Dotacja unijna - iAML

Information Notices

INFORMATION NOTICE

FOR POLITICALLY EXPOSED PERSONS („PEPs”) AND PERSONS IN THE SANCTIONS LISTS („SLs”)

Pursuant to Article 14(1-2) and Article 14(5)(b) of Regulation (EU) 2016/ 679 of the European Parliament and of the Council of 27/04/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, p. 1) – hereinafter the GDPR – Incaso Group sp. z o. o., with its registered office in Koszalin at ul. Jana Pawła II no. 20 office 70, complies as the controller with its obligation to provide information to politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”).

1. Controller

Incaso Group sp. z o. o., with its registered office in Koszalin (75-452) at ul. Jana Pawła II no. 20 office 70, telephone number (+48)221003693, is the Controller of personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”).

2. Contact details of the Data Protection Officer

With respect to personal data protection, you may contact the Data Protection Officer at the following e-mail address: rodo@iaml.com.pl or telephone number (+48)221003693 or in writing to the address of the Controller’s registered office provided above.

3. Basis and purpose of personal data processing

Personal data of politically exposed persons (“PEPs”) and persons entered in sanctions lists for anti-money laundering and terrorist financing purposes (“SLs”) are processed by the Controller pursuant to Article 6(1)(f) of the GDPR, thus based on the legitimate interest of the Controller consisting, in particular but not limited to, in the right granted to the Controller pursuant to Article 5 subsection 1 of the Act of 25 February 2016 on the re-use of public sector information (Journal of Laws of 2016, item 352, as amended), (hereinafter the (“Re-Use Act”). Personal data of politically exposed persons (“PEPs”) and persons entered in sanctions lists for anti-money laundering and terrorist financing purposes (“SLs”) are processed by the Controller for the commercial purpose consisting in the creation and provision against payment, to obliged institutions (i.e. banks, insurance companies, payment services agencies, etc.) of the tool supporting the same in compliance with the obligations under the Polish Act on countering money laundering and terrorist financing of 1 March 2018 (Journal of Laws of 2018, item 723, as amended), (hereinafter the “AML Act”) implementing Directive (EU) 2015849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 6482012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, p. 73).

4. Categories of personal data processed

The Controller processes the following categories of personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”):

1) identification data (first names and last name, date of birth – the last two only if the Controller is in possession of the same);

2) data on the position held (job title, designation of the position held, place of holding the position/job title, designation of the entity, at which a person works or to which he or she provides services);

3) data on the place of origin, nationality, citizenship or sex;

4) contact data – the e-mail address used in relation to the position held – only if the Controller is in possession of the same.

5. The source, from which data originate

The Controller obtained personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”), in particular:

  • for politically exposed persons (“PEPs”):

1) from the Public Information Bulletin websites maintained by the particular entity;

2) from the central public information repository referred to in Article 9a of the Act of 6 September 2001 on the access to public information (Journal of Laws of 2016, item 1764 and of 2017, item 933);

3) from the National Court Register;

4) from Monitor Sądowy i Gospodarczy journal;

5) from websites.

  • for persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”):

1) from publicly available sanctions lists, i.e. in particular:

• OFAC Specially Designated Nationals (SDN) List (U.S. Treasury),

• OFAC Foreign Sanctions Evaders (FSE) List (U.S. Treasury),

• Common Foreign and Security Policy (CFSP) of the European Union (Sanctions EU),

• HR Treasury (HMT) Financial sanctions: Consolidated List of Targets (UK),

• Consolidated United Nations Security Council Sanctions List (UN Sanctions List).

6. Recipients of personal data

Personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) may be transferred to the following categories of recipients:

a) recipients of the Controller’s products and services, in particular obliged institutions within the meaning of the AML Act;

b) service providers providing the Controller with technical and organisational solutions allowing for the management of the Controller’s organisation, including entities operating ICT systems or providing the Controller with ICT tools (in particular ICT service providers);

c) Controller’s contractors and employees;

d) other entities and authorities, to which the Controller is obliged or authorised to transfer personal data pursuant to generally applicable laws.

7. Transfer of personal data to third countries or international organisations

The Controller will not transfer personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) to third countries or international organisations.

8. Personal data storage period

Personal data of politically exposed persons (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) will be stored for the period, during which such persons are considered to be politically exposed persons (“PEPs”) pursuant to the AML Act or during which they are entered in the sanctions lists, respectively.

9. Personal data protection rights

Pursuant to applicable laws, you have the following rights:

a) right of access to your data and to obtain a copy of the same;

b) right to rectification (correction) of your data;

c) right to erasure of data;

d) right to restriction of processing of personal data;

e) right to object;

f) right to data portability;

g) right to lodge a complaint with the supervisory authority – if you establish that the Controller processes your personal data contrary to the law.

10. Right to object

You have the right to object to processing of personal data on grounds relating to your particular situation. When objecting, you should specify the particular situation, which, in your opinion, justifies the discontinuation of the processing of your data subject to the objection by the Controller. The Controller will no longer process your personal data for the purpose stated above, unless the Controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

11. Automated decision-making, profiling

The Controller will not use your personal data for profiling or as part of the automated decision-making.

INFORMATION NOTICE

FOR POLITICALLY EXPOSED PERSONS OUTSIDE POLAND („PEPs”) AND PERSONS IN THE SANCTIONS LISTS („SLs”)

Pursuant to Article 14(1-2) and Article 14(5)(b) of Regulation (EU) 2016/ 679 of the European Parliament and of the Council of 27/04/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, p. 1) – hereinafter the GDPR – Incaso Group sp. z o. o., with its registered office in Koszalin at ul. Jana Pawła II no. 20 office 70, complies as the controller with its obligation to provide information to politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”).

1. Controller

Incaso Group sp. z o. o., with its registered office in Koszalin (75-452) at ul. Jana Pawła II no. 20 office 70, telephone number (+48)221003693, is the Controller of personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”).

2. Contact details of the Data Protection Officer

With respect to personal data protection, you may contact the Data Protection Officer at the following e-mail address: rodo@iaml.com.pl or telephone number (+48)221003693 or in writing to the address of the Controller’s registered office provided above.

3. Basis and purpose of personal data processing

Personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions lists for anti-money laundering and terrorist financing purposes (“SLs”) are processed by the Controller pursuant to Article 6(1)(f) of the GDPR, thus based on the legitimate interest of the Controller being the commercial purpose consisting in the creation and provision against payment, to obliged institutions (i.e. banks, insurance companies, payment services agencies, etc.) of the tool supporting the same in compliance with the obligations under the Polish Act on countering money laundering and terrorist financing of 1 March 2018 (Journal of Laws of 2018, item 723, as amended), (hereinafter the “AML Act”) implementing Directive (EU) 2015/ 849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/ 2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, p. 73).

4. Categories of personal data processed

The Controller processes the following categories of personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”):

1) identification data (first names and last name, date of birth – the last two only if the Controller is in possession of the same);

2) data on the position held (job title, designation of the position held, place of holding the position/job title, designation of the entity, at which a person works or to which he or she provides services);

3) data on the place of origin, nationality, citizenship or sex;

4) contact data – the e-mail address used in relation to the position held – only if the Controller is in possession of the same.

5. The source, from which data originate

The Controller obtained personal data:

  • with respect to politically exposed persons outside Poland (“PEPs”) – from publicly available sources, in particular from websites;
  • for persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) – from the publicly available sanctions lists, i.e. in particular:

• OFAC Specially Designated Nationals (SDN) List (U.S. Treasury),

• OFAC Foreign Sanctions Evaders (FSE) List (U.S. Treasury),

• Common Foreign and Security Policy (CFSP) of the European Union (Sanctions EU),

• HR Treasury (HMT) Financial sanctions: Consolidated List of Targets (UK),

• Consolidated United Nations Security Council Sanctions List (UN Sanctions List).

6. Recipients of personal data

Personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) may be transferred to the following categories of recipients:

a) recipients of the Controller’s products and services, in particular obliged institutions within the meaning of the AML Act;

b) service providers providing the Controller with technical and organisational solutions allowing for the management of the Controller’s organisation, including entities operating ICT systems or providing the Controller with ICT tools (in particular ICT service providers);

c) Controller’s contractors and employees;

d) other entities and authorities, to which the Controller is obliged or authorised to transfer personal data pursuant to generally applicable laws.

7. Transfer of personal data to third countries or international organisations

The Controller will not transfer personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) to third countries or international organisations.

8. Personal data storage period

Personal data of politically exposed persons outside Poland (“PEPs”) and persons entered in sanctions list for anti-money laundering and terrorist financing purposes (“SLs”) will be stored for the period, during which such persons are considered to be politically exposed persons (“PEPs”) pursuant to the AML Act or during which they are entered in the sanctions lists, respectively.

9. Personal data protection rights

Pursuant to applicable laws, you have the following rights:

a) right of access to your data and to obtain a copy of the same;

b) right to rectification (correction) of your data;

c) right to erasure of data;

d) right to restriction of processing of personal data;

e) right to object,

f) right to data portability;

g) right to lodge a complaint with the supervisory authority – if you establish that the Controller processes your personal data contrary to the law.

10. Right to object

You have the right to object to processing of personal data on grounds relating to your particular situation. When objecting, you should specify the particular situation, which, in your opinion, justifies the discontinuation of the processing of your data subject to the objection by the Controller. The Controller will no longer process your personal data for the purpose stated above, unless the Controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

11. Automated decision-making, profiling

The Controller will not use your personal data for profiling or as part of the automated decision-making.

Klienci