Polityka przetwarzania danych osobowych

Definitions
For the purposes of this Privacy Policy, the following terms shall have the meanings set forth below:

  1. Administrator – System Design Sp. z o.o., with its registered office in Warsaw, ul. Głogowska 16, 01-743 Warsaw.
  2. Personal Data – any information relating to an identified or identifiable natural person.
  3. Processing – any operation or set of operations performed on Personal Data or sets of Personal Data, whether by automated or non-automated means.
  4. GDPR* – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  5. User – any natural person visiting the Website or using one or more services or functionalities described in this Privacy Policy. The term “User" refers to all individuals using our website or services, regardless of gender. To ensure clarity and readability, we use the uniform term “User," encompassing women, men, and individuals of other gender identities. We emphasize that the use of this term in no way implies discrimination or preference for any gender. Our definition of “User" is based on the principle of equal treatment and respect for diversity. All rights, obligations, and information contained in this Privacy Policy apply equally to all Users, regardless of their gender.
  6. Website – the online service operated by the Administrator at https://www.system-design.pl.
  7. Cookies – small text files installed on the User's device while browsing the Website.
  8. Website Statistics – aggregate and anonymous statistical data concerning visitors to the Website, collected by the Administrator via Cookies.

Introduction

  1. The Administrator places great importance on protecting the privacy of Users. The Administrator carefully selects and implements appropriate technical and organizational measures to ensure the security of processed Personal Data. The Administrator safeguards Personal Data from unauthorized access as well as from Processing that violates applicable laws.
  2. This Privacy Policy explains how and for what purposes the Administrator processes Personal Data of Website Users, individuals contacting the Administrator, and those using services provided by the Administrator.
  3. The Administrator processes Personal Data in accordance with the GDPR and other applicable data protection laws.

Personal Data Administrator

The Personal Data Administrator is System Design Sp. z o.o., with its registered office in Warsaw, ul. Głogowska 16, 01-743 Warsaw.

Contact with the Administrator is possible via:

  1. E-mail address: bok@system-design.pl
  2. Mailing address: ul. Głogowska 16, 01-743 Warsaw

Purposes and Legal Bases for Processing Personal Data

The Administrator processes Personal Data for the following purposes:

  1. Handling inquiries submitted via the contact form or email (legal basis: Article 6(1)(f) of the GDPR – legitimate interest of the Administrator).
  2. Providing access to brochures or offers (legal basis: Article 6(1)(f) of the GDPR – legitimate interest of the Administrator).
  3. Analyzing Website traffic to improve functionality (legal basis: Article 6(1)(f) of the GDPR – legitimate interest of the Administrator).
  4. Marketing of own products and services (legal basis: Article 6(1)(a) of the GDPR – consent of the data subject).
  5. Video surveillance – during visits to our premises (legal basis: Article 6(1)(f) of the GDPR – legitimate interest of the Administrator in protecting persons and property).
  6. Fulfilling legal obligations imposed on the Administrator (legal basis: Article 6(1)(c) of the GDPR).
  7. Establishing business relationships (legal basis: Article 6(1)(f) of the GDPR – legitimate interest of the Administrator).
  8. Contract negotiation and performance (legal basis: Article 6(1)(b) of the GDPR).

Types of Processed Personal Data

The Administrator may process the following categories of Personal Data:

  1. Identification Data:
    • Name and surname
    • Position or role within an organization
    • Company or organization name
    • Tax Identification Number (NIP)
    • National Business Registry Number (REGON)
  2. Contact Data:
    • Email address (business)
    • Phone number (business)
    • Company correspondence address
    • Company headquarters address
  3. Contract Data:
    • Contract number
    • Contract date
    • Subject of the contract
    • Contract value
    • History of orders and transactions
  4. Financial Data:
    • Bank account number
    • Payment history
  5. Communication Data:
    • Correspondence history
    • Notes from meetings and phone calls
    • Communication preferences
  6. Technical Data:
    • Device IP address (when using our online systems)
    • Browser and operating system information (when using our online systems)
    • Important Information: The User's IP address is processed to ensure the security and proper functioning of the Website but is not linked to Personal Data or used to identify the User.
  7. Authorization Data:
    • Information on powers of attorney
    • Scope of representation authority
    • Specimen signatures
  8. Preference Data:
    • Preferences for products and services
    • History of inquiries and interest in offers
  9. Security Data:
    • Video surveillance recordings (in case of visits to our premises).

Recipients of Personal Data

Recipients of Personal Data may include:

  1. Entities providing hosting services for our Website.
  2. Entities providing IT support and web analytics services.
  3. Other entities providing services to the Administrator under personal data processing agreements.
  4. Couriers and postal operators.
  5. Companies within the Administrator's corporate group, as necessary for internal business and administrative processes.
  6. Government authorities as required by law, particularly:
    • The President of the Personal Data Protection Office (PUODO) – for regulatory oversight.
    • Courts and law enforcement authorities (e.g., Police, Prosecutor’s Office) – in ongoing proceedings.

Personal Data Retention Periods

Personal Data will be stored for the following periods:

  1. Contact form or email communication data – up to 3 years from the last contact (reason: aligned with the general statute of limitations for civil claims, allowing for potential defense or pursuit of claims).
  2. Website usage data – up to 2 years (reason: enables analysis of long-term trends for Website improvements).
  3. Data processed based on consent – until consent is withdrawn (reason: respecting the right to withdraw consent at any time under Article 7(3) of the GDPR).
  4. Data required to fulfill legal obligations – for the duration specified by law, e.g., 5 years for accounting documents (as per Article 74 of the Accounting Act).

After the retention period expires, data will be deleted or anonymized.

  1.  

Cookies

Our Website uses Cookies, which are small text files stored on the User's device, enabling analysis of Website usage.

We use the following types of Cookies:

  1. Essential – necessary for the proper functioning of the Website. These are installed automatically and do not require User consent.
  2. Analytical – help us understand how Users interact with the Website.
  3. Functional – remember User preferences and settings.
  4. Marketing – used for personalized advertising.

Important Information

For all Cookies except those essential to Website operation, the Administrator obtains User consent prior to installation. Consent is voluntary and may be withdrawn at any time.

Upon the User's first visit to the Website, a banner will appear requesting consent for non-essential Cookies. Users may consent to all Cookies, select specific types, or refuse all optional Cookies.

Users can change Cookie settings in their browser at any time or delete them entirely.