KInformation clause .mdd for correspondents

Indication of the Controller

The Controller of your personal data is one of the MDD Group companies:

  1. .mdd Sp. z o.o. (Ltd.), registered office in Sępólno Krajeńskie, Poland, at (89-400), ul. Koronowska 22, KRS (National Court Register): 0000097731, NIP (Taxpayer Identification Number): 5611437378, REGON (National Official Business Register): 092911632,
  2. DIRECT DIGITAL Sp. z o.o. (Ltd.), registered office in Bydgoszcz, Poland, at (85-023), ul. Toruńska 33, KRS: 0000915881, NIP: 9532784828, REGON: 389662490,
  3. .mdd Dąbrowski Sp. Komandytowa (Limited Partnership), registered office in Sępólno Krajeńskie, Poland, at (89-400), ul. Koronowska 22, KRS: 0000394682, NIP: 5040068981, REGON: 341092676
  4. .mdd Design Sp. z o.o. (Ltd.), registered office in Sępólno Krajeńskie, Poland, at (89-400), ul. Koronowska 22, KRS: 0000478469, NIP: 5040072652, REGON: 341482450; of which it communicates to you in the abridged version of the information obligation provided pursuant to Article 13.1 and Article 14.3 Polish RODO in direct or indirect communication.

Would you like to notify us of a breach of protection of your personal data, send us a request regarding your rights as a data subject? Do you have questions or concerns about the protection of your personal data? Contact our Data Protection Officer directly at the following email address: iod@mdd.pl

Purposes of data processing and legal basis

  1. Correspondence registration and response - processing is necessary for the legitimate purposes of the administrator to fulfil the legitimate purposes of responding to letters in a timely manner, making timely payments to suppliers, ensuring the quality of cooperation with contractors and other stakeholders (Article 6(1)(f) Polish RODO).
  2. Pursuing and protecting against claims - the processing is necessary for the legitimate purposes of the controller to protect the interests of the business (Article 6(1)(f) Polish RODO).

Duration of data processing

Data is processed for a period of time respectively:

  1. until an effective objection/request for erasure is made or the purpose of the processing ceases - applies to point 1 above;
  2. limitation of actions - refers to point 2 above.

Transfer of personal data

Personal data will only be transferred by the Controller to trusted entities, such as companies providing and operating selected IT systems and solutions, and providers of accounting, legal, postal and courier services.

As a general rule, personal data will not be transferred outside the EEA or made available to international organisations. However, where the controller uses service providers from outside the EEA that have not been recognised by the European Commission as providing an adequate level of protection for personal data, transfers of personal data to the above-mentioned entities shall be made on the basis of standard data protection clauses adopted by the European Commission, thus subject to adequate safeguards for the protection of the privacy and rights and freedoms of the data subjects. A copy of the standard contractual clauses can be obtained from the controller. 

Your rights

Concerning our processing of your personal data, you have the right to:

  1. request access to your personal data,
  2. request the rectification of your personal data,
  3. request the erasure or restriction of the processing of your personal data,
  4. object to the processing of your data,
  5. complain to the supervisory authority, which in Poland is the President of the Office for Personal Data Protection.

You may exercise your rights by sending the appropriate instruction by post to the Administrator's registered office address or by e-mail to iod@mdd.pl iod@mdd.pl

Other information

The provision of data is voluntary, but necessary for the conclusion and execution of the contract.

There is no automated decision-making, including profiling, in the processing of personal data.