MINKBY – PRIVACY POLICY

Effective Date: [DD/MM/YYYY]

1. General Information
1.1 Purpose
This Privacy Policy outlines how MINKBY (“We,” “Us,” “Our,” or “the Company”) collects, uses, stores, and protects personal data in accordance with Regulation (EU) 2016/679 (GDPR), the Polish Act on the Protection of Personal Data, and other applicable Polish regulations.

1.2 Data Controller
The controller of your personal data (Administrator danych) is MINKBY, with its registered office at Dworna 46A, Kraków, Poland. For any questions regarding personal data, please contact us at jansteczko@minkby.com.

1.3 Scope
This Privacy Policy applies to personal data processed by MINKBY in the context of offering services, running our website/platform, and carrying out our business activities in Poland and the EU. By using our services, you acknowledge and agree to the provisions of this document.

2. Data We Collect and How We Use It
2.1 Types of Data
Depending on the services you use or interactions with us, we may collect:

  • Identification Data: name, surname, company name (for business clients).
  • Contact Details: email address, telephone number, postal address.
  • Usage Data: IP address, browser info, device details, cookies.
  • Payment Information: if you use paid services, e.g., bank account details, transaction IDs.

2.2 Purposes of Processing
We process personal data for:

  • Service Provision: fulfilling contracts, delivering requested services, managing user accounts.
  • Customer Support: responding to inquiries, handling complaints, providing technical support.
  • Marketing & Communication: sending newsletters or promotional materials (with your consent or where allowed by law).
  • Legal Obligations: compliance with accounting, tax, or other statutory requirements.
  • Security & Fraud Prevention: ensuring safe service usage, meeting legal obligations for data security.

2.3 Legal Basis
Under GDPR Article 6(1) and Polish law:

  • (a) Consent: e.g., sending newsletters if you have given explicit consent.
  • (b) Contract Performance: data necessary for executing or preparing a contract.
  • (c) Legal Obligation: e.g., fulfilling tax or accounting requirements.
  • (f) Legitimate Interest: e.g., certain analytics or direct marketing to existing clients, provided it doesn’t override your rights.

3. Data Retention
3.1 Retention Period
We store personal data only as long as necessary for the above purposes, or as required by law. For example:

  • Service/Contract: data kept during the contract’s term and a reasonable period afterward for legal claims.
  • Marketing: until you withdraw consent or object (if based on legitimate interest).
  • Legal Requirements: e.g., financial records kept at least 5 years under Polish tax law.

4. Your Rights
4.1 Access, Rectification, Erasure
You have the right to access your personal data (Art. 15 GDPR), rectify inaccurate data (Art. 16 GDPR), or erase it (Art. 17 GDPR) under certain grounds.

4.2 Restriction & Objection
You can request restriction of processing (Art. 18 GDPR) or object to processing based on our legitimate interests (Art. 21 GDPR).

4.3 Data Portability
If processing is based on consent or contract (and done by automated means), you can request your data in a structured, commonly used format (Art. 20 GDPR).

4.4 Withdrawal of Consent
If processing is based on consent, you can withdraw it at any time, without affecting the lawfulness of prior processing.

4.5 Complaints
If you believe we breach GDPR or Polish data protection law, you have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO).

5. Sharing and Transfer of Data
5.1 Service Providers (Processors)
We may share data with third-party service providers (hosting, payments, etc.) under Data Processing Agreements ensuring GDPR compliance.

5.2 Legal Requirements
We may disclose data if required by law or to valid legal requests from authorities.

5.3 International Transfers
If transferring data outside the EEA, we ensure appropriate safeguards (e.g., standard contractual clauses) per GDPR.

6. Cookies and Tracking
6.1 Use of Cookies
Our website uses cookies for essential functions (login sessions, preferences) and analytics (traffic metrics, user interactions).

6.2 Consent for Non-Essential Cookies
If required by Polish/EU rules, we display a cookie banner letting you choose marketing or tracking cookies. You can opt out anytime.

6.3 Cookie Management
Configure your browser to refuse or delete cookies, but some site features may be limited if you block essential cookies.

7. Security Measures
7.1 Technical & Organizational Safeguards
We use encryption, secure servers, role-based access, etc., to protect data against unauthorized access or disclosure.

7.2 Incident Response
In case of a data breach posing risks to your rights, we will notify UODO and affected individuals under GDPR timelines.

8. Updates to This Policy
8.1 Policy Changes
We may update this Privacy Policy to reflect new legal requirements or changes in our services. An updated version will appear on our site with the new effective date.

8.2 Notification
For significant changes (requiring renewed consent or affecting data uses), we will notify you by email or website notice. Continued use of our services implies acceptance of the updated policy.

9. Contact Us
If you have questions or requests concerning personal data or this Policy, please contact:

MINKBY
Dworna 46A, Kraków
Email: jansteczko@minkby.com

We strive to comply fully with Polish law and the GDPR to protect your personal data.