Last updated: 15.03.2019
HL Tech Sp. z o.o (‘HL Tech’) takes the privacy and security of your personal information very seriously, and we’re committed to protecting and respecting your privacy.
We recognise that there are risks to you with us processing your personal information, such as financial loss if there is a security breach, You can find out more information about our security measures in section 4
We are always looking to improve the information we provide to our customers and contacts so if you have any feedback on this Policy, please let us know using our contact details in section 13
We explain in this Policy:
- Who we are
- Collecting your information
- How we use your information
- Information security
- Our legal basis for using your information
- How and when we share your information
- Transfers outside of Europe
- How long we store your personal information
- Your rights
- 10.Using our websites
- 13.Contacting us
Your rights to object: You have various rights in respect of our use of your personal information as set out in section 9. Two of the fundamental rights to be aware of are that you may:
a) ask us to stop using your personal information for direct-marketing purposes. If you exercise this right, we will stop using your personal information for this purpose.
b) ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our, or another person’s, legitimate interest.
You can find out more information in section 9
1. Who we are
We are HL Tech Sp. z o.o. (‘HL Tech’). We are part of the Hargreaves Lansdown group of companies. We are registered in Poland and act as data controller of your personal information.
Our registered office is: Plac Europejski 1, 00-844 Warszawa, Poland
This Policy also applies to the websites that HL Tech operate as described in section 10.
2. Collecting your information
We collect and process your information in these circumstances:
a) When you visit our premises: Because of our security policies and procedures in our office premises, we will collect images of visitors using CCTV footage.
b) When you visit our website: When you visit our websites we automatically collect information which includes: the Internet Protocol (IP) address used to connect your computer to the internet, your login information, your geographic location, your browser and browser plug-in type and version, and your operating system and platform
3. How we use your information
We use your personal information in the following ways:
- To provide you with any services and/or information you request from us.
- To process any job application you submit, or that an agency submits for you.
- Gathering data for analysis and research, and to provide management information or other services internally and to third parties.
- To administer our sites and for internal operations, including troubleshooting, data analysis, load management, testing, research, statistical and survey purposes.
- To improve our sites to make sure that our content is as effective as we can for you and for your computer.
- So you can choose to participate in interactive features of our sites.
- As part of our efforts to keep our sites safe and secure and to prevent and detect money laundering, financial crime and other crime.
- To monitor, record, store and use any telephone, email or other communication with you. We’ll update your records with any new information you or a third party give us, and we’ll add it to any information we already have.
- To deal with any enquiries or issues you have about how we collect, store and use your information, or any requests made by you for a copy of the information we hold about you.
- For internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development, and to identify and implement business efficiencies.
4. Information security
We take the security of your personal data very seriously, and we use appropriate technologies and procedures to protect your personal information.
We keep our data security policies and procedures up to widely accepted international standards. In addition, we review our policies regularly and update them whenever needed to protect you, and to meet our business needs, changes in technology, and regulatory requirements.
Here are examples of the ways we protect your data:
a) We have appropriate technical and organisational measures in place to protect you against accidental loss and unauthorised access, use, destruction or disclosure of your data.
b) We have a business continuity and disaster recovery plan that is designed to help us offer our services and protect our people and assets no matter what happens.
c) We place appropriate restrictions on access to personal information.
d) We implement measures and controls, including monitoring and physical measures, to store and transfer data securely.
e) We complete data protection impact assessments in accordance with legal requirements and our business policies.
f) We provide data security training for our employees.
g) We use a stringent approach to vendor risk management.
The internet is an open medium and we can’t guarantee that any information you send to us by email or via our sites won’t be intercepted or tampered with. Any transmission is at your own risk. To help protect your personal information and minimise the risk of it being intercepted by unauthorised third parties, our secure servers use Secure Socket Layer v3 (SSL) or Transport Layer Security v1 (TLS) encryption when you submit information to us through our sites. You can see this security is in place when you see „https” and the padlock on your URL bar. Older browsers don’t always support current SSL technology, so we recommend that you use an up-to-date browser. Once we’ve received your information, we use strict procedures and security features to try to prevent unauthorised access. C
5. Our legal basis for using your information
Our legal basis for collecting and using your personal information depends on the exact type of information and how and when we collect it. However, we’ll normally only collect personal information from you where one of the following applies:
a) we need your personal information to perform a contract with you;
b) it’s in our legitimate interests or the legitimate interests of others (for example, to ensure the security of our website). Our legitimate interests are to:
i. run, grow and develop our business;
ii. ensure a safe environment for our staff and website visitors;
iii. marketing, market research and business development;
iv. for internal group administrative purposes.
If we rely on our (or another person’s) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person’s) legitimate interests are not outweighed by your personal interests or fundamental rights and freedoms which require protection.
c) we have your consent (for example you have ticked a box on a form):
If we rely on your consent for us to use your personal information in a particular way, but you later change your mind, you may withdraw your consent by contacting us and we will stop doing so.
d) we have a legal obligation to collect your personal information.
When we collect personal information to comply with a legal requirement or to enter into a contract with you, we’ll let you know at that time. We’ll also tell you if providing your personal information is mandatory or not, and what the consequences would be if you don’t provide it. Similarly, if we collect and use your personal information for our legitimate interests (or those of any third party), which are not set out above we’ll tell you at that time what those legitimate interests are.
6. How and when we share your information
We may share your personal information with other members of the Hargreaves Lansdown Group to:
- run, grow and develop our business;
- for internal group administrative purposes.
We otherwise do not share your personal information with third parties.
7. Transfers outside of Europe
We usually store your information on our secure servers in the Poland.
- However, where data is shared with other members of Hargreaves Lansdown Group it may be sent to process in UK
We’ll take all steps reasonably necessary to make sure that your personal information is treated securely. For example, as permitted by Article 46 of the General Data Protection Regulation, we use standard contractual clauses with third parties, so that your information is protected to the same standards as it is in the European Economic Area
8. How long we store your personal information
We keep the personal information we collect from you, where we have an ongoing legitimate business need to do so.
When we have no ongoing legitimate business need to hold your personal information, we will either delete or anonymise it. If we can’t do this (for example, because your personal information is stored in backup archives), we’ll securely store your personal information, only use it for a purpose we’ve already communicated to you.
9. Your rights
a) Right of access: You have the right of access to any personal information we hold about you. You can ask us for a copy of your personal information; confirmation whether your personal information is being used by us; details about how and why it is being used; and details of what safeguards are in place if we transfer your information outside of the European Economic Area.
b) Right of to update your information: If any of the information we hold is inaccurate, you can ask us to make any necessary amendments.
c) Complaints: If you have any complaints or concerns about our handling of your personal information please do get in touch with us and we will do our best to resolve these. You can write to us at the address below in section 13
In accordance with Article 77 of the General Data Protection Regulation, you have the right to complain about our collection and use of your personal information to the Information Commissioner’s Office or the data protection authority in the country where you usually live or work, or where the alleged infringement of the General Data Protection Regulation has taken place. For more information, please contact the local data protection authority at: Personal Data Protection Office, Stawki 2, 00-193 Warsaw or by phone +48 606-950-000
You may also seek a remedy through local courts if you believe your rights have been breached.
In certain specific circumstances you also have following further rights:
a) Right of deletion: You have a right to ask us to delete any personal information which we are holding about you.
b) Right to restrict use of your information: You have a right to ask us to restrict the way that we process your personal information.
c) Right to data portability: You have a right to ask us to provide your personal information to a third party provider of services.
d) Right to object. You have a right to ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person’s legitimate interest.
e) Right to stop marketing: You have a right to ask us to stop using your personal information for direct-marketing purposes.
We will consider all such requests and provide our response within a reasonable period (and in any event within one month of your request, unless we tell you we are entitled to a longer period required by applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims. If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
Please contact us at using the details below in section 13 if you would like further information. If you would like to exercise any of your rights you can write to us at the address below in section 13
10. Using our websites
The websites we own are:
This Policy applies when you use the above website and their content.
If you visit our website you acknowledge that the practices described in this Policy apply. Our sites can, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please remember that they have their own policies and that we do not accept any responsibility or liability for their policies or how they collect and use your information.
13. Contacting us
If you have any questions about your privacy with us or this Policy, you can e-mail us write to us at HL Tech Sp. z o.o, Data Protection Officer, Plac Europejski 1, 00-844 Warsaw, Poland