Table of contents
(click to continue):
Data ControllerPersonal dataDeclarationEntrusting and making available personal dataUser rightsSystem logseCookies – introductionLinks to other websitesChanges to the Privacy and cookies policyContact and notifications
Purpose and legal basisWhat are your rights towards TPA Poland with respect to data processing?When to object to the processing of your data?To whom are your personal data provided?How long do we store your personal data?Do we transfer your data to countries outside the European Economic Area?Do we perform automated processing of your personal data in a way which affects your rights?
Structure of TPA Poland
In Poland we operate under the TPA brand (tax advisory, accounting and payroll outsourcing, real estate advisory), Baker Tilly TPA (audit and business advisory) and Baker Tilly Woroszylska Legal (legal advisory). TPA Sp. z o.o. Sp. k. operates in Poland under both TPA and Baker Tilly TPA brands.
TPA Management Sp. z o.o. | ul. Młyńska 12 | 61-730 Poznań | NIP [tax identification number] 1070010139 | REGON [statistical number] 141252235 | National Court Register kept by the District Court Poznań – Nowe Miasto i Wilda, VIII Commercial Division of the National Court Register, KRS number 0000293747 | Share capital of PLN 50,000.00 paid in full.
TPA Sp. z o.o. Sp. k. | ul. Młyńska 12 | 61-730 Poznań | NIP [tax identification number] 7781432033 | REGON [statistical number] 300184858 | National Court Register kept by the District Court Poznań – Nowe Miasto i Wilda, VIII Commercial Division of the National Court Register, KRS number 0000671994 | Share capital of PLN 981,500.00 paid in full.
TPA Real Estate Sp. z o.o. Sp. k. | ul. Przyokopowa 33 | 01-208 Warszawa | NIP [tax identification number] 5272920674 | REGON [statistical number] 385552480 | District Court for the capital city of Warsaw, XII Commercial Division of the National Court Register, KRS number 0000828268
Baker Tilly Woroszylska Legal Sp. k.* | ul. Przyokopowa 33 | 01-208 Warszawa | NIP [tax identification number] 7831753177 | REGON [statistical number] 366428591
Baker Tilly TPA Sp. z o.o. | ul. Młyńska 12 | 61-730 Poznań | NIP [tax identification number] 1070018709 | REGON [statistical number] 142798338 | National Court Register kept by the District Court Poznań – Nowe Miasto i Wilda, VIII Commercial Division of the National Court Register, KRS number 0000377626
*Baker Tilly Woroszylska Legal Sp. k. operating under the name Baker Tilly Woroszylska Legal is a member of the global network of Baker Tilly International Limited, the members of which are separate and independent legal entities.
Privacy and cookies policy of the www.tpa-group.pl service
The Data Controller of the data in the Service: www.tpa-group.pl, www.bakertilly.pl and www.bakertilly-tpa is TPA Management Sp. z o.o. with its registered office in Poznań, ul. Młyńska 12, NIP [tax identification number]: 1070010139, REGON [statistical number]: 141252235, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Poznań-Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register, under KRS number: 0000293747.
Contact with the Data Controller is possible at the e-mail address: firstname.lastname@example.org
Users who use the services provided electronically via the Service are requested to provide personal data voluntarily. The Data Controller processes the collected data under article 6 clause 1, paragraph a) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Each time the purpose and scope of personal data processed by the Data Controller results from actions taken by the User in the Service.
The User may transfer their personal data to the Data Controller using the forms available on the www.tpa-group.pl Service, such as:
1) Contact form
Personal data provided to the Data Controller in the contact form are processed in order to respond to the sent message. The scope of personal data being processed: name, surname, e-mail address.
2) Newsletter subscription form
Personal data provided to the Data Controller in the newsletter subscription form are processed in order to send the newsletter to the User. The scope of personal data being processed: name, surname, gender, e-mail address.
3) Notification of new blog entries
Personal data provided to the Data Controller in the newsletter subscription form are processed in order to send the newsletter to the User. The scope of personal data being processed: e-mail address.
4) Publication order
Personal data provided to the Data Controller in the publication order form are processed in order to send to the User a printed or electronic version of the ordered materials. The scope of personal data being processed: name, surname, correspondence address, e-mail address
In pursuit of the overriding goal of respecting Users’ privacy, we strive to maintain all due diligence. To meet this assumption, we comply with the standards and principles resulting from generally applicable laws. In particular, we make every effort to ensure that Users’ personal data are:
- processed in accordance with the law, reliably and transparently for the data subject
- collected for specific, explicit and legitimate purposes justified in this document
- not subject to further processing non-compliant with the above purposes
- factually correct and adequate for the purpose for which they are processed
- stored in a form which permits the identification of data subjects no longer than necessary to achieve the purpose of processing
- processed in a manner ensuring adequate personal data protection, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage.
Entrusting and making available personal data
The Data Controller reserves that pursuant to the applicable provisions on personal data protection, s/he can entrust the processing of personal data of Users to other entities in order to properly perform activities related to hosting, administration, maintenance and management of the Service by these entities, as well as to exercise claims and explain the circumstances of unauthorized use of services provided electronically.
The Controller hereby informs the User that s/he entrusts personal data processing to entities such as law firms, IT companies, claims adjusters, contractors of claims adjusting services, etc.
Entrusting personal data is always based on a personal data processing contract.
We do not share the collected data with third parties, except for situations when it is required by generally applicable law, i.e. on the basis of a request of an authority or court authorized to do so.
In connection with personal data processing, Users have the following rights:
- the right to demand access to their data, their rectification, erasure or restriction of processing
- the right to object to the processing
- the right to data portability
- the right to revoke the consent to personal data processing for a specific purpose, if the User previously gave such consent
- the right to lodge a complaint with the supervisory authority in relation to personal data processing by the Data Controller
These are internal event logs of the Service server, automatically recording page requests, and sent when Users visit its websites. System logs contain a page request sent by the User, an IP address, browser type, browser language, date and time of the request, and at least one “cookie” file that can uniquely identify the User’s browser.
Data collected in the system logs are used by the Service Provider for an indefinite period only to administer the Service. They are not transferred to third parties, excluding the circumstances described in this document.
We or third parties, through the cookies they administer, may use the functionality of pixel tags. These are elements published in digital content and they enable the recording of information, e.g. on the User’s activity on the website.
Cookies – introduction
While providing services to Users, we use professional technologies to collect and save information, such as cookies. These are commonly used, small files containing a string of characters that are sent and stored on the end device (e.g. computer, laptop, tablet, smartphone) used by the User when visiting the Service. This information is sent to the clipboard of the used browser, which sends it back during subsequent visits to the website. Cookies contain information necessary for the proper use of the Service. They usually contain the name of the website they come from, their storage time on the end device and a unique number.
Basis for cookies processing
Users using the services rendered electronically via the Service are asked to voluntarily consent to the processing of cookies by storing information or accessing information already stored in their telecommunications end devices.
The consent to the processing of cookies takes place in particular through the use of a button containing a declaration of consent to the processing of cookies or confirmation of reading its terms. This consent may be revoked at any time, free of charge, and in a manner described in the section on cookies management.
We process cookies on the basis of article 173 of the Act of 16 July 2004 Telecommunications Law (Journal of Laws of 2016, No. 0, item 1489, as amended).
Which cookies will be used?
The Data Controller uses the following cookies:
- a) necessary files – these files allow for the proper operations of the Service and the functionalities that the User wants to use, e.g. authentication cookies. Without saving them on the User’s device, the use of the Service is impossible
- b) functional files – files that allow for remembering the settings selected by the User and adapting them to their needs and preferences, e.g. in terms of the selected language, font size, and the appearance of the website. They allow the Data Controller to improve the functionality and performance of the site. Without saving them on the User’s device, the use of certain Service functionalities may be limited,
In terms of their validity:
- session files – with a memory of up to several days
In terms of the distinction of the cookies controller:
- Data Controller’s cookies
- third party cookies
Data Controller’s cookies
Data Controller’s cookies allow for recognizing the User’s device and display the Service website tailored to their individual expectations, making the use of its functionalities easier and more enjoyable. By saving these files on the user’s device, it is possible, for example, to remember login details, keep the session after logging in, remember selected goods or services, or adapt to the preferences of the User, such as the distribution of content, language, or its colour.
Third party cookies
- Google Adwords – they allow for conducting and evaluating the quality of advertising campaigns carried out using Google Adwords
- Google Analytics – they allow for evaluating the quality of advertising campaigns carried out using the Google Adwords service, as well as for studying the behaviours and traffic of Users and for compiling traffic statistics
- Google Maps – they allow for storing information about the User, which enable the use of map functionalities available as part of the Google Maps service. Google Inc. can track the location of the User
- Google Tag Manager
- Yandex metrica
- YouTube – they allow for storing information about the User, which enables the use of functionalities of the YouTube service. Google Inc. can track videos played by the User.
The use of third party cookies is subject to the privacy and cookies policy used by these entities. We encourage you to read the terms and conditions of personal data processing and privacy protection policies of entities that most often and to the widest extent process our data.
Managing cookie files and other information
Most often, browser settings allow for placing cookies and other information on the end device. If the User does not agree to save these files, it is necessary to change the browser settings accordingly. It is possible to disable saving cookies for all connections from a given browser or for a specific website, as well as to delete them. The method of managing cookie files depends on the used software, hence detailed information about the possibilities and ways of using can be found in the settings of the web browser, which the User uses to connect to the Service website. Consent to the processing of cookies is voluntary. However, it should be remembered that restrictions on their use may make it difficult or impossible to use the services offered on the Service.
Links to other websites
The Service may contain links to other websites. We are not responsible for the privacy and cookies policies of other websites. We recommend that you read the privacy and cookies policy of these websites.
Changes to the Privacy and cookies policy
We reserve the right to change this Privacy and Cookies Policy. In this case, we will publish its updated version in this location.
Contact and notifications
We are constantly doing our best to process Users’ personal data and cookies in compliance with the highest standards. That is why we have implemented a system of immediate reaction to situations of threats to these standards. If you identify a threat or violation, please contact us immediately using the following details:
We will be happy to hear all your feedback. Therefore, in case of any questions, requests or doubts related to the processing of personal data or cookies, we encourage you to contact us.
The Data Controller of your personal data is TPA Poland Sp. z o.o. Sp.k., registered office in Poznań at ul. Młyńska 12, 61- 730 Poznań, or Baker Tilly Woroszylska Legal Sp. k., registered office at ul. Przyokopowa 33, 01-208 Warsaw, or Baker Tilly TPA Sp. z o.o., registered office at. ul Młyńska 12, 61-730 Poznań, depending on which of the above entities you have concluded a contract for the provision of services with or taken steps to conclude a contract.
Your personal data will be processed for the purpose of concluding the contract and its execution. We guarantee that all your rights shall be fulfilled under the General Data Protection Regulation, i.e. the the right of access, rectification and deletion of your data, restriction of processing, the right to transfer, the right not to be subject to automated decision-making, including profiling, and the right to object to the processing of your personal data.
TPA Poland Sp. z o.o. Sp.k. has appointed the data protection officer, who can be contacted by e-mail: email@example.com, mail address: Data Protection Officer at ul. Młyńska 12, 61-730 Poznań, Poland.
Purpose and legal basis
We received your personal data through your filling out a form on our website, from your business card, because your are our customer, or from publicly available sources.
We process your personal data because it is necessary to perform the contract concluded with you, including to:
- process requests you send to us (e.g. over the contact form)
- contact you for service provision-related purposes
- provide answers or send a proposal you requested
- conduct recruitment processes for entities we support in this respect
- in addition, the applicable laws require us to process your personal data for tax and accounting purposes
- examine complaints.
We process your personal data for purposes indicated below, in accordance with a legitimate interest of TPA Poland, that is:
- marketing actions towards you, including direct marketing of TPA Poland’s own services
- sending newsletters
- contacting you for purposes related to legitimate marketing actions using the available communication channels, in particular and upon your consent, by e-mail and phone
- supporting your requests submitted in particular to the marketing department and over the contact form where they are not directly linked to performance of the agreement
- organisation of loyalty programmes, competitions and promotions in which you are eligible to participate
- debt enforcement, court, arbitration and mediation procedures
- statistical analysis
- data storage for record-keeping purposes and ensuring accountability (demonstration of our compliance with duties under the law).
If you agree, we will process your personal data to:
- save data in cookie files, collect data from web pages and mobile applications
- organise competitions and promotions in which you are eligible to participate.
You may withdraw your consent to personal data processing at any time, in the same way it was given. We will process your personal data until you withdraw your consent.
We require that you provide the following personal data in order for us to be able to deliver the service you ordered:
- e-mail address, first and last name, gender, company name, address, telephone number.
If required by the law, we may also require you to provide use with data for tax or accounting purposes. Otherwise, the provision of your personal data is voluntary.
What are your rights towards TPA Poland with respect to data processing?
We guarantee your exercise of any rights under the General Data Protection Regulation, i.e. the the right of access, rectification and deletion of your data, restriction of processing, transfer, non-coverage by automated decision-making, including profiling, and the right of objection to the processing of your personal data.
You may exercise those rights if:
- you notice, with reference to the request for data rectification, that your data is incorrect or incomplete
- with reference to the request to delete: your data is no longer be necessary for the purposes for which they were collected by TPA Poland, you withdraw your consent to data processing, you file an objection to the processing of your data, your data are processed unlawfully; the data should be deleted to comply with a legal duty
- with reference to the request for restriction of processing: you notice that your data are incorrect – you may request restriction of processing of your data for a period allowing us to check whether they are correct; your data are processed unlawfully, but you do not want them to be deleted; we no longer need your data, but they may be required to defend or pursue any claims; or you object to data processing – until it is determined whether our legitimate interest overrides the basis for the objection
- with reference to data transfer requests: the processing of your personal data is based on your consent or agreement concluded with you and if the processing is automatic.
You have the right to file a complaint about our processing of your personal data to the supervisory authority, that is the Inspector General for the Protection of Personal Data (address: Inspector General for the Protection of Personal Data at ul. Stawki 2, 00-193 Warsaw).
When to object to the processing of your data?
You have the right to object to the processing of your personal data if:
- the processing of your personal data takes place on the basis of a legitimate interest or for statistical purposes, and the objection is justified by your particular situation
- your personal data are processed for direct marketing purposes and profiled for the purpose .
To whom are your personal data provided?
We will provide your personal data if there is a relevant legal basis for it:
- to State Authorities (e.g. the Prosecuting Attorney’s Office, the Police)
- to partners contracted by us (partners supporting the provision of services to you)
- to other controllers (e.g. couriers).
How long do we store your personal data?
We store your personal data for the duration of the agreement concluded with you, and after its dissolution:
- to pursue claims related to the performance of the agreement
- to perform our duties under the law, in particular tax and accounting duties
- to prevent misuse and fraud
- for statistical and record-keeping purposes
- for a maximum period of 10 years after dissolution of the agreement.
We store your personal data for marketing purposes for the term of the agreement or until you object to such processing, whichever occurs first.
With reference to the organisation of loyalty programmes, competitions and promotions that your are eligible to participate in, we will process you data for their duration and until prizes are accounted for. For accountability purposes, i.e. to demonstrate compliance with the personal data processing regulations, we will store the data for a period in which TPA Poland is required to retain the data or documents containing such data to produce evidence of compliance with legal requirements and to enable review of such compliance by public authorities.
Do we transfer your data to countries outside the European Economic Area?
Your personal data will be transferred outside the European Economic Area to PipelineDeals, registered office at 1008 Western Ave #401, Seattle, WA 98104, United States of America, based on the appropriate legal safeguards, such as standard personal data protection contractual clauses approved by the European Commission.
Do we perform automated processing of your personal data (including profiling) in a way which affects your rights?
You personal data will be processed in an automated manner (including by profiling), but this will not have any legal ramifications for you, or otherwise materially affect you situation.
The profiling of personal data by TPA Poland involves the processing of your data (including by automated means) by using them to evaluate certain information about you, and in particular to analyse or predict personal preferences or interests.
Baker Tilly Woroszylska Legal – clause
Baker Tilly Woroszylska Legal Sp.k. trading as Baker Tilly Woroszylska Legal is an independent member of Baker Tilly International. Baker Tilly International Limited is an English company. Baker Tilly International provides no professional services to clients. Each member firm is a separate and independent legal entity, and each describes itself as such. Baker Tilly Woroszylska Legal Sp.k. is not Baker Tilly International’s agent and does not have the authority to bind Baker Tilly International or act on Baker Tilly International’s behalf. None of Baker Tilly International, Baker Tilly Woroszylska Legal, nor any of the other member firms of Baker Tilly International has any liability for each other’s acts or omissions. The name Baker Tilly and its associated logo is used under licence from Baker Tilly International Limited.
Transparency report of TPA Sp. z o.o. Sp. k.
Transparency reports of TPA Horwath Horodko Audit sp. z o.o.