GDPR

GDPR

Information on the processing of Shareholders’ personal data

Pursuant to the provision of art. 13 sec. 1 and sec. 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (“GDPR”) Helio S.A. with headquarters in Wygled, ul. Stołeczna 26, 05-083 Zaborów, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw in Warsaw, XIV Commercial Division of the National Court Register, under the KRS number 262514, NIP: 1181694514, Regon: 015533555, with share capital of PLN 2,500,000, fully paid up (“Helio”), informs that it processes shareholders’ personal data. Detailed information on the processing of shareholders’ personal data is provided below.

1. Personal data administrator

The administrator of personal data of Helio shareholders who are natural persons and shareholders’ proxies who are entitled to participate in the General Meeting (“GM”), have demonstrated their status of shareholder or proxies of shareholders who requested access to the list of shareholders entitled to participate in the GM or the list of shareholders present at the GM , submitted an application for access to copies of motions on matters included in the agenda of the GM, filed a request to convene a GM, a request to include matters on the agenda of a convened GM or submitted a draft resolution of the GM (“Shareholders”) is Helio, e-mail address: wz@helio.pl.

2. Purposes and grounds for processing personal data

The personal data of the Shareholders will be processed for the purpose of conducting the General Meeting, in particular for the purpose of fulfilling the obligation to provide the Shareholders with the list of shareholders at their request.
The legal basis for the processing of Shareholders’ data is the Code of Commercial Companies of September 15, 2000 (“CCC”) and the Act on Public Offering, Conditions Governing the Introduction of Financial Instruments to Organized Trading, and Public Companies of July 29, 2005.
Processing of personal data of Shareholders:
1) it is necessary to fulfill the legal requirements to which Helio is subject (Article 6 (1) (c) of the GDPR);
2) legitimizes the legitimate interest of the Company in the form of: (i) enabling contact with Shareholders and verifying their identity; and (ii) pursuing possible claims or defense by Helio against potential claims (Article 6 (1) (f) of the GDPR).

3. Categories of data processed by Helio

The category of personal data processed by Helio are the Shareholders ‘data placed on the list of shareholders entitled to participate in the GM, details of the shareholders and their proxies included in the list of shareholders present at the GM, details of the shareholders’ proxies included in the power of attorney to represent the shareholder during the GM, details of the shareholders and their proxies data of shareholders and their proxies indicated in the request to convene a GM, data of shareholders and their proxies indicated in the request for copies of shareholders’ lists and the request on matters included in the agenda of the GM, in the request for placing an issue on the agenda of the GM or in the application containing a draft resolution of the GM.
The scope of data processed by Helio includes in particular:
1) data on Shareholders and their proxies (name, surname, address or address for service, PESEL number, series and number of ID card, parents’ names and other data contained in the content of the identity document);
2) data on the shares and the rights resulting therefrom, such as: number, type and numbers of shares and the number of votes;
3) e-mail address of the Shareholders and their proxies.

4. Recipients of data processed by Helio

We may disclose the personal data of Shareholders to entities cooperating with Helio in connection with the performance of Helio’s obligations regarding the conduct of the GM and – in the case of data included in the list of shareholders entitled to participate in the GM or the list of shareholders present at the GM – pursuant to the provisions of the Commercial Companies Code, Shareholders who submit a request to view the list shareholders, issuing a copy of such a list or sending the list by e-mail.
In addition, the recipients of the collected personal data are entities providing hosting services for IT tools used to contact Shareholders and entities providing document archiving services.

5. Data storage period

Personal data contained in the lists of Shareholders, attendance lists and powers of attorney are stored for the duration of Helio’s existence, and then may be transferred to the entity designated to store documents in accordance with the provisions of the Commercial Companies Code. Personal data related to contact by e-mail are stored for a period enabling Helio to demonstrate compliance with the obligations arising from the provisions of the Commercial Companies Code and the limitation period for any claims by Helio or in relation to Helio.

6. The rights of the entity whose personal data are processed

A shareholder is entitled to:
1) access to the content of your personal data and receive a copy thereof;
2) rectify (correct) your data;
3) deletion of data – if in the opinion of the Shareholder there are no grounds for Helio to process the Shareholder’s data, the Shareholder may request Helio to delete them;
4) restriction of data processing – the Shareholder may demand that Helio limit the processing of the Shareholder’s personal data only to storing or taking actions agreed with the Shareholder;
5) object to the processing of personal data at any time. Upon receipt of the objection, Helio will cease processing data for the purpose or purposes to which the objection has been raised, unless the Company demonstrates the existence of valid legally valid grounds for processing, overriding the interests, rights and freedoms of the Shareholder or grounds for establishing, investigating or defending against claims;
6) file a complaint to the President of the Personal Data Protection Office or another competent authority, if it is found that the processing of personal data violates the regulations resulting from the GDPR;
7) withdrawal of consent to the processing of personal data. At any time, the Shareholder may withdraw consent to the processing of personal data processed by Helio based on the Shareholder’s consent. Withdrawal of consent will not affect the lawfulness of processing based on the consent of the Shareholder prior to its withdrawal.

7. Information on the requirement or voluntary provision of data

In the case of transferring data directly to Helio, providing the data is required by the provisions of the Commercial Companies Code, including in order to verify the identity of the Shareholder; failure to provide them is associated with the inability to participate in the General Meeting. With regard to the e-mail address, providing the said address is voluntary, but necessary to enable contact between Helio and the Shareholder via e-mail; Failure to provide it is associated with the inability to establish communication via the electronic channel.

8. Information about the data source

Shareholders’ personal data is obtained from the National Depository for Securities S.A. with headquarters in Warsaw, ul. Książęca 4 and are sent by Shareholders, proxies and representatives, in particular in connection with the need to demonstrate the status of a shareholder, holding an appropriate number of shares (including the performance of obligations related to holding a certain number of shares in the Company), voting rights or the right to represent the Shareholder.

Find out more about our Privacy Policy and Cookie Policy.

Contact with us

Do you have questions or need information? Select a contact for the appropriate department.