Pursuant to Art. 14(1) and Art. 14(2) of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as ‘GDPR’, please be informed that:

1. Data Controller: The Controller of your personal data is Ocean Professional Logistics Spółka z ograniczoną odpowiedzialnością based in Gdynia at 3 Rotterdamska St., 81 – 337 Gdynia, entered in the Register of Entrepreneurs of the National Court Register under No.: 0000354708, NIP: 9581630203, REGON: 22100669000000, tel.: (58)785-54-15 FAX: +(58)785-54-16, e-mail:

2. Purpose and basis of data processing: Your personal data will be processed for the following purposes:

a. to conclude and perform the contract with OCEAN PROFESSIONAL LOGISTICS Spółka z ograniczoną odpowiedzialnością – based on Art. 6(1)(b) GDPR,

b. to comply with a legal obligation to which the Controller is subject (e.g. regulations of the tax or banking law) – based on Art. 6(1)(c) GDPR,

c. for the Controller to pursue claims, if any, or defend his rights – based on Art. 6(1)(f) GDPR (in this case, the legitimate interest of data processing is the Controller’s pursuance or defence of his claims),

d. to pursue the goal specified in the consent given by you – based on Art. 6(1)(a) GDPR (e.g. for the purpose of sending marketing or commercial information, including information on the valid promotions or prepared commercial offers, to the e-mail address or telephone number provided by you).

3. The Controller shall process the following categories of your personal data:

1) identification data;

2) address;

3) contact data;

4) data necessary for the issuance of the VAT invoice – as required under the applicable law.

4. Data recipients: Your data can only be transferred to entities authorised to receive personal data under the regulations of the law, and to the entities participating in service provision.  The Controller informs that personal data can be disclosed to the following categories of recipients: Controller’s authorised employees, Controller’s subcontractors, companies providing IT support services and supplying IT software, accounting companies which provide accounting services, transport and courier companies, should you order transport or courier service, law firms (offices) providing legal consultancy services and representation at court.

5. Your personal data can be transferred to a third country (outside the European Union) and an international organisation so as to carry out the purposes listed in it. 2 to the extent they are necessary to perform the tasks ordered from the Company.  In each case your data are transferred to other entities outside EEA, the Controller shall apply appropriate security measures so as to make sure that the transfer is performed in compliance with the binding data protection rules.  For example, in order to ensure an appropriate level of personal data protection the Controller can sign a data processing agreement with a third-party recipient, using the standard data protection clauses approved by the European Commission, or make sure that the transfer will be performed to a jurisdiction approved in a decision issued by the European Commission in the matter of proper personal data protection.

6. Data storage period: Your personal data will be stored solely for the period necessary to satisfy the purposes of personal data processing and ensuing from the obligations imposed in the commonly binding law, such as the Accounting Act or Tax Law Act.  The data processed for the purpose of pursuing claims (e.g. in court proceedings) will be stored throughout the claim limitation period, defined in the regulations of the Civil Code.  In the case of the data which are processed based on your consent, they will be stored until you withdraw it.

7. Rights: You have the right to request from the Controller access to your data, their rectification, erasure, restriction of their processing, and to object to their processing, as well as to data portability.

8. Where the processing of your personal data is based on your consent to the processing of your personal data (Art. 6(1)(a) GDPR), you have the right to withdraw your consent at any time.  The withdrawal shall not affect the lawfulness of the processing based on the consent before its withdrawal.

9. To exercise the above rights, contact the Controller by email at or by sending a letter to the following address: ul. Rotterdamska 3, 81 – 337 Gdynia, with an annotation: „Ochrona Danych Osobowych” [‘Personal Data Protection’].

10. Should you learn that your personal data are processed by the Controller unlawfully, you have the right to lodge a complaint with the supervisory authority in charge of matters related to personal data protection.

11. Voluntariness/ obligation to provide data: You data are given by you voluntarily but their provision is necessary to conclude the contract or perform other obligations binding on the Controller (e.g. in connection with the issuance of a VAT invoice), and failure to provide personal data will result in no possibility to perform the service or issue a VAT invoice.  Where the processing of your personal data is based on the consent of the data subject (e.g. for the purpose of sending commercial or marketing information), the provision of your personal data to the Controller is voluntary.