{"id":135842,"date":"2024-03-28T08:08:43","date_gmt":"2024-03-28T08:08:43","guid":{"rendered":"https:\/\/bdm-stg.mda.pl\/processing-transparency-policy-personal-data-in-budimex-sa\/"},"modified":"2025-07-07T23:15:54","modified_gmt":"2025-07-07T22:15:54","slug":"processing-transparency-policy-personal-data-in-budimex-sa","status":"publish","type":"page","link":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/","title":{"rendered":"Processing transparency policy personal data in Budimex SA"},"content":{"rendered":"\n
\n
\n
\n
\n
\n

Processing transparency policy personal data in Budimex SA<\/h2>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n
\n
\n
\n
\n
\n

1. DEFINITIONS<\/H4>\n <\/div>\n

1.1. Administrator<\/strong> \u2013 Budimex SA with its registered office in\u00a0Warsaw (01-204) ul.\u00a0Transylvanian 9<\/p>\n

1.2. Personal data<\/strong> \u2013 information about a\u00a0natural person identified or\u00a0identifiable by\u00a0one or\u00a0more factors specific to\u00a0the physical, physiological, genetic, mental, economic, cultural or\u00a0social identity, including image, voice recording, contact details, location data, information contained in\u00a0correspondence, information collected through recording equipment or\u00a0other similar technology.<\/p>\n

1.3. Policy<\/strong> \u2013 this Policy on\u00a0the transparency of personal data processing.<\/p>\n

1.4. GDPR<\/strong> \u2013 Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016. on\u00a0the protection of natural persons with regard to\u00a0the processing of personal data and on\u00a0the free movement of such data, and repealing Directive 95\/46\/EC.<\/p>\n

1.5. Website<\/strong> \u2013 the website run by\u00a0the Administrator at\u00a0https:\/\/bdm-stg.mda.pl\/<\/a><\/p>\n

1.6. User<\/strong> \u2013 any natural person visiting the Website or\u00a0using one or\u00a0more services or\u00a0functionalities described in\u00a0the Policy.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

2. DATA PROCESSING BY\u00a0THE CONTROLLER<\/H4>\n <\/div>\n

2.1. In\u00a0connection with its business activity, the Controller collects and processes Personal Data in\u00a0accordance with the relevant provisions of law, including in\u00a0particular the GDPR and the data processing rules provided therein.<\/p>\n

2.2. The Administrator ensures transparency of the processing of Personal Data, in\u00a0particular always informs about the processing of data at\u00a0the time of their collection, including the purpose and legal basis of the processing (e.g. when concluding a\u00a0contract). The Administrator makes sure that the data is collected only to\u00a0the extent necessary to\u00a0achieve the indicated purpose and processed only for the period in\u00a0which it is necessary.<\/p>\n

2.3. When processing Personal Data, the Controller ensures their security and confidentiality as\u00a0well as\u00a0access to\u00a0information about the processing to\u00a0data subjects. If, despite the security measures in\u00a0place, a\u00a0Personal Data breach occurs (e.g. data \u201cleakage\u201d or\u00a0loss) resulting in\u00a0a\u00a0high risk of violation of the rights and freedoms of data subjects, the Controller shall inform the Data Subjects of such an event in\u00a0a\u00a0manner consistent with the regulations.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

3. CONTACT WITH THE CONTROLLER<\/H4>\n <\/div>\n

3.1. Contact with the Administrator is possible by\u00a0phone at\u00a0+48 22 623 60 00 or\u00a0in\u00a0writing to\u00a0the address of the Administrator\u2019s registered office.<\/p>\n

3.2. The Controller has appointed a\u00a0Data Protection Officer who can be\u00a0contacted via e-mail address dane.osobowe@budimex.pl<\/a> in\u00a0any matter related to\u00a0the processing of personal data.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

4. SECURITY OF PERSONAL DATA<\/H4>\n <\/div>\n

4.1. In\u00a0order to\u00a0ensure the integrity and confidentiality of data, the Controller has implemented procedures enabling access to\u00a0Personal Data only to\u00a0authorised persons and only to\u00a0the extent that it is necessary due to\u00a0the tasks performed by\u00a0them. The Administrator uses organizational and technical solutions to\u00a0ensure that all operations on\u00a0personal data are registered and performed only by\u00a0authorized persons.<\/p>\n

4.2. The Controller also takes all necessary steps to\u00a0ensure that its subcontractors and other cooperating entities guarantee the application of appropriate security measures in\u00a0each case when they process Personal Data on\u00a0behalf of the Controller.<\/p>\n

4.3. The Controller conducts an ongoing analysis of the risk associated with the processing of Personal Data and monitors the adequacy of the data security measures used to\u00a0the identified threats. If necessary, the Controller implements additional measures to\u00a0increase data security. More information about safety
\n HERE.<\/u>
\n<\/a><\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

5. PURPOSES AND LEGAL GROUNDS FOR PROCESSING<\/H4>\n <\/div>\n

E-MAIL AND TRADITIONAL CORRESPONDENCE<\/strong><\/p>\n

5.1. In\u00a0the case of sending to\u00a0the Administrator via e-mail or\u00a0traditional correspondence not related to\u00a0the services provided to\u00a0the sender or\u00a0any other contract concluded with him, the personal data contained in\u00a0this correspondence are processed only for the purpose of communication and solving the matter to\u00a0which the correspondence relates.<\/p>\n

5.2. The legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR) consisting in\u00a0conducting correspondence addressed to\u00a0him in\u00a0connection with his business activity.<\/p>\n

5.3. The Administrator processes only Personal Data relevant to\u00a0the matter to\u00a0which the correspondence relates. All correspondence is stored in\u00a0a\u00a0manner that ensures the security of the Personal Data (and other information) contained therein and disclosed only to\u00a0authorized persons.<\/p>\n

CONTACT<\/strong><\/p>\n

5.4. In\u00a0the case of contacting the Administrator by\u00a0phone, in\u00a0matters not related to\u00a0the concluded contract or\u00a0services provided, the Administrator may request the provision of Personal Data only if it is necessary to\u00a0handle the matter to\u00a0which the contact relates. In\u00a0such a\u00a0case, the legal basis is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR) consisting in\u00a0the need to\u00a0resolve the reported matter related to\u00a0the Controller\u2019s business activity.<\/p>\n

5.5. Telephone conversations may also be\u00a0recorded \u2013 in\u00a0this case, at\u00a0the beginning of the conversation, the relevant information is provided to\u00a0the natural person. Conversations are recorded in\u00a0order to\u00a0monitor the quality of the service provided and verify the work of consultants, as\u00a0well as\u00a0for statistical purposes. The recordings are available only to\u00a0the Administrator\u2019s employees and persons operating the Administrator\u2019s hotline.<\/p>\n

5.6. Personal data in\u00a0the form of a\u00a0recording of the conversation is processed:<\/p>\n

5.6.1. for purposes related to\u00a0servicing contractors and interested parties via the hotline, if the Administrator provides such a\u00a0service \u2013 the legal basis is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in\u00a0conducting communication with its contractors and responding to\u00a0requests sent to\u00a0the Administrator;<\/p>\n

5.6.2. in\u00a0order to\u00a0monitor the quality of service and verify the work of consultants operating the hotline, as\u00a0well as\u00a0for analytical and statistical purposes \u2013 the legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in\u00a0taking care of the highest possible quality of service for contractors and clients, as\u00a0well as\u00a0the highest quality of consultants\u2019 work and conducting statistical analyses of telephone communication;<\/p>\n

5.6.3. in\u00a0order to\u00a0establish or\u00a0pursue possible claims by\u00a0the Administrator or\u00a0defend against claims made against the Administrator \u2013 the legal basis for data processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).<\/p>\n

VIDEO SURVEILLANCE AND ACCESS CONTROL<\/strong><\/p>\n

5.7. Due to\u00a0the need to\u00a0ensure the safety of people and property, the Administrator uses video surveillance and controls access to\u00a0the premises and the area managed by\u00a0him. The data collected in\u00a0this way is not used for any other purposes, as\u00a0described below.<\/p>\n

5.8. Personal data in\u00a0the form of CCTV recordings and data collected in\u00a0the register of entries and exits are processed in\u00a0order to\u00a0ensure the safety of people and property and to\u00a0maintain order on\u00a0the premises of the facility and, possibly, to\u00a0defend against claims made against the Administrator or\u00a0to\u00a0establish and pursue claims by\u00a0the Administrator. The legal basis for the processing of personal data is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting in\u00a0ensuring the safety of persons and property located in\u00a0the area managed by\u00a0the Administrator and the protection of its rights.<\/p>\n

5.9. The area covered by\u00a0the monitoring by\u00a0the Administrator is marked with appropriate graphic signs.<\/p>\n

RECRUITMENT<\/strong><\/p>\n

As\u00a0part of the recruitment processes, the Controller expects the provision of Personal Data (e.g. in\u00a0CVs or\u00a0CVs) only to\u00a0the extent specified in\u00a0the provisions of the labour law. Therefore, information should not be\u00a0provided more broadly. If the submitted applications contain additional data exceeding the scope indicated by\u00a0the provisions of the labour law, their processing will be\u00a0based on\u00a0the candidate\u2019s consent (Article 6(1)(a) of the GDPR), expressed by\u00a0an unambiguous confirmation action, i.e. sending application documents by\u00a0the candidate. If the submitted applications contain information that is inadequate to\u00a0the purpose of recruitment, it will not be\u00a0used or\u00a0taken into account in\u00a0the recruitment process.<\/p>\n

5.10. Personal data is processed:<\/p>\n

5.10.1. if the preferred form of employment is an employment contract \u2013 in\u00a0order to\u00a0perform obligations resulting from the provisions of law, related to\u00a0the employment process, including in\u00a0particular the Labour Code \u2013 the legal basis for the processing is the legal obligation to\u00a0which the Controller is subject (Article 6(1)(c) of the GDPR in\u00a0connection with the provisions of the Labour Law);<\/p>\n

5.10.2. if the preferred form of employment is a\u00a0civil law contract \u2013 for the purpose of conducting the recruitment process \u2013 the legal basis for the processing of data contained in\u00a0application documents is taking action before concluding the contract at\u00a0the request of the data subject before concluding the contract (Article 6(1)(b) of the GDPR),<\/p>\n

5.10.3. in\u00a0order to\u00a0carry out the recruitment process in\u00a0the scope of data not required by\u00a0law or\u00a0by\u00a0the Administrator, as\u00a0well as\u00a0for the purposes of future recruitment processes \u2013 the legal basis for the processing is consent (Article 6(1)(a) of the GDPR);<\/p>\n

5.10.4. in\u00a0order to\u00a0establish or\u00a0pursue possible claims by\u00a0the Administrator or\u00a0defend against claims made against the Administrator \u2013 the legal basis for data processing is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR).<\/p>\n

5.11. To\u00a0the extent that Personal Data is processed on\u00a0the basis of consent, it may be\u00a0withdrawn at\u00a0any time, without affecting the lawfulness of the processing carried out before its withdrawal. If consent has been given for the purposes of future recruitment processes, personal data is deleted after five years \u2013 unless consent has been withdrawn earlier. The consent may be\u00a0withdrawn by\u00a0contacting the individual companies using the communication channels indicated in\u00a0the introduction to\u00a0this Policy (information about the correct e-mail address, telephone number and address of the Administrator\u2019s registered office can be\u00a0found above, in\u00a0the link placed in\u00a0the introduction to\u00a0this Policy<\/p>\n

COLLECTION OF DATA IN\u00a0CONNECTION WITH THE PROVISION OF SERVICES OR\u00a0PERFORMANCE OF OTHER CONTRACTS<\/strong><\/p>\n

5.12. In\u00a0the event of collecting data for the purposes related to\u00a0the performance of a\u00a0specific contract, the Administrator provides the Data Subject with detailed information on\u00a0the processing of their personal data at\u00a0the time of concluding the contract or\u00a0at\u00a0the time of obtaining personal data in\u00a0the event that the processing is necessary for the Administrator to\u00a0take action at\u00a0the request of the Data Subject, prior to\u00a0the conclusion of the contract.<\/p>\n

PROCESSING OF PERSONAL DATA OF STAFF MEMBERS OF CONTRACTORS OR\u00a0CUSTOMERS COOPERATING WITH THE CONTROLLER<\/strong><\/p>\n

5.13. In\u00a0connection with concluding contracts as\u00a0part of its business activity, the Controller obtains from contractors\/customers the data of persons involved in\u00a0the performance of such contracts (e.g. persons authorized to\u00a0contact, placing orders, performing orders, etc.). The scope of the data transferred is in\u00a0any case limited to\u00a0the extent necessary for the performance of the contract and usually does not include information other than your name and business contact details.<\/p>\n

5.14. Such personal data is processed in\u00a0order to\u00a0pursue the legitimate interest of the Administrator and its contractor (Article 6(1)(f) of the GDPR), consisting in\u00a0enabling the proper and effective performance of the contract. Such data may be\u00a0disclosed to\u00a0third parties involved in\u00a0the performance of the contract, as\u00a0well as\u00a0to\u00a0entities obtaining access to\u00a0data based on\u00a0the provisions on\u00a0the disclosure of public information and proceedings conducted on\u00a0the basis of the public procurement law, to\u00a0the extent provided for in\u00a0these regulations.<\/p>\n

5.15. The data is processed for the period necessary to\u00a0pursue the above interests and perform the obligations resulting from the regulations.<\/p>\n

DATA OF ONE-TIME SUPPLIERS<\/strong><\/p>\n

5.16. In\u00a0connection with the one-off provision of services to\u00a0suppliers running sole proprietorships and the need to\u00a0issue invoices for the services performed, the Administrator, in\u00a0connection with legal obligations resulting from the accounting regulations, will process the personal data of suppliers in\u00a0order to\u00a0record accounting documents. The scope of processed data will include: name, surname, business name, NIP number, REGON number, address of the registered office.<\/p>\n

5.17. Such personal data is processed in\u00a0order to\u00a0comply with legal obligations imposed on\u00a0the Administrator by\u00a0accounting regulations (Article 6(1)(c) of the GDPR). Your personal information may be\u00a0disclosed.<\/p>\n

DATA COLLECTION IN\u00a0OTHER CASES<\/strong><\/p>\n

5.18. In\u00a0connection with its business, the Controller also collects Personal Data in\u00a0other cases \u2013 e.g. by\u00a0building and using lasting mutual business contacts (networking) during business meetings, at\u00a0industry events or\u00a0by\u00a0exchanging business cards \u2013 for purposes related to\u00a0initiating and maintaining business contacts. The legal basis for the processing in\u00a0this case is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR) consisting in\u00a0creating a\u00a0network of contacts in\u00a0connection with the conducted activity.<\/p>\n

5.19. Personal data collected in\u00a0such cases are processed only for the purpose for which they were collected, and the Administrator ensures their appropriate protection.<\/p>\n

ONLINE MEETINGS<\/strong><\/p>\n

5.20. As\u00a0part of the organization of online meetings by\u00a0the Administrator, personal data of meeting participants are processed in\u00a0order to\u00a0conduct the online meeting. The legal basis for such processing is the legitimate interest of the Administrator consisting in\u00a0organizing and conducting a\u00a0remote meeting with invited participants. (Article 6(1)(f) of the GDPR). Providing data for the indicated purpose is voluntary, but necessary to\u00a0carry out the online meeting. Without providing data, it will be\u00a0impossible to\u00a0participate in\u00a0the online meeting.<\/p>\n

5.21. To\u00a0organize online meetings, the Administrator uses the Microsoft Teams tool, which is related to\u00a0the processing of users\u2019 personal data by\u00a0Microsoft.
\n You<\/u>
\n<\/a> can read Microsoft\u2019s Privacy Policy HERE. When using this tool, there is no\u00a0transfer of data outside the EEA.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

6. DATA RECIPIENTS<\/H4>\n <\/div>\n

6.1. In\u00a0connection with conducting activities requiring processing, Personal Data is disclosed to\u00a0external entities, including in\u00a0particular suppliers responsible for the operation of IT systems and equipment (e.g. CCTV equipment in\u00a0the field of video surveillance), entities providing legal or\u00a0accounting services, couriers, marketing or\u00a0recruitment agencies, as\u00a0well as\u00a0entities providing IT services. The data is also disclosed to\u00a0entities related to\u00a0the Controller, including companies from its capital group. More information about of the Administrator\u2019s capital group can be\u00a0found HERE<\/u>.<\/a><\/p>\n

6.2. Personal data may be\u00a0made available to\u00a0investors with whom the Administrator cooperates. The Controller provides the Data Subject with detailed information on\u00a0the sharing of their Personal Data at\u00a0the time of concluding the contract or\u00a0at\u00a0the time the Data Subject joins projects requiring such processing of Personal Data.<\/p>\n

6.3. The Administrator reserves the right to\u00a0disclose selected information about the Data Subject to\u00a0competent authorities or\u00a0third parties who submit a\u00a0request for such information, based on\u00a0an appropriate legal basis and in\u00a0accordance with the provisions of applicable law.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

7. TRANSFERS OUTSIDE THE EEA<\/H4>\n <\/div>\n

7.1. The level of protection for personal data outside the European Economic Area (\u201cEEA\u201d) differs from that provided by\u00a0European law. For this reason, the Controller transfers personal data outside the EEA only when it is necessary and with an adequate level of protection, primarily by:<\/p>\n

7.1.1. Cooperation with entities processing Personal Data in\u00a0countries in\u00a0relation to\u00a0which an appropriate decision of the European Commission has been issued regarding the determination of ensuring an adequate level of protection of Personal Data;<\/p>\n

7.1.2. Use of standard contractual clauses issued by\u00a0the European Commission;<\/p>\n

7.1.3. Application of binding corporate rules approved by\u00a0the competent supervisory authority.<\/p>\n

7.2. application of technical measures recommended by\u00a0the European Data Protection Board to\u00a0transfers outside the EEA
\n(position of the European Data Protection Board: https:\/\/edpb.europa.eu\/sites\/default\/files\/consultation\/edpb_recommend tions_202001_supplementarymeasurestransferstools_en.pdf<\/a>). The Controller informs about the intention to\u00a0transfer Personal Data outside the EEA at\u00a0the stage of their collection.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

8. PERIOD OF PERSONAL DATA PROCESSING<\/H4>\n <\/div>\n

8.1. The period of data processing by\u00a0the Administrator depends on\u00a0the type of service provided and the purpose of processing. The period of data processing may also result from the regulations when they constitute the basis for processing. In\u00a0the case of data processing on\u00a0the basis of the legitimate interest of the Administrator (e.g. for security reasons), the data is processed for a\u00a0period enabling the implementation of this interest or\u00a0until an effective objection to\u00a0the processing of data is raised. If the processing is based on\u00a0consent, the data is processed until its withdrawal. If the basis for the processing is the necessity to\u00a0conclude and perform a\u00a0contract, the data is processed until its termination.<\/p>\n

8.2. The period of data processing may be\u00a0extended if the processing is necessary to\u00a0establish or\u00a0pursue claims or\u00a0defend against claims, and after this period \u2013 only in\u00a0the case and to\u00a0the extent required by\u00a0law. After the expiry of the processing period, the data is irreversibly deleted or\u00a0anonymized.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

9th. RIGHTS RELATED TO\u00a0THE PROCESSING OF PERSONAL DATA<\/H4>\n <\/div>\n

9.1. Data subjects have the following rights:<\/p>\n

9.1.1. the right to\u00a0information about the processing of personal data \u2013 on\u00a0this basis, the Administrator provides the natural person submitting the request with information about the processing of data, including, above all, the purposes and legal grounds for the processing, the scope of the data held, the entities to\u00a0which they are disclosed and the planned date of data deletion;<\/p>\n

9.1.2. the right to\u00a0obtain a\u00a0copy of the data \u2013 on\u00a0this basis, the Controller provides a\u00a0copy of the processed data concerning the natural person submitting the request;<\/p>\n

9.1.3. the right to\u00a0rectification \u2013 the Administrator is obliged to\u00a0remove any inconsistencies or\u00a0errors of the processed personal data and supplement them if they are incomplete;<\/p>\n

9.1.4. the right to\u00a0delete data \u2013 on\u00a0this basis, you can request the deletion of data, the processing of which is no\u00a0longer necessary to\u00a0achieve any of the purposes for which they were collected;<\/p>\n

9.1.5. the right to\u00a0restrict processing \u2013 in\u00a0the event of such a\u00a0request, the Controller ceases to\u00a0perform operations on\u00a0Personal Data \u2013 except for operations to\u00a0which the data subject has consented \u2013 and to\u00a0store them, in\u00a0accordance with the adopted retention rules or\u00a0until the reasons for restricting data processing cease to\u00a0exist (e.g. a\u00a0decision of the supervisory authority is issued allowing further data processing);<\/p>\n

9.1.6. the right to\u00a0transfer data \u2013 on\u00a0this basis \u2013 to\u00a0the extent that the data is processed in\u00a0an automated manner in\u00a0connection with the concluded contract or\u00a0the consent given \u2013 the Controller issues the data provided by\u00a0the data subject in\u00a0a\u00a0format that allows them to\u00a0be\u00a0read by\u00a0a\u00a0computer. It is also possible to\u00a0request that this data be\u00a0sent to\u00a0another entity, provided that there are technical possibilities in\u00a0this respect both on\u00a0the part of the Administrator and this other entity;<\/p>\n

9.1.7. the right to\u00a0object to\u00a0the processing of data for marketing purposes \u2013 the Data Subject may object to\u00a0the processing of Personal Data for marketing purposes at\u00a0any time, without the need to\u00a0justify such an objection;<\/p>\n

9.1.8. the right to\u00a0object to\u00a0other purposes of data processing \u2013 the Data Subject may at\u00a0any time object \u2013 for reasons related to\u00a0their particular situation \u2013 to\u00a0the processing of personal data that takes place on\u00a0the basis of the legitimate interest of the Administrator (e.g. for analytical or\u00a0statistical purposes or\u00a0for reasons related to\u00a0the protection of property); the objection in\u00a0this respect should include a\u00a0justification;<\/p>\n

9.1.9. the right to\u00a0withdraw consent \u2013 if the data is processed on\u00a0the basis of the consent given, the Data Subject has the right to\u00a0withdraw it at\u00a0any time, which, however, does not affect the lawfulness of the processing carried out before the consent was withdrawn.<\/p>\n

9.1.10. the right to\u00a0lodge a\u00a0complaint \u2013 if you believe that the processing of Personal Data violates the provisions of the GDPR or\u00a0other provisions on\u00a0the protection of Personal Data, the Data Subject may lodge a\u00a0complaint with the authority supervising the processing of Personal Data, competent for their habitual residence, place of work or\u00a0place of the alleged infringement. In\u00a0Poland, the supervisory authority is the President of the Office for Personal Data Protection.<\/p>\n

MAKING REQUESTS RELATED TO\u00a0THE EXERCISE OF RIGHTS<\/strong><\/p>\n

9.2. A\u00a0request regarding the exercise of the rights of Data Subjects can be\u00a0submitted to\u00a0the e-mail address dane.osobowe@budimex.pl in\u00a0any matter concerning the processing of your personal data.<\/p>\n

9.3. The inability to\u00a0identify a\u00a0natural person on\u00a0the basis of the submitted request will result in\u00a0the refusal to\u00a0implement the request by\u00a0the Administrator.<\/p>\n

9.4. The request can be\u00a0made in\u00a0person or\u00a0through a\u00a0representative (e.g. a\u00a0family member). For data security reasons, the Controller encourages the use of a\u00a0power of attorney in\u00a0a\u00a0form certified by\u00a0a\u00a0notary or\u00a0an authorised legal advisor or\u00a0advocate, which will significantly speed up the verification of the authenticity of the request.<\/p>\n

9.5. A\u00a0response to\u00a0the report should be\u00a0provided within one month of receiving it. If it is necessary to\u00a0extend this period, the Administrator informs the applicant of the reasons for this action.<\/p>\n

9.6. If the request has been addressed to\u00a0the Company electronically, the response shall be\u00a0given in\u00a0the same form, unless the applicant has requested a\u00a0response in\u00a0another form. In\u00a0other cases, the answers are given in\u00a0writing. If the deadline for the implementation of the request makes it impossible to\u00a0respond in\u00a0writing, and the scope of the applicant\u2019s data processed by\u00a0the Administrator allows for contact by\u00a0electronic means, the response should be\u00a0provided electronically. If the content of the request does not require a\u00a0written or\u00a0electronic response, the response may be\u00a0provided in\u00a0the same form in\u00a0which the data subject\u2019s request was submitted.<\/p>\n

9.7. The procedure regarding the submitted applications is free of charge.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n

\n
\n
\n
\n
\n

10. CHANGES TO\u00a0THE PERSONAL DATA PROCESSING POLICY<\/H4>\n <\/div>\n

10.1. The policy is reviewed on\u00a0an ongoing basis and updated if necessary. The current version of the Policy was adopted on\u00a0June 1, 2024.<\/p><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/section>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":255,"comment_status":"closed","ping_status":"closed","template":"page-templates\/gutenberg-text-hero.php","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"acf":[],"yoast_head":"\nProcessing transparency policy personal data in Budimex SA - Budimex<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Processing transparency policy personal data in Budimex SA - Budimex\" \/>\n<meta property=\"og:url\" content=\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/\" \/>\n<meta property=\"og:site_name\" content=\"Budimex\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-07T22:15:54+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/\",\"url\":\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/\",\"name\":\"Processing transparency policy personal data in Budimex SA - Budimex\",\"isPartOf\":{\"@id\":\"https:\/\/bdm-stg.mda.pl\/en\/#website\"},\"datePublished\":\"2024-03-28T08:08:43+00:00\",\"dateModified\":\"2025-07-07T22:15:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/bdm-stg.mda.pl\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Processing transparency policy personal data in Budimex SA\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/bdm-stg.mda.pl\/en\/#website\",\"url\":\"https:\/\/bdm-stg.mda.pl\/en\/\",\"name\":\"Budimex\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/bdm-stg.mda.pl\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Processing transparency policy personal data in Budimex SA - Budimex","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Processing transparency policy personal data in Budimex SA - Budimex","og_url":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/","og_site_name":"Budimex","article_modified_time":"2025-07-07T22:15:54+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/","url":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/","name":"Processing transparency policy personal data in Budimex SA - Budimex","isPartOf":{"@id":"https:\/\/bdm-stg.mda.pl\/en\/#website"},"datePublished":"2024-03-28T08:08:43+00:00","dateModified":"2025-07-07T22:15:54+00:00","breadcrumb":{"@id":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/bdm-stg.mda.pl\/en\/processing-transparency-policy-personal-data-in-budimex-sa\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/bdm-stg.mda.pl\/en\/"},{"@type":"ListItem","position":2,"name":"Processing transparency policy personal data in Budimex SA"}]},{"@type":"WebSite","@id":"https:\/\/bdm-stg.mda.pl\/en\/#website","url":"https:\/\/bdm-stg.mda.pl\/en\/","name":"Budimex","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/bdm-stg.mda.pl\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/pages\/135842"}],"collection":[{"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/comments?post=135842"}],"version-history":[{"count":3,"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/pages\/135842\/revisions"}],"predecessor-version":[{"id":171768,"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/pages\/135842\/revisions\/171768"}],"wp:attachment":[{"href":"https:\/\/bdm-stg.mda.pl\/en\/wp-json\/wp\/v2\/media?parent=135842"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}