Privacy Policy

1. GENERAL PROVISIONS

  1. The controller of personal data is PROPOINT S.A. with its registered office in Gliwice (44-100), at ul. Bojkowska 37 R, entered in the Register of Entrepreneurs maintained by the District Court in Gliwice, 10th Commercial Division under KRS number: 0000931877, NIP: PL6312558212, REGON: 240898185, phone: +48 32 270 60 50, email: lp.tn1781337956iopor1781337956p@ofn1781337956i1781337956 (hereinafter: the Controller).
  2. The privacy of visitors to our website is very important to us, and we take all possible measures to protect it. This Privacy Policy (hereinafter referred to as the “Policy”) explains how we process your data.
  3. Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – GDPR).
  4. We take special care to protect the interests of the data subjects and in particular ensure that the data we collect is:
    1. processed lawfully;
    2. collected for specified, legitimate purposes and not further processed in a manner incompatible with those purposes;
    3. factually correct and adequate in relation to the purposes for which it is processed and stored in a form which permits identification of the data subject for no longer than is necessary for the purposes of processing.

2. SCOPE OF DATA COLLECTED

  1. Your personal data is collected and processed only on the basis of appropriate legal grounds, and its scope depends on the type of service provided.
  2. The following personal data may be processed:
    1. information about your computer, including IP address, geographical location, browser type and version, and operating system;
    2. information about your visits to and use of this website, including the referral source, length of visit, page views, and navigation paths within the website;
    3. information such as your name, surname, and email address that you provide when registering or filling out the contact form on our website;
    4. information entered when using services on our website;
    5. information generated while using our website, including when, how often, and under what circumstances you use it;
    6. information contained in correspondence sent to us via email or through our website, including the communication content and metadata;
    7. information you send us via attached files such as CVs, cover letters, etc.;
    8. any other personal data you choose to send to us.
  3. Data is collected only to the extent that is adequate, necessary, and relevant to the purposes for which it is processed. The Controller does not process special categories of personal data. Providing data is voluntary but necessary for service delivery. Before disclosing another person’s personal data to us, you must obtain that person’s consent.

3. PURPOSES AND LEGAL BASIS OF DATA COLLECTION

Your personal data is processed for the following purposes:

  1. to take steps at your request prior to entering into a contract and to perform a contract in accordance with our Terms and Conditions – based on Article 6(1)(b) GDPR;
  2. to fulfill legal obligations of the Controller, particularly regarding finance and accounting – based on Article 6(1)(c) GDPR;
  3. to respond to inquiries made by phone or through the contact form – based on Article 6(1)(f) GDPR, i.e., the legitimate interest of the Controller to build and maintain customer relationships and promote services;
  4. to send marketing content via channels for which you have given prior consent (e.g., email and/or phone notifications such as SMS/MMS) – based on Article 6(1)(f) GDPR;
  5. for the establishment, exercise, or defense of legal claims – based on Article 6(1)(f) GDPR;
  6. to conduct surveys related to data security, implementation levels, or customer satisfaction – based on Article 6(1)(f) GDPR.

4. DATA RETENTION PERIOD

  1. Your personal data will be processed only for the period necessary to fulfill the purpose for which it was collected, i.e.:
    1. for the duration of electronic service provision (User Account operation) and order fulfillment, and thereafter for the period of limitation of any claims (up to 6 years from account deletion or final settlement);
    2. for the time needed to respond to an inquiry received by phone or via the contact form, but no longer than 6 months from the last contact.
  2. If data is processed based on the Controller’s legitimate interest, your data will be processed until that purpose no longer applies (e.g., expiration of claims) or until a valid objection is raised.
  3. If it is clear that the communication has ended, your data will be promptly deleted from operational systems and from backups within 30 days.

5. DATA RECIPIENTS

  1. We may disclose your personal data to authorized employees, management, representatives, suppliers or subcontractors, insurers, law firms, auditors, accounting offices, or entities related to the Controller by capital or personnel, to the extent necessary for the purposes described in this Policy and in accordance with applicable data protection laws.
  2. We may disclose your personal data:
    1. if required by law;
    2. in connection with ongoing or prospective legal proceedings;
    3. to establish, exercise, or defend our legal rights (including sharing information with others to prevent fraud);
    4. to persons who, in our reasonable opinion, may seek disclosure through a court or other competent authority, where there is a reasonable likelihood that such a court or authority would require disclosure – except as stated in this Policy, we will not share your data with third parties.
  3. In the event of a purchase, your data may be shared with online payment operators with whom the Controller has cooperation agreements.

6. DATA PROCESSING RULES

  1. Data is processed in accordance with applicable laws, including GDPR and the Polish Personal Data Protection Act of 10 May 2018.
  2. Personal data is stored no longer than necessary, including statutory periods for tax or statistical purposes or limitation periods for claims.
  3. The Controller may process data for additional purposes upon obtaining your consent. Where data is processed based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  4. Your consent allows us to:
    1. contact you via the contact form;
    2. store cookies and collect data from websites and mobile apps;
    3. organize promotional campaigns and contests;
    4. process optional data for service or order fulfillment;
    5. send newsletters and other commercial information to your devices.
  5. Providing personal data is voluntary, but some data may be required to contact the Controller, access services, or enter into and perform contracts.
  6. The Controller will not process data in an automated way that results in legal effects or similarly significant impact on you – including profiling

7. INTERNATIONAL DATA TRANSFERS

  1. Personal data may be transferred to a third country. Any transfer outside the EEA will comply with GDPR regulations.
  2. Personal data you publish on our website or submit for publication may be accessible worldwide via the Internet.

8. DATA SECURITY

  1. We will take appropriate technical and organizational precautions to prevent the loss, misuse, or alteration of your personal data.
  2. All personal data you provide will be stored on secure servers (password- and firewall-protected).
  3. You acknowledge that transmission of information over the Internet is inherently insecure and we cannot guarantee complete security of data transmitted this way.

9. POLICY CHANGES

This Policy may be updated from time to time by publishing a new version on our website. Please check
the website regularly to ensure you understand any changes.

10. YOUR RIGHTS

  1. You are entitled to all rights under the General Data Protection Regulation, including:
    1. the right to access, rectify, or delete your data – especially if your data is incorrect, incomplete, no longer necessary, or you have withdrawn your consent;
    2. the right to restrict processing – pending rectification or objection, we will restrict rather than delete your data;
    3. the right to data portability;
    4. the right to object to the processing of your personal data;
    5. the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office in Poland.
  2. You may object at any time to processing your data for direct marketing purposes if the processing is based on the Controller’s legitimate interest.

11. THIRD-PARTY WEBSITES

Our website contains hyperlinks to third-party websites and detailed information about them. We do not control and are not responsible for the privacy policies and practices of third parties.