: the data processing periods for this purpose are defined by those provisions. In the absence of specific legal or contractual requirements, the standard data retention period for records and other evidentiary documentation created during the execution of a contract is a maximum of 6 years;
  4. A concluded contract: the processing period lasts for the duration of its validity.

VII. Data recipients

We transfer personal data to other entities based on legal requirements or in connection with the fulfillment of the purpose for which it was provided to us. At the same time, we declare that we only use the services of proven entities, well-known in the local market, that guarantee data security. Agreements under which we entrust the processing of personal data contain provisions regarding the security measures we require, ensuring the confidentiality, integrity, and availability of the transferred data.

We may transfer personal data to companies or other trusted business partners who provide services on behalf of the Company and to entities with which we cooperate. Furthermore, data may be transferred to providers of services such as debt collection, tax, legal, and accounting services. Personal data is transferred to these entities and other third parties only if it is necessary to perform services requested or authorized by the data subjects, to protect rights, property, or safety, or if the Company is obligated to do so under applicable laws, court orders, or regulations of other authorities, or if the disclosure of personal data is otherwise necessary to support legal or criminal investigations or judicial proceedings.

In addition, authorized employees of the company will have access to personal data.

VIII. Rights related to personal data processing

The rights of natural persons regarding the processing of personal data include:

  1. The right to access their personal data.
  2. The right to rectify data.
  3. The right to restrict data processing.
  4. The right to request the deletion of data.
  5. The right to transfer data to another data controller.

The rights referred to above can be exercised by contacting us at the email address biuro@bcmlogic.com or by post at: BCMLogic Solutions sp. z o.o., Al. Jerozolimskie 123a, 02-717 Warsaw.

Natural persons have specific rights regarding their personal data, and BCMLogic Solutions sp. z o.o., as their controller, is responsible for fulfilling these rights in accordance with applicable laws.

We would also like to inform you that every natural person has the right to object to the processing of their personal data. In the case of personal data processed based on a legitimate interest, the natural person has the right to object for reasons related to their particular situation. If this right is exercised, the Company will cease processing data for this purpose unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the natural person, or grounds for the establishment, exercise, or defense of legal claims.

Furthermore, if we base the processing of personal data on your expressed consent, you have the right to withdraw it at any time without affecting the lawfulness of the processing carried out on the basis of that consent before its withdrawal.

The right to object can be reported to the email address: biuro@bcmlogic.com or by post to: BCMLogic Solutions sp. z o.o., Al. Jerozolimskie 123a, 02-717 Warsaw.

IX. Changes to this Privacy Policy

We commit to regularly reviewing this Privacy Policy and amending it when it proves necessary or desirable due to: new legal regulations, new guidelines from authorities responsible for supervising personal data protection processes, or best practices applied in the area of personal data protection.

Table of Contents