I. Data Controller

The controller of personal data is linöjd, ul. Centralna 63, 31-586 Kraków, registered in CEIDG under number NIP 9721213765, REGON 380639785.
Contact: help@linojd.com 

II. Purposes and Legal Basis for Processing

1. Handling enquiries and ongoing communications with website users (contact forms, e-mail) — Art. 6(1)(f) GDPR (our legitimate interest in responding to messages and maintaining business communication), or Art. 6(1)(b) GDPR where communication is undertaken at your request prior to entering into a contract.
2. Compliance with legal obligations (e.g., responding to requests from authorities) — Art. 6(1)(c) GDPR.
3. Marketing of our own services (e.g., newsletter or direct marketing) — subject to your consent, Art. 6(1)(a) GDPR.
4. Statistical analysis and website improvement (non-essential cookies/analytics) — subject to your consent, Art. 6(1)(a) GDPR.
5. -
6. -

III. Scope and Source of Data

• Data you provide voluntarily: name, e-mail address, any other data included in your message.
• Data collected automatically: IP address, device and browser information, cookies and similar technologies.

IV. Data Recipients

• IT/hosting and technical service providers processing data on our behalf.
• Public authorities — where required by law.
• Trusted marketing/analytics partners — only with your prior consent (e.g., analytical or marketing cookies).

V. Data Retention Periods

• Contact/enquiry data: for the duration of the correspondence and up to 12 months after its completion (or longer if necessary to establish, exercise, or defend legal claims).
• Marketing data processed on the basis of consent: until consent is withdrawn.
• Cookie/analytics data: for the periods indicated in Section X.2 below.
• -

VI. Your Rights

You have the right to:

• access, rectification, erasure (“right to be forgotten”),
• restriction of processing,
• object to processing for marketing purposes,
• data portability,
• withdraw consent at any time (without affecting the lawfulness of processing before withdrawal),
• lodge a complaint with the Polish Data Protection Authority (UODO).

VII. Data Security

We apply technical and organizational measures appropriate to the risk, including SSL/TLS encryption, access controls, regular backups, and access limited to authorized persons.

VIII. Data Transfers Outside the EU/EEA
As part of providing our services, we may cooperate with IT service providers that store data on servers located outside the European Economic Area (EEA). This may in particular apply to services provided by Google LLC based in the United States. In such cases, we implement appropriate data protection mechanisms required by law, including the Standard Contractual Clauses approved by the European Commission. This ensures that users’ data remain protected in accordance with the GDPR.

IX. Profiling and Automated Decision-Making
We do not use profiling or automated decision-making that produces legal effects concerning you.

X. Cookies and Similar Technologies

1. What are cookies?

Cookies are small text files stored on your device when you visit our website. They help recognize users, remember preferences, and improve the user experience.

2. What types of cookies do we use?

• Essential cookies
  • Purpose: enable basic site functions (e.g., security, basic settings, cookie preferences).
  • Storage period: until the end of the session or as defined in technical documentation.
  • Note: essential cookies do not require consent (Art. 173(3) of the Polish Telecommunications Law).
    
• Analytical cookies
  • Provider: e.g., Google Analytics.
  • Purpose: measure visits and traffic sources, analyze usage, optimize content.
  • Storage period: up to 2 years.
  • Note: if you do not consent, we will not collect analytics; site functionality remains unaffected.
    
• Marketing cookies
  • Provider: e.g., advertising partners.
  • Purpose: personalize advertising, remarketing on partner sites.
  • Storage period: up to 12 months.
  • Note: without consent, you may still see ads, but they will be generic.
    
• Functional cookies
  • Purpose: remember user preferences (e.g., language, layout), support online chat.
  • Storage period: up to 12 months.
  • Use: only with your consent.

3. Cookie consent

On your first visit, a cookie banner informs you about cookies.

• Clicking “Allow all” accepts all optional categories (analytical, marketing, functional). Essential cookies are always active.
• Selecting “Reject all” allows only essential cookies.
• “Customize” lets you choose specific categories.
  Consent is voluntary and can be changed or withdrawn at any time.

4. Managing cookie settings

The banner is displayed during the first visit and until the user makes a decision.

You can:

• change preferences in the cookie banner (icon in the bottom-left corner of the page),
• use your browser settings.

5. Personal data in cookies

Some cookies may constitute personal data. In such cases:

• The controller is linöjd, ul. Centralna 63, 31-586 Kraków.
• Data are processed to ensure site functionality and — with consent — to personalize services, provide analytics, and social features.
• You retain GDPR rights (access, rectification, erasure, restriction, objection, portability, withdrawal of consent).

6. Withdrawal of consent
You may withdraw consent for all or selected categories at any time by clicking the cookie icon (bottom-left corner of the page) or via your browser settings.

XI. Changes to this Policy

Any changes will be published on our website. For significant updates, we will notify you by e-mail.

XII. Data Protection Contact / Data Protection Officer

e-mail: help@linojd.com 

XIII. Supervisory Authority

President of the Personal Data Protection Office (PUODO)
ul. Stawki 2, 00-193 Warszawa
e-mail: kancelaria@uodo.gov.pl
phone: (+48) 22 531 03 00