Privacy Policy

About us

  Lions Estate with its seat in Warsaw (00-480) at ul.  Wiejska 11/13, registered in the Register of Entrepreneurs kept by the District Court for the capital city of Warsaw, XII Commercial Division of the National Court Register under the number KRS 0000552455, NIP 521 369 37 74. Hereinafter referred to as the company.

 The company has appointed a Data Protection Officer available at rodo@lionsestate.pl Personal data is obtained and processed in the manner and on the terms set out in this Policy.

 General provisions

 In the Company, we pay special attention to the protection of the privacy of our clients, contractors and employees.  One of its key aspects is the protection of the rights and freedoms of natural persons in relation to the processing of their personal data.

 We make sure that the processing of your data is carried out in accordance with the provisions of the General Data Protection Regulation 2016/679 / EC (hereinafter referred to as “GDPR”), the Act on the protection of personal data, as well as specific provisions (included, among others, in labor law or  the Accounting Act).

 The Group companies are personal data controllers within the meaning of Art.  4 point 7 of the GDPR, we also use the services of processing entities referred to in art.  4 pts  8 GDPR – they process personal data on behalf of the administrator (these are e.g. accounting and IT companies, real estate agents).

 As a Group, we implement appropriate technical and organizational measures to ensure a level of security corresponding to the possible risk of violating the rights or freedoms of natural persons with a different probability and severity of the threat.  We also develop policies and procedures, as well as organize regular trainings to increase the knowledge and competences of our employees in this area.

 What do we use your personal data for

 As an employer, we process the data of employees and people who cooperate with us on a basis other than an employment relationship.  Contact details obtained from contractors are used to conclude and efficiently implement contracts and provide services.  We also conduct marketing activities and as part of it we try to reach the widest possible group of interested parties in order to provide them with up-to-date information about our products and services.

 We provide third parties with your data with your consent or when we are required to do so under the law.

 On what terms and on what basis do we process your data

 We make every effort to protect the interests of data subjects, and in particular we ensure that the data is:

 processed in accordance with the law, fairly and in a transparent manner for the data subject;

 collected for specific, explicit and legitimate purposes and not further processed in a manner inconsistent with these purposes;

 adequate, relevant and limited to what is necessary for the purposes for which they are processed;

 correct and updated as necessary;  we take steps to ensure that personal data that is incorrect in the light of the purposes of their processing are immediately removed or corrected;

 kept in a form which permits identification of the data subject for no longer than is necessary for the purposes;

 processed in a manner ensuring adequate security of personal data, including protection against unauthorized or unlawful processing as well as accidental loss or destruction.

 We usually process your data on the basis of consent, which may be withdrawn at any time.  Another case is when the processing of your data is necessary to perform the contract to which you are a party or to take action at your request, even before concluding the contract.

 In some situations, processing is necessary to fulfill the legal obligation incumbent on us as the controller.

 Such obligations result, for example, from the provisions of the labor law or the Accounting Act.  Processing may also be necessary for purposes arising from our legitimate interests, an example of which is pursuing claims from our business activities.

 What rights do you have

 We take appropriate measures to provide you with all relevant information in a concise, transparent, understandable and easily accessible form, clear and simple language and to conduct all communication with you regarding the processing of personal data in connection with the exercise of your right to:

 information provided when collecting personal data,

 information provided upon request – whether the data is processed and other issues specified in art.  15 GDPR, including the right to a copy of data,

 rectification of data;

 being forgotten;

 processing restrictions;

 data portability;

 objection;

 not to be subject to decisions based solely on automated processing (including profiling),

 information about a breach of data protection.

 To contact us regarding the implementation of a given right, send a message to rodo@lionsestate.pl

 How we will contact you

 We provide information in writing or otherwise, including, where appropriate, electronically.  If you so request, we may provide the information orally, as long as we confirm your identity by other means.  If you submit your request electronically, the information will also be provided electronically, if possible, unless you provide us with another preferred form of communication.

 When will we fulfill your request

 We try to provide information without undue delay – as a rule, within one month of receiving the request.  If necessary, this period will be extended by another two months due to the complexity of the request or the number of requests.  However, in any case, within one month of receiving the request, we will inform you of the action taken and (if applicable) of the extension of the deadline, stating the reason for the delay.

 Subcontractors / processors

 If we work with entities that process personal data on our behalf, we only use the services of such processors that provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing meets the requirements of the GDPR and protects the rights of data subjects.

 We check in detail the entities to which we entrust the processing of your data.  We enter into detailed agreements with them, and we periodically inspect the compliance of processing operations with the content of such a contract and the law.

 How we care for the processing of your data

 To meet legal requirements, we have developed detailed procedures covering such issues as:

 data protection by design and data protection by default,

 data protection impact assessment,

 notification of violations,

 preparing a register of data processing activities,

 data retention,

 exercising the rights of data subjects.

 We regularly check and update our documentation to be able to demonstrate compliance with legal requirements in accordance with the principle of accountability set out in the GDPR, but also in the interests of data subjects, we try to incorporate the best market practices into it.

 Data Retention

 We store personal data in a form that permits identification of the data subject for no longer than it is necessary for the purposes for which the data is processed.  After the expiry of such a period, the data is anonymized (we deprive any features that make it possible to identify the person) or we delete it.  The deletion of personal data is complete and permanent.  In the retention procedure, we provide:

 limiting the period of storage of personal data to the strict minimum,

 setting a date for the deletion of personal data and criteria for determining this date or periodic review.

 We define the period of data processing in the first place on the basis of legal provisions (e.g. the storage time of employee documentation, accounting documents), as well as the justified interest of the administrator (e.g. marketing activity).  The retention policy covers both data processed in paper and electronic form.

 Authorization

 We ensure that every person acting under our authorization and having access to your personal data processes it only at our request, unless other requirements result from EU law or the law of a Member State

 Cookies

 Cookies are small files saved on your computer, which store settings and other information used on the pages you visit.  Cookies may contain website settings or be used to track user interactions with the website.  We use “cookies” to, among others  adjusting the content of our website to your preferences and optimizing the use of websites and enforcing actions to maintain security.