social icon social icon social icon social icon social icon

Privacy policy

kontakt Contact

PRIVACY POLICY

DEFINITIONS

  1. Controller:  Arche Solutions Sp. z o.o. based in Katowice (postcode: 40-112) at the address: ul. Morelowa 25, entered in the register of entrepreneurs kept by the District Court Katowice – Wschód in Katowice, 8th Commercial Division of the National Court Register with KRS number 0000922864, NIP number 9542778284, REGON number 367341194
  2. Personal data: all data related to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference with an identifier such as a name, identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the given natural person.
  3. GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  4. User: any natural person visiting the Website or using one or more services or functionalities available on the Website.
  5. Website: the Controller’s website available at the domain stackmine.pl.
  6. Privacy policy: this document containing information on the scope and manner of processing of personal data by the Controller.

PURPOSES AND LEGAL GROUNDS FOR PROCESSING THE DATA ON THE WEBSITE

Use of the Website without registering an account

  1. The data of the user who uses the services of the Website (e.g. IP address, e-mail address, identifiers and information collected via cookies, etc.) are processed by the Controller for the following purposes:
    • provision of electronic services by making the content collected on the Website available to Users. Legal basis: the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR).
    • analytics and statistics necessary to analyse User activity and preferences. The results of the analyses are used by the Controller for technical and administrative purposes and to improve the applied functionalities and provided services. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
    • establishing, investigation or defence against any potential claims. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).

Registration on the Website as a Candidate

  1. The User (Candidate) may register on the Website to benefit from additional free services of the Controller. While registering on the Website, the User will be asked to provide the personal data necessary to set up and operate their account. After the registration, the User will be given the opportunity to voluntarily provide additional personal data related to their professional profile. These data will be used, among others, to offer the User job vacancies matching their professional profile and experience. The User will also be able to manage positions of interest to them, e.g., save the job offers of their interest, apply for jobs, communicate with consultants or potential employers, etc. Accordingly, the Controller will process personal data for the following purposes:
    • providing electronic services related to the maintenance and operation of an account on the Website. Legal basis: the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR). For the data provided optionally, they will be processed based on the User’s consent (Article 6 section 1 item a of the GDPR).
    • analytics and statistics necessary to keep records of registered Users’ activities and preferences. The results of the analyses are used by the Controller for technical and administrative purposes and to improve the applied functionalities and provided services. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
    • establishing, investigation or defence against any potential claims. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).

Participation in recruitment processes

  1. The Controller enables Website Users to participate in recruitment processes. A User may apply in response to specific job offers or may wish to participate in other future recruitment processes. Accordingly, the Controller will process personal data for the following purposes:
    • taking steps to carry out the recruitment procedure and conclude the agreement. Legal basis: the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR).
    • fulfilment of the Controller’s statutory obligations, i.e. the processing of data of applicants for employment within the scope of the employment laws. Legal basis: the necessity of the processing for the fulfilment of a legal obligation imposed upon the Controller (Article 6 section 1 item c of the GDPR).
    • processing of data not required by the law, provided voluntarily by the candidate during the recruitment procedure. Legal basis: consent expressed through a clear affirmative action – by providing personal data in the application form or through a declaration of intent (Article 6 section 1 item a of the GDPR).
    • processing the data to the extent necessary for future recruitment processes and candidate selection. Legal basis: consent to participation in future recruitment processes expressed in a separate declaration (Article 6 section 1 item a of the GDPR).

Sharing the data with Employers

  1. The Controller will recommend Users participating in the recruitment process to Employers, for which the Controller conducts the recruitment processes. The extent of shared data may vary depending on the type of recruitment project. Accordingly, the Controller will process personal data for the following purposes:
    • presenting the candidates to potential Employers. Legal basis: consent to the sharing of data (Article 6 section 1 item a of the GDPR, the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR) or the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR).

Contact form

  1. The Controller provides the Website Users with the option of contacting it via an electronic contact form. Using the form will require you to provide the personal data necessary for the Controller to contact and respond to you. The provision of any other data is voluntary. Accordingly, the Controller will process personal data for the following purposes:
    • receiving a contact enquiry, processing the enquiry and providing a response. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR) and the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR).
    • storing the correspondence for the period of the statute of limitations for possible claims. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
    • sending marketing information in response to an enquiry sent via an electronic form. Legal basis: consent by express affirmative action (Article 6 section 1 item a of the GDPR).

Marketing

  1. The Controller may undertake marketing activities targeted at the Users of the Website. Accordingly, the Controller will process personal data for the following purposes:
    • providing marketing content in the form of contextualised advertising (not adapted to the User’s preferences). Legal basis: consent to the processing of data for marketing purposes (Article 6 section 1 item a of the GDPR) or the Controller’s legitimate interest (Article 6 section 1 item f of the GDPR) in the direct marketing of its own products or services.

Profiling

  1. The personal data of Users will be processed by the Controller by automated means (including profiling), but this will not have any significant effects, including legal effects, for the User. Accordingly, the Controller will process personal data for the following purposes:
    • presenting job offers that are closest to the given User’s preferences. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
    • providing the User with marketing content regarding the Controller’s offer on other sites/via other communication channels. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
  2. Users who do not wish to be subject to profiling should log out of all devices and delete all cookies from them. 

Participation in training, webinars and consultations

The data of any user who wishes to participate in training courses, webinars and consultations organised by the Controller will be processed for the following purposes:

  1. implementation of training services, webinars and consultations. Legal basis: the necessity of the processing for the performance of the agreement (Article 6 section 1 item b of the GDPR).
  2. establishing, investigation or defence against any potential claims. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).

WEBSITE USER RIGHTS

  1. The Users whose data is processed by the Controller shall have the following rights:
    • The right to withdraw consent. If the processing of your personal data is based on your consent, you have the right to withdraw all or some of the consents related to the processing of your data for a specific purpose. The withdrawal of your consent will not affect the processing of your data prior to the withdrawal of the consent or the legal basis for this processing.
    • The right to access data. You have the right to obtain confirmation as to whether your personal data are being processed by the Controller, as well as with regard to specific information, e.g. related to the purposes of the processing, the categories of data processed, etc. You shall also have the right to access your personal data, by obtaining a copy of it.
    • The right to rectification of data. You have the right to request the Controller to rectify your personal data immediately if it is incorrect or incomplete.
    • The right to have your data erased (“the right to be forgotten”). You may request to have your personal data erased if the data has been used unlawfully or if your consent to further processing has been withdrawn. “The right to be forgotten” does not, however, constitute an absolute right to have your personal data erased – there are certain exceptions to it, e.g. where the Controller needs to continue to use it to establish, assert or defend legal claims or to comply with a legal obligation.
    • The right to have the processing restricted. You are entitled to request that the Controller stops further use of your personal data where, for example, the Controller is in the process of assessing a request for rectification of your data. In a situation where the processing of personal data is restricted, the Controller may still store the data, but may no longer actively use it.
    • The right to transfer data. You have the right to receive and re-use certain personal data for your own purposes with other, separate data controllers. You may exercise this right only with regard to personal data that we process by automated means with your consent or for the performance of an agreement. If this is the case, we will provide you with a copy of your personal data in a structured, commonly used and machine-readable format.
    • The right to object. If your personal data have been processed on the grounds of the Controller’s legitimate interest, you have the right to object to further processing. The Controller may deny these rights to you if it proves valid and legitimate grounds for the processing that override your interests, rights and freedoms – or the grounds for establishing, pursuing or defence against claims.
  2. If a User considers that the processing of their personal data violates the provisions of the GDPR, they shall have the right to lodge a complaint with the supervisory authority – the President of the Office for Personal Data Protection.

PERSONAL DATA RETENTION PERIOD

  1. The duration of the processing of the User’s personal data by the Controller shall depend on the purpose for which they were collected and processed, and on the legislation and consents or other declarations obtained by the Controller. Accordingly, the Controller will keep personal data for the following periods:
    • the data processed to the extent necessary for the conclusion and performance of the agreement – for the term of the agreement, i.e., the period of holding an account on the Website or for the time necessary to use the Controller’s other services. Once the services have been effectively provided, the Controller will keep the data for the period of limitation for claims related to the provision of services;
    • the personal data within an unconfirmed account on the Website – the data collected in connection with opening an account on the Website that has not been confirmed by an activation link sent automatically to the User’s e-mail address after creating an account or answering a job advertisement – will be kept by the Controller for no longer than 60 days.
    • the data processed based on a consent – until the consent is withdrawn;
    • the data processed on the grounds of a legitimate interest – for a period needed to pursue that interest or until an effective objection is lodged against the processing;
    • the data processed in connection with the performance of legal obligations – until the obligation expires;
    • the data processed for recruitment purposes – for the duration of the current recruitment process or for a period of 3 years, for the processing of data for future recruitment procedures. These periods are shortened if the User withdraws their consent to the processing of data for recruitment purposes.
    • information extracted from own cookie files will be stored for the duration of the current browser session and will be deleted when the browser is closed or for periods corresponding to the life cycle of individual cookies stored on the User’s device.
  2. The data processing period may be extended if the processing is necessary for the purpose of establishing, pursuing or defence against claims, and the data is processed thereafter only if and insofar as required by the law.

OBLIGATION TO PROVIDE DATA

  1. The provision of personal data is voluntary on the part of the User – except where the law obliges the User to provide such data or where the provision of such data is necessary for the use of the Website – and for the performance of the services ordered by the User.

DATA RECIPIENTS

  1. With regard to the provision of services, the Controller may disclose Users’ personal data to the following data recipients:
    • public authorities or entities entitled to request access to or receive personal data under the provisions of law;
    • entities to which the Controller has entrusted the processing of personal data pursuant to concluded outsourcing agreements, e.g. IT service providers;
  2. In case of restructuring or sale of the business or part of it and transferring all or a significant part of its assets to a new owner, the Users’ personal data may be transferred to the Buyer, with a view to ensuring the continuation of the Controller’s services.

TRANSFERRING PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

  1. The Controller cooperates with entities based in the European Economic Area (EEA). However, due to the nature of its business, the Controller may also cooperate with internationally based entities, which may result in the transfer of personal data outside the EEA. If this is the case, mechanisms with an appropriate degree of protection are implemented, in particular through:
    • cooperation with processors of personal data in countries for which a relevant decision of the European Commission has issued a decision on determining the assurance of an adequate level of Personal Data protection;
    • application of standard contractual clauses issued by thę European Commission̨.

COOKIES

  1. The Website uses cookie files. Cookies are small fragments of text sent by the Controller’s Website and stored when the User browses the Website on their terminal device (computer, laptop, smartphone). Cookies contain various information necessary for the proper functioning of the site. Cookies may also be used by third-party information systems, e.g., for analytical or marketing purposes.
  2. The following types of cookies are used by the Website:
    • _ga – cookies used by the Website Google Analytics to collect aggregate statistical data about users of the Website. These types of cookies are stored for 2 years. They do not allow identification of the user;
    • _gat – cookies used by Google Analytics to limit the number of requests. These cookies are kept for 1 minute;
    • _gid – cookies used by Google Analytics to collect statistical data about users of the Website. These cookies are stored for 1 day. They do not allow identification of the user.
    • ci_session – session cookies stored on the user’s terminal device until the user logs out (leaves the site). This type of cookies is necessary to ensure the session and security of the Website. These types of cookies are kept for 2 hours.
  3. In many cases, your web browsing software (web browser) allows the storage of cookies on your terminal device by default. The Users of the Website can change their cookie settings at any time. These settings can be changed, in particular, so as to block the automatic processing of cookies in the settings of your web browser – or to inform you each time they are placed on the the Website User’s device. You can find more detailed information about the options and methods of using cookies in the settings of your software (web browser). The restrictions on the use of cookies may affect some of the functionalities available on the Website.
  4. The cookies placed in the Website User’s terminal equipment may also be used by advertisers and partners cooperating with the operator of the Website.

ADDITIONAL TOOLS USED BY THE CONTROLLER

Social media

  1. The Controller processes the personal data of Users who visit profiles operated in the social media (Facebook, Instagram, LinkedIn, Xing). Through its profiles, the Controller provides information on its activities, promotes various events, services or products. Accordingly, the Controller will process personal data for the following purposes:
    • promoting its own brand. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
    • establishing and maintaining contact with the Users via the instant messengers available in the respective social media platform. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).

Google’s analytical tools

  1. The Controller uses the Google Analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for statistical and analytical purposes. The Controller has implemented the Google Analytics tracking code in the code of the Website in order to collect information about the Users. Legal basis: the legitimate interest of the Controller (Article 6 section 1 item f of the GDPR).
  2. The User can block the collection of their data at any time by blocking the Google Analytics tracking code, through the installation of a browser add-on provided by Google.: https://tools.google.com/dlpage/gaoptout.

DATA PROTECTION OFFICER

  1. For matters concerning the personal data processed by the Controller, please contact the Data Protection Officer appointed by Arche Solutions Sp. z o.o., in the following manner:
    • by e-mail, to: office@stackmine.pl;
    • in writing to the following address: ul. Morelowa 25, 40-112 Katowice.

FINAL PROVISIONS

  1. The Privacy Policy will be subject to periodic reviews by the Controller and will be supplemented or updated as necessary. Any supplementations or changes may result, among others, from new legislations or new guidelines from the President of the Office for Personal Data Protection. We also reserve the right to amend this Privacy Policy in case of any changes in the technology we use to process your data, or if there is a change in the means, purposes or legal basis of the personal data we process. If we introduce any changes to this Privacy Policy, we will notify you of them in a clear and appropriate manner, e.g., by displaying a clearly visible notice on our Website or by sending you an e-mail.
GDPR Cookie Consent with Real Cookie Banner