Privacy policy

Information on data processing according to GDPR

What is GDPR?

GDPR is the EU law governing data protection principles that we apply from 25 May 2018. From that date our company complies with the principles set out in GDPR.

Full name GDPR – General Data Protection Regulation: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 On the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

Who is the data administrator?

The administrator of your personal data is IAuditor Romuald Urbański, headquartered in Warsaw (05-077), ul. John Paul II 33/4. Our contact information:, + 48 730000924.

The data controller shall be responsible for the security of the personal data transferred and to process them in accordance with the laws.

For what purpose and on what legal basis do we use the data?

We will use your personal information for the following purposes:

  • Conclusion and performance of the contract, including the provision of correct quality of service (legal basis – art. 6 (2). 1 (b) GDPR) – “Performance of the Contract”,
  • The legal obligations of our company, e.g. To issue and store invoices or to respond to complaints (legal basis – art. 6 (2). 1 (c) GDPR) – ‘ Legal obligation ‘,
  • Redress under the contract (legal basis – art. 6 (2). 1 point. (f) GDPR) – a “legitimate interest”,
  • The marketing of their own services during the course of the contract (legal basis – article 6 (2). 1 point. (f) GDPR) – a “legitimate interest”,
  • Your consent to use of the data for this purpose (legal basis – Article 81 (1)). 6 (2). 1 (a) GDPR) – “Consent”.

How long will we use the data?

We will use the data for the period necessary to carry out the objectives described above. Depending on the legal basis, this will be as appropriate:

  • The duration of the contract,
  • The duration of the legal obligations and the time when the law prescribes us to store data, eg. Tax laws,
  • The time after which the contractual claims have been
  • Time until the withdrawal of consent.

What are you entitled to?

You can submit to our company a request for:

  • Access to personal data (information about processed personal data and a copy of the data),
  • Rectification of data when they are abnormal,
  • Transfer of data, in the cases specified in the GDPR,
  • Deletion or limitation of the processing of personal data.

Not with standing the foregoing rights, you may object to the processing of your data at any time if the legal basis for the use of the data is a legitimate interest. Upon adoption of a request, in this case, we are obliged to stop processing the data for this purpose.

You also have the right to bring a complaint to the president of the Personal Data Protection Office if you consider that the processing of your personal data is in violation of the legal provisions.

Consent to the processing of personal data for marketing purposes may be withdrawn at any time.

Who do we share your information with?

In keeping with all data security guarantees, we may transfer your data – In addition to those authorized by the data controller – to other entities, including:

  • Processors on our behalf, e.g. Technical service providers and providers of consultancy services;
  • Other administrators, such as the Couriers.

Your data will not be transferred to countries outside the European Economic Area (countries other than the European Union, Iceland, Norway and Liechtenstein).