top of page

PRIVACY POLICY

In accordance with the Regulation of the European Parliament and the EU Council 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC - the General Data Protection Regulation (Journal of the EU L 119 of 04/05/2016, p. 1, with the amendment announced in the Official Journal of the European Union L 127 of 23/05/2018, p. 2), (hereinafter: "GDPR"), we provide you with information processing of personal data. Regardless of the privacy obligations arising from the GDPR, we also comply with the obligations related to legal secrecy (Article 6 of the Act of May 26, 1982, Law on the Bar) and defense secrecy (Article 178 point 1 of the Act of June 6, 1997 - Code criminal proceedings).

1. Personal data administrator

The administrator of your personal data is attorney Karolina Słupecka running a business under the name "Kancelaria Adwokacka. Adwokat Karolina Słupecka”, ul. Grenadierów 13/27, 04-052 Warsaw (hereinafter referred to as "the Law Office", "Administrator" or "we".

2. Contact point for the protection of personal data

In matters related to the processing of personal data, as well as in order to exercise the rights in connection with the processing, contact with the Law Office is possible via the e-mail address kancelaria@slupecka.com or by phone on the phone number+48 503 157 559.

  • We process personal data in order to conclude or perform a contract (Article 6 (1) (b) of the GDPR), and in certain cases for the purposes of legitimate interests (Article 6 (1) (f) of the GDPR) consisting in determining, investigating, defense against claims.

  • The categories of personal data processed may include identification data, contact details, phone and address, as well as other personal data provided to the Law Firm for the purpose of providing legal services, data related to specific facts, contained in the documents, messages, etc. made available to the Law Firm.

  • The data will be stored for a period of at least 5 years from the end of the calendar year in which the tax payment deadline expired in connection with the concluded contract - however, the law may provide for a longer period of data storage, in particular in the field of determining, investigating or defending against claims.

  • The person whose data is processed has the right to access and rectify the data, the right to limit processing, the right to object to the processing, the right to lodge a complaint with the President of the Personal Data Protection Office.

  • Providing data is a contractual requirement, and refusal to provide it may prevent the conclusion or performance of the contract.

Customers

  • We process personal data in order to conclude or perform a contract (Article 6 (1) (b) of the GDPR), and in certain cases for the purposes of legitimate interests (Article 6 (1) (f) of the GDPR) consisting in determining, investigating , defense against claims.

  • The categories of personal data processed may include identification data, contact details, contact details, as well as other personal data provided to the Law Firm for the purpose of providing legal services, data related to specific facts, contained in the documents, messages, etc. made available to the Law Firm.

  • The data will be stored for a period of at least 5 years from the end of the calendar year in which the tax payment deadline expired in connection with the concluded contract - however, the law may provide for a longer period of data storage, in particular in the field of determining, investigating or defending against claims.

  • The person whose data is processed has the right to access and rectify the data, the right to limit processing, the right to object to the processing, the right to lodge a complaint with the President of the Personal Data Protection Office.

  • Providing data is a contractual requirement, and refusal to provide it may prevent the conclusion or performance of the contract.

Plenipotentiaries, representatives, contact persons

  • We process personal data for the purposes of providing and exchanging information (Article 6 (1) (f) of the GDPR).

  • The categories of personal data processed may include identification data, contact details, as well as other personal data provided to the Law Firm contained in the documents, messages etc. provided to the Law Firm.

  • The data will be stored for the period necessary to answer or exchange information - however, the law may provide for a longer period of data storage, in particular in the field of determining, investigating or defending against claims.

  • The person whose data is processed has the right to access and rectify the data, the right to limit processing, the right to object to the processing, the right to lodge a complaint with the President of the Personal Data Protection Office.

Visitors and persons contacting via the website

  • Whenever the Law Firm`s website is called up, the server automatically saves only the so-called server logs, such as the name of the requested file, your IP address, the date and time of the call, the amount of data transferred and the Internet service provider submitting the request (access data) and documents the page call. The above data is analyzed only to ensure proper functioning. This is due to our legitimate interest (Article 6 (1) (f) of the GDPR) in presenting the services we provide.

  • In the event of contact via the contact form available on our website, personal data is processed for the purpose of answering the question and presenting the services we provide (Article 6 (1) (f) of the GDPR).

  • The categories of personal data processed include identification data, contact details, as well as other data provided in the contact form.

  • The data will be stored for the period necessary to answer the questions asked, to present the legal services provided - however, the law may provide for a longer period of data storage, in particular in the field of determining, investigating or defending against claims.

  • The person whose data is processed has the right to access and rectify the data, the right to limit processing, the right to object to the processing, the right to lodge a complaint with the President of the Personal Data Protection Office.

Suppliers

  • We process the data in order to conclude or perform a contract (Article 6 (1) (b) of the GDPR), and in certain cases to achieve the purposes of legitimate interests (Article 6 (1) (f) of the GDPR) consisting in determining, investigating, defense against claims.

  • The categories of personal data processed may include identification data, contact details, contact details.

  • The data will be stored for a period of at least 5 years from the end of the calendar year in which the tax payment deadline expired in connection with the concluded contract - however, the law may provide for a longer period of data storage, in particular in the field of determining, investigating or defending against claims.

  • The person whose data is processed has the right to access and rectify the data, the right to limit processing, the right to object to the processing, the right to lodge a complaint with the President of the Personal Data Protection Office.

  • Providing data is a contractual requirement, and refusal to provide it may prevent the conclusion or performance of the contract.

4. Rights

Rights of the data subject:

The right to access personal data and obtain a copy of it- based on Article. 15 of the GDPR, each person is entitled to receive confirmation as to whether their personal data is being processed, and if this is the case, to obtain access to such data, including obtaining information, among others. about the purposes of processing or recipients of personal data.

The right to rectify data- based on Article. 16 of the GDPR, the person whose personal data is processed is entitled to request the rectification of their personal data due to their inaccuracy or incompleteness.

The right to delete data, including the "right to be forgotten"- in accordance with Art. 17 GDPR, in certain cases, the person whose personal data is processed has the right to request the deletion of their personal data. If personal data has been made public, we will take reasonable steps to inform other administrators processing the above-mentioned data about the presented request.

Right to restriction of processing- in accordance with Art. 18 GDPR, the person whose personal data is processed may request the restriction of the processing of personal data if he questions their correctness, if their processing is unlawful, the Law Firm no longer needs the data for processing purposes or if the person has objected to the processing of the data.

Right to data portability- based on Article. 20 GDPR, the person whose personal data is processed may request the transfer of personal data saved in a standard machine-readable file format. If the purpose of the request is to transfer them to another administrator, the Law Firm may send a file containing personal data directly to him.

Right to object to processing- in accordance with Art. 21 GDPR, the person whose personal data is processed may request the Administrator to stop processing personal data by raising an objection. It will be justified if it is shown that the legitimate actions of the Administrator violate the interests, rights or freedoms of the person whose data is processed.

The right to withdraw consent at any time- the data subject has the right to withdraw the consent   for the processing previously granted. In the absence of a separate basis for processing, the Law Firm will cease to use personal data for the purpose for which the consent was given.

The right to lodge a complaint with a supervisory authority- the person whose data is processed submit a complaint to the President of the Personal Data Protection Office, if he or she believes that the rights have been violated in connection with the processing of his personal data.

The rights listed above may be limited in some situations, e.g. when the Administrator can prove that he is legally obliged to process personal data. To use the rights described above, please send an appropriate request using the contact details provided in the introduction.

5. Sources of personal data

Most of the personal data processed by the Administrator is information provided by the data subjects on their own accord. In some cases, the Administrator may process personal data that he is able to infer on the basis of other information provided voluntarily and that will be obtained in the course of the relationship with the Administrator. The Law Firm may also obtain personal data from publicly available sources, public registers and from its Clients, attorneys of other participants in proceedings in connection with the provided legal services, for the purposes of their implementation. Pursuant to Art. 14 sec. 5 lit. d GDPR, the information obligation in the case of obtaining personal data in a way other than from the data subject may be limited if the personal data must remain confidential in accordance with the obligation of professional secrecy provided for in the law of the European Union or the law of a Member State, including statutory provisions duty of secrecy.

6. Recipients of personal data

The recipients of personal data may be providers of accounting, IT, payment, auditing and consulting services. The indicated entities may be separate personal data administrators or entities processing personal data. In the event of ordering another entity to perform operations the essence of which is the processing of personal data, it will be carried out in accordance with art. 28 and art. 32 GDPR, i.e. as part of entrusting personal data for processing. The processed personal data may also be disclosed to public authorities (administrative authorities, judicial authorities), however, pursuant to Art. 4 point 9 of the GDPR, public authorities that may receive personal data as part of a specific procedure in accordance with European Union law or the law of a Member State are not considered recipients of personal data.

7. International transfer of personal data

The processed personal data, as a rule, will not be transferred to countries outside the European Economic Area (EEA), where the law may not provide the same level of data protection.

However, if, as part of the processing, personal data will be transferred to recipients in third countries (outside the EEA), e.g. in the United States, the data may be transferred on the basis of:

  • an adequacy decision (Article 45 of the GDPR),

  • subject to appropriate safeguards, including standard data protection clauses, an approved code of conduct or an approved certification mechanism (Article 46 of the GDPR),

  • using binding corporate rules (Article 47 of the GDPR),

  • after taking into account the relevant exceptions in specific situations (Art. 49 GDPR).

8. Cookies

Our website uses "cookies". Cookies are information saved on the end device (desktop computer, laptop, tablet, smartphone) via a web browser. They are important because they allow the server on which our website is embedded to read the information when connected to a specific computer. As a rule, this information does not constitute personal data, but may be used to provide specific functions, such as:

  • device recognition and proper display of the website,

  • verification of the authenticity of the browser session,

  • interface personalization, e.g. in terms of the selected language or region,

  • adjusting the content of the website to the preferences of users,

  • content recommendations, font size etc.

Cookies are encrypted in such a way that they cannot be accessed by unauthorized persons. By default, web browsers allow the placement of "cookies" on end devices - appropriate settings of the web browser that allow the use of "cookies" are treated as consent to data processing (Article 173 of the Act of 16 July 2004 Telecommunications Law in connection with Art. 6 (1) (a) of the GDPR). People browsing our website can properly configure their browser to block the automatic acceptance of "cookies" or obtain information about sending such a file to their device. More information on the use of cookies and possible configurations can be found in the browser settings. The level of restrictions on the use of "cookies" may affect the availability and functionality offered by our website, including the possibility of blocking its full operation.

In addition to the above-mentioned purposes related to the configuration and correct display of the website, we use "cookies" to monitor the activity of users on the website (entries, ways of navigating the website) using tools provided by Google LLC (Google Analytics). More information on cookies used as part of Google LLC services is available here: https://policies.google.com/?hl=en-US

9. Final provisions

The Administrator reserves the right to make changes to this privacy policy, which may result from the need to adapt to changes in regulations, update privacy standards.

bottom of page