Dear Users,

As of May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (commonly referred to as “GDPR”) has come into force across the European Union, including the Republic of Poland.

Considering your safety as our priority, we assure you that we implement all legally required measures to protect personal data, along with a principle of utmost caution. Below, we would like to present the rules under which we collect and store your data, your rights, and the individuals responsible for ensuring the security of your personal data processed by us.

We kindly ask you to read the following information and to accept the terms of use of our website. All personal data processing shall be carried out in accordance with applicable laws, in particular the aforementioned GDPR, as well as the Polish Personal Data Protection Act of May 10, 2018.

Definitions

ADMINISTRATOR – the personal data controller, ALUCREO spółka z o.o., with its registered office in Kraków, address: ul. Siwka 25, 31-588 Kraków, represented by Mr. Rafał Dobrowolski and Mr. Arkadiusz Miśkowiec – Members of the Management Board. Direct contact with the personal data administrator is available at: daneosobowe@alucreo.pl

SERVICE – the website and all resources and features available within its functionality and software, operating at the internet address: https://alucreo.pl/

USER – any natural person visiting the SERVICE, either anonymously or with identification, using its features and available resources.

PERSONAL DATA – refers to the USER’s personal data as defined in this PRIVACY POLICY, which enables their identification as a natural person.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

COOKIES – IT data, in particular small text files, saved and stored on the devices through which the User accesses the Service.

What is personal data and what does its processing involve?

According to Article 4(1) of the GDPR, personal data is defined as any information that can directly or indirectly identify a natural person. This includes, among others, name and surname, identification number (PESEL), phone number, email address, IP address, physical or physiological characteristics. Personal data also includes information about your location sent by smartphones, tablets, and other electronic devices.

Additionally, please note that in accordance with the GDPR, the protection of personal data applies only to natural persons and does not extend to legal entities.

Processing of personal data essentially refers to any action performed on personal data, regardless of whether it is automated or not, such as collecting, storing, recording, organizing, modifying, browsing, using, sharing, restricting, deleting, or destroying.

Who is the Data Controller?

The Controller is the entity responsible for collecting personal data. The Controller is also the point of contact to whom you may address any inquiries regarding the collection and processing of your personal data by us. In our case, the Controller is ALUCREO sp. z o.o., based in Kraków, address: ul. Siwka 25, 31-588 Kraków, KRS: 0001071488, NIP: 6751791212, REGON: 527033425. You may contact the Data Controller by post or via email at: daneosobowe@alucreo.pl.

What personal data do we process?

As a rule, we process personal data only when it is truly necessary for the provision of a given service or the execution of a contract. In such cases, we process the personal data of ALUCREO sp. z o.o. customers, contractors, and individuals contacting ALUCREO sp. z o.o. for information about offers, feedback regarding services or products, initiating cooperation, or concluding a contract. In particular, we process the following personal data: full name, email address, phone number, and place of residence.

On what basis and for what purpose do we process data?

The processing of personal data is carried out in a lawful, fair, and transparent manner. We process your personal data based on:

1. Your voluntary consent (e.g., by sending us an email or submitting a message via the contact form at https://alucreo.pl/),
2. The performance of a concluded contract, as well as the initiation of cooperation or signing of an agreement,
3. The legitimate interests of ALUCREO sp. z o.o. as the Data Controller (e.g., database creation, analytical and profiling activities, including product usage analysis, direct marketing of our products, documentation retention for potential claims or litigation purposes),
4. Legal obligations (e.g., tax law or accounting regulations).

The purposes for which we process your personal data include:

1. Ensuring the highest quality of services provided – i.e., in situations where you are or will become a party to a contract with us, we will process only the personal data necessary to fulfill it (e.g., your name and phone number).
2. Legitimate interests pursued by the Controller, such as contract execution, order fulfillment, proper service delivery, statistical data collection related to website visits, improvement of our services and their personalization, as well as marketing and promotion of our services.

Who may we share your data with?

If you give your consent, your data will be shared only with trusted entities cooperating with us. In particular, your data may be shared with our contractors, subcontractors, collaborators, or service providers who assist us in delivering the services (e.g., IT, postal, courier, accounting services, or order fulfillment). The transfer of data to another entity does not authorize them to use the data freely – it may only be processed for the purposes defined in the data processing agreement, with ensured security and within the scope necessary for service provision and contract fulfillment. Data transfer does not release us (as the transferring party) from responsibility for data processing.

Please note that your data may also be disclosed to public authorities, but only when authorized by applicable laws and if the authority presents a formal request.

How long will we process your personal data?

Your personal data will be processed for as long as it is relevant in the context of our legal relationship – that is, as long as there is a legal basis for processing. For example, if processing is based on your consent, we will process your data until the consent is withdrawn, limited, or otherwise restricted by you; if the data is necessary for contract execution, we will retain it during the contract term and afterward until the limitation period for any related claims expires; and if based on the legitimate interest of the Controller – until that interest no longer exists.

Additionally, we will store your personal data for as long as required by applicable laws, which define the retention periods for such data.

Moreover, your personal data will be processed by us for as long as it is required by applicable laws—the duration of such processing is determined by those regulations.

Your Rights

The GDPR provides a number of rights to individuals whose personal data is collected and processed. According to the GDPR, you have the right to:

1. Access your personal data,
2. Request the correction of your personal data,
3. Request the deletion or restriction of processing of your personal data,
4. Withdraw your consent at any time (if processing is based on consent),
5. Transfer your data to another controller,
6. Object to the processing of your personal data.

If you have any questions, concerns, or doubts regarding this privacy policy or the way we process your personal data, or if you wish to file a complaint (although we hope this will not be necessary), please send an email with detailed information to: daneosobowe@alucreo.pl. All received complaints will be reviewed and responded to.

You also have the right to lodge a complaint with the supervisory authority, i.e., the President of the Personal Data Protection Office (address: ul. Stawki 2, 00-193 Warsaw), if you believe that our processing of your personal data violates the provisions of the GDPR.

At any time, you may contact the Data Controller to exercise any of your rights. Below are the full contact details:

ALUCREO sp. z o.o.
ul. Siwka 25, 31-588 Kraków
Email: kontakt@alucreo.pl
KRS: 0001071488
NIP: 6751791212
REGON: 527033425

Cookies Used by the SERVICE

The SERVICE uses cookie technology (cookies are small text files sent by the server and stored on the USER’s device). These files are used to automatically identify a specific USER, enabling the server to generate a page tailored to them, support the login process, or handle certain forms.

The SERVICE uses two types of cookies: “session” cookies and “persistent” cookies.

Session cookies – temporary files stored on the USER’s device until they log out, leave the website, or close the browser.

Persistent cookies – stored on the USER’s device for a specified duration as defined in the cookie parameters or until deleted by the USER.

The SERVICE uses the following types of cookies:

• “Essential” – enable basic features of the SERVICE,
• “Security” – help ensure security, e.g., detect misuse of SERVICE functionalities,
• “Performance” – collect information about how the SERVICE is used,
• “Functional” – remember the USER’s preferences and personalize the interface (e.g., language, colors, font size, layout),
• “Advertising” – deliver content and ads tailored to USER interests,
• “Integration” – related to third-party services used in the SERVICE.

In particular, the SERVICE uses cookies necessary for the operation of services such as:

1. Google Analytics
2. Google AdSense
3. Displaying messages from the ADMINISTRATOR

– Information about the types of cookies used by Google can be found here: https://policies.google.com/technologies/types?hl=pl
– Information about managing and disabling them: https://support.google.com/accounts/answer/61416

Blocking certain cookies may result in some SERVICE features not working properly or being unavailable (e.g., sending messages via forms, anti-spam protections like reCAPTCHA).

The ADMINISTRATOR reserves the right to amend this Privacy Policy at any time.