Privacy policy Sp. z o.o. ul. Puławska 303, 02-275 Warszawa


Respecting the Users' right to privacy, we apply technical and organizational security measures to protect the data of our Partners, Customers, Users of our services and websites, in particular their personal data (hereinafter referred to as Data), against access by unauthorized persons or entities. This Policy describes the principles of personal data processing at Sp. z o.o.


On what basis do we process personal data

We process personal data in accordance with the requirements of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) (Text with EEA relevance). This means that we process the Data only for specific purposes and with the consent of the Data Subject or on the basis of legal provisions allowing for the processing of the Data. The basis of the Data processing shall be:

For the Data, whose Administrator is Sp. z o.o:

  1. The performance of the contract, when processing is necessary to perform the contract or take action to conclude a contract.
  2. Justified business interests of the entrepreneur where processing is necessary for the conduct and development of our business activity of providing IT and telecommunications services, such as customer relations, and we apply principles of minimization and security to ensure that Data will be processed to a limited extent and only when their use is necessary for the conduct of legitimate business activity.
  3. Consent of the Data Subject, for instance when the Data Subject has registered in our services and websites.
  4. Compliance with legal regulations if they impose an obligation to process Data upon us.

The data entrusted to Sp. z o.o. as a processing entity by another Data Administrator or other processing entity are processed on the basis of an Agreement of entrusting the processing of Personal Data.


What kind of data do we process Sp. z o.o. collects and stores, within the framework of its business activity, only such data as are necessary for the realization of a legitimate interest of the entrepreneur and for the provision of services or management of relations with contractors, unless the Data Subject agrees to the processing of his Data also in another scope and for other purposes. In particular:

  1. Management of business contacts and relations with Customers and Registered Users of our Internet services. We process information about our customers, which may include: name / company, name and position / function of the contact person, telephone number, e-mail address, other contact details. We inform about what data are required and which can be optionally provided to us on the website.
  2. Visitors of our webpages. We register information about visits to our sites, which, however, are not used to identify you. These are: the IP address, date and duration of the visit, the visitor's device and application data.

We may also collect other information by means of the so-called "cookies", i.e. small text files installed on your device when you visit our websites. The user is informed about it on the pages of individual online services and about the ways of changing the settings of Internet browsers that disable the use of cookies. Information about visits to our sites may also be collected by third parties whose services we use. These may include, for example, analytical scripts for creating statistics (Google Analytics). We inform about them in Online Services where such external services have been installed. As these are external services of third parties, the privacy policy of the entities that use them to collect data shall be applicable.

  1. Persons contacting us. We store the device data, address or e-mail address or the telephone number from which the contact took place, other data provided voluntarily, e.g. the name and surname, and contact-related content.
  2. Data of persons which have been entrusted to us by third parties. We process only those Data that were provided to us by the Administrator in the contract of entrustment of Data and only for the purpose specified in the contract by the Administrator.


Providing access to personal data

1.         We do not make the Data available to any third parties, with the exception of entrusting or sub-entrusting the Data on the basis of a written agreement concluded between the Administrator and a given entity, to which the activities related to the processing of the Data have been assigned, in which the scope of the activities related to the processing of the entrusted Personal Data, the scope of the Data and the requirements concerning their protection have been specified. We are obliged to provide the public institutions and bodies with Data at their express request, justified by the binding legal regulations.

2.         Each person delegated to perform tasks related to the entrustment of personal data processing is obliged to sign a non-disclosure and confidentiality statement.

3.         The personal data processed at Sp. z o.o. can be accessed only by its employees who have undergone training on the principles of personal data protection and received written authorization to process them from the Management Board of Sp. z o.o.


Data storage period

We store Data only as long as it is necessary for the purposes for which they were collected. The data storage period is determined for each service separately, of which we inform in the regulations of particular services or which we specify in dedicated contracts with the Customer. Usually it is 21 days after the reasons for their storage ceased to exist, however, in the case of telecommunications services, it may be 12 months due to the requirements arising from the Polish Telecommunications Law Act. In special circumstances, however, we may retain them longer if required by law, or if they are necessary for the handling of possible claims or defence against claims, in which case we retain them until they cease. The basis for the processing of the Data in this case will be the legally justified interest of Sp. z o.o., which is the protection of rights, confirmation of the fulfillment of obligations and obtaining due remuneration from Users and customers. After the lapse of the above-mentioned period of time, the Data are deleted or anonymized in such a way that it is impossible to determine the identity of the User.


The rights of Data Subjects

Natural persons may request access to their Data processed by us as their Administrator by contacting the Data Protection Officer – Dariusz Jastrzębski, e-mail:

Each Data Subject has the right to inspect and rectify the Data; withdraw consent to the processing of the Data, demand removal of the Data (if this is not in conflict with other requirements for storing the Data), demand transfer of the Data to a set of files administered by another entity; restrict Data processing and lodge a complaint to the President of the Personal Data Protection Office. Sp. z o.o. reserves the right to verify the identity of the person who requests the Data.

Data Protection Officer

The Data Protection Officer at Sp. z o.o. is Dariusz Jastrzębski, e-mail address: , phone: (22) 548 6000.