§ 1.
General provisions


Privacy Policy of the website is addressed to its users.

The present Privacy Policy determines the rules for processing personal data as well as the rights of natural persons whose personal data is or may be processed.

Privacy policy presents the scope of data concerning personal identification of the User collected by the owner of the website together with the mechanisms ensuring their privacy (resulting from the rules of law). What is more, privacy policy constitutes the fulfilment of the obligation of information in relation to the person whom the data concerns.


§ 2.
Information obligation


Pursuant to Article 13 of General Data Protection Act as of April 27th 2016 (Official Journal EU L 119 as of 04.05.2016) we hereby inform that:

1)   the administrator of your personal data is: PromoAgency Sp. z o. o., ul. Wadowicka 8A, 30-415 Kraków

2)   contact with Data Protection Officer –

3)   your personal data shall be processed for the purposes of website administration, website traffic statistics, managing the content of the website, maintaining contact with the Users – basing on Article 6 section 1 letter f of the General Data Protection Act as of April 27th 2016.

4)   the recipients of your personal data shall be exclusively the entities entitled to obtaining personal data basing on legal provisions as well as entities participating in the provision of services

5)   your personal data shall be stored for the period of 2 years

6)   you have the right to request from the administrator the access to your personal data, the right to correct your data, have it removed or to limit its processing as well as the right to transfer the data

7)   you have the right to file a complaint to the supervisory authority

8)   providing personal data is voluntary, however the refusal to provide personal data may result in the refusal to conclude the agreement


§ 3.
Administrator of personal data


1.   PromoAgency Sp. z o.o. with its registered seat in Kraków (30-415), address: ul. Wadowicka 8A, entered into the register of entrepreneurs of the National Court Register (KRS), kept by the District Court for Kraków-Śródmieście in Kraków, 11th Economic Department of the National Court Register (KRS) under KRS number 0000393240, Tax Identification Number NIP 676-24-43-288, National Business Registry Number REGON: 121550617, share capital: PLN 105 250, electronic mail address: (“Administrator) is the administrator of personal data and processes personal data concerning the users collected among others via Administrator’s website active under (“website”).

2.   The Administrator is at the same time service provider referred to in Article 2 point 6 of the act as of July 18th 2002 on providing services via electronic means (Journal of Laws 2013 number 0 item 1422 as amended).

3.   The Administrator uses technical and electronic means ensuring the protection of the processed personal data adapted to threats as well as categories of data subject to protection, in particular protects the data against its sharing to unauthorized parties, against being taken by an unauthorized person as well as against its modification, loss, partial or complete damage.

4.   The Administrator fulfils the duties resulting from the Regulation (EU 2016/679) of the European Parliament and of the Council as of 27 April 2016 as well as the act as of 18 July 2002 on providing services via electronic means (Journal of Laws 2013 number 0 item 1422 as amended).


§ 4.
Data collection


All personal data of website users is collected by the Administrator in two ways:

1) information provided by the user voluntarily – mainly the users of contact forms or recruitment forms are asked to provide personal data and this includes in particular their name and surname together with e-mail address

2)  information obtained while using the website – it may include:

1)  information in server logs – Administrator’s servers automatically save such data as website request sent by the user, date and time of the request and response, device details (e.g. model), browser type, browser language, type of the operation system;

2)  IP address – each device connected to the Internet has a unique number assigned, basing on which it is possible among others to identify the country from which a given user establishes network connection;

3)  cookies files referred to in § 10 of the present Privacy Policy.


§ 5.
Purpose of data collection


1.  Personal data provided, in particular name, surname and e-mail address, is processed by the Administrator for the purpose of providing the answer to the question asked by the user or for recruitment purposes.

2.  The Administrator hereby informs that they are entitled to process the provided personal data for their legitimate purpose involving in particular direct marketing activities.


§ 6.
Administrator’s rights


1.   The Administrator has the right to make the provision of services, including the use of the website, dependent on the verification of user’s personal data.

2.   In the case of any doubts arising in connection with the truthfulness or up-to-date character of data provided by the user, the Administrator is entitled to suspend the provision of services for the user until the matter is clarified.

3.   In the case of failure to provide personal data necessary to fulfil the objectives referred to in § 5 of the present Privacy Policy or the failure to provide the consent for processing personal data, the Administrator has the right to discontinue the provision of services via electronic means. The scope of necessary data is indicated on the website every time before the provision of a given service via electronic means begins.


§ 7.
User’s rights


1.   The user has the right to review and modify its personal data as well as to have it removed via the website.

The User may submit the notification concerning the modification of their personal data in writing, by e-mail to or perform the modification themselves on the website.

2.   Other rights of the user have been specified in the Regulation (EU 2016/679) of the European Parliament and of the Council as of 27 April 2016. The user has in particular the right to:

1)    control the processing of data concerning them included in data files;

2)    request the complementation, updating, correction of personal data or its removal when the data is incomplete, outdated, untrue or has been collected with violation of the act or has become unnecessary for the fulfilment of the objective for which it has been collected.


§ 8.
Making the data available


1.   The Administrator, for the purposes of service provision, is entitled in justified cases to make personal data available to:

1)   employees of the Administrator – for the purposes of appropriate fulfilment of duties and only when they are duly authorized;

2)   entities within the capital group to which the Administrator belongs – for the purposes connected with user-related services;

3)   third parties – when making such data available is necessary for the provision of services by the Administrator as well as commercial partners involved by the Administrator in order to ensure the provision of services;

4)   public authority bodies, law enforcement authorities or other entities – when the obligation to make the data available upon their request results from the provisions of law.

2.   By providing personal data the user accepts the examples of making it available referred to above.

3.   In any case referred to in section 1 point 1-3 above, the Administrator requires from a given entity to maintain the confidentiality and security of the information as well as to use it only to provide a given service or product to the Administrator.


§ 9.
Voluntariness of providing personal data


1.   Providing personal data by the user is voluntary, subject to § 6 section 3 of the present Privacy Policy.

2.   The user is obliged to provide correct data as well as to update it as soon as a change appears.


§ 10.


1.   Cookies constitute IT data, in particular text files, stored on website user’s end device. Cookies are intended for using the webpages of the website. Cookies usually contain the name of the website from which they come from, duration of their storage on the end device as well as a unique number.

2.   The Administrator processes data included in cookies when the website is accessed by the user for the purposes of:

1)   storing data from filled in contact or recruitment forms;

2)    statistical data which makes it easier to understand the way of using the website, enabling website development according to user preferences;

3)   providing the users with advertising content matching their interests to the largest possible extent.

3.   The content of cookies does not make it possible to identify the user.

4.   The majority of browsers accept cookies by default. However, the user may set their browser so that it rejects the requests for cookies storage in general or blocks some specific cookies. The modification of default browser settings may result in the risk of partial or total block of correct functioning of the website.

5.  Website may use the following types of cookies:

1)    files necessary for the functioning of the website – these files are responsible for correct functioning of the website;

2)    statistical files – these files enable the collection of statistical information connected with the way of using the website;

3)    functional files – these files make it possible to memorize functional settings of the website chosen by the user;

4)    advertisement files – these files enable the adjustment of advertisements to user’s preferences;

5)    social media files – they are responsible for the integration of social media (Facebook, LinkedIn, Google+ etc.) with the website.

6.   More information on the possibility and ways of using cookies is available in the settings of the Internet browser applied. Browser settings relating to cookies are crucial from the point of view of the consent to use cookies by the website.


§ 11.
Links to other webpages on the website


Website owner informs that the website includes link to other webpages. It is advisable to read privacy policies which are in force there as website owner shall not be responsible for them.


§ 12.
Protection of user’s data on the website


The description of technical and organizational protective means is included in the Security Policy (for the protection of personal data) of the website owner. The following protective measures are in particular applied:

a.   Data downloaded by the server automatically is protected with the mechanism of website access authentication

b.   Data obtained from users during the registration process is protected with the SSL protocol as well as through website access authentication mechanism

c.   The access to website administration takes places with the use of authentication mechanism


§ 13.
Final provisions


1.  Administrator reserves the right to modify the present Privacy Policy. The modifications shall be published on the website no later than 7 days before their entering into force.

2.  The present Privacy Policy enters into force on 25 May 2018.


Last update: 25 May 2018