1. Definitions

1. Administrator – JANEX Sławomir and Elżbieta Wiesiak General Partnership located in Poland, with its registered office in Warsaw (02-223) at 11 Wagonowa Street;
2. Personal Data – all information about a natural person identified or identifiable through one or more specific factors determining physical, physiological, genetic, mental, economic, cultural, or social identity, including IP address, location data, internet identifier, and information collected through cookies and other similar technologies;
3. Policy – this Privacy Policy;
4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
5. Website – the website operated by the Administrator at https://janexfoods.com
6. User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.

    

2. Processing of Data in Connection with the Use of the Website

1. In connection with the User’s use of the Website, the Administrator collects data necessary for business contact, recruitment, and information about the User’s activity on the Website using cookies. Below are detailed rules and purposes of processing personal data collected during the User’s use of the Website.

    

3. General Data Protection Principles

1. The Administrator undertakes to comply with applicable legal regulations and data protection principles, such as GDPR, which means that your data will be:
   
   1. used lawfully, fairly, and in a transparent manner, collected only for specified, explicit purposes and not further processed in a manner that is incompatible with those purposes;
   2. adequate, relevant, and limited to what is necessary for the purposes for which it is processed;
   3. accurate and kept up to date;
   4. kept for no longer than necessary for the purposes for which it is processed; and secure.

4. Purposes and Legal Bases for Data Processing on the Website

4.1. Using the Website

1. Personal data of all individuals using the Website (including IP address or other identifiers and information collected through cookies or similar technologies) are processed by the Administrator:
   
   1. to provide electronic services for sharing content collected in the Service, providing contact forms – in this case, the legal basis for processing is the necessity of processing to perform the contract (Art. 6(1)(b) GDPR);
   2. for marketing purposes of the Administrator and other entities, especially related to behavioral advertising – the rules for processing personal data for marketing purposes are described in the “MARKETING” section;
   3. For the purpose of recruitment for specific job positions available at the Administrator’s premises – in this case, the legal basis for processing is your voluntary consent (Art. 6(1)(a) GDPR), including your consent to further processing of data in connection with recruitment for other job positions at the Administrator’s premises. The rules for processing personal data for recruitment purposes are described in the “RECRUITMENT” section.

1. In connection with the User’s use of the Website, the Administrator collects data necessary for business contact, recruitment, and information about the User’s activity on the Website using cookies. Below are detailed rules and purposes of processing personal data collected during the User’s use of the Website.

    

3. General Data Protection Principles

1. The Administrator undertakes to comply with applicable legal regulations and data protection principles, such as GDPR, which means that your data will be:
   
   1. used lawfully, fairly, and in a transparent manner, collected only for specified, explicit purposes and not further processed in a manner that is incompatible with those purposes;
   2. adequate, relevant, and limited to what is necessary for the purposes for which it is processed;
   3. accurate and kept up to date;
   4. kept for no longer than necessary for the purposes for which it is processed; and secure.

4. Purposes and Legal Bases for Data Processing on the Website

4.1. Using the Website

1. Personal data of all individuals using the Website (including IP address or other identifiers and information collected through cookies or similar technologies) are processed by the Administrator:
   
   1. to provide electronic services for sharing content collected in the Service, providing contact forms – in this case, the legal basis for processing is the necessity of processing to perform the contract (Art. 6(1)(b) GDPR);
   2. for marketing purposes of the Administrator and other entities, especially related to behavioral advertising – the rules for processing personal data for marketing purposes are described in the “MARKETING” section;
   3. For the purpose of recruitment for specific job positions available at the Administrator’s premises – in this case, the legal basis for processing is your voluntary consent (Art. 6(1)(a) GDPR), including your consent to further processing of data in connection with recruitment for other job positions at the Administrator’s premises. The rules for processing personal data for recruitment purposes are described in the “RECRUITMENT” section.

       

4.2. Contact Forms

1. The Administrator provides the possibility to contact them using electronic contact forms. Using the form requires providing personal data necessary to contact the User and fill in the “Message” box. The User may also provide other data to facilitate contact or handle the inquiry. Providing data marked as “Required” is mandatory for accepting and handling the inquiry, and failure to provide them will result in the inability to provide the service. Providing other data is voluntary.
2. Personal data is processed:
   
   1. for the purpose of identifying the sender and handling their inquiry sent via the provided form – the legal basis for processing is the necessity of processing to perform the contract (Art. 6(1)(b) GDPR);

       

5. Marketing

1. The Administrator processes personal data of Users for the purpose of carrying out marketing activities, which may include:
   
   1. sending email notifications about interesting offers or content, which in some cases may contain commercial information;
   2. conducting other activities related to direct marketing of services (sending commercial information electronically and telemarketing activities).

1. To carry out marketing activities, the Administrator sometimes uses profiling. This means that through automatic data processing, the Administrator assesses selected factors related to individuals in order to analyze their behavior or create forecasts for the future.

    

6. Direct Marketing

1. If the User has consented to receiving marketing information via email, SMS, and other electronic communication means, the User’s personal data will be processed for the purpose of sending such information. The legal basis for processing data is the legitimate interest of the Administrator in sending marketing information within the scope of the consent given by the User (direct marketing). The User has the right to object to the processing of data for direct marketing purposes, including profiling. The rules for exercising the right to withdraw/object are included in point 10.

    

7. Recruitment

7.1. Types of Processed Data

1. In connection with the application provided to us by you, we will collect, store, and use the following categories of your personal data:
   
   1. Information provided to us in your CV, cover letter, or portfolio.
   2. Information provided to us in our job application form, including name, title, address, telephone number, personal email address, employment history*, and qualifications* (*if listed as required in the job posting).

1. The legal basis on which we rely to process this personal data is Art. 6(1)(f) GDPR, which refers to processing necessary for the purposes of legitimate interests pursued by us, namely for recruitment purposes. We may also collect, store, and use the following special categories of data:

1. 1. Information about disability status so that we can consider whether we need to make appropriate adjustments during the recruitment process, for example, whether we need to make any accommodations during a test or interview.
   2. We do not anticipate processing information about criminal convictions, unless the position requires such information (e.g., a certificate of no criminal record).

1. The legal basis for processing special categories of personal data is Article 9(2)(b) of the GDPR, which concerns our obligations in the field of employment and the protection of your fundamental rights.

    

7.2. Sources of Personal Data Processing in the Recruitment Process

1. Personal data of candidates are collected from the following sources:
   
   1. From yourselves, through the application form on our website or email contact;
   2. From Recruitment Agencies cooperating with the Administrator, to which you have provided data, and which Agencies presented you to the Administrator as a candidate;
   3. From individuals who can confirm your employment history and positions held by you;
   4. From publicly available sources such as LinkedIn profiles or websites of HR consulting entities, to which you as candidates have provided your data for it to be transferred to us.

       

7.3. Processing of Personal Data during the Recruitment Process

1. The Administrator uses the personal data collected for the following purposes:
   
   1. To assess your skills, qualifications, and suitability for the proposed position;
   2. To verify basic information and references, as appropriate;
   3. To manage applications, including documenting recruitment processes;
   4. To communicate with you about the progress of the recruitment process;
   5. To ensure compliance with legal requirements or supervisory authorities;
   6. To communicate with managers conducting hiring processes and qualification interviews;
   7. To contact you (after obtaining your prior consent for further processing) regarding future job positions.

1. Upon receiving your application, CV, portfolio, or cover letter, the Administrator reviews the information contained therein to decide whether you meet the basic requirements to be included in the list of candidates for the position. If you are on this list, the Administrator will decide whether your application allows you to be invited for a qualification interview. If the Administrator decides to invite you to this interview, the information provided during the qualification interview will be used to decide whether to offer you the position. If a decision is made, the Administrator reserves the right to conduct verification of the references provided before final acceptance.
2. The Administrator processes your personal data to make a decision to enter into an employment contract or provide services to you.

    

7.4. Obligation to Provide Data

1. Failure to provide the data you will be asked for will result in the inability to process personal data in the application and, as a result, will not achieve the goal of being qualified for the recruitment process for a specific position.

    

7.5. Completion of the Recruitment Process

1. Data obtained during the recruitment process are destroyed after the recruitment process is completed.

8. Cookies and Similar Technologies

8.1. “Service” Cookies

1. The Administrator uses so-called “service” cookies primarily to provide electronic services to the User and to improve the quality of these services. Therefore, the Administrator and other entities providing analytical and statistical services to him use cookies files, store information, or gain access to information already stored in the User’s telecommunications end devices (computer, telephone, tablet, etc.). The cookies used for this purpose include:
   
   1. User input cookies for the duration of the session (user input cookies);
   2. Authentication cookies required for services that require authentication during the session (authentication cookies);
   3. Security cookies used to ensure security, e.g., used to detect abuses in the field of authentication (user-centric security cookies);
   4. Multimedia player session cookies (e.g., Flash player cookies) for the duration of the session (multimedia player session cookies);
   5. Persistent cookies used to customize the user interface for the duration of the session or a little longer (user interface customization cookies);
   6. Cookies used to monitor website traffic, i.e., data analytics, including Google Analytics cookies (these are files used by Google to analyze how the User uses the Service, to create statistics and reports on the operation of the Service). Google does not use the collected data to identify the User or combine this information to enable identification. Detailed information about the scope and rules of data collection in connection with this service can be found at the following link.

       

8.2. Cookies “marketingowe”

1. Administrator also uses cookies for marketing purposes, including behavioral advertising directed at Users. For this purpose, the Administrator stores information or gains access to information already stored in the User’s telecommunications end device (computer, phone, tablet, etc.). The use of cookies and the collection of personal data for marketing purposes, especially in promoting the services and goods of third parties, requires the User’s consent. This consent can be expressed by configuring the browser appropriately and can be withdrawn at any time, especially by clearing the cookie history and disabling cookie support in the browser settings.

    

9. Data Processing Period

1. The data processing period by the Administrator depends on the type of service provided and the purpose of processing. As a rule, data is processed for the duration of the service provision or order fulfillment, until the consent given is withdrawn, or an effective objection is made to data processing in cases where the legal basis for data processing is the legitimate interest of the Administrator.
2. The data processing period may be extended in cases where processing is necessary to establish and assert any claims or defend against them, and after this period, data is irreversibly deleted or anonymized.

    

10. User Rights

Individuals whose data is processed have the following rights:

10.1 Right to Information about Personal Data Processing

Based on this, the person making such a request is provided with information about the processing of personal data, including the purposes and legal bases for processing, the scope of data held, the recipients to whom personal data is disclosed, and the planned date of deletion.

10.2 Right to Obtain a Copy of Data

Based on this, the Administrator provides a copy of the processed data concerning the person making the request.

10.3 Right to Rectification

Based on this, the Administrator removes any discrepancies or errors concerning the processed personal data and complements or updates them if they are incomplete or have changed.

10.4 Right to Erasure of Data

Based on this, it is possible to request the deletion of data for which processing is no longer necessary for any of the purposes for which it was collected.

10.5 Right to Restrict Processing

Based on this, the Administrator ceases operations on personal data, except for operations for which the person whose data it concerns has given consent, and their storage, in accordance with the adopted retention rules, or until the reasons for restricting data processing cease (e.g., a decision by a supervisory authority authorizing further data processing).

10.6 Right to Data Portability

Based on this, to the extent that data is processed in connection with a concluded contract or with the consent given, the Administrator provides data provided by the person concerned in a format that allows it to be read by a computer. It is also possible to request the transmission of this data to another entity – provided that there are technical possibilities for both the Administrator and the other entity to do so.

10.7 Right to Object to Data Processing for Marketing Purposes

A person whose data is processed can object to the processing of personal data for marketing purposes at any time without the need to justify such objection.

10.8 Right to Object to Other Purposes of Data Processing

A person whose data is processed can object at any time to the processing of personal data on the basis of the legitimate interest of the Administrator (e.g., for analytical or statistical purposes or for the protection of property). Such an objection should include a justification and is subject to assessment by the Administrator.

10.9 Right to Withdraw Consent

If data is processed based on the consent given, the person whose data it concerns has the right to withdraw it at any time, which does not affect the legality of the processing carried out before the withdrawal of consent.

10.10 Right to Lodge a Complaint

If it is believed that the processing of personal data violates the provisions of the GDPR or other regulations on personal data protection, the person whose data it concerns may lodge a complaint with the President of the Office for Personal Data Protection.

10.11 Request for the Exercise of Data Subject Rights can be submitted:

1. by email to: biuro@janex.waw.pl and biuro@janex.dmowski.dev
2. including the following information:
   
   1. which right the person making the request wants to exercise (e.g., the right to receive a copy of data, the right to delete data, etc.);
   2. which data processing process the request relates to (e.g., using a specific service, activity on a specific website, receiving a newsletter containing commercial information at a specific email address, etc.);
   3. the purposes of data processing the request relates to (e.g., marketing purposes, analytical purposes, etc.).

1. If the Administrator is unable to determine the content of the request or identify the person making the request based on the submitted notification, the Administrator will ask the applicant for additional information.
2. A response to requests will be provided within one month of receipt. If an extension of this period is necessary, the Administrator will inform the applicant of the reasons for such an extension.
3. The response will be sent to the email address from which the request was sent.
4. The implementation of the rights mentioned above may be limited by other legal regulations. The right to object may be excluded if the Administrator demonstrates that there are:
   
   1. compelling legitimate grounds for data processing that override the interests, rights, and freedoms of the Data Subject; or
   2. the data is necessary to establish, exercise, or defend legal claims.

       

11. Data Recipients

1. In connection with the provision of services, personal data will be disclosed to external entities, including, in particular, providers responsible for the operation of information systems, legal entities, and other entities related on the basis of a data processing agreement, acting on behalf of the Administrator.
2. Employees of the Administrator will also be authorized to process your data.
3. The Administrator reserves the right to disclose selected information about the User to the relevant authorities or third parties requesting such information, based on the appropriate legal basis and in accordance with applicable law.

    

12. Transfer of Data Outside the EEA

1. The Administrator does not transfer collected data outside the European Economic Area (EEA).

    

13. Personal Data Security

1. The Administrator continuously conducts a risk analysis to ensure that personal data is processed securely, primarily by ensuring that only authorized individuals have access to the data and only to the extent necessary for their tasks. The Administrator ensures that all operations on personal data are recorded and carried out only by authorized employees and collaborators.
2. The Administrator takes all necessary actions to ensure that its subcontractors and other cooperating entities also provide a guarantee of using appropriate security measures whenever they process personal data on behalf of the Administrator.

    

14. Contact Information

1. Contact regarding the processing of personal data at JANEX Sławomir i Elżbieta Wiesiak Spółka Jawna:
2. Email: biuro@janex.waw.pl or biuro@janex.dmowski.dev
3. Phone: +48 794955455

    

15. Privacy Policy Changes

1. The Administrator commits to regularly verify the Privacy Policy and update it as needed.