For suppliers of products and services

Dear Sirs, in connection with the activities related to attempts to conclude a cooperation agreement for the goods and services sold/purchased, please familiarize yourself with the following information related to the principles of our processing of your personal data.

In accordance with the provision of Article 13 (1) of GDPR - the General Data Protection Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27 2016

a) the administrator shall provide its: identity and contact information and, when applicable, the identity and contact information of its representative Who are we?
ADVOX Ltd. with its registered office in (61-006) Poznań at 11 Blacharska Street, entered in the National Court Register under KRS No.: 0000968018, holding NIP No.: 618-210-90-64 and REGON No.: 301224011 will be the Administrator of your personal data, which means it will decide on the purposes and means of their processing.
b) where applicable, the contact details of of the data protection officer I have additional questions or want to make my requests, who can I contact?
If you have any questions regarding our processing of your personal data, please contact our Data Protection Officer Patrycja Migaszewska by sending an email to: or by mail to the registered office address.
c) the purposes of processing personal data, and the legal basis for processing For what purpose and on what basis are my personal data processed?
Your personal data will be processed for:
  • Article 6(1) point b) GDPR, i.e., activities aimed at concluding a contract/orders for the sale/purchase of goods and services
  • Article 6(1) 1 point c) GDPR, such as the obligations incumbent on us as prescribed by law (among others, pursuant to: Article 74 of the Accounting Act of 29.09.1994; Article 32, Article 70 and Article 86 of the Tax Ordinance Act of 29.08.1997. Tax Ordinance), i.e., archiving of records, etc.
  • Article 6(1) point f) GDPR i.e. on the basis of our legitimate interest, which may be the protection of against possible claims, as well as offering our own services
  • Article 6(1) point a) GDPR, i.e. your consent if we process a wider range of data than the data necessary for handling financial transactions
d) if the processing is carried out on the basis of Article 6 (1) point f) - legitimate interests pursued by the administrator or by a third party
e) information about the recipients of the personal data or about the categories of recipients, if any Who will have access to my data? Will my data be processed only within the European Economic Community Economic Community?
In connection with the processing of data for the purposes mentioned above, the recipients of your personal data will be:
  • Entities that provide IT services, hosting services, legal services, including data protection, postal operators and couriers, consulting companies, accounting firms, banks, others that support the Administrator in carrying out its activities activities. Your personal data will be transferred outside the European Economic Area, on the basis of standard contractual clauses (as a security measure). If you wish to obtain more information on this subject, please contact us.
f) where applicable, information about the intention to transfer of personal data to a third country third country or international organization and about the Commission's finding or lack of finding of appropriate degree of protection, or in the case of the transfer referred to in Article 46, Article 47 or Article 49(1) second subparagraph, a mention of the appropriate or adequate safeguards and information on the means of obtaining copies of the safeguards safeguards or about the place where they are made available

Pursuant to Article 13 (2) of GDPR - the General Data Protection Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016

a) the period for which personal data will be How long will my personal data be processed?
stored, and when this is not possible, the criteria for for determining this period The personal data you provide will be processed for a period of 5 years due to tax regulations, this period may be extended based on our legitimate claims. If your data will be processed on the basis of consent, until the consent is withdrawn or the purpose for which the consent was obtained is completed, whichever occurs earlier.
b) information about the right to request from the controller access to personal data concerning the person, the data subject, to rectification, erasure or restriction of processing, or about the right to object to the processing, as well as about the right to data portability What rights do I have?
  • The right to access and receive copies of personal data, in accordance with Article 15 of the GDPR
  • The right to rectify data, update it, in accordance with Article 16 of the GDPR
  • The right to erasure of data (right to be forgotten), in accordance with Article 17 of the GDPR
  • The right to restrict the processing of personal data, in accordance with Article 18 of the GDPR
  • The right to data portability (where technically possible), based on Article 20 of the GDPR
  • Article 21 GDPR - the right to object to the processing of personal data based on Article 6(1) point f) GDPR (as described above)
  • The right to withdraw consent at any time by sending information to: At the same time, we would like to inform you that the withdrawal of your consent does not affect the compatibility of the processing performed prior to its withdrawal - pursuant to Article 7 (3) of GDPR.
  • Right to transparent communication and full information under 12-14 GDPR
  • Please be advised that pursuant to Article 19 of the GDPR, you have an obligation to receive from the Administrator information about the deletion of or rectification or restriction of the processing of your personal data, if you have requested the exercise of these rights
I believe that my personal data is being unfairly processed. What can I do?
In the first instance, please contact us as the data controller. If, despite the explanations provided explanations from our Data Protection Officer, you still believe that our processing of your personal data violates the provisions of the Regulation on the Protection of Personal Data (GDPR), you have the right to lodge a complaint to the Supervisory Authority, which is the Office for Personal Data Protection with its headquarters in (00-193) Warsaw, at 2 Stawki Street - in accordance with Article 77 of the GDPR.
c) if the processing is carried out on the basis of Article 6(1), point a) or Article 9(2) point a) - information about the right to withdraw consent at any time without affecting the legality of the processing which was performed on the basis of consent before its revocation
d) information about the right to lodge a complaint with a supervisory authority supervisory authority
e) whether the provision of personal data is a a statutory or contractual requirement or condition for entering into a contract, and whether the data subject concerned is obliged to provide such data and what are the possible consequences of not providing data Do I have to provide my data?
Provision of personal data is voluntary, however, failure to provide it will prevent us from establishing a business relationship.
f) information on automated decision-making decisions, including profiling as referred to in Art. 22 (1) and (4), and - at least in those cases - relevant information about the principles of their making decision-making, as well as the significance and anticipated consequences of such processing for the data subject How do you process my personal data?
Your personal data is not processed by automated means, the controller does not use profiling.

Additional supplementary information on the basis of Article 14 (1), point d) GDPR and Article 14 (2), point f) GDPR

Your personal data will be processed in the collection: Service provider. The Administrator may have entered into the processing of your personal data from publicly available documents available, such as CEIDG, KRS, and other sources in which your personal data has obviously been made public by you, such as on your website, etc.