Under Article 13(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (“General Data Protection Regulation”, “GDPR”):

1. The Controller of your personal data is Port Lotniczy Poznań-Ławica Sp. z o.o., with its registered office at the address: ul. Bukowska 285, 60-189 Poznań, entered in the register of business operators of the National Court Register kept by District Court Poznań–Nowe Miasto i Wilda w Poznaniu, 8th Commercial Law Division under number KRS 0000003431, NIP (tax ID) 781-15-33-610, REGON (statistical ID) 630981266, phone: +48 61 849 23 43, https://www.poznanairport.pl

2. How to contact our Data Protection Officer:
e-mail: [email protected], phone: +48 61 849 22 32, or directly at the address given above.

3. We process the personal data which you provided to the extent specified above under Article 6(1)(c) GDPR: the legal basis for the processing is the Controller’s legal obligation, i.e. the need to meet the requirements for vehicle maintenance set out in Commission Delegated Regulation (EU) 2020/2148 of 8 October 2020 amending Regulation (EU) No 139/2014 as regards runway safety and aeronautical data. The data are also processed for the purposes of the Company’s legitimate interests, i.e. to secure information in the event of a legal need to prove facts or to establish and exercise the Controller’s rights, if needed, or to defend the Controller from claims. In this case the legal basis for the processing is Article 6(1)(f) GDPR.

4. We may share your data with:

a) persons authorized by us – our staff or business partners who need access to your data to be able to perform their duties,

b) data processors – to whom we will outsource activities which require data processing,

c) entities authorized to obtain the data under applicable laws.

5. We will store your personal data until the expiry of the Controller’s legal obligations, and when the data are processed based on the Company’s legitimate interests – until those interests exist, in particular for the time needed to secure information which might be necessary to prove facts, or for the time when any potential claims brought against the Controller may be legally filed.

6. Your personal data will not be transferred to countries outside the EEA.

7. You have the right to access your data, the right to rectification, erasure (unless the Controller is legally required to process them further), restriction of processing and the right to data portability. You also have the right to object to the processing based on our legitimate interests. You can exercise the above rights by contacting the Data Protection Officer at the e-mail address [email protected] or by sending a letter to our registered office. If you find that your personal data are processed in violation of applicable laws, you have the right to lodge a complaint with the President of the Personal Data Protection Office.

8. You need to provide your personal data to be able to enter the Security Restricted Area.