Information on data protection

The companies of the Interzero group, i.e.: Interzero Organizacja Odzysku Opakowań SA, Interzero Polska Sp. z o.o., Interzero Advisory Spółka z o.o., as well as Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektrycznego i Elektronicznego SA take the protection and security of your data very seriously and take this into account in all their business activities. In this data protection information, we would like to provide an overview of the aspects of our online services that are relevant from the point of view of data protection law.

We will explain in the following points:

  • What data we collect when you use our online services.
  • For what purposes do the companies: Interzero Organizacja Odzysku Opakowań SA, Interzero Polska Sp. z o. o., Interzero Advisory Spółka z o. o., as well as Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektryczny i Elektronicznego SA process this data?
  • What rights and possibilities do you have in connection with the processing of your data.
  • How can you contact us regarding data protection.

What is this data protection notice about?

This data protection information applies to online services provided by Interzero Organizacja Odzysku Opakowań SA, Interzero Polska Sp. z o. o., Interzero Advisory Spółka z o. o., as well as Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektrocznego i Elektronicznego SA

in the interzero.pl domain and social media accounts operated by Interzero on Facebook , Twitter , LinkedIn and Xing (hereinafter referred to as “social media accounts”). Internet services of Interzero companies other than those mentioned above are subject to individual data protection notices, which can be viewed on the websites in question.

1. Administrators of your data and contact with them

In accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Journal of Laws EU. L. of 2016 No. 119, p. 1) (GDPR) co-controllers of data are:

  • Interzero Organizacja Odzysku Opakowań SA with its registered office in Warsaw, ul. Wiertnicza 165, 02-952 Warsaw, entered into the Register of Entrepreneurs by the District Court for the city of st. Warszawa in Warsaw, 13th Commercial Division of the National Court Register, under KRS number 0000266658, share capital: PLN 2,500,000.00, paid up in full, NIP 5213409980, REGON 140718909, BDO 000000172;
  • Interzero Advisory Spółka z o. o. with its registered office in Warsaw, ul. Wiertnicza 165, 02-952 Warsaw, entered into the Register of Entrepreneurs by the District Court for the city of st. Warszawa in Warsaw, 13th Commercial Division of the National Court Register, under KRS number 0000676980, share capital: PLN 100,000.00, paid up in full, NIP 1132335293, REGON 017443900, BDO 000518378;
  • Interzero Polska Sp. z o. o. with its registered office in Warsaw, ul. Wiertnicza 165, 02-952 Warsaw, entered into the Register of Entrepreneurs by the District Court for the city of st. Warszawa in Warsaw, 13th Commercial Division of the National Court Register, under KRS number 0000459881, share capital: PLN 105,000.00, paid up in full, NIP 9512367010, REGON 146653200, BDO 000009153;
  • Interzero Packaging Recovery Organization and Electrical and Electronic Equipment Recovery Organization SA with its registered office in Kraków, ul. Mogilska 65, 31-545 Kraków, entered into the register of entrepreneurs by the District Court for the city. st. Warsaw in Warsaw, 13th Commercial Division of the National Court Register, under KRS number 0000925732, share capital: PLN 5,000,000.00, fully paid up, NIP 9512530326, REGON 520530764, BDO 000552505.

Where the words “we”, “us” or “Interzero” are used in this information, this shall mean only Interzero Organizacja Odzysku Opakowań SA and Interzero Polska Sp. z o. o., Interzero Advisory Spółka z o. o. as well as Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektrocznego i Elektronicznego SA

Please be advised that the Joint Controllers have appointed the Data Protection Officer – Ms. Agnieszka Radtke.

In all matters related to the protection of personal data, you can contact the DPO by writing to the address iod@interzero.pl or via traditional mail to the address ul. Wiertnicza 165, 02-952 Warsaw.

Interzero Organizacja Odzysku Opakowań SA, Interzero Polska Sp. z o.o., Interzero Advisory Spółka z o.o., as well as Interzero Organizacja Odzysku Opakowań and Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektrycznego i Elektronicznego SA have entered into an appropriate agreement on the joint control of personal data. We have established that in the event of your exercising the rights referred to in the further part of the information, we will cooperate, however, Interzero Organizacja Odzysku Opakowań SA will be responsible for taking the necessary actions, e.g. it will be responsible for correcting your personal data in the event of a request for their rectification. The above arrangements do not affect the fact that you can exercise your rights towards each of the joint controllers separately.

2. Data processing when visiting our website

2.1. Automatic collection of access data

You can visit our website without registering a user account and without providing personal data in the relevant contact forms. Only the access data that is automatically transmitted by the browser will be collected. This includes, for example, your online identification (e.g. IP address, session IDs, device IDs), information about the web browser and operating system you use, the website from which you visit our website (e.g. if you visited one of our websites via via a link), names of requested files (i.e. which texts, videos, photos, etc. you viewed on our websites), browser language settings, any error reports and access times. This data must be processed in order to enable you to visit and use our website in a convenient way and to ensure its continued functionality and security. Access data will also be stored in internal log files for a short time in order to obtain statistical information on the use of our websites. This allows us to continuously optimize our website, taking into account the usage patterns and technical resources of users, and to correct failures and security risks. The information stored in log files does not allow us to draw direct conclusions about your person – in particular, we store IP addresses only in abbreviated, anonymized form. Logs are stored for 30 days and archived after subsequent anonymization. The legal basis for such data processing is Art. 6 sec. 1 lit. f) GDPR (necessary for the purposes of the legitimate interests pursued by the administrator).

2.2. Cookies

We use our own cookies and third party cookies on our websites. A cookie is a standardized text file that is stored by your browser for a certain period of time. Cookies enable local storage of information such as language settings and temporary identifiers which, on subsequent visits by the user to the website, are sent by the browser back to the server that sent the cookies. You can view and delete the cookies you use in your browser’s security settings. You can adjust your browser settings at your discretion and thus, for example, refuse to accept cookies from third parties or all cookies. Please note that in this case you may not be able to use all the features of our websites.

Our own cookies are used to make visiting our websites more user-friendly and secure. The legal basis for data processing in this case is art. 6 sec. 1 lit. f) GDPR, i.e. our legitimate interest in providing safe and relevant content to users of our websites. We use third party cookies for web analytics and marketing purposes. More detailed information on this can be found in sections 2.5 and 2.6 of this Data Protection Notice.

2.3. Your messages and communication

We collect all information and all data that you provide to us through our websites. For example, you can send us messages and, in some cases, files (e.g. PDF documents) at various places on our websites using features such as the contact form or contact function. Any mandatory information for these features is marked as such. The information you provide will only be used by us to process your request.

We will delete the data collected in this way when their storage is no longer required, or we will restrict their processing if there are statutory data retention obligations.

Disclosure of your message to another Interzero company or external third party will only be made to the extent necessary to fulfill your request (e.g. we disclose your message to another Interzero Group company if the latter is responsible for dealing with your request). In the event that you do not wish your message to be disclosed to another company, it is possible to include such information – of course also as a precautionary measure – directly in the message. We will forward your message to another company without information that could identify you (e.g. name, customer number or contact details).

The legal basis for the processing of data contained in the contact form is art. 6 sec. 1 point f) GDPR.

To the extent that you have consented to the disclosure or processing of the data provided to us elsewhere, e.g. newsletter subscription, the legal basis will be art. 6 sec. 1 point a) GDPR.

In the case of our clients and contractors who are natural persons, your personal data will be processed for purposes related to the performance of the contract to which you are a party, pursuant to art. 6 sec. 1 point b) GDPR. In addition, in a situation where data processing is necessary to comply with the legal obligations incumbent on the administrator (including those resulting from tax regulations) pursuant to art. 6 sec. 1 point c) GDPR. Your personal data may also be processed in order to pursue possible claims pursuant to art. 6 sec. 1 point f) GDPR, i.e. processing is necessary to implement the legitimate interest of the administrator, which is the investigation and enforcement of claims.

Although we provide all Interzero information materials – brochures, certificates, reports and magazines, we do not collect any personal data on this occasion.

2.4. Use of YouTube videos

We use YouTube videos on parts of our websites. YouTube is an open-source website that allows you to upload, stream, rate and comment on videos for free, operated by the Google company YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). YouTube videos can be played directly on our websites. They are embedded in the “enhanced data protection mode”, i.e. no data about you as a user will be sent to YouTube if you do not play videos. Data will only be transferred to YouTube when you play videos. We have no influence on such data transmission. If personal data is transferred to the United States, it is protected on the basis of participation in the “Privacy Shield” program established by Commission Implementing Decision (EU) 2016/1250 of July 12, 2016 on the adequacy of protection provided by EU-US Privacy Shield , which Google and YouTube have joined.

When you visit a website with YouTube videos embedded on it, YouTube and Google thus obtain access data and the information that you have visited the page in question on our website. This will happen regardless of whether you are logged into YouTube or Google. If you are logged in to Google, your data will be associated directly with your Google account. If you do not want them to be associated with your YouTube profile, you must log out before playing the video. YouTube and Google may use the access data to create user profiles for marketing purposes, market research and design their own websites based on user needs. You have the right to object to the creation of such user profiles. In this case, the objection must be sent directly to YouTube. For more information, see Google’s Privacy Policy , which also applies to YouTube.

The legal basis for the above data processing to the extent in which we are the administrator is art. 6 sec. 1 lit. f) GDPR (necessary for the purposes of the legitimate interests pursued by the administrator).

2.5. Analytical tools

2.5.1. Google Analytics

Our websites use Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies to collect access data when visiting our websites. Such access data will be integrated into pseudonymised user profiles on our behalf and transmitted to a Google server in the USA. Prior to this, your IP address will be anonymised. Therefore, we do not know which user profiles belong to a particular user. We cannot identify you from the data collected by Google, nor can we tell you how you use our websites. In exceptional cases, when personal data is transferred to the United States, it is protected under the framework Privacy Shield between the European Union and the United States , which Google joined. Thus, the data processing carried out by Google Analytics is subject to the European Commission’s adequacy decision, i.e. the level of data protection is considered adequate even if the processing takes place in the United States under an exception.

Google will use the information obtained through cookies to evaluate the use of our websites, to compile reports on website activities and to provide further services related to website and internet usage. More information can be found on the Google Analytics Privacy Policy page.

You can object to the above-mentioned processing and evaluation of pseudonymised user profiles by Google at any time. For this purpose, you have various options:

(1) You can set your browser to block cookies from Google Analytics.

(2) You can customize your Google Ads settings .

(3) You can install the opt-out plug-in provided by Google at https://tools.google.com/dlpage/gaoptout?hl=de in Firefox, Internet Explorer or Chrome (this option does not work on mobile devices).

2.5.2. Google tag (tag) manager

Our website uses Google Tag Manager, a service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). Tag Manager is used to manage site tags more efficiently. The website tag is a placeholder that is stored in the source code of our website to, for example, capture the embedding of frequently used website elements (e.g. web analysis service code). Google Tag Manager works without the use of cookies. The data will be processed partly on a Google server in the United States. If personal data is transferred to the United States, it is protected by the EU-United States Privacy Shield to which Google has subscribed. The legal basis is Art. 6 sec. 1 lit. f) GDPR, i.e. our legitimate interest in the commercial operation of our website. For more information, see About Google Tag Manager.

2.6. Other tools provided by third parties

2.6.1. Google ReCAPTCHA

We have built-in the bot identification function, e.g. for entries in online forms (Due to the need to prevent Internet robots from performing certain functions on the company’s website, we use the Google reCAPTCHA mechanism to check whether the behavior of our website users does not bear the characteristics of robotic behavior. In such a situation, we may disclose to Google LLC your IP address), provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

Privacy policy: https://www.google.com/policies/privacy/ , opt-out: https://adssettings.google.com/authenticated

2.6.2. Google Maps

Due to our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the efficient design of our online offer, we use a plug-in of the Google Maps website on our website. The operator of Google Maps is Google Inc., headquartered in the USA, CA 94043, 1600 Amphitheatre Parkway, Mountain View. Google is certified under the Privacy Shield and therefore guarantees compliance with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ). When you use Google Maps on our website, the information about your use of the website and your IP address are transmitted to a Google server in the USA and stored on this server. By deactivating Javascript in your browser, you will prevent Google Maps functions from being performed. However, then you will also not be able to use the maps displayed on our website. By using our website, you declare your consent to the described registration and information processing by Google Inc. Further information on the data protection provisions and terms of use of Google Maps can be obtained here: https://www.google.com/intl/de_de/help/terms_maps.html .

2.6.3. MyFonts

Our website also uses external fonts provided by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA (hereinafter referred to as “MyFonts”). These fonts are placed by establishing a connection to the MyFonts server. In order to deliver the font files to your browser, your IP address is transmitted at least to the MyFonts server when you visit our website. Further information (e.g. name of the website you are visiting, date and time of your request, type of browser you are using) may also be transmitted to MyFonts. To prevent the execution of JavaScript codes by MyFonts, you can disable JavaScript in your browser or install a JavaScript blocker (e.g. www.noscript.net , www.ghoserty.com ). More information on data privacy can be found on the MyFonts website by following the link below: https://www.myfonts.com/info/legal/#Privacy . The legal basis for the processing of this data is Art. 6 sec. 1 lit. f) GDPR (balance of interests based on our legitimate interest in assessing general use).

3. Data processing when using our career portal

You can apply for the positions described in our job offers on the career portal. The purpose of collecting data is to select candidates for potential employment. In order to receive and process your application, we collect the following data, in particular: name and surname, e-mail address, application documents (e.g. references, curriculum vitae (CV), earliest possible start date and financial expectations. The legal basis for the processing of personal data in the field of name, surname, education, previous employment in the event of a response to a recruitment advertisement posted by us is art. 6 sec. 1 lit. c) GDPR in connection with art. 221 § 1 of the Act of June 26, 1974. Labor Code (Journal of Laws of 2018, item 917). The legal basis for the processing of data other than those indicated above and for the processing of data for the purposes of future recruitment is art. 6 sec. 1 lit. a) GDPR, i.e. your consent.

4. Data processing for social media accounts

Interzero is represented on the following networks of own social media accounts:

On these pages we inform you about the latest news from Interzero and everything we do, and we are happy to use the facilities provided by social networks to communicate directly with their members.

However, please note that we do not have full influence over the processing of data by social networks. Therefore, please check carefully what personal data and messages you send to us through social networks and, in case of doubt, use the other means of contacting us that we provide. We are not responsible for the conduct of the operators of these social networks and their other members, we are solely responsible for our own acts or omissions.

Where you communicate with us via our social media accounts, we process the information provided to us by the relevant social network for this purpose (e.g. your name, your profile page and the content of the messages you send us) in accordance with the purpose for the needs of which you sent them (e.g. service requests, suggestions and criticism). We will delete the data collected in this way when their storage is no longer necessary, or we will restrict their processing if there are statutory data retention obligations. In the case of public posts on our social media accounts, we decide on a case-by-case basis, weighing your interests and ours, whether and when we can remove said posts.

The legal basis for the above data processing depends on the purpose of sending the message. If the purpose is to use our customer service or to apply for a benefit from Interzero, the legal basis will be Art. 6 sec. 1 lit. b) GDPR. Otherwise, the legal basis will be Art. 6 sec. 1 lit. f) GDPR (necessary for the purposes of the legitimate interests pursued by the administrator). To the extent that the User has agreed to the processing of the above data, the legal basis is art. 6 sec. 1 lit. a) GDPR.

5. Data Disclosure

5.1 Rules

We only disclose your data if:

  • You have given your express consent to this in accordance with Article 6 para. (1) lit. a) GDPR
  • Disclosure is necessary pursuant to Art. 6 sec. 1 lit. f) GDPR in order to bring, exercise or defend legal claims of Interzero companies and there are no grounds to assume that you have a significant interest in not disclosing your data that overrides our legitimate interest,
  • We have a statutory disclosure obligation pursuant to Art. 6 sec. 1 lit. c) GDPR,
  • Disclosure is permitted by law and is necessary under Art. 6 sec. 1 lit. b) GDPR for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract

5.2. Disclosure of information to external service providers Interzero Organizacja Odzysku Opakowań SA and Interzero Polska Sp. z o.o., Interzero Advisory Spółka z o.o., as well as Interzero Organizacja Odzysku Opakowań and Organizacja Odzysku Sprzętu Elektryczny i Elektronicznego SA

Some of the data processing set out in this data protection notice may be performed on our behalf by third party service providers. Along with the service providers listed in this data protection notice, these may include, but are not limited to, data centers that host our websites and databases, IT service providers that maintain our systems, and corporate consultants.

Where we disclose data to our service providers, those service providers may only use the data to perform their tasks. These service providers are carefully selected and act on our behalf. They are contractually bound to follow our instructions, have appropriate technical and organizational measures in place to protect the rights of data subjects, and are regularly monitored by us.

Should we, in addition to the above data protection notice, transfer your data to a service provider located in a country outside the European Economic Area (EEA), we will inform you separately of this fact when it proves necessary and provide certain guarantees on which this data transfer is based. In case you would like to receive copies of guarantees certifying an adequate level of data protection, please feel free to contact us (see section 1).

6. Storage period

Unless otherwise stated in this data protection notice, we only store and use data for as long as necessary to perform our contractual or statutory obligations or for the purpose for which the data was collected. After the expiry of the statutory limitation period, we will limit their processing, i.e. from that moment, the data will be used only to fulfill statutory obligations.

We will delete your data immediately, unless we still need it until the end of the statutory limitation period for evidentiary purposes, in civil claims or to comply with statutory retention periods. Even later, it may be necessary to store the data for accounting purposes. We are obliged to do this in order to meet the statutory rules for storing documentation, which may result from the Accounting Act, the Tax Ordinance, the Act on the Management of Packaging and Packaging Waste, the Act on Counteracting Money Laundering and Terrorist Financing, and others. The storage periods specified in these acts last up to a maximum of 6 years from the end of the relevant calendar year.

The legal basis for such data protection for compliance with statutory documentation and storage obligations is Art. 6 sec. 1 lit. c) GDPR.

7. Your rights

1. Every person whose data is processed has the right to:

a. to access – to obtain confirmation from the controller as to whether his or her personal data are being processed. If data about a person are being processed, he or she is entitled to access them and to obtain the following information: about the purposes of processing, categories of personal data, information about the recipients or categories of recipients to whom the data have been or will be disclosed, the period of data storage or the criteria for determining them, the right to request the rectification, deletion or restriction of the processing of personal data of the data subject and to object to such processing (Article 15 of the GDPR);

b. to receive a copy of the data – to obtain a copy of the data being processed, where the first copy is free of charge and for subsequent copies the controller may impose a reasonable fee resulting from administrative costs (Article 15 paragraph 3 of the GDPR);

c. to rectify – to request the rectification of personal data concerning him/her that are incorrect or the completion of incomplete data (Article 16 of the GDPR);

d. to delete data – to request the deletion of his or her personal data if the controller no longer has a legal basis for their processing or the data are no longer necessary for the purposes of processing (Article 17 of the GDPR);

e. to restrict processing – request the restriction of the processing of personal data (Article 18 of the GDPR), when:

      • the data subject questions the accuracy of the personal data – for a period enabling the controller to verify the accuracy of such data;
      • the processing is unlawful and the data subject opposes their deletion, requesting the restriction of their use;
      • the controller no longer needs the data, but the data subject requires it to establish, pursue or defend legal claims;
      • the data subject has objected to the processing – until it is determined whether the legitimate grounds on the part of the controller override the grounds for objection of the data subject.

f. to transfer data – to receive, in a structured, commonly used and machine-readable format, the personal data concerning him/her that he/she has provided to the controller, and to request that this data be sent to another controller, if the data are processed on the basis of the consent of the data subject or a contract concluded with him/her and if the data are processed by automated means (Article 20 of the GDPR);

g. to object – to object to the processing of their personal data for the legitimate purposes of the controller, for reasons related to their particular situation, including profiling. In such a case, the controller assesses the existence of important legitimate grounds for processing that override the interests, rights and freedoms of the data subjects, or grounds for establishing, pursuing or defending claims. If, according to the assessment, the interests of the data subject are more important than the interests of the controller, the controller will be obliged to cease processing the data for these purposes (Article 21 of the GDPR).

2. In order to exercise the above-mentioned rights, the data subject should contact the controller using the contact details provided and inform him/her which right he/she wishes to exercise and to what extent.

3. The data subject has the right to lodge a complaint if he or she believes that his or her personal data is being processed incorrectly.

4. The supervisory authority to which a complaint may be lodged is the President of the Personal Data Protection Office (UODO).

Withdrawal of consent

According to Art. 7 sec. 3 GDPR, you have the right to withdraw any consent at any time.
a statement containing consent that has been provided to us. This will mean that we will not be able to continue processing data based on such consent in the future. Withdrawal of consent will not affect the lawfulness of the processing carried out pursuant to said consent until it is withdrawn.

Objection to the processing of personal data

Insofar as we process your data on the basis of a legitimate interest pursuant to Article 6 para. 1 point f) of the GDPR, you have, in accordance with Art. 21 of the GDPR, the right to object to the processing of data, if your particular situation justifies it, or the objection was directed to direct marketing. In the latter case, you have a general right to object, which will be implemented even if no reasons are given.

9. Data security

We maintain technical measures appropriate to guarantee data security on our online services, in particular to protect your data against the dangers of data transmission and against unauthorized access by third parties. These measures are constantly revised to reflect the latest state of technology. To secure the personal information you provide on our site, we use TLS (Transport Layer Security), which encrypts the information you enter.

10. Changes to this Data Protection Notice

We will update this Data Protection Notice from time to time, for example when we make modifications to our website or if statutory or official regulations change.

Udostępnij przez:
LinkedInCopy