e-mail: kontakt@fullbax-formy.pl
Get in touch by phone +48 12 213 22 31
Quote for a project

Privacy Policy

§1 GENERAL PROVISIONS

  1. This document defines the Privacy Policy of the online platform “Fullbax Formy” operating at https://fullbax-formy.pl/ operated by Fullbax Sp. z o.o. with its registered office in Poznań, ul. Święty Marcin 29/8, 61-806 Poznań, registered in the National Court Register by the District Court Poznań – Nowe Miasto and Wilda in Poznań, VIII Economic Department of the National Court Register under KRS No.: 0000 760 161, holding NIP: 78 3179 3248, REGON: 3819 1664 30 000, which in particular includes regulations on the protection of personal data and security of other data entered into the Service by the User.
  2. The Privacy Policy is an integral appendix to the Regulations of the Fullbax Forms website.

§2 DEFINITIONS

Terms used in this document mean:

  1. Personal Data Administrator (also referred to as Administrator) – Fullbax Sp. z o.o. with its registered seat in Poznań, ul. Święty Marcin 29/8, 61-806 Poznań, registered in the National Court Register by the District Court Poznań – Nowe Miasto and Wilda in Poznań, VIII Economic Department of the National Court Register under KRS: 0000 760 161, holding NIP: 78 3179 3248, REGON: 3819 1664 30 000.
  2. Service – the website at https://fullbax-formy.pl/ and all its sub-sites.
  3. User – an individual who uses the Service and provides personal information within it.
  4. Personal data – information about a natural person identified or identifiable by one or more specific factors determining physical, physiological, genetic, mental, economic, cultural or social identity, including image, voice recording, contact data, location data, information contained in correspondence, information collected through recording equipment or other similar technology,
  5. RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC,
  6. Regulations – Regulations of the website “Fullbax” functioning at https://fullbax-formy.pl/.

§3 PROTECTION OF PERSONAL DATA

  1. The Administrator is the controller of personal data within the meaning of the RODO.
  2. The Administrator collects and processes personal data in accordance with the relevant laws, including in particular the RODO, and in accordance with the principles provided for in these laws.
  3. The Administrator informs about the processing of data at the time of collection. The Administrator processes data to the extent, time and purposes each time indicated in the content provided under the forms used to collect personal data from the User.
  4. The Administrator transfers Personal Data only to the Administrator’s trusted subcontractors, i.e. couriers, suppliers responsible for the operation of IT systems, entities such as banks and payment operators, entities providing accounting services, legal services, marketing agencies (for marketing services), entities providing other IT and software services.
  5. The Administrator shall have the right to transfer selected User Personal Data to competent authorities and third parties if such necessity arises from applicable laws and when such entities make a request for such data based on an appropriate legal basis.
  6. The Administrator shall ensure the security of the processed Personal Data and its confidentiality, and shall allow the User access to information on data processing. If, despite the security measures in place, a breach of the protection of Personal Data occurred (e.g., a “leak” of data or loss of data) and such a breach could cause a high risk of infringement of the User’s rights or freedoms, the Administrator shall inform the User of such an event in a manner consistent with the regulations.
  7. The user can contact the data controller. The contact details are as follows:

Mailing address:

Święty Marcin Street 29/8, 61-806 Poznań

Email address:

contact@fullbax.com

Phone number:

+48 12 213 22 31

§4 SECURITY OF PERSONAL DATA

  1. The Administrator uses all technical and organizational possibilities available to it to ensure the security of the User’s personal data and protect it from accidental or intentional destruction, accidental loss, modification, unauthorized disclosure or access. Users’ personal data is stored and processed on high-security servers, with appropriate security measures, meeting the requirements of Polish law.
  2. Entrusted data is stored on top-of-the-line equipment and servers in properly secured information storage centers, to which only authorized persons have access.
  3. The Administrator shall carry out personal data processing activities in compliance with all legal and technical requirements imposed on him by the regulations on personal data protection. The Administrator shall analyze on an ongoing basis the risks associated with its processing of personal data and ensure that only authorized persons have access to the data and only to the extent necessary to perform their duties.
  4. The Administrator shall take all necessary measures to ensure that its subcontractors and other cooperating entities also provide guarantees to apply appropriate security measures whenever they process Personal Data on behalf of the Administrator.
  5. The Administrator undertakes to keep security copies containing the User’s personal data.

§5 USER RIGHTS

  1. If personal information changes, the User should update it by sending an appropriate message to the Administrator.
  2. The user has the following rights:
    1. The right to information about the processing of Personal Data,
    2. The right to obtain a copy of the Personal Data that the Administrator processes,
    3. The right to rectify Personal Data,
    4. The right to erasure of Personal Data (on this basis, you can request erasure of data, the processing of which is no longer necessary to carry out any of the purposes for which they were collected),
    5. The right to restrict the processing of Personal Data,
    6. The right to portability of Personal Data,
    7. The right to object to the processing of Personal Data for marketing purposes (You may object to the processing of Personal Data for marketing purposes at any time, without having to justify such objection),
    8. The right to object to other purposes of data processing (the User may object at any time – for reasons related to his/her particular situation – to the processing of Personal Data that is carried out on the basis of the legitimate interests of the Administrator; such objection requires a justification),
    9. The right to withdraw consent, if the Personal Data is processed on the basis of the consent given (withdrawal of consent does not affect the lawfulness of the processing carried out before its withdrawal),
    10. The right to complain to the supervisory authority for the processing of Personal Data, which has jurisdiction over the User’s habitual residence, place of work or place where the alleged violation was committed. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.
  3. The Administrator may refuse to delete the User’s personal data if the preservation of personal data is necessary due to an obligation imposed on the Administrator by law.
  4. The User has the right to submit a request for the exercise of his/her rights indicated above by letter or electronic means (e-mail). The contact details of the Administrator are indicated in § 3 para. 7.
  5. If, based on the request referred to in paragraph 4, the Administrator is unable to determine and identify the natural person to whom the request pertains, it will ask the applicant for additional information. Failure to provide additional information will result in refusal to comply with the applicant’s request.
  6. The Administrator shall respond to the request within one month of its receipt. If it is necessary to extend this period, the Administrator shall inform the requester of the reasons for it and the expected date for responding to the request.

§6 BASIS, PURPOSE AND STORAGE PERIOD OF PERSONAL DATA

  1. Personal data is processed for the following purposes and on the following grounds:
    1. Use of the Service:

Personal data of all persons using the Website (including IP address or other identifiers and information collected through cookies or other similar technologies), are processed by the Administrator for the purpose of:

  1. Provision of services by electronic means (legal basis: necessity of processing for performance of the contract – Article 6(1)(b) RODO),
  2. for analytical and statistical purposes (legal basis: consent – Article 6(1)(a) RODO),
  3. Establish and pursue claims or defend against claims (legal basis: the Administrator’s legitimate interest – Article 6(1)(f) RODO, which is to protect the Administrator’s rights).
  4. Contact form, traditional and electronic correspondence (e-mail)

The User may address messages to the Administrator using electronic mail using the Administrator’s contact information available on the Site, the Terms of Use or this Privacy Policy, as well as through the contact form available on the Site. Personal Data contained in such correspondence is used by the Administrator solely for the purpose of communication and settlement of the matter to which the correspondence relates. The basis for the processing of the Data is the legitimate interest of the Administrator – Article 6(1)(f) of the DPA – which consists in maintaining the correspondence addressed to it in connection with its business activities, and in the case of contact related to the services provided or a contract – the necessity of the processing to perform the contract – Article 6(1)(b) of the DPA.

  1. Phone contact

The User may contact the Administrator by telephone for purposes related to the services provided or the agreement concluded, as well as for other matters. In the case of telephone contact in matters not related to the concluded agreement or provided services, the Administrator may require the User to provide Personal Data only if it is necessary to handle the reported matter. The legal basis for the processing of Personal Data is the legitimate interest of the Administrator – Article 6(1)(f) of the RODO – consisting of the necessity to resolve the reported matter related to its business activity, and in the case of contact related to the services provided or the contract – the necessity of processing to perform the contract – Article 6(1)(b) of the RODO.

  1. Social media profiles

The Administrator has its profiles on social media (including Facebook). The Administrator processes Personal Data left by persons responding to the profiles, e.g. comments or web IDs. The Administrator uses this data in order to effectively maintain the profiles, enable activity on these profiles, as well as for analytical or statistical purposes. The legal basis for the processing of Personal Data is the legitimate interest of the Administrator – Article 6(1)(f) of the RODO – consisting in the promotion of its activities and services provided, possibly for the purpose of asserting claims or defending against third-party claims. The above does not apply to the processing of personal data by social networks. To learn about the rules of data processing by social networks, please refer to their policies for processing Personal Data.

  1. The period of data processing depends on the service provided, the purpose and the basis for processing. As a rule of thumb, the data are processed for the period of performance of the service or execution of the order. When the basis for processing Personal Data is consent, the data are processed until the consent is effectively withdrawn. When the basis for the processing of Personal Data is the legitimate interest of the Administrator, the data are processed until an effective objection is made.
  2. The period of processing of Personal Data referred to in paragraph 2 may be extended in case the processing is necessary for the establishment, investigation and defense of possible claims. After that time, Personal Data may be processed only if and to the extent required by applicable law.
  3. After the expiration of the Personal Data processing period, the Personal Data is deleted or irreversibly anonymized.

§ 7 COOKIE POLICY

  1. The Administrator uses cookies. Cookies are small text files sent (saved) by the Service on the User’s terminal device (e.g. computer, smartphone).
  2. The Administrator uses cookies to provide services electronically, to improve them and enhance their quality, as well as for analytical and statistical purposes and to adapt the Website to the needs of its Users. Through the use of cookies, the Administrator personalizes content and advertising. The Administrator shares information about how a User uses the Website with trusted social, advertising and analytics partners in order to provide the highest possible quality of e-commerce operation, analytics, customization and personalization services.
  3. The Service uses two types of cookies: “session cookies” and “permanent cookies” (persistent cookies). “Session” cookies are temporary files that are stored on the User’s terminal equipment until the User logs out, leaves the website or shuts down the software (web browser). “Permanent” cookies are stored on the User’s end device for the time specified in the parameters of the cookies or until they are deleted by the User.
  4. The Administrator uses the following types of cookies on the Website:
    1. indispensable – they enable the use of services and functionalities available on the Website, e.g. they are used in handling user authorization;
    2. cookies used for security purposes, e.g. used to detect abuse of authentication on the Website;
    3. Functional – allow remembering User’s choices and personalizing User’s interface, e.g. with regard to language preferences, font size, appearance of the Site, etc;
    4. Analytical – they enable the acquisition of a range of information, including the number of visits and sources of traffic on the Website. The collection of this data is used to determine which pages are most frequently visited and leads to the creation of statistics on traffic on the Website. The collection of this data is used by the Administrator to improve the performance of the Website. The collected data is processed in anonymized form.
    5. advertising – make it possible to tailor content displayed on the Website and outside the Website, including advertisements, to the interests of Users. In order to present personalized content, data on browsing history, activity on the Services (e.g. shopping history, use of services, type of content and ads displayed) or geolocation data may be used. Based on information from the Service and the User’s activity on other services, a profile of the User’s interests is built.
  5. Functional, analytical and advertising cookies may be installed by the Administrator and its trusted partners through the Service.
  6. The legal basis for processing data in connection with the use of essential cookies is the necessity of processing Personal Data for the performance of the contract (Article 6(1)(b) RODO). In the case of other cookies, the basis for processing Personal Data is the legitimate interest of the Administrator or the consent of the User (Article 6(1)(a) and (f) RODO). In order to use functional, analytical and advertising cookies, the Administrator must obtain the User’s consent.
  7. The consent referred to in paragraph 5 is granted by means of the relevant form displayed when visiting the Site for the first time. The consent granted may be withdrawn or adjusted differently at any time. To change or withdraw the consents granted, contact the Administrator.
  8. Users can change their cookie settings from their web browser.
  9. Changing the settings of cookies and similar technologies may affect the way the Website works and the services it provides.
  10. The Website uses third-party tools for collecting cookies. These entities process cookies in accordance with the terms of their privacy policies and other documents defining standards for cookies. They are used for the following purposes:
    1. Creation of statistics and analysis of website traffic in order to better understand and improve the structures and content of the Website, through analytical tools Google Analytics, whose administrator is Google Ireland Ltd. based in Ireland, Google’s Privacy Policy is available at the following link: https://policies.google.com/privacy?fg=1;
    2. Determine your profile for the purpose of displaying tailored material on ad networks, using Google Ads online advertising tools, whose controller is Google Ireland Ltd. based in Ireland, Google’s Privacy Policy is available at the following link: https://policies.google.com/privacy?fg=1;
    3. Collecting information about User behavior using the Facebook Pixel tool, whose administrator is Facebook Ireland Ltd. based in Ireland, Facebook’s Privacy Policy is available at the following link: https://www.facebook.com/help/cookies/;
    4. Adjusting browser movements and the Service to customize the content of the Bing Ads program and optimize ads in Bing Ads, using tools administered by Microsoft Corporation, based in the United States, Privacy Policy available at the following link: https://privacy.microsoft.com/pl-pl/privacystatement;
    5. Analysis of the behavior of Users visiting the Site using the Microsoft Clarity tool provided by Microsoft Corporation. Detailed information about what each Microsoft Clarity cookie is used for is described at: https://learn.microsoft.com/pl-pl/clarity/cookie-list.

§8 LOGI

  1. In accordance with the practice of most websites, the Administrator stores HTTP requests directed to its server (server logs). Accordingly, the Administrator stores the following information:
    1. IP addresses from which users browse the information content of our website;
    2. time of arrival of inquiry,
    3. time to send a response,
    4. the name of the client station – identification implemented by the HTTP protocol,
    5. Information about errors that occurred during the execution of HTTP transactions,
    6. URL of the page previously visited by the user (referer link),
    7. information about the user’s browser.
  2. The collected logs are kept for an indefinite period of time as support material for the administration of the Website. The information contained therein is not disclosed to anyone except those authorized to administer the Website. Based on the log files, statistics may be generated to assist in the administration of the Site. Aggregate summaries in the form of such statistics do not contain any identifying characteristics of visitors to the Service.
  3. The Administrator processes the information contained in the logs for technical, administrative purposes, to ensure the security of the IT system and the management of this system, as well as for analytical and statistical purposes – in this regard, the legal basis for the processing of Personal Data is the Administrator’s legitimate interest (Article 6(1)(f) RODO).

§ 9 TRANSFER OF DATA OUTSIDE THE EEA

  1. As part of the Administrator’s use of tools to support its day-to-day operations provided, for example, by Google, Users’ Personal Data may be transferred to a country outside the European Economic Area (EEA), in particular to the United States of America (USA) or another country in which an entity cooperating with it maintains tools for processing Personal Data in cooperation with the Administrator. The Administrator transfers Personal Data outside the EEA only when necessary, and with an adequate degree of protection, primarily through the use of standard contractual clauses issued by the European Commission.

§ 10 FINAL PROVISIONS

  1. This privacy policy is subject to updates in connection with the ongoing analysis of technical and legal conditions related to the processing of personal data.
  2. This privacy policy is effective as of February 1, 2025.

Fullbax logo
O firmie
Oferta
Fullbax logo
About the company
Offer