Published using Google Docs
Returnly/Poland Employment Privacy Notice (EU)
Updated automatically every 5 minutes

Effective Date:  July 29, 2021

EU Employee Notice Regarding Use of Personal Data (“Notice”)

As your employer, Returnly Technologies Spain, S.L.U., or Midship sp. z o.o., as applicable to you as an employee of either company (collectively, Company”, “we” or “us”) collect, use and disclose Personal Data relating to you for a variety of employment-related purposes both before, during and after your employment with the Company. Company is committed to ensuring that your Personal Data will be handled in accordance with all applicable data privacy laws.  Data privacy laws generally require that individuals be informed of (and, under certain circumstances, consent to) the processing of their Personal Data and to transfers of the information to third parties and countries, and can impose other obligations on organizations processing such information.

Personal Data Company Collects:

Personal Data that the Company may collect and hold about you (in both paper or electronic format) includes:

How Company Uses Your Personal Data 

Company collects information about you in the normal course of business and for other purposes related to your role and function in the Company, including:

Monitoring Business and Private use of Company Systems

Company may, in accordance with local law and to guarantee its electronic systems, carry out monitoring operations on its information systems and communications systems, including computers, portable and other devices, telephone, e-mail, voicemail, Internet and other communications (collectively, “our Systems”).

Company reserves the right to preserve, collect, search, review, and disclose data; the contents of messages or documents on any medium; or check activity undertaken through our Systems for the following purposes (this list is not exhaustive):

The contents of communications and usage information may be disclosed to third parties (including affiliates, regulatory authorities, courts and counterparties in litigation and our or their agents anywhere in the world) as described below. Where evidence of misuse is found, we may undertake a more detailed investigation, involving the examination and disclosure of any monitoring records and interviewing of witnesses or managers involved.  

More information can be found by accessing our Acceptable Use Policy.

Sharing Employee Information

We will share your Personal Data with third parties outside of Company where it is necessary to administer the working relationship with you, where such processing is necessary for compliance with a legal obligation to which Company is subject, or where we have another legitimate interest to do so.

We may disclose your Personal Data to service providers rendering services on Company’s behalf. Common examples of providers are payroll processors, call centers, employee benefits providers, and companies providing other support services to Company. We also may send your Personal Data to companies we have contracted with to operate various information systems or to process certain transactions (e.g., payroll services providers, cloud storage providers).

Generally, Company will only disclose workforce Personal Data to third parties other than service providers:

These third parties and Company entities may be located in jurisdictions whose data privacy laws may not be equivalent to data privacy laws in your own country of residence. Such transfers or disclosures will be made within the scope of applicable laws.

Data Transfer

We hold your Personal Data in the United States, where Company is headquartered, or in  Canada.   From time to time, we may be required to transfer your Personal Data across borders and internationally for the purposes set forth above. When we do so, we will ensure that such transfers ensure that an appropriate level of protection is given to your information and that the transfers are conducted in compliance with applicable law.

Data Security

We have implemented appropriate physical, technical and organizational security measures designed to secure your personal data against accidental loss and unauthorized access, use, alteration or disclosure.  In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.

Data Retention

Company will retain your Personal Data for as long as is necessary, or for such longer period as may be required by law or to satisfy a legitimate business need.  Records that are no longer needed are either deidentified (and the deidentified information may be retained) or securely destroyed.  

Please note that these periods may be extended where reasonably necessary (for example, where we are required to do so by law or by a regulator).

Updates or Requests Related to your Personal Data 

We process “Personal Data,” as that term is defined in the EU General Data Protection Regulation, on the following legal bases: (1) with your consent; (2) as necessary to perform our employment agreement; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data protection. Information we collect may be transferred to, and stored and processed in, the United States or any other country in which the Company or our affiliates or subcontractors maintain facilities, as described above.

Under certain circumstances, you may have the right to:

To submit a request to exercise your rights, please contact us at grp.privacy@affirm.com. Under applicable law, we may not be required to comply with your request in whole or in part, or may comply with it in a more limited way than you anticipated. If this is the case, we will explain that to you in our response.

Conflicts

Nothing in this Notice is meant to vest in an employee any greater rights than they may have under applicable data protection laws, employment contract or employment handbook. This Notice is not intended to replace other notices provided by the Company in accordance with applicable national laws and regulations. In the event of any conflict between notices required by local applicable law(s) and this Notice, any notices required by local law will control.

Changes

We reserve the right to amend this Notice from time to time and encourage you to periodically review this Notice.

Questions about Company’s Use of Your Personal Data

If you have a concern or a question about how we process your Personal Data, contact grp.privacy@affirm.com.