To Top

Information on the protection of personal data

INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o. are seriously concerned about the protection and safety of your personal data and take this issue into account in their whole business activity. We would like to present a review of our website services herein which are important in the light of provisions of law concerning the protection of personal data.  

We explain as follows:  

  • What kind of data we collect when you are using our website services
  • for what purposes INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o. process the data 
  • What are your rights in relation with the personal data processing
  • How you can contact us in relation with the protection of the data

What is the information on the protection of personal data about?

This information on the protection of personal data concerns the INternet services provided by  INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o. on the interseroh.pl as well as social media accounts on Facebook, Twitter, LinkedIn and Xing (hereinafter referred to as the “social media accounts”). The Internet services provided by Interseroh companies not mentioned above shall be the subject of information on the protection of personal data respectively as it may be seen on the specific websites. 

1.    Personal contact and control

In accordance with the Regulation (EC) No 2016/679 of the European Parliament and of the Council of 27 April 2016 in relation to the protection of individuals with regard to the processing of their personal data and on the free movement of such data as well as the repeal of Directive 95/46/EC (Journal of EU Laws Of 2016, item 119, p. 1) (GDPR), co-controllers of personal data are INTERSEROH Organizacja Odzysku Opakowań  S.A. with its seat in Warsaw at ul. Wiertnicza 165, 02-952 Warsaw entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, XIII Economic Division of the National Court Register, under no. KRS 266658, Tax Identification Number NIP 5213409980, with a share capital of PLN 2,500,000 paid in whole as well as INTERSEROH Polska Sp. z o. o. with its seat in Warsaw at ul. Wiertnicza 165, 02-952 Warsaw entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, XIII Economic Division of the National Court Register, under no. KRS 459881, Tax Identification Number NIP 9512367010. In the case of use herein notions like “we”, “us” or “Interseroh”, it shall refer to INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o. only.

You may contact with the co-controller by writing to biuro@interseroh.com or sending mail to the address: ul. Wiertnicza 165, 02-952 Warsaw.

INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o. concluded an appropriate agreement on the personal data co-controlling. We agreed that if you exercise the rights mentioned further herein, we will cooperate, however INTERSEROH Organizacja Odzysku Opakowań S.A. shall be liable for undertaking necessary actions, including correction of your personal data in case of any request for correction thereof. The above-mentioned agreements shall not influence on your rights towards any co-controller individually.

2.    Data processing when visiting our website

2.1.    Automatic collection of access data

You may visit our website without necessity for registering an user’s account and without provision of personal data in suitable contact forms. Therefore only access data will be collected which is sent automatically by a browser. It shall cover for example your Internet identification (e.g. IP address, session identifiers, device identifiers), information on the Internet browser used and operational systems, a website which directs you to our website (e.g. If you visit our website through any link), names of files required (i.e. Which texts, films, pictures etc. you were viewing during the visit on our websites), browser language settings, any reports on errors and access time. The data shall be processed to enable you visiting our website and use thereof comfortably as well as provide durable functionality and safety thereof. Access data shall be stored for a short time in log internal data files in order to gain statistical information on use of our websites. It allows us to optimize our website, taking into account usage patterns and technical resources and to remove failures and threats to the safety. Information stored in log files shall not allow to make direct conclusions about you - particularly we store IP addresses in a short and an anonymised form. Logs are stored for 30 days and archivised upon another anonymisation. The legal basis for personal data processing is Article 6 (1) (f) of GDPR (balance of interests based on legitimised interests). 

2.2.    Cookies files

We use own cookie files and cookie files of third parties on our websites. A cookie file is a normalised text file stored by a browser for a specific time. Cookie files enable local storage of information such as language settings and temporary identifiers which are sent by a browser back to the server sending cookie files during subsequent visits of the User. You may display and delete cookie files in the browser safety settings. You may adjust browser settings in our sole discretion, including for example objection to receive cookie files form third parties or all cookie files. It is worth mentioning that in such case you may be not able to use all functions of our websites.

Our own cookie files are to make visiting our webpages more friendly and secure for the user  The legal basis for personal data processing is Article 6 (1) (f) of GDPR, i.e. Our legitimate interests consisting in delivery of safe and appropriate content to users of our websites. We use cookie files of third parties for Internet analyse and marketing purposes. more detailed information is placed in Section 2.5 and 2.6 hereof concerning the information on personal data. 

2.3.    Your messages and communication

We collect all information and data which you transfer to us through our websites. for example, you may send us messages and in some cases even files (e.g. Documents in PDF format) in various places on our websites by using functions lime contacts forms and contact functions. Any obligatory information for the functions are marked so. The information provided by you shall be used only for the purposes of processing your requests. We will delete the information gathered in this manner, provided that it shall be not required any more or we will limit thereof, if there is any statutory obligation concerning the retention of data. 

Disclosure of your messages to other Interseroh companies or other third parties shall be performed only in the scope necessary for processing your request (for example, we will disclose your message to other Interseroh Group entity if the latter is responsible for considering your request).  If you do not wish your message being disclosed to other company, it is possible to include such information directly in the message as an obvious preventive measure. We will transfer your messages to other company to make your identification impossible (e.g. first and last name, Client iD or contact details).   

The legal basis for the processing of your data are Art. 6 (1) (b) of GDPR.  In the scope in which you gave consent to disclose or process in another place the data transferred to us, Article 6 (1) (a) of GDPR shall apply.

2.4.    Use of YouTube films

In some parts of our websites we sue YouTube films. YouTube is an open portal which enables free publication, streaming, ranking and commenting movies operated by Google company YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA („YouTube"). YouTube films may be displayed directly on our websites. They are placed in YouTube's extended data protection mode, i.e. No data about you as an user shall not been sent to YouTube if you do not launch the films. The data shall be sent to YouTube, provided that you play films. We have no influence on the data transmission. If the personal data are sent to the United States it shall be protected through participation in the Privacy Shield Program established in accordance with the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield which Google and YouTube entered into.

While you visit our website with YouTube films placed thereon, then YouTube and Google obtain access data and information that you visited the the mentioned page on our website. It shall happed regardless you logged in YouTube or Google or not. If you are logged in Google, your data shall be associated with your Google account directly. If you do not wish to make it linked with YouTube profile, you shall log out prior playing a film. YouTube and Google may use access data to create user profiles for marketing, marketing research and design own websites purposes based on user needs. You have the right to object to create user profiles of this kind. In this case you shall report your objections to YouTube directly. You may find more information in Google Privacy Policy which shall concern YouTube as well. 

The legal basis for the above-mentioned data processing in the scope in which we are a controller shall be Article 6 (1) (f) of GDPR (balance of interests resulting from our legitimate interest in turning video content on).

2.5.    Analysis tools

2.5.1.    Google Analytics

Our websites use Google Analytics, webpage analysis services made available by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google”). Google Analytics use cookie files to collect access data while visiting our websites. The access data shall undergo anonymisation of user profiles and sent to Google server in the United States on our behalf. Firstly, your IP address shall be anonymised. Thus we do not know which user profiles are of a specific user. We may not identify you based on the data collected by Google nor we cannot state how you use our websites. In extraordinary cases when the personal data are transferred to the United States within Privacy Shield between the European Union and the United States, which Google attended to. So the data processing performed by Google Analytics shall be the subject of the decision of the European Commission on appropriate level of protection, i.e. The level of protection of personal data shall be deemed as appropriate, even if the processing shall take place in the Unites States by exception.

Google uses information gained through cookie files in order to assess the use of websites, draw up reports on the activity on the websites as well as provide further services related with the use of websites and Internet. More information on the following page: Google Analytics Privacy Policy.

At any time you may object to the above-mentioned development and evaluation of anonymised user profiles by Google. In this case, you have various options as follows:

(1)    You may set your browser to block cookie files from Google Analytics. 

(2)    You may adjust your Google advertisement settings.

(3)    You may install the cancellation plug delivered by Google under the address of  https://tools.google.com/dlpage/gaoptout?hl=de on your Firefox, Internet Explorer or Chrome browser (this option does not work on mobile devices).

You can set an “opt-out” cookie by clicking here: Disable Google Analytics

The legal basis for personal data processing is Article 6 (1) (f) of GDPR (balance of interests based on legitimised interests in assessment of general use patterns).

2.5.2.    Google Tag Manager (markers)

Our websites uses Google Tag Manager, service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google”). Tag Manager serves to manage the website tags more effectively. The website tag is an alternative symbol which is stored in the source code of our website to, for example, seize settlement of the website components frequently used (e.g. Internet analysis code). Google Tag Manager works without using cookie files. Data shall be partially processed on the Google server in the United States. If the personal data are transferred to the United States, it shall be protected with Privacy Shield between the European Union and the United States, which Google attended to. The legal basis therefor is Article 6 (1) (f) of GDPR, i.e. Our legitimate interest in commercial activity on our website. More information available in the Information on Google Tag Manager.

2.6.    Other tools provided by third parties

2.6.1.    Google ReCAPTCHA

We have built boot identification function in, e.g. for enters in Internet forms (due to a necessity for preventing performance of some functions on the website by Internet robots, we use Google reCAPTCHA mechanism to verify whether user behaviour on our website does not contain any robot elements. In such situation we may disclose your address IP to Google LLC delivered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Principles of privacy https://www.google.com/policies/privacy/, resignation: https://adssettings.google.com/authenticated

2.6.2.    Google Maps

Having taken into account our legitimate interest in accordance with Article 6 (1) (f) of GDPR, we use Internet pkug0in of Google Maps on our website to develop our offer effectively. The operator of Google Maps is Google Inc., with its seat in the USA, CA 94043, 1600 Amphitheatre Parkway, Mountain View. Google has the Privacy Shield certificate and in relation thereto, it shall guarantee conformity with the European law on the protection of personal data (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). When using Google Maps on our website, information on using it as well as your IP address shall be transferred to the Google server in the USA and stored thereon. When you deactivate Javascript in your browser, you make using the Google Maps function impossible. However, then you will not be able to use maps displayed on our website. When using our website, you declare that you give consent to the described registration and processing information by Google Inc. Detailed information on the provisions concerning the protection of personal data and conditions of suing Google maps, you may find here: https://www.google.com/intl/de_de/help/terms_maps.html

2.6.3.    MyFonts

Our website also uses external fonts delivered by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA (hereinafter referred to as the „MyFonts”). The fonts are placed through making connection with the MyFonts server.  In order to deliver font files to the browser, your IP address is transferred at least to MyFonts server while visiting our website. Further information (e.g. name of the website visited, date and time of sending inquiry) may be also sent to MyFonts. If you want to disable performance of JavaScript codes by MyFonts, you may turn JavaScript  off in your browser or install JavScript blocking program (e.g. www.noscript.netoderghostery.com). More information on the data privacy may be found on the MyFonts website by clicking the following: https://www.myfonts.com/info/legal/#Privacy. The legal basis for the data processing is Article 6 (1) (f) of GDPR (balance of interests based on legitimate interests in assessment of general use method).

3.    Data processing while using our career website

You apply for jobs described in our offers published in our career portal. Selection of candidates for possible employment purposes is the aim of data collection. In order to receive and process an application, we collect the following data, particularly: first and last name, e-mail address, application documents (e.g. References, curriculum vitae (CV)), the reasonable time to start working and financial expectations. The legal basis for personal data processing in the scope of names, education, the course of current employment in case of response to a recruitment offer shall be Article 6 (1) (b) and Article 88 (1) of GDPR in relation with Article 221 (1) of the Labour Code of 26 June 1974 (i.e.  Journal of Laws of 2018 item 917). The legal basis for data processing other than indicated above as well as data processing in future recruitment processes shall be Article 6 (1) (a) of GDPR, i.e. consent provided by you.

4.    Data processing for social media accounts

Interseroh is represented in the following own social media accounts networks:

•    Facebook
•    Twitter
•    LinkedIn
•    Xing

On these websites we inform about the latest news about Interseroh and about everything we do and we are glad that we can use convenient social networks to establish direct communication with members thereof. 

It is worth remembering that we do not have a full influence on the data processing performed by social networks. Therefore we ask for verifying what kind of personal data and messages you are sending to us through social networks and if there any doubts, use another forms of contacting us that are available. We bear no responsibility for behaviour of these social networks operators or members, we are liable only for own actions and nonfeasance.  

If you contact us through our social media accounts, we process information delivered us by specific social network (e.g. your full name, your profile picture and message content sent to us) in accordance with the aim and for purposes you sent it to us (e.g. service order, suggestions and remarks). We will delete the information gathered in this manner, provided that it shall be not required any more or we will limit thereof, if there is any statutory obligation concerning the retention of data. In case of public posts on our social media accounts, we make an individual decision, taking into account your and our interests, whether and when we can delete the above-mentioned post. 

The legal basis for the above data processing shall be dependent on the purpose of sending the message. If the aim is to use our customer service or make an application for provisions from the Interseroh website, then the legal basis shall be Article 6 (1) (b) of GDPR. Otherwise, the legal basis for the data processing is Article 6 (1) (f) of GDPR (balance of interests based on legitimate interests in message sent processing). In the scope of the User’s consent to process the above data, the legal basis shall be Article 6 (1) (a) of GDPR.

5.    Disclosure of personal data

5.1.    Principles

We disclose your personal data, provided that: 

  • You have given explicit consent in accordance with Article 6 (1) (a) of GDPR. 
  • Disclosure is necessary in accordance with Article 6 (1) (f) of GDPR in order to file, execute or protect legal claims of Interseroh companies and  there     are no grounds for supposing that you have a significant interest not to make your personal data disclosed which is superior to our legitimate interest.  
  • We have a statutory obligation to disclose it in accordance with Article 6 (1) (c) of GDPR. 
  • Disclosure is authorised by law and is necessary under Article 6 (1) (b) of GDPR for the performance of a contract to which you are the data subject or in order to take steps at your request  prior to entering into a contract

5.2.    Disclosure of information to the external service provider for INTERSEROH Organizacja Odzysku Opakowań S.A. and INTERSEROH Polska Sp. z o. o.

A part of processing of personal data defined herein may be performed by external service providers on our behalf. Together with the service providers indicated herein, the above-mentioned may also include data centres which store our websites and data bases, IT service providers who maintain our systems or corporate consultants.  

If we disclose data to our service providers, the providers may sue the data only to perform their tasks. The service providers are selected carefully and act at our request. They shall be obliged to follow our instructions, they have appropriate technical and organisation measure at their disposal to protect the rights of the data subjects as well as they are monitored regularly by us.

If, except for the above information on the personal data protection, we transfer your data to service providers outside the European Economic Area (EEA), we will inform you about this in a separate message, if necessary, as well as we will provide you with appropriate warranties the data transfer is based on. In case you want copies of warranties confirming appropriate level of data protection, please contact us (see Section 1 hereof).  

6.    The duration of data retention

we store data and use it as long as it is necessary to fulfill our contractual or statutory obligations or for the purpose of collection thereof, unless otherwise provided herein. Upon expiry of the statutory periods of limitation, we shall limit processing thereof, i.e. since then the data shall be used only to fulfill contractual obligations. 

We shall delete your data immediately, unless we still need it to complete the statutory period of limitation for evidence purposes in civil claims or to keep to the statutory storage periods. The storage of data for accounting purposes may be necessary even later. We are obliged to do so to fulfill the statutory principles of documentation storage which may result from the Accounting Law, tax statute, Act on the management of packaging and packaging waste, Act on anti-money laundering activities and terrorism financing and other. The storage periods defined in the Acts shall be maximum up to 5 years from the end of the respective calendar year.

The legal basis for the protection of data for conformity with statutory obligations purposes in the scope of documentation and storage is Article 6 (1) (c) of GDPR.

7.    The User’s Rights

If you want to exercise your rights defined below, you may contact us at any time (see Section 1 hereof):

  • You may get access to the information on the processing of your personal data by us at any time. While delivering such information, we shall explain the data processing and introduce a review of data which was recorder in relation to you. 
  • If your data stored by us are incorrect or out of date, you have the right to request for correction thereof.
  • You may also request removal of the data. If, under extraordinary circumstance the removal is impossible due to legal issues, the data shall be blocked so it shall be made available only for legal purposes.
  • Additionally, you may also limit processing of your data, e.g. If you think that the recorded data are incorrect. 
  • You have the right to transfer data, i.e. at your request we must send you a digital copy of your personal data provided by you.
  • You have also the right to lodge a complaint to the data protection authority. The data protection authority shall be the President of the Personal Data Protection Office, ul.  Stawki 2, 00-193 Warsaw, www.uodo.gov.pl.

8.    Right to withdraw and object

If you want to exercise your right to withdraw your consent or object, it is sufficiently to send a notification without any formal requirements to addresses defined in Section 1.

The withdrawal of consent

In accordance with Article 7 (3) of GDPR, you have the right to withdraw statement including consent transferred to us at any time. It shall cause that we will not be able to continue processing of personal data based on such consent in the future. The withdrawal shall not influence on the conformity with the processing law which has been made in accordance with the consent before the withdrawal.
 

Objection to the processing of personal data

In accordance with Article 21 of GDPR, you have the right to object, on grounds relating to his or her particular situation or personal data are processed for direct marketing purposes, unless we process your personal data base don legitimate interest in accordance with Article 6 (1) (f) of GDPR. In the latter case you have general right to object which shall be performed, although no justification is provided


9.    Data safety

We maintain technical measures appropriate for data safety warranty in our online services, particularly in order to protect your personal data against risks related to data transmission and unauthorised access of third parties. The measures undergo corrections to reflect the latest technologies. We use TLS (Transport Layer Security) which encodes the information provided to secure personal data.

10.    Amendments to the Information on data protection

From time to time we will update this information on the protection of personal data, for example to modify our website or keep to statutory or official provisions that are amended.