Privacy Policy 

This Privacy Policy outlines the terms of use of this website, the cookie policy and other tracking technologies, as well as the principles for the processing and protection of personal data. Please read this Privacy Policy carefully. 

 

GENERAL PROVISIONS 

This Privacy Policy defines the rules for processing and protecting personal data provided by Users, as well as cookies, via the website and social media platforms where the Controller maintains profiles. 

The Data Controller is IT PREDATORS SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, registered in Warsaw, ul. Stanisława Skarżyńskiego 9 / 11, 02-377 Warsaw, Poland, entered in the Register of Entrepreneurs maintained by the District Court for the Capital City of Warsaw, XIII Commercial Division of the National Court Register under KRS: 0001099192, NIP: 7011199463, REGON: 528324120. 

You can contact the Controller by email at: katarzyna.wnuk@itpredators.com or by phone at: +48 734-417-473. 

The Controller reserves the right to amend this Privacy Policy at any time. Users are encouraged to review the current version regularly. 

 

DEFINITIONS 

• Privacy Policy – this document; 

• Controller – a natural or legal person, public authority, agency, or other body which determines the purposes and means of the processing of personal data; 

• Personal Data – any information relating to an identified or identifiable natural person (“data subject”); 

• Processing – any operation or set of operations performed on personal data, whether or not by automated means; 

• User – any natural person using the website or the Controller’s social media profiles; 

• Website – the website available at [insert website address here]; 

• Form – any form available on the Website that allows Users to contact the Controller, subscribe to the newsletter, or refer a job candidate; 

• Newsletter – a free service involving the distribution of information about the Controller’s services, products, and events to a provided email address; 

• Social Media – platforms and applications that allow content sharing or participation in social networking; 

• Cookies – small text files saved on the User’s device when using the Website; 

• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data. 

 

 

PERSONAL DATA PROCESSING 

Personal data are processed for the following purposes and on the following legal bases: 

• Correspondence with the User, including responding to inquiries and sending offers – Art. 6(1)(b) GDPR; 

• Documenting concluded contracts – Art. 6(1)(f) GDPR (legitimate interest of the Controller); 

• Performing contracts – Art. 6(1)(b) GDPR; 

• Handling complaints, claims, and requests – Art. 6(1)(f) GDPR; 

• Accepting referrals and concluding contracts based on referrals – Art. 6(1)(b) and (f) GDPR; 

• Scheduling meetings, calls, and video conferences – Art. 6(1)(b) GDPR; 

• Establishing or defending against legal claims – Art. 6(1)(f) GDPR; 

• Fulfilling legal obligations – Art. 6(1)(c) GDPR; 

• Keeping records as required by GDPR or other laws – Art. 6(1)(c) GDPR; 

• Marketing of the Controller’s products and services, including sending commercial information and analyzing engagement – Art. 6(1)(a) and (f) GDPR; 

• Analytical purposes, including analyzing data collected via cookies – Art. 6(1)(f) GDPR; 

• Managing the Website and the Controller’s social media profiles – Art. 6(1)(f) GDPR; 

• Providing information and engaging with Users on social platforms – Art. 6(1)(f) GDPR; 

• If the User consents to receiving marketing communication via email or phone, the legal basis is also Art. 10 of the Act on Electronic Services and Art. 172 of the Telecommunications Law. 

 

DATA COLLECTION 

The Controller processes personal data provided by Users through forms or email correspondence, and data collected automatically via cookies or server logs. The Controller also processes personal data from social media platforms when Users interact with those profiles. 

Providing personal data is voluntary; however, failure to do so may prevent certain actions on the Website, such as submitting a contact form, subscribing to the newsletter, or referring a candidate. 

 

USER RIGHTS 

Under the GDPR, Users have the following rights: 

• The right to access their data and receive a copy; 

• The right to rectify data; 

• The right to erase data (“right to be forgotten”); 

• The right to restrict processing; 

• The right to object to processing; 

• The right to data portability; 

• The right to lodge a complaint with a supervisory authority (President of the Personal Data Protection Office). 

These rights are detailed in Articles 16–21 of the GDPR. They are not absolute and may not apply in all cases. 

 

WITHDRAWAL OF CONSENT 

Where processing is based on consent, the User may withdraw it at any time. This will result in the deletion of data not processed on another legal basis and cessation of the consent-based activities. The Controller may retain data necessary for legal defense purposes in line with limitation periods defined in applicable laws, including the Civil Code. 

 

DATA TRANSFERS TO THIRD COUNTRIES 

Personal data may be transferred to third countries, particularly due to the use of tools such as Hubspot, Calendly, Microsoft, Google, Meta (Facebook), LinkedIn, Twitter, Medium, Adobe. These providers ensure adequate protection under GDPR, including the use of standard contractual clauses approved by the European Commission. 

Privacy policies of these third parties: 

• Hubspot, Inc.: https://legal.hubspot.com/dpa 

• Calendly LLC: https://calendly.com/dpa 

• Microsoft Corporation: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?year=2021 

• Meta Platforms Ireland Ltd.: https://www.facebook.com/privacy/explanation/ 

• Twitter, Inc.: https://twitter.com/en/privacy 

• Google Ireland Ltd.: https://policies.google.com/privacy?hl=en 

• LinkedIn Ireland Unlimited Company: https://www.linkedin.com/legal/privacy-policy 

• Medium Corporation: https://policy.medium.com/medium-privacy-policy-f03bf92035c9 

• Adobe Systems Software Ireland Ltd.: https://www.adobe.com/privacy.html 

 

DATA RETENTION PERIOD 

Personal data will be retained: 

• Until the statute of limitations for claims expires – no longer than 6 years after the end of cooperation; 

• During pre-contract discussions and the term of contract execution; 

• For the period required by legal regulations, including tax laws; 

• Until an objection is raised under Art. 21 GDPR – for data processed on the basis of legitimate interest; 

• Until consent is withdrawn or the purpose of processing is fulfilled – for data based on consent; 

• Until the data becomes obsolete – for data used for analytics, statistics, cookies, and social media management, not longer than 3 years from collection. 

Retention periods calculated in years are counted from the end of the calendar year in which data processing began. 

 

SOCIAL MEDIA 

The Controller uses social media platforms, processing data related to its profiles. The platform operator is a joint controller of such data. The Controller has access to personal data shared via those platforms. User rights are described in this Privacy Policy. 

 

DATA RECIPIENTS 

Personal data may be shared with providers of legal, auditing, accounting, postal, courier, banking, and IT services, including entities based outside the EEA, where the European Commission has determined an adequate level of data protection or where standard contractual clauses are in place. 

 

TECHNICAL REQUIREMENTS 

To use the Website, Internet access and a compatible browser (e.g., Microsoft Edge, Google Chrome, Mozilla Firefox, Safari) are required. An active email address is necessary for newsletter subscriptions or contact forms. 

 

COOKIES AND TRACKING TECHNOLOGIES 

The Website uses persistent and session cookies. Persistent cookies are stored until a specified expiration date or until deleted by the User; session cookies are deleted upon browser closure. 

On first visit, the User is notified about cookies and may consent. Cookie settings can be changed or disabled at any time via browser settings. Disabling cookies may affect the Website’s functionality. 

The Controller uses its own cookies to ensure proper operation and remember preferences. Third-party cookies (e.g., Google Analytics, Tag Manager, Facebook Pixel, LinkedIn, YouTube) are also used for traffic analysis and marketing performance. These tools may collect anonymous data, which social platforms may combine with other personal data. 

Embedded content (e.g., YouTube videos) may transfer data to third-party providers, even if the User is not logged in or has no account. 

 

SERVER LOGS 

Using the Website involves sending requests to the server. Each request is logged and may include the IP address, date and time, browser type, and operating system. Logs are used solely for website administration and are not linked to identifiable individuals. 

 

PROFILING 

Users’ personal data will not be used for automated decision-making that impacts their rights or obligations. However, tracking technologies (e.g., cookies) may be used for profiling to personalize content or marketing but do not affect legal status. 

 

FINAL PROVISIONS 

This Privacy Policy is governed by Polish law. In matters not covered herein, the relevant provisions of generally applicable law shall apply. 

This Privacy Policy is effective as of June 12, 2025.