Privacy policy

Dear Sir/Madam,

In order for you to be satisfied with our services and to ensure adequate security of your personal data entrusted to PROSTER Ltd. with its registered office in Brzesko which is the Personal Data Controller (hereinafter referred to as “Controller”), we would like to inform you that the Controller acts in accordance with the provisions of generally applicable law, and in particular with the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27th April 2016 of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the EU L 119, p. 1) – Hereinafter reffered to as “GDPR.”

  1. The Personal Data Controller is: PROSTER Ltd. with its registered office in Brzesko (32-800), at ul. Bartosza Głowackiego 67 (Bartosz Głowacki’s Street 67), entered in the register of entrepreneurs kept by the District Court for Krakow-Śródmieście, 12th Commercial Division under KRS number: 0000177831, NIP (tak identification No.): 8691811388, REGON (national business registry No.): 852726830.
  2. The Controller is the owner of the website (hereinafter referred to as the “Website“) and ensures that personal data of the persons visiting the Website (hereinafter referred to as “Users“) are secured in accordance with the standard required by the GDPR.
  3. Users using the Website are provided with security at a level that is at least equivalent to the standards set forth in applicable laws, in particular the Act of 18th July 2002 on providing services by electronic means (Journal of Laws 2002 No. 144 item 1204).
  4. The Controller declares that it does not carry out profiling of users and automated decision-making in the manner referred to in Article 22 of the GDPR.
  5. The content posted on the website, i.e. announcements, advertisements, price lists and other information, addressed to the general public or to individual persons, having an informative character, shall, in case of doubt, be regarded as an invitation to conclude a contract in accordance with Article 71 of the Civil Code. In turn, they do not constitute a commercial offer within the meaning of Article 66 §1 of the Civil Code.
  6. The Controller processes personal data for its own purposes on the basis of a legal interest in accordance with Article 6(f) of the GDPR. In addition, the Controller processes personal data to answer questions about the Controller’s activities on the basis of consent, i.e. Article 6(1)(a) of the GDPR (data are processed for the necessary period of time).
  7. The Controller limits the Website’s collection of data and use of information about Users to the necessary minimum required to provide services to them at the desired level, in accordance with Article 18 of the Electronic Services Act and Article 5(1)(C) of the GDPR. In particular, collecting personal data, those of which are necessary to provide information on the Controller’s activities.
  8. The Controller informs that it does not publish any personal data on the Website that it has obtained in connection with the performance of its activity, except for the data of employees or persons who have given their consent.
  9. The Controller is authorised to disclose or transfer personal data only to entities authorised under applicable Polish or European law and service providers acting on the Controller’s behalf in accordance with Article 28 of the GDPR. Such data are entrusted only to processors under certain conditions to the extent and for the period necessary to obtain the purpose of a specific service.
  10. The Controller declares that all persons authorised to process personal data on its behalf are acting under the authority of the Controller and have been properly prepared before being allowed to do so. In addition, the Controller uses physical protection measures, organisational measures and software tools to secure the processed personal data to the extent necessary.
  11. The Controller undertakes to protect the personal data provided by the User from loss, destruction, disclosure, access by unauthorised persons or misuse.
  12. The Controller guarantees due diligence aimed at protecting the interests of the persons affected by these Regulations and the Privacy Policy, i.e. the persons affected by the collected data.
  13. The Customers voluntarily provide their personal data needed to make an offer or receive information regarding the Controller’s activities, although failure to provide the required personal data may prevent the Controller from responding or performing the services provided by the Controller.
  14. The Controller provides each data subject, at any time, with:
    1. the right to revoke consent, if the processing is carried out on the basis of consent (Article 6(1)(a) of the GDPR);
    2. the right to access the content of your personal data (Article 15 of the GDPR);
    3. the right to request their rectification (Article 16 of the GDPR);
    4. the right to erasure (Article 17 of the GDPR), if the processing is done on the basis of the consent (Article 6(1)(a) of the GDPR) or contract if the data is no longer needed by the Controller;
    5. the right to restrict data processing (Article 18 of the GDPR);
    6. the right to object to processing (Article 21 of the GDPR);
    7. the right to transfer data between controllers electronically in a structured, commonly used machine-readable format (Article 20 of the GDPR).

The Controller may refuse to exercise the above rights if it is unable to identify the data subject.

  1. The above applications shall be answered within a month of receiving the request. If necessary, the deadline may be extended for another two months. The Controller shall inform the applicant of the reasons for such extension before the end of the month.
  2. In accordance with applicable law, in the event of a request for deletion of the Customer’s personal data, the Customer’s personal data contained in the documents of the performed service stored for fiscal purposes and personal data processed on the basis of a legal obligation incumbent on the Data Controller shall not be deleted.
  3. For technical reasons, the exercise of the right to transfer data between Controllers is possible only directly to the User who has made such an instruction. The standard format for the transmission of data by the Controller is encrypted email correspondence. If the User does not have an email address, the Controller shall provide it to the User by mail on a CD/DVD or other commonly used media. A one-time data copy is free of charge. For any subsequent release of a copy of the data within a period of up to 6 months the Controller may charge a reasonable fee based on administrative costs such as the amount of postage, the cost of office supplies used, CDs/DVDs, etc. The amount of the fee is determined individually with the person making the request.
  4. In accordance with Article 19 of the GDPR, the Controller shall inform any recipient to whom personal data have been disclosed of the rectification or erasure of personal data or the restriction of processing which it has carried out in accordance with Article 16, Article 17(1) and Article 18 of the GDPR, unless this proves to be unduly difficult.
  5. The Controller informs that Users are entitled to the following means of protection:
    1. the right to file a complaint with the supervisory authority, i.e. Office for Personal Data Protection on the basis of Article 77(1) of the GDPR;
    2. the right to an effective remedy before a court against a legally binding decision of the Supervisory Authority, or if the Supervisory Authority has failed to investigate your complaint or to inform you within three months of the progress or results of a complaint filed pursuant to Article 77 of the GDPR (Article 78 of the GDPR);
    3. The right to an effective remedy before a court of law against the Controller or the Personal Data Processor if you believe that your rights under the GDPR have been violated as a result of the processing of Personal Data in violation of the GDPR (Article 79 of the GDPR).
  6. A user, in order to exercise his/her rights under Articles 15-18, Article 20, Article 21 of the GDPR, or having questions about the aforementioned privacy policy, may contact the Controller by sending an e-mail to:, or by mail to the Controller’s address: PROSTER SP. Z O.O. address: ul. Głowackiego 67, 32-800 Brzesko
  1. The Controller declares that the personal data processed by it on the Website are not transferred to third countries, outside the European Economic Area or to international organisations.
  2. The Controller, by publishing the names of the employees, contact details and address data on the Website, agrees to process such personal data in order to establish contact, cooperation or receive offers from third parties.
  3. The content of the Website is the property of PROSTER SP. Z O.O. with its registeres office in Brzesko. All personal and property copyrights to any elements of the Website (text, graphics, page layout, etc.) are reserved.
  4. The Controller has appointed a Data Protection Officer who can be contacted by sending an email to
  5. Information on the processing of personal data
    1. for our customers and contractors DOWNLOAD
    2. for persons indicated for contact or cooperation by our contractors DOWNLOAD
    3. for Facebook users DOWNLOAD
    4. for customers – marketing objectives DOWNLOAD