Privacy Policy

Dear User!

Your privacy is very important to us and that is why we strive to ensure appropriate privacy and security standards every day. The purpose of this document is to provide you with the most important information about the methods, purposes and principles of processing your personal data by us, which we receive in connection with your use of our website (hereinafter referred to as the Portal). 

We assure you that we process your personal data in accordance with the law, including the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, so-called GDPR), including in particular that we process your data for clearly defined purposes and in accordance with those purposes. 

§ 1. 

[Personal data administrator]

  1. The controller of your personal data is FOLGA Sp. z o. o. (formerly: FOLGA SA) with its registered office in Toruń (87-100), at ul. Grudziądzka 110 – 114/304, entered into the register of entrepreneurs of the National Court Register maintained by the District Court in Toruń, 7th Commercial Division of the National Court Register under the number: 0001142532, using the Tax Identification Number (NIP): 9562344169 and the Regon number 38228625600000. 
  2. The Company has appointed a Data Protection Officer, whom you can contact in one of the following ways: 
    1. electronically – by sending a message to the e-mail address: iod@must-consulting.pl,
    2. using the contact form available on the Portal or
    3. traditionally – by sending a letter to our address indicated above.
  3. The Company makes special efforts to protect the privacy of Users by carefully selecting and applying appropriate technical measures, including IT and organizational measures, ensuring the protection of processed data, in particular protecting data against making it available to unauthorized persons, disclosure, loss and destruction, unauthorized modification, as well as against its processing in violation of applicable laws.

§2.

[Scope of application]

  1. The provisions of this Policy apply to all – current, former and future Users of the website,
  2. The Company reserves that the content contained on the website is not directed at Users under 16 years of age and therefore any personal data of such Users are not collected by the Company intentionally. 

§3.

[Scope, purpose and duration of processing]

The table below presents the scope, purpose and duration of processing of Users’ personal data and the legal basis for each data processing process.

Data CategoryPurpose of processingData typeLegal basisProcessing time
Functional and analytical dataWe collect this data to continually improve and develop the website by analysing how you use it. 
This will include, in particular, data such as website browsing history, user preferences, gender, age group and interests of the user, location data, IP address, user device ID, data regarding the user's browser and the operating system used.Article 6, section 1, letter f of the GDPRUntil cookies are deleted, but no longer than for a period of 1 year from the date of entering the website.
Device and network informationWe collect this data to ensure the security and proper functioning of the Portal.This will include information about your device (such as IP address, location, device name, and its software) and network data, including the type of connection used, performance data, and cookies.Article 6, section 1, letter f of the GDPRWhen you use the Portal.
Contact detailsWe collect this data in order to respond to your message sent using the contact form provided on the Portal.This will primarily be your email address, but if you choose traditional correspondence, it will be your delivery address or telephone number.Article 6, section 1, letter f of the GDPRFor a period of 30 days from the date of response to your message, but no shorter than the period of e-mail correspondence.
Contact details of "Boei"We collect this data in order to respond to your message sent using the application. Boei, using various channels of communication with the User.These will primarily be your identification data (name and surname) and contact data (phone number) and data related to your use of instant messengers (Viber, Messenger)Article 6, section 1, letter f of the GDPRFor the period during which this data is stored by the messaging service providers.
Marketing dataThis data is used for digital marketing operated by third parties.This will be data relating primarily to the study of Internet user behaviour. Art. 6 sec. 1 lit. a GDPRFor a period of 3 months from the date of entering our Portal. 

§4. 

[Sources of personal data]

The Company ensures that all personal data it collects in connection with the use of the website and the content contained therein by Users come from these Users, and in particular no personal data is collected from third parties acting independently of the User. 

§5. 

[Disclosure of personal data]

  1. The Company declares that the personal data of Users will be made available to entities with which the Company cooperates within the scope of the Portal's activities. In particular, these will be:
    1. accounting and administrative services provided by MKG Consulting Sp. z o. o. with its registered office in Toruń (KRS 730214)
    2. hosting services provided by cyber_Folks SA based in Poznań, 
    3. contact services provided by R. Buijs operating under the brand name "Boei", 
    4. functional and analytical services provided by Google LLC based in the United States of America,
    5. marketing services provided by Meta Platforms Inc. based in the United States of America and Meta Platforms Ireland Ltd in Ireland.
  2. The Company may also transfer your data to Folga OUT Sp. z o. o. with its registered office in Toruń (KRS 1060240), with which the Company is personally related, in order to respond to your inquiry about an offer for a process outsourcing service or an inquiry about a job offer for people seeking employment.
  3. Users’ personal data may also be made available to entities other than those indicated in paragraphs 1 and 2 above, provided that this is necessary to ensure the proper functioning of the Portal.
  4. In cases specified in applicable law, Users’ personal data may be made available to public authorities or judicial authorities. 
  5. The Company undertakes to provide the User with an up-to-date list of entities to which his/her personal data is made available, at each User's request.

§6.

[Transfer of personal data outside the EEA and to international organisations]

  1. In connection with the Company's use of services of entities with headquarters, establishments, data centers or subcontractors in countries outside the European Economic Area, Users' personal data may be transferred to third countries within the meaning of the GDPR. For example, such data transfer occurs within the framework of services provided by Google LLC and Meta Platforms Inc. with headquarters and servers in the United States of America. 
  2. In each case referred to in paragraph 1 above, such transfer shall take place in accordance with the provisions of the GDPR and on the principles provided for therein. In particular, on the basis of decisions of the European Commission establishing an adequate level of data protection in a given third country, including the decision of the European Commission of 10 July 2023 establishing an adequate level of protection of personal data ensured by the so-called EU – US Data Privacy Framework, which regulates the exchange of personal data between EOP and the United States of America, with Google LLC and Meta Platforms Inc. being participants in the program Data Privacy Framework Program.
  3. Users' personal data will not be transferred to international organizations.

§7.

[Rights of data subjects]

  1. In connection with our processing of your personal data, you have the following rights:
    1. the right to access data – which means a request to provide you with information about what of your data is processed by us and how it is done,
    2. the right to request the rectification or supplementation of your data,
    3. the right to request the restriction of the processing of your data – in certain cases, pursuant to Article 18 of the GDPR, you may request that we limit the processing of your personal data,
    4. the right to request the transfer of your personal data,
    5. the right to object to further processing of your personal data – when filing an objection, you must indicate how your specific situation prevents us from processing your personal data.
  2. In addition, if the User finds that the Company processes his/her personal data in breach of the provisions of the GDPR, he/she may file a complaint with the President of the Personal Data Protection Office.
  3. Each of the above-mentioned rights may be exercised by the User in one of the ways indicated in § 1 section 2 of the Policy. 
  4. If you believe that the Company is processing your personal data unlawfully, you have the right to lodge a complaint with the President of the Personal Data Protection Office.

§8.

[Voluntary provision of personal data]

The User acknowledges that they provide personal data on a completely voluntary basis, but failure to provide personal data may make it impossible (e.g. if no e-mail address is provided in the contact form) or difficult (lack of consent to cookies) to use the Portal.

§9.

[File Information cookies]

  1. By using Our website, you accept Our use of so-called cookies. They usually contain the domain name of the website from which they originate, the time they are stored on the device and a unique number. These files do not identify the user and it is not possible to determine your identity based on them. However, these files allow you to determine your habits and preferences.
  2. Web browsers usually allow information to be stored in cookies by default. However, you can change this at any time from your browser. Comprehensive information is available in the settings:

§10. 

[Policy Changes]

The current Privacy Policy is effective from 18/10/2024. The Company reserves the right to change the Policy at any time. Any changes will be published on the Portal and will be effective for the future.