§1 General information

1. This document, i.e. The Privacy Policy primarily sets out the principles according to which the processing of personal data by the Controller takes place, including the grounds, purposes and scope of the processing of personal data and the rights of data subjects, as well as information on the scope of application of the site’s www.aclegal.pl cookies and analytical tools.
2. The administrator of your personal data is Artur Cichocki conducting business under the name Cichocki Kancelaria Adwokacka, str. Krakowskie Przedmieście 79, 00 – 079 Warsaw, entered in the CEIDG, NIP 5671727080, (hereinafter: “Administrator”), e-mail address [email protected].
3. Your personal data will be processed on the basis of Art. 6 para. 1(a)(c) of the DPA in order for you to enter into a contract with the Administrator for the sale of the legal services offered by the Administrator and the performance of the contract, as well as the performance of the Administrator’s legal obligations, direct marketing, the creation of statements, analyses and statistics, the handling of legal questions, financial settlements, including the issuance of accounting documents.
4. The Administrator is entitled to transfer your personal data to entities affiliated with the Administrator, including third parties (hereinafter: “Associates”). Accordingly, your personal data may be transferred to Collaborators on the basis of a personal data processing entrustment agreement between the Administrator and Collaborators. The controller is obliged to provide your personal data on the basis of mandatory legal provisions, including at the request of authorised courts, authorities and institutions.
5. Your personal data, as a general rule, is not transferred outside the European Economic Area (hereinafter: “EEA”). However, the transfer of your personal data outside the EEA may take place when this is necessary in order to fulfil your enquiry or order.
6. Your personal data will be stored for the period necessary for the performance of the contract you have concluded with the Administrator, and thereafter until the expiry of the limitation period for claims under the contract you have concluded. On the other hand, your personal data recorded in the accounting records will be kept for the period indicated in the applicable legislation, including tax legislation.
7. Subject to restrictions under the RODO and other legislation, you have the right of access to the content of your personal data and the right to rectification, erasure, restriction of processing, the right to data portability, the right to object, and the right to withdraw your consent at any time if the processing is based on your consent.
8. You have the right to lodge a complaint with a supervisory authority within the meaning of the RODO if you consider that the processing of your personal data violates applicable law. The supervisory authority is the President of the Office for Personal Data Protection, St. Stawki 2, 00-193 Warsaw, ePUAP electronic submission box of the Office for Personal Data Protection:/UODO/SkrytkaESP.
9. You may be subject to a decision based on automated processing of your personal data, including profiling, if the Administrator is authorised to do so by applicable law or you have previously given your consent.

§2 Basis for data processing

1. The controller is entitled to process personal data where, and to the extent that, one or more of the following conditions are met: (1) the data subject has given his or her consent to the processing of his or her personal data for one or more specified purposes; (2) the processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract; (3) the processing is necessary for compliance with a legal obligation incumbent on the Controller; or (4) processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
2. The processing of personal data by the Administrator requires in each case the existence of at least one of the grounds indicated in § 2, paragraph 1. 1 Privacy Policy.

§3 Purpose, basis, duration and scope of personal data processing

1. In each case, the purpose, basis, period and scope and recipients of the personal data processed by the Controller result from the activities undertaken by the respective Client.
2. The controller may process personal data for the following purposes, on the following grounds, during the following periods and to the following extent:

2.1. Performing a legal aid contract or taking action at the request of the data subject before entering into the aforementioned contract.

Article 6(1). 1(b) of the RODO Regulation (performance of a contract).

The data shall be stored for the period necessary for the performance, termination or otherwise expiry of the concluded contract.

Maximum scope: name; mailing address (street, house number, apartment number, postal code, town, country), e-mail address; contact telephone number. For non-consumers, the Administrator may additionally process the company name and tax identification number (TIN).

The stated range is the maximum.

2.2. Direct marketing

Article 6(1). 1(f) of the RODO Regulation (legitimate interest of the controller).

The data shall be retained for the duration of the legitimate interest pursued by the Controller, but no longer than until the data subject expresses an effective objection thereto.

The controller may not process personal data for direct marketing purposes if the data subject has expressed an effective objection to this effect.

2.3. Marketing

Article 6(1). 1(a) of the RODO Regulation (consent).

The data is stored until the data subject withdraws his or her consent to further processing for this purpose.

2.4. Give feedback on the services provided by the Administrator

Article 6(1). 1(a) of the RODO Regulation

Data is stored until the data subject withdraws consent to further processing for this purpose.

2.5. Bookkeeping.

Article 6(1). 1(c) of the RODO Regulation in conjunction with. of Art. 74 para. 2 of the Accounting Act, i.e. of 30 January 2018. (Journal of Laws 2018, item 395, as amended).

The data shall be kept for the period required by law requiring the Administrator to keep tax books (until the expiry of the limitation period for tax liability, unless otherwise provided by tax laws) or accounting records (5 years, counting from the beginning of the year following the financial year to which the data relates).

Name; residential/business/residence address (if different from delivery address), company name and tax identification number (TIN).

2.6. Establishing, asserting or defending claims that the Administrator may assert or that may be asserted against the Administrator.

Article 6(1). 1(f) of the RODO Regulation.

The data shall be stored for the period of existence of the legitimate interest pursued by the Controller, but no longer than the period of limitation of claims against the data subject in respect of the Controller’s business activities. The limitation period is determined by law, in particular the Civil Code (the basic limitation period for business-related claims is three years).

Name, contact telephone number, e-mail address, home/business/site address.

In the case of non-consumer customers, the Shop Owner may additionally process the company name and tax identification number (NIP) of the customer.

§4 Rights of the data subject

1. The data subject has the right to access, rectification, restriction, erasure or portability of his or her personal data, to request from the Controller access, rectification, erasure (“right to be forgotten”) or restriction of processing and to object to processing, and has the right to data portability. The specific conditions for the exercise of the rights indicated above are indicated in Art. 15-21 of the RODO Regulation.
2. The right to withdraw consent at any time – the person whose data are processed by the Controller on the basis of the consent given (pursuant to Art. 6(1)(a) or Art. 9 para. 2(a) of the RODO Regulation), you have the right to withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent prior to its withdrawal.
3. Right to lodge a complaint with a supervisory authority – the person whose data is processed by the Controller has the right to lodge a complaint with a supervisory authority in the manner and mode specified in the provisions of the RODO Regulation and Polish law, in particular the applicable Personal Data Protection Act.
4. Right to object – the data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her based on Art. 6 para. 1(a). (e) (public interest or tasks) or (f) (legitimate interest of the controller), including profiling on the basis of these provisions. In such a case, the controller shall not be allowed to further process these personal data unless the controller demonstrates the existence of compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of claims.
5. Right to object – concerning. direct marketing if personal data are processed for the purposes of direct marketing, the data subject shall have the right to object at any time to the processing of personal data concerning them for such marketing, including profiling, to the extent that the processing is related to direct marketing.
6. In order to exercise the rights referred to in this paragraph of the Privacy Policy, the Administrator may be contacted by sending an appropriate message by e-mail to the e-mail address indicated at the beginning of the Privacy Policy or by using the contact form available on the website.

§5 Cookies

1. Cookies are small pieces of information in the form of text files sent by a server and stored on the visitor’s side of the Administrator’s website (e.g. on the hard drive of a computer, laptop or smartphone memory card – depending on which device the website visitor uses). Detailed information on Cookies, as well as the history of their creation, can be found, inter alia, at. here: http://pl.wikipedia.org/wiki/Ciasteczko.
2. The Administrator may process the data contained in cookies when visitors use its website for the following purposes:

2.1. storing data from forms you have filled in or login data;

2.2. to adapt the content of the Administrator’s website to the individual preferences of visitors (e.g. concerning colours, font size, page layout) and to optimise the use of the website;

2.3. to keep anonymous statistics showing how the website is used;

2.4. remarketing, i.e. researching the behavioural characteristics of website visitors by analysing their actions anonymously (e.g. repeated visits to certain pages, keywords, etc.) in order to create a profile of them and provide them with content tailored to their anticipated interests, also when they visit other websites on the advertising network of Google Inc. and Facebook Ireland Ltd;

3. By default, most web browsers on the market accept the storage of cookies. Everyone has the possibility to determine the conditions for the use of cookies by means of their own browser settings. This means that you can. partially restrict (e.g. temporarily) or completely disable the storage of cookies – in the latter case, however, this may affect some of the website’s functionalities.
4. Your browser settings regarding cookies are relevant for your consent to the use of cookies by the website – according to the regulations, such consent can also be given via your browser settings. In the absence of such consent, the cookie settings of your browser must be changed accordingly.
5. Detailed information on how to change your cookie settings and how to delete them yourself in the most popular web browsers is available in the help section of your browser.
6. Your personal data may be shared with third-party service providers (including marketing) who support us in delivering technical communications and sending newsletter messages.

§6 Hosting

Your personal data provided by Shadows, the Administrator, on the basis of a written agreement, entrusts your personal data for processing to an entrepreneur acting under the name Globtel Internet Szymon Hersztek, St. Matecznikowa 2/1, 80-126 Gdańsk, Poland, NIP: PL9570804786 in order for the aforementioned to perform properly. the trader in the hosting, administration, maintenance and management of the website.

§7 Final provisions

1. The controller shall ensure that the processing of personal data is carried out respecting the principle of minimisation, so that personal data are processed only if and to the extent necessary for the provision of services.