Personal data

What is personal data?

Personal data denotes:

all information regarding an identified or an identifiable natural person.

Effective 25 May 2018 personal data processing is regulated by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”).

What data regarding your person is processed?

We process the personal data which you will provide to us, e.g. when signing a contract, or the data that we will obtain while providing services.

We can also acquire the data from generally-available sources of data, e.g. CEIDG (Central Register and Information on Economic Activity) but also from other parties, e.g. from our Partners with whom we develop joint services and promotions for you, for example SmartDOM.

How much personal data can be collected?

Pursuant to GDPR regulation only the data which is indispensable for achieving the purpose of data processing can be processed.

We take care not to collect from you any data which is not associated with the purpose for which you are with us. The data which is indispensable for the purpose can be provided by you voluntarily to facilitate contacts with you, or to enjoy additional functionalities which can make the cooperation with us easier.

What are the grounds that we rely on for processing of your personal data?

We process your personal data only on the legal basis defined in the GDPR, depending on the relations that connect us with you.

In most cases it is the implementation of the agreement between us, or your consent expressed for accomplishing the purpose of the agreement, but we also have some other data processing needs associated with our operations – we report, analyze, verify the data, settle accounts with subcontractors, etc. We do so to deliver products and provide services to you, continuously improve their quality as well as to protect ourselves and you against fraud associated with personal data theft or impersonation.

To some extent we collect and process your data only because the valid law imposes such obligations on us, e.g. the duty of collecting and confirming subscriber data, or the duty of keeping tax documentation.

The purposes and the legal grounds of data processing depend on the relation between us and you. Detailed information can be found in the notice regarding personal data processing.

The information can be found in respective bookmarks:

When you are an electricity consumer

When you are a natural gas consumer

When you have provided your data to us for marketing purposes

When you contact us for customer service purposes

When you are a proxy of a subscriber

When you use our applications and on-line services

When you use our fan pages in social media

When you are a representative or a contact person at our Contracting Party’s company

What are your rights?

GDPR grants you numerous rights regarding your data.

Go to Your rights bookmark to learn more.

How do we protect your data?

Protection of your personal data is a priority for us. We continuously take care of our data communication systems and of relevant training of our employees. We do it all to make sure that no unauthorized parties get hold of your data. To this purpose we employ technical and organizational means, such as hashing and encryption of personal data. We regularly test and assess the effectiveness of the measures we use to protect your data.

Can your data be transferred outside the European Economic Area?

Bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case, we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus, in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

How to contact us about your data?

POLKOMTEL sp. z o. o., acting as the controller of your personal data, has named a Data Protection Officer who watches over the security and the correctness of processing of your data.

Go to the Contact bookmark to see whom to contact and how to file requests and exercise the rights related to your data.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA OF A CUSTOMER / A SUBSCRIBER / A BUYER

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing of Activation Data is a condition for concluding an agreement. Refusal to provide the Activation Data prevents conclusion of the agreement. An obligation of providing the first and last name, the PESEL personal number or the name, the series and the number of the document confirming a person’s identity results from the Act of 16 July 2004 – Telecommunication Law. Provision of other data does not constitute a condition for conclusion of an agreement but may be required if the option of concluding an agreement in a document form has been selected.

4. Personal data are processed, including profiling, for the purpose of:

1. undertaking activities prior to entering into an agreement and for the performance of an agreement – pursuant to Article 6 item 1 letter b of GDPR,
2. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR,
3. the legitimate interests pursued POLKOMTEL or by a third party, such as: marketing, collections, detection and elimination of irregularities in the process of conclusion and performance of an agreement, internal purposes related to the provision of Services and conducting of business activities, including evidence gathering, analytical and statistical purposes as well as development of statistical models - pursuant to Article 6 item 1 letter f of GDPR, or
4. processing based on the granted consent, exclusively for a specific purpose indicated in the contents of consent - pursuant to Article 6 item 1 letter a of GDPR.

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, including logistic partners, IT partners, entities providing after-sale services and repair services, entities providing technical, organizational and consulting support, other subcontractors with respect to conclusion of agreements and customer service, charging and processing of payments, marketing, pursuing of claims, integrators and entities providing additional services under premium rate services, entities authorized by law, credit information bureaus, institutions created pursuant to Article 105 item 4 of the Act of 29 August 1997 – Banking Law, telecommunication companies, entities involved in debt and claims trading, companies who are members of Cyfrowy Polsat Group, entities providing services executed through Polkomtel Services, other entities indicated in the contents of a relevant consent.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed during the validity of an agreement as well as after its termination or, in a situation when an agreement has not been finally concluded, for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law concerning national defense, state security and public law and order, as well as tax and accounting regulations, b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing, and, if processed on the basis of a granted consent – until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier.

What rights are associated with personal data

9. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

11. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

12. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

13. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

Automated processing of personal data

14. Prior to concluding the agreement an automated decision is made to determine whether entering into the agreement will require the customer to pay a deposit and if so, then in what amount. The related decision is made on the basis of the client’s credit scoring. The assessment is performed by referring to a statistical model created as a result of the analysis of the customers’ past behavior, including their demographic characteristics, such as age, the area where they live, their employment as well as other behavioral characteristics, such as payment of dues, types of contracts customers have entered into, other contracts they are party to. The automated decision to request a deposit is also made in the situation when a Client refuses to give consent to verification by credit reference bureaus or on the basis of the information obtained from other telecommunication companies.

15. Automated decisions are made during the performance of an agreement in order to counter the activities which constitute a breach of the agreement, resulting in the possibility of further use of telecommunication services being blocked and the agreement being terminated. These decisions are made based on an analysis of network traffic parameters, that is type, value and direction of calls, time of call set-up and the reason for disconnecting a call.

16. If the limits defined in the agreement (e.g. value, volume, time limits) are reached or exceeded during the performance of an agreement, then the consequences set out in the agreement follow automatically (e.g. restriction, suspension or blocking the possibility of using the services, sending of a notification, request for payment of a deposit).

17. In the cases mentioned in items 14-16, you have the right to seek intervention by a Controller’s representative, express your own opinion or question the decision that was made by submitting a request in the manner described in item 1 above.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA OF A CUSTOMER / A PREPAID SERVICE SUBSCRIBER

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing of Activation Data is a condition for concluding an agreement. Refusal to provide the Activation Data prevents conclusion of the agreement. An obligation of providing the Activation Data results from the Act of 16 July 2004 – Telecommunication Law. Provision of other data does not constitute a condition for conclusion of an agreement.

4. Personal data are processed, including profiling, for the purpose of:

1. undertaking activities prior to entering into an agreement and for the performance of an agreement – pursuant to Article 6 item 1 letter b of GDPR,
2. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR,
3. the legitimate interests pursued POLKOMTEL or by a third party, such as: marketing, collections, detection and elimination of irregularities in the process of conclusion and performance of an agreement, internal purposes related to the provision of Services and conducting of business activities, including evidence gathering, analytical and statistical purposes as well as development of statistical models - pursuant to Article 6 item 1 letter f of GDPR, or
4. processing based on the granted consent, exclusively for a specific purpose indicated in the contents of consent - pursuant to Article 6 item 1 letter a of GDPR.

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, including logistic partners, IT partners, entities providing after-sale services and repair services, entities providing technical, organizational and consulting support, other subcontractors with respect to conclusion of agreements and customer service, charging and processing of payments, marketing, pursuing of claims, integrators and entities providing additional services under premium rate services, entities authorized by law, credit information bureaus, institutions created pursuant to Article 105 item 4 of the Act of 29 August 1997 – Banking Law, telecommunication companies, entities involved in debt and claims trading, companies who are members of Cyfrowy Polsat Group, entities providing services executed through Polkomtel Services, other entities indicated in the contents of a relevant consent.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed during the validity of an agreement as well as after its termination or, in a situation when an agreement has not been finally concluded, for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law concerning national defense, state security and public law and order, as well as tax and accounting regulations, b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing, and, if processed on the basis of a granted consent – until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier.

What rights are associated with personal data

9. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

11. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

12. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

13. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

Automated processing of personal data

14. During the performance of an agreement in order to counter the activities which constitute a breach of agreement, automated decisions are made, resulting in blocking of a possibility of using telecommunication services and termination of the agreement. These decisions are made based on an analysis of network traffic parameters, that is type, value and direction of calls, time of call set-up and a reason for disconnecting calls.

15. If the limits defined in the agreement (e.g. value, volume, time limits) are reached or exceeded during the performance of an agreement, then the consequences set out in the agreement follow automatically (e.g. restriction, suspension or blocking the possibility of using the services, sending of a notification, request for payment of a deposit).

16. In the cases mentioned in items 14-15, you have the right to seek intervention by a Controller’s representative, express your own opinion or question the decision that was made by submitting a request in the manner described in item 1 above.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA OF THE PERSONS INTERESTED IN THE SERVICES AND PRODUCTS OFFERED BY POLKOMTEL / THIRD PARTIES WHO COOPERATE WITH POLKOMTEL

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing of data is voluntary but it is indispensable to enable Polkomtel to present to the interested party the offer or the information regarding the services and products offered by Polkomtel or by other parties.

4. Personal data are processed, including profiling, for the purpose of:

1. taking the actions indicated in the content of the expressed consent – pursuant to Article 6 item 1 letter a of GDPR,
2. ensuring the pursuit of the legitimate interests of POLKOMTEL or of a third party, such as supporting of internal processes associated with a party’s business operations, supporting civil and enforcement proceedings as well as administrative and penal proceedings - pursuant to Article 6 item 1 letter f of GDPR, or
3. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR.

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, including logistic partners, IT partners, entities providing technical, organizational and consulting support, to other sub-contractors providing technical or organizational support, other subcontractors in the field of customer service, marketing services, parties entitled to obtain the data by virtue of the law, Cyfrowy Polsat Group companies.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier, and then for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing.

What rights are associated with personal data

9. You have the right to correct data, access data, erase data, restrict processing of data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

11. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

12. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

13. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

Privacy Policy applies to personal data processing of the users of services and Internet portals.

When you exercise your rights under a warranty, the party providing the warranty is the controller of your personal data.

When you exercise your rights under a statutory warranty, then the below information shall apply.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing of data is not required by law but it is indispensable to process requests and provide answers.

4. Personal data are processed for the purpose of:

1. ensuring the pursuit of the legitimate interests of POLKOMTEL or of a third party, such as supporting of internal processes associated with a party’s business operations, supporting civil and enforcement proceedings as well as administrative and penal proceedings - pursuant to Article 6 item 1 letter f of GDPR, or
2. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR.

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, including IT partners, entities providing technical or organizational support, other sub-contractors providing customer care services, parties entitled to obtain the data by virtue of the law.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed until the end of the processing of a request, and then for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing.

What rights are associated with personal data

9. You have the right to correct data, access data, erase data, restrict processing of data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling,

11. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

12. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

13. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

Privacy Policy applies to personal data processing of the users of services and Internet portals.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). The personal data was received from the person who indicated you as an authorized person. Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing the attorney’s identification data is not a statutory requirement, but it is a condition for the attorey to perform an action. The refusal to provide the attorney’s identification data makes it impossible for the attorney to act.

4. Personal data are processed for the purpose of:

1. in order to fulfil the legitimate interests of a third party - the principal granting the power of attorney, depending on the scope of the power of attorney - in order to conclude or perform the contract concluded by the principal – pursuant to Article 6 item 1 letter f of GDPR,
2. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR.
3. the legitimate interests pursued POLKOMTEL or by a third party, such as: marketing, collections, detection and elimination of irregularities in the process of conclusion and performance of an agreement, internal purposes related to the provision of Services and conducting of business activities, including evidence gathering, analytical and statistical purposes as well as development of statistical models - pursuant to Article 6 item 1 letter f of GDPR.

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: the principal, entities providing to the controller the services that are required for fulfilling the above mentioned purposes, including logistic partners, IT partners, entities providing after-sale services and repair services, entities providing technical, organizational and consulting support, other subcontractors with respect to conclusion of agreements and customer service, charging and processing of payments, pursuing of claims, companies who are members of Cyfrowy Polsat Group.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed during the validity of an agreement made with the principal as well as after its termination or, in a situation when an agreement has not been finally concluded, for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law concerning national defense, state security and public law and order, as well as tax and accounting regulations, b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing.

What rights are associated with personal data

9. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

11. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where can you file a complaint regarding personal data protection

12. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA OF A CUSTOMER / A SUBSCRIBER / A BUYER

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Purposes and legal basis of personal data processing

3. Providing of data is not required by law but it is indispensable to process requests and provide answers.

4. Personal data are processed for the purpose of:

1. Providing the data indicated in the form is voluntary, but necessary to create an account on the website. Refusal to provide data makes it impossible to create an account. Personal data are processed, including profiling, for the purpose of:
2. assuring access to the service - pursuant to Article 6 item 1 letter b of GDPR,
3. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR,
4. the legitimate interests pursued POLKOMTEL or by a third party, such as: marketing, collections, detection and elimination of irregularities in the process of conclusion and performance of an agreement, internal purposes related to the provision of Services and conducting of business activities, including evidence gathering, analytical and statistical purposes as well as development of statistical models - pursuant to Article 6 item 1 letter f of GDPR, or

To whom the personal data will be transferred

5. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, IT partners, entities providing technical, organizational and consulting support, other subcontractors with respect to customer service, charging and processing of payments, marketing, integrators and entities providing additional services under premium rate services, entities authorized by law, companies who are members of Cyfrowy Polsat Group.

6. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

7. Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

8. Personal data will be processed till the moment of deletion of an account from a service, and then for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law concerning national defense, state security and public law and order, as well as tax and accounting regulations, b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing, and, if processed on the basis of a granted consent – until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier.

What rights are associated with personal data

9. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller.

10. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

11. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

12. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

13. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

Privacy Policy shall apply to the processing of personal data of users of Internet services and portals.

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”) users of social media, processed for the purpose of maintaining an account on a specific social network, including forum moderation, accepting requests in private messages, promoting your brand, fulfilling legal obligations, asserting and defending possible claims and keeping statistics. Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

3. The owner of a social media portal is the joint controller of the personal data.

4. The information does not apply to processing of personal data by the owner of a social media portal. More information at the following address.

Purposes and legal basis of personal data processing

5. Providing data on fanpages run by POLKOMTEL is voluntary, but necessary to use functionalities available on the social network site.

6. Personal data are processed, including profiling, for the purpose of:

1. keeping and enabling use of a POLKOMTEL account in a social media service – pursuant to Article 6 item 1 letter f of GDPR,
2. accepting of complaints, requests, claims as well as other types of notices - pursuant to Article 6 item 1 letter f of GDPR,
3. ensuring compliance with legal obligations – pursuant to Article 6 item 1 letter c of GDPR,
4. the legitimate interests pursued POLKOMTEL or by a third party, such as: marketing, collections, detection and elimination of irregularities in the process of conclusion and performance of an agreement, internal purposes related to the provision of Services and conducting of business activities, including evidence gathering, analytical and statistical purposes as well as development of statistical models - pursuant to Article 6 item 1 letter f of GDPR.

To whom the personal data will be transferred

7. Personal data may be transferred to the following categories of recipients: entities providing to the controller the services that are required for fulfilling the above mentioned purposes, entities operating the social media portals, IT partners, entities providing technical, organizational and consulting support, other subcontractors with respect to customer service, charging and processing of payments, marketing, integrators and entities providing additional services under premium rate services, entities authorized by law, companies who are members of Cyfrowy Polsat Group

8. Bearing in mind the location of the registered office of a social media portal, personal data shall be transferred outside the European Economic Area (EEA), i.e. to the United States of America, which can be associated with certain risks for data subjects as per the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case. The owner of the social media portal declares that it assures a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA

For how long will the personal data be processed

9. Personal data will be processed until the time you submit a justified objection to further data processing and then for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing, and, if processed on the basis of a granted consent – until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier.

What rights are associated with personal data

10. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller.

11. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling.

12. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

13. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

14. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

INFORMATION BY POLKOMTEL SP. Z O.O. ABOUT PROCESSING OF PERSONAL DATA

Who will process the personal data and how to contact the entity

1. POLKOMTEL sp. z o. o., address: ul. Konstruktorska 4, 02-673 Warsaw, is the controller of personal data within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“GDPR”). Requests, declarations and any correspondence regarding personal data shall be addressed by phone to the Customer Service Department (phone no. 601102601), or in writing to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail to: bok@plus.pl, as well as in writing or orally for the record at a Point of Sale (Service).

2. The controller has appointed a Data Protection Officer who can be contacted: by e-mail at: iod@plus.pl or in writing to the above mentioned address of the controller marked „Inspektor ochrony danych” (Data Protection Officer).

Definitions

Contracting Party – a self-employed natural person, a legal person or any other organization with whom the Company is entering into business cooperation.

Representative – a Contracting Party’s representative or an attorney with whom the Company has signed an agreement for the purpose of carrying out the cooperation with the Company.

Contact Person – any natural person who contacts the Company’s employees and representatives or its attorneys in order to enter into or carry out business cooperation. The contact person can be a Contracting Party’s employee or any other person designated by the Contracting Party or acting on the Contracting Party’s behalf.

From whom the data has been obtained

3. If you are a Representative, then your personal data has been obtained directly from you as the Contracting Party’s representative, as part of an agreement or agreements between the Contracting Party and the Company (hereinafter “the Agreement”).

4. If you are the Contact Person, then your personal data has been obtained directly from you or from the Contracting Party as part of the cooperation with the Company.

Scope of the processed data

5. The processed data includes in particular the following data categories:

1. identification data (e.g. first and last name, NIP (tax ID), place of employment, position),
2. contact details (e.g. phone number, e-mail address),
3. other data submitted by the Contracting Party, or by you directly, in connection with entering into or performance of the Agreement.

Purposes and legal basis of personal data processing

6. Providing of Activation Data is a condition for concluding an agreement. Refusal to provide the Activation Data prevents conclusion of the agreement or taking the actions connected with its implementation.

7. Your personal data shall be or may be processed as long as data processing will be carried out for the below indicated purposes:

1. entering into and performance of the Agreement – signing of the agreement forms the legal basis for processing the personal data of the Representative (Art. 6, item 1 b of GDPR);
2. enabling the performance of the Agreement – the Company’s legitimate interest forms the legal basis for processing of the personal data of the Contact Person (Art. 6, item 1 f of GDPR);
3. fulfillment of legal obligations – a legal obligation forms the legal basis for processing of the personal data of the Representative and the Contact Person (Art. 6, item 1 c of GDPR);
4. ensuring the security of the Company’s employees/associates or protection of property, or preserving the secrecy of the information whose disclosure could expose the Company to a loss, including by means of video monitoring - the Company’s legitimate interest forms the legal basis for processing of the personal data of the Representative and the Contact Person (Art. 6, item 1 f of GDPR);
5. determining or vindication of potential claims, or defense against such claims by the Company - the Company’s legitimate interest forms the legal basis for processing of the personal data of the Representative and the Contact Person (Art. 6, item 1 f of GDPR, in connection with Art. 9, item 2 f of GDPR);
6. archival (evidence-related) purposes, being the pursuit of the Company’s legitimate interest in respect of securing the information in the event of necessity of providing proof - the Company’s legitimate interest forms the legal basis for processing of the personal data of the Representative and the Contact Person (Art. 6, item 1 f of GDPR, in connection with Art. 9, item 2 f of GDPR)

To whom the personal data will be transferred

8. Your personal data may be transferred only in the situation when it is justified by the purpose of data processing. In such a case your data may be transferred to the following categories of recipients: entities providing services to the controller, including accounting and tax as well as audit services, to postal service operators and courier companies, providers of IT systems and services, insurance firms, entities providing technical, organizational and consulting support, entities providing legal services, entities providing archiving services, entities providing services in the field of security of persons and property, entities authorized by virtue of the law, companies who are members of the Capital Group, of which the Company is a member, as defined by the Act of 16 February 2007 on competition and consumer protection.

9. Personal data may be transferred to countries / international organizations located outside of the European Economic Area, where such a country / organization, based on the decision of the European Union, is deemed as ensuring an adequate level of personal data protection, equivalent to the degree of protection valid on the territory of the European Economic Area or provided that the appropriate safeguards are applied, which may consist in applying valid corporate rules, standard contractual clauses adopted by the European Commission, standard personal data protection clauses adopted by the President of the Personal Data Protection Office or contractual clauses authorized by the President of the Personal Data Protection Office, while the copies thereof may be obtained by submitting a request in the manner mentioned in item 1 above.

10. ⦁ Moreover, bearing in mind the judgment of the Court of Justice of the European Union (CJEU) of 16 July 2020 in Schrems II case we would like to inform you that some of the technical solutions that we employ may be provided by the parties based outside the European Economic Area (EEA), including in the United States of America. Thus in some specific situations personal data may be transferred to the countries where the providers’ registered offices are located, including the USA.. Such partners include Google and Facebook who declare that they assure a relevant level of security of the processed personal data by adopting and using standard EU contractual clauses in place of the so-called Privacy Shield which was repealed by the above court ruling (Information by FB, Information by Google). The type of the safeguards employed is reviewed from the point of view of risks and may change when the relevant EU bodies adopt new legal instruments serving the purpose of assuring the relevant degree of security of the personal data transferred outside the EEA.

For how long will the personal data be processed

11. Personal data will be processed during the validity of an agreement as well as after its termination or, in a situation when an agreement has not been finally concluded, for the period: a) envisaged for the fulfillment of the obligations resulting from the provisions of the law concerning national defense, state security and public law and order, as well as tax and accounting regulations, b) for the period of limitation of claims and until the end of civil, enforcement, administrative and criminal proceedings requiring personal data processing, and, if processed on the basis of a granted consent – until the purpose for which the consent has been granted is achieved or until the consent is revoked, whichever comes earlier

What rights are associated with personal data

12. You have the right to correct the data, access the data, erase the data, restrict processing of the data, transfer the data supplied to the controller

13. You have the right to object against data processing which is performed based on the legitimate interest of the controller or a third party, including profiling, due to the reasons related to specific circumstances, and to object against data processing for direct marketing purposes, including profiling

14. With respect to the data processed based on a granted consent – you have the right to revoke such consent at any time. Revoking of the consent has no impact on the legality of data processing which took place before such consent was revoked.

15. The above mentioned requests and declarations shall be submitted in the manner indicated in item 1 above.

Where a complaint regarding personal data protection can be filed

16. A complaint regarding personal data processing can be filed to the supervising authority dealing with personal data processing. The President of the Personal Data Protection Office is the supervising authority in the Republic of Poland.

YOU ARE ENTITLED THE FOLLOWING RIGHTS

To correct your data

If any errors occurred during data collection, or if your personal data has changed, you are entitled to provide the correct and valid data to us and we will enter the corrections or update your data. This will prevent e.g. correspondence being sent to you to the no longer valid address. In some cases we may ask you to confirm the change in a document form, especially if it is required from us by the law.

Access to data

You may exercise this right if you wish to know which categories of your data are processed by us.

To have your data erased, also known as “the right to be forgotten”

Should you consider that your data are no longer necessary for the purposes for which they have been collected, you shall have the right to ask us to delete such data. However, you must remember that if we are bound by a contract with you, then we cannot not “forget you” yet because we want to continue fulfilling our obligations under such a contract. Also we will not be able to fulfill your request “to be forgotten” if e.g. we need your data for the purpose of vindication of claim, or if we have to continue processing your data because we are required to do so by the law.

To restrict the scope of data processing

Should you have doubts whether your data is processed by us in a proper manner, then you can file a request for restricting the scope of processing of your data. We will tag your data as intended for storing only and we will examine the legality of data processing. You may file a request also when we intend to erase your data while you wish us to continue storing your data, e.g. for evidence-related purposes. If we provide, or provided, any services to you, then such a restriction of data processing will not result in discontinuation of charging of fees or vindication of claims on account of our receivables.

Data portability

You may receive from us, and port to another entity, the data that you have supplied to us. However, you must remember that access to your data, in response to your request, will be provided in a structured, universally applied format, and that we will not responsible for whether your data are accepted as well as for the way in which such data will continue to be processed.

To object to data processing based on a legitimate interest of a data controller or of a third party, including objection to profiling, for reasons associated with a specific situation

If you file such a request, please do not forget to describe your specific situation so that we will able to judge whether your objection is justified.

To object to data processing for direct marketing purposes, including for the purpose of profiling

If you make such an objection, then we will stop processing your data for marketing purposes, including for the purpose of profiling. Please remember that in such a case we will not be able to inform your of new offers, promotions and services.

To withdraw your consent to data processing at any time

You may withdraw the consents to processing of your data at any time without indicating the reason. Once you withdraw your consent, we will discontinue processing of your data for the purpose for which we were processing it at your consent. Please remember that withdrawal of your consent does not work retroactively, which means that any data processing which took place until withdrawal of your consent will continue to be fully valid and legal.

Go to Contact bookmark to see how easy it is to withdraw your consent to data processing and also how to contact us to exercise your rights.

Please remember that to be able to fulfill your request related to exercising your rights we entitled to verify your identity. If we did not do so, we could disclose the information related to you to an unauthorized person.

If you have an agreement for provision of telecommunication services by Plus, then you may easily express and withdraw your consent to data processing by:

1. Logging in to Plus Online
2. Sending a free SMS to a dedicated number indicated in the table below.

Expressing your consent and withdrawing your consent by sending a free SMS applies only to the phone number (MSISDN) from which such an SMS has been sent. Should you wish to express consent to data processing, or withdraw such consent, for any other phone numbers, then please send the SMS’s from these numbers.

At the same time, the relevant consent can be given and withdrawn by contacting Customer Service Department by phone (tel. 601102601), in written form, by sending a letter to:

1. Polkomtel sp. z o.o. - Reklamacje,
2. ul. Konstruktorska 4,
3. 02-673 Warszawa,

and by e-mail, by sending a message to bok@plus.pl, as well as in written form or orally, for the record, at a Point of Sale (Point of Customer Service).

Personal data

Requests, declarations as well as all correspondence related to personal data should be submitted while using the following means: by phone, by calling Customer Service Department at 601102601, in written form, by sending a letter to the following address: Polkomtel sp. z o.o. - Reklamacje, ul. Konstruktorska 4, 02-673 Warszawa, by e-mail, by sending an e-mail message to bok@plus.pl, as well as in writing or orally, for the record, at a Point of Sale (Point of Customer Service).

Ms. Katarzyna Lewandowska is the Data Protection Officer (IOD). You may contact the IOD by e-mail, by sending a message to: iod@plus.pl or in writing, by sending a letter to the Company’s registered office address with a note ”Inspektor Ochrony Danych" (Data Protection Officer) on the envelope.

Only the issues related to processing of your data by Polkomtel sp. z o.o., including the exercise of your rights, shall be addressed to the Data Protection Officer.

The competence of the Data Protection Officer does not include dealing with any other issues, especially accepting of notices or complaints, which should be sent via bok@plus.pl