Privacy Policy

1. General Provisions

1. The administrator of personal data collected via the website is **aggia sp. z o.o.** with its registered office at ul. Wrzosowa 56, 62-006 Bogucin, entered into the register of entrepreneurs. Contact with the Administrator is possible via e-mail: **kontakt@aggia.pl** or by phone: **+48 889 446 022**.

2. Personal data collected by the Administrator via the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as **GDPR**.

3. The Administrator takes special care to protect the interests of data subjects, and in particular ensures that the data collected by him are processed lawfully, fairly and in a transparent manner for the data subject.

2. Purpose, Basis and Scope of Data Processing

1. **Purpose of processing and legal basis.** The Administrator processes users’ personal data in the case of:

  • Use of the contact form by the user to answer a query. Legal basis: Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  • Provision of services and performance of the contract. Legal basis: Art. 6(1)(b) GDPR (necessity for the performance of the contract).
  • Direct marketing of own products or services. Legal basis: Art. 6(1)(f) GDPR (legitimate interest of the Administrator).

2. **Type of data processed.** The Administrator may process the following categories of user personal data: Name and surname, E-mail address, Phone number, Company name.

3. **Data retention period.** Users’ personal data are stored by the Administrator:

  • In the case where the basis for processing is the performance of the contract: as long as it is necessary for the performance of the contract, and after that time for a period corresponding to the period of limitation of claims.
  • In the case where the basis for processing is consent or legitimate interest: until the consent is withdrawn or an effective objection is raised.

4. When using the website, additional information may be collected, in particular: IP address, browser type, access time, operating system type. The legal basis is the Administrator’s legitimate interest consisting in facilitating the use of services provided electronically and improving the functionality of these services.

3. Sharing of Personal Data

1. Users’ personal data may be transferred to entities cooperating with the Administrator, in particular IT service providers, accounting or law firms, only to the extent necessary to achieve the purposes of processing.

2. Users’ personal data are not transferred to third countries outside the European Economic Area (EEA), unless it is necessary to provide services (e.g. use of global provider tools like Microsoft or Google), while maintaining appropriate legal safeguards.

4. User Rights (Right of Control and Access)

1. The data subject has the right to:

  • Access to the content of their data (Art. 15 GDPR).
  • Rectification of data (Art. 16 GDPR).
  • Erasure of data (‘right to be forgotten’) (Art. 17 GDPR).
  • Restriction of processing (Art. 18 GDPR).
  • Data portability (Art. 20 GDPR).
  • Object (Art. 21 GDPR).
  • Withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

2. In order to exercise the rights, an appropriate e-mail message can be sent to the address: **kontakt@aggia.pl**.

3. The Administrator will respond to the user’s request immediately, but no later than within one month of its receipt.

4. The user has the right to lodge a complaint with the President of the Personal Data Protection Office if they consider that the processing of their data violates the provisions of the GDPR.

5. ‘Cookies’

1. The Administrator’s website uses ‘cookies’. The installation of ‘cookies’ is necessary for the proper provision of services on the website. These files contain information necessary for the proper functioning of the website, and they also provide the opportunity to compile general statistics of visits.

2. Two types of ‘cookies’ are used on the website: ‘session’ and ‘persistent’.

  • ‘Session cookies’ are temporary files that are stored on the user’s end device until logging out (leaving the page).
  • ‘Persistent’ cookies are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.

3. The Administrator uses its own cookies to better understand how the user interacts with the website content and for analytical purposes (e.g. Google Analytics).

4. The user has the right to decide on the access of ‘cookies’ to their computer by selecting them in their browser window beforehand.

6. Final Provisions

1. The Administrator applies technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data protected.

2. In matters not covered by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.