1. PURPOSE OF IMPLEMENTATION AND CONCLUSION

The purpose of the present document is to outline the current protection of personal data in HANDY.AI Sp. z oo (hereinafter referred to as the “Community”) with regard to risk and identified threats  retention  convenience  operations  transfer  z  prescriptions  w  zakrese  security  data  personal,  Having regard to the Decision of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 In the case of protection of natural persons in connection with the transfer of personal data and in the case of free access to such data in addition to the enactment of Directive 95/46 / WE (hereinafter referred to as "RODO") and the exercise of rights and freedoms.

2. DEFINITIONS, TERMINOLOGY

Personal data - all information on identification or possibly prior to identification of a natural person; możliwa do zidentyfikowania osoba fizyczna to osoba, którą można bezpośrednio lub pośrednio zidentyfikować, w szczególności na podstawie identyfikatora takiego jak imię i nazwisko, numer identyfikacyjny, dane o lokalizacji, identyfikator internetowy lub jeden bądź kilka szczególnych czynników określających fizyczną, fizjologiczną, genetyczną, psychiczną, economic, cultural or social identity of a natural person.
Bribery of data - a person to whom the data touch.
Promotional bribe - a natural or legal person, public authority, individual or other bribe, who accepts personal data on behalf of the Community 
Przetwarzanie danych osobowych - oznacza operację lub zestaw operacji wykonywanych na danych osobowych lub zestawach danych osobowych w sposób zautomatyzowany lub nie zautomatyzowany, taką jak zbieranie, utrwalanie, organizowanie, porządkowanie, przechowywanie, adaptowanie lub modyfikowanie, pobieranie, przeglądanie, wykorzystywanie, ujawnianie poprzez przesyłanie, distribution or other generation of access, adjustment or exclusion, restriction, removal or destruction 
Administrator of personal data - means a natural or legal person, public authority, individual or other bribe, who, independently or jointly with others, has established the purposes and methods of transfer of personal data; If the purposes and methods of such acceptance are defined in the law of the Union or in the law of the Member States, the law of the Union or in the law of the Member States may remain defined or may be specified in particular.

INTRODUCTION

2.1 The following provisions have not yet been processed and extended through HANDY.AI Sp. z oo w oparciu o zapisy art. 24 ust. 2 Rozporządzenia Parlamentu Evropejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. for the protection of natural persons in connection with the acceptance of personal data and in the case of free access to such data, in addition to the application of Directive 95/46 / WE (RODO) to compulsory application in connection with the application of all persons
2.2 Security of the Communities' facilities is  realized  across  elaboration, implementation and application of appropriate technical and organizational means, taking into account the nature, character, context and purposes of the proceedings and the risk of infringements of rights or liberties of persons and persons in particular. 
2.3 The security of personal data in the Community is, of course, as certain:
The credentials, which are assured, shall be made available only to persons authorized,
Integrity, completeness and completeness of data and methods of conversion,
Accessibility, assurance, that authorized persons have access to the data of the week, when necessary.
2.4 In order to monitor the integrity of the applied organizational and technical means of protection, the Cyclical Community (min. Once before the deadline) provides for risk analysis in accordance with the aspects related to the protection of persons. The process coordinator is Koordynator ds. personal data protection. The subject analysis can also be revised  in case  performances of the same changes in the internal environment (eg significant reorganization of the structure, the introduction of a new system of information technology, personal data, the emergence of new  processes) or internal (eg changes in the regulations of the right to protection of personal data) or in the event of a violation of the protection of personal data.
2.5 At present, there is no package of rules and regulations governing the rules of admission and protection of personal data in the Community.
2.6 The Community, in pursuance of the present records, shall undertake a general effort to protect the interests of the persons concerned, and to ensure that the following are given:
(a) accepted by law,
(b) collected for the purposes of those which are intended to be appropriate and not subject to further opposition to those objectives,
(c) adequate, but limited to that which is not limited to the targets in which they are adopted,
e) correct, ie. current,
(e) located in a post where it is possible to identify the persons concerned, no longer than those concerned, who shall not be required to obtain the whole transfer,
f.
2.7 At present, I oblige all employees of the Union, for whom the violation of the state violates the obligations of employees. 
2.8 At present, the following programs are a very obligatory part of the training program, which should be recognized by all employees of the Commonwealth, as well as in relation to cases of internal bribery of employees, in particular. 
2.9 The Association, in conjunction with legal regulations, designates the Inspector ds. Ochrony Danych, who will help the Union at the end of the right endeavor of personal data.

3. TASKS AND RESPONSIBILITIES

3.1 The Community shall carry out tasks in the field of protection of personal data: 
a) set standards of personal security,
b) significant  person  inherited  to  surveillance  i  coordination  obszaru  security  personal data - Inspector ds. Ochrony Danych, (IOD);
(c) monitor the compliance of the mechanisms for the protection of the personal data of the Union,
e) coordinates the process of charging for breaches of personal data protection.
e.
(f) to ensure that the acceptance of such personal data takes place exclusively through the person to whom it is authorized;
d) to act as the head of the organizational chambers in order to reassure their subordinates, in accordance with their employment status, of the possibility of safe and secure taxation; 
h) undertakes appropriate actions in the event of a breach or a breach of a violation of the protection of personal data,
(i) cooperate with the supervisory authority on each of its requests.
3.2 Inspector ds. Danny's protection, full  function  advice  i  supervising  actions  in connection with the protection of personal data of the Union:
3.2.1 Inspector ds. Tax protection, in particular and inadvertently involved in all matters  concerning  security  data  persons in the Union,  e.g.  w  new  projects (services / applications / processes), as well as modified, still functioning, within which there will be a place for the reception of personal data, in order to ensure the protection of personal data for personal use.
3.2.2 Persons concerned may contact the Inspector ds. Protection of data, in all matters relating to the conversion of these personal data and the exercise of their rights. 
3.2.3 Inspector ds. Data protection, with the following tasks:
(a) informing the Community, the bribe-takers, of the employees who accept the  personal,  o  obligations  resting  and  nich  and  power  RODO  now  other regulations of the Union or of the Member States concerning the protection and advising of persons in this matter;
b) monitoring  abstinence  extortion  RODO,  other  prescriptions  Union  lub  Member States on the protection of data from current cases, 
(c) raising awareness-raising activities, training of personnel involved in the conduct of personal data operations and the implementation of related audits;
e) transfer  ratings  skutków  for  security  data  (DPIA)  now  monitoring  her performance;
e) cooperation  z  organ  supervisor,  filling  functions  point  contact  for  the supervisory authority in matters relating to admission, including prior consultations, and in connection with consultations in all other matters;
f) processing  i  update  all regulations  internal Communities in protection of personal data;
(d) the maintenance by the Community of the Registry of the activities of the acceptance of the Data Administrator and the Registry of all  categories  activities  transfer  Podmiotu  Precedent  handsome  with approved pattern;
(h) the maintenance of a register of binding models of agreements for the acceptance of personal data and information obligations in the Union; 
(i) supervision of the exercise of the rights of persons to whom they are granted;
(j) breach of the protection of personal data in the Union;
(k) maintaining a register of authorizations for the adoption of personal data in the Union;
(l) maintaining a register of conditions of trust.

3.2.4 Inspector ds. Security, data  swoje  assignments  z  due to the consideration of the risk associated with the transfer operation, taking into account the character, the turn, the context and the whole transfer.

4. ACCOMMODATION ORAZ PRZEPŁYW DANYCH PERSONAL 

4.1 Citizens' personal data are made available to employees at the minimum wage, safe to do so.  ich  works  and  data  situation  lub  connected  z  character  undertaken obligations in the given situation or in connection with other bad assignments and always in the case of the imposed attention to the conversion of personal data. 
4.2 The obligation to accept personal data shall be granted by the Union before the beginning of data transfer. Example of the condition of the state connector no. 1.            4.3 The influx of personal data outside the Union is possible in connection with: 
I need it  access  data  personal  and  power  prescriptions  law, for the realization of conditions,  w  bundle  z  the legitimate interests of the Community or the occasion of the bribe,
Confidence in the recognition of personal data. 
4.4 Each transfer of personal data outside the Community must be carried out with the preservation of security for the time being and in a manner that guarantees the preservation of the integrity and integrity of the subject data.
4.5 If the acceptance is to be carried out in the name of the Union, it is necessary to use exclusively the services of such bribes.  accepting,  which  for sure  aging  guarantees  envy  appropriate technical and organizational means, by accepting the fulfillment of the requirements of RODO, have now implemented the following principles, as well as protected the rights of persons concerned. In this regard, the owner of the business conditions, within which there will be a place of trust in the acceptance of personal data, has outlined the criteria for choosing a bribe, which, taking into account the specifics of this process. 
4.6 The increase in personal data is based on: 
Forestry trust earlier approved by the Union, or
Clauses in the terms of the main, with the reservation of compliance with all requirements in accordance with the terms of trust.
4.7 W  uzasadnionych  cases  permissible  yes  signing  conditions  beliefs  and  samples of the counterparty, z  guarding,  yes  musi  he  to guarantee  security  the interest of the Union,  a  also the realization of the rights of the persons concerned. 
4.8 Obligation  zawarcia umowy  beliefs  (lub  accordingly  clauses)  yes  independent  from  try to cooperate with Podmiot Przetwarzający. On the basis of the meritorious (business) process, which is subject to the subject of the order, the obligation to sign the pre-determined condition is met, equally in the case of the realization of the order in advance, I oblige to oblige. 
4.9 The owner of the business environment is obliged to indicate in the terms of trust the means of security, which will be bribed by the prevailing enthusiasm in order to ensure the completeness, integrity and accessibility of the data. 
4.10 The terms of the trust shall be recorded in the register of IODs.
4.11 Disclaimer  kakichkolwiek  data  personal  podmiotowi  internal,  w  within the framework of the trust of the acceptance of the data, it may be due at the time of the appointment of the terms of the trust. In the case of persons whose adherence remains to the Confederacy, further assurance is possible.  w  case  retribution  last night  events of the Administrator  data  .
4.12 Co-operation with Podmiotom prvatvarzajácim is realized earlier with the condition of trust and the standards of security established in the Union. 
4.13 The Community and the Subject to Cooperation shall cooperate with each other in the realization of the rights of persons to whom it is granted. 
4.14 Prohibition is the transfer of data to the third party (outside the European Economic Survey) or to international organizations. Deviation from this principle is possible only and exclusively in the whole realization of the conditions agreed upon through the Community and at the request of the occasion.  Inspector ds. Ochrony Danych, który dokonuje verifikaciji spelnienia pełaslanek, o którich mova v Rozdziale V RODO.

5. DAYS OF PERSONAL PROTECTION

5.1 The joint is suitable accordingly  technical  i  organizational  means of protection  data  personal appearance condition  knowledge  technician,  cost  irritation  now  character,  zakres,  context  i  the whole risk and the risk of violation of the rights or liberties of natural persons on the basis of different credibility of performance and conduct. The design mechanisms identified are those related to the risk analysis process related to the Community.
5.2 Freaks  security  left behind  described  w  regulations  internally, constitutive  physical, technical and organizational safety. 
5.3 Every person shall be familiar with the principles of access to personal data prior to access.  charges  given  personal  in the Union. Every time  employee  composition  testimony  o przestrzeganiu  for now  security  data  personal,  zobowiązuje  się  to  storage  poufności  is also entitled to the recognition of personal data in the Union. Employees are obliged to use the utmost diligence in protecting their personal data. 
5.4 For the purpose of recording operations for the registration of personal data Inspector ds. Data Protection Registry:
Register of activities of the Data Administrator 
Register of all categories of activities related to Podmiotu przetwarzającego, which, for example, consists of närčniki nr. 2 and 3 to niniejszych so far.
5.5 W  whole  inquiries  supervision  over  system  security  data  personal  Coordinator ds. personal data protection.
5.6 Subject to admission, which is subject to the acceptance of personal data, subject to the relevant terms of trust.

6. REALIZATION OF RIGHTS OF PERSONS CONCERNED

6.1 One of the priorities of the Union is the protection of the rights of persons to whom it is granted.
6.2 Every person who has been admitted is entitled to: 
Access to data 
Simplifications of data
Tasting of data (“the right to be remembered”)
Restrictions on transfer and transfer of data
I contradict
6.3 The principles for the implementation of the relevant rights described above are described in the Procedure for the Implementation of the Rights of Persons Concerned by the Conduct No. 4.

7. INFORMATION UNDER THE DASH 

7.1 In the case of the collection of data from the persons concerned, most at the time of their request, the bribery of data shall be informed of:
a) the name of the Data Administrator, such as the Community, its contact details,
(b) the purpose of the transfer of personal data and the grounds for the right of transfer,
(c) a right to a vested interest realized through the Union (if the acceptance takes place on the basis of a transfer of a legally vested interest),
(d) personal data collectors or the categories of tax collectors, if any,
(e) plans to provide personal data to third parties or international organizations  o  stwierdzeniu  lub  marriage  statements  through the European Commission concerned  level of protection  lub  o  responsible  lub  proper  security  now  information  o  the means of obtaining a copy of those security or place of access (if applicable),
(f) the district through which the personal data are to be accommodated, and where this is not possible, the criteria for establishing that district, 
(g) the right to seek, from the Community, access to the personal data of the persons concerned, to whom they are concerned, to be released, to abstain from, or to restrict, or to restrict the right to enter into a conflict of interest; 
h) right  to  cofnięcia  events  w  dowolnym  moment  without  influence  and  convenience  z  the right of recourse, which is made on the basis of the event in front of her coffin (if the recruitment takes place on the basis of the person's story),
(i) the right to lodge a complaint with the supervisory authority, 
j) the fact that the provision of personal data is a conditional or conditional condition or condition of the condition of the person, the person concerned, is obliged to submit them and what are the possible consequences of the failure to pay, 
k) automated  podejmowaniu  decisions,  w  team  o  profiling  now  - at least  w  in those cases - the same  information  o  ambush  ich  activities,  a  also  o  meaning  and foreseeable  consequences  such  transfer  for  persons,  której  days  touch  (if you touch).
7.2. In the case of the collection of data from other sources below the persons concerned, the Bribery of data is non-existent (at most within 30 days) informed of: 
a) the name of the Data Administrator, such as the Community, its contact details,
(b) the purpose of the transfer of personal data and the grounds for the right of transfer,
(c) a right to a vested interest realized through the Union (if the acceptance takes place on the basis of a transfer of a legally vested interest),
(d) personal data collectors or the categories of tax collectors, if any,
(e) plans to provide personal data to third parties or international organizations  o  stwierdzeniu  lub  marriage  statements  through  European Commission responsible  level of protection  lub  o  responsible  lub  proper  security  now  information  o  the means of obtaining a copy of those security or place of access (if applicable),
(f) the district through which the personal data are to be accommodated, and where this is not possible, the criteria for establishing that district,
(g) the right to seek, from the Community, access to the personal data of the persons concerned, to whom they are concerned, to be released, to abstain from, or to restrict, or to restrict the right to enter into a conflict of interest;
h) right  to  cofnięcia  events  w  dowolnym  moment  without  influence  and  convenience  z  the right of admission, which is made on the basis of the event before her visit (if the admission takes place on the basis of the person's incident), 
(i) the right to lodge a complaint with the supervisory authority,
(j) origin of personal data;
k) automated  podejmowaniu  decisions,  w  team  o  profiling  now - at least  w  in those cases - the same  information  o  ambush  ich  activities,  a  also  o  meaning  and foreseeable consequences  such  transfer  for  persons  której  days  touch  (if you touch).
7.3 The use of information sources in the register of binding models of agreements for the approval of personal and information obligations carried out by the Inspector ds. Ochrony Danych.