privacy policy

In connection with its business activities, the Administrator collects and
processes personal data in accordance with the relevant legislation, including in particular
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the
on the protection of natural persons in relation to the processing of personal data and on the
free movement of such data and repealing Directive 95/46/EC (General
Data Protection Regulation) - hereinafter referred to as RODO. In processing the data, the Controller
shall ensure the security and confidentiality of the data, as well as access to information about such processing for the
data subjects.


(1) This document sets out the principles for the processing and protection of personal data
processed by the Administrator, including data provided by customers of the website
website (hereinafter: the "Site") and describes the principles of
our processing of information about you, i.e. so-called Cookies.
The administrator of your personal data is Kacper Leżański conducting business activity under the name
conducting business activity under the name ETHOS Kacper Leżański, entered into the Central Register and Information on Business Activity (CEIDG).
Business Activity (CEIDG) NIP 7372235625 REGON 523409537.
You may contact the Administrator directly by writing to the address
e-mail address at the address of our headquarters 34-730 Mszana
Dolna ul.Krakowska 59 and at telephone number 793 158 585.


We process personal data for the following purposes and scopes:

1. potential customers, including newsletter subscribers, persons to whom we direct our content
marketing content, users of our social networks
- The data (first name, surname, contact addresses, telephone number) are processed for the purpose of the Administrator's legally
legitimate interest of the Administrator on the basis of Article 6(1)(f) RODO, consisting
primarily the marketing of its products and services, the promotion of its brand, the operation of
social networks. In the case of obtaining from you, consents, data will be
processed on the basis of Article 6(1)(a) of the RODO, (in the form of telephone contact,
sending an email or in the form of a text message.On the basis of our legitimate
interest, we may also process your data for the investigation of possible claims,
for statistical purposes, and for the continuous improvement of the quality of our
services we provide.
The provision of your personal data is not a legal obligation, but is necessary in order to
to respond to your enquiries, e.g. in the contact form.
2. our customers and customer contacts:
- data (usually first name, surname, contact addresses, telephone number, details of the
service details and invoice data) are processed for the purpose of performing the contract or taking action prior to
conclusion of the contract at the customer's request, on the basis of Article 6(1)(b) of the RODO; in the case of
customers and in the case of contact persons indicated by the customer e.g. in the content of the contract, on the basis of
on the basis of Article 6(1)(f) RODO - due to our legitimate interest. Your data as
Our customers' data are also processed for the purpose of fulfilling our legal obligations, e.g.
legal obligations e.g. billing, accounting and financial reporting, etc. in which case
we do so on the basis of Article 6(1)(c) RODO. Your provision of the aforementioned data is
necessary for the proper performance of the contract by us.
3. e-mail correspondence
- The data you provide (usually your first name, surname, contact address), when you
e-mail correspondence, your data (usually name, contact address) is processed exclusively for the purpose of communication and
dealing with the matter to which the correspondence relates. In this case, the legal basis for
processing is the legitimate interest of the Administrator on the basis of Article 6(1)(f) of the RODO,
consisting in the handling of correspondence addressed to it in connection with its
business activities. Your provision of the aforementioned data is necessary in order to
respond to correspondence addressed to us.
4 Visitors to our website:
- We would like to inform you that when you use the Website, additional information may be collected
information, in particular: the IP address assigned to your computer or the external
IP address of your internet service provider, domain name, browser type, access time, operating system type
operating system; from users of our website, data may also be collected
navigation data may also be collected from users of our website, including information about the links and references they choose to click on or other
actions taken on the Site. The legal basis for such activities is
Administrator's legitimate interest (Article 6(1)(f) RODO), consisting of facilitating the
use of the services provided electronically and to improve the functionality of these
5. the complainant's
- personal data provided by you, will be processed for the purpose of dealing with the complaint, on the
basis of Article 6(1)(f) of the RODO, which is a legitimate interest of the controller, but also
necessary in order to fulfil the legal obligations imposed on the administrator, i.e. on the basis of
Article 6(1)(c) RODO). The provision of your data to the extent prescribed by
law is necessary in order to carry out the complaint procedure.


The Administrator may only share your personal data if this is
necessary for the purposes of the processing: to entities providing us with
IT service providers, i.e. providers of hosting services, providers of software
to enable the website to be operated, to authorised employees and associates who
respond to your enquiries generated via the contact form.
In addition, we may pass on your data to the following companies that support our activities
advisory, auditing and legal companies, courier companies, banks, ZUS, US - within the scope of the Administrator's duties.
within the scope of the Administrator's legal obligations.


(1) The data subject shall have the right to access the content of his/her personal data and to
right to rectification, erasure (unless the Administrator is obliged to
their further processing), to restrict processing, the right to data portability, the right to
to object, the right to withdraw consent at any time without affecting the
the lawfulness of the processing carried out on the basis of consent before its withdrawal.
2 Legal grounds for the User's request:
(a) Access to data - Article 15 RODO.
b) Correction of data - Article 16 RODO.
c) Deletion of data (so-called right to be forgotten) - Article 17 RODO.
(d) Restriction of processing - Article 18 RODO.
(e) Data portability - Article 20 RODO.
(f) Objection - Article 21 RODO
(g) Withdrawal of consent - Article 7(3) RODO.
(3) In order to exercise the rights referred to in para. 2, one should send an appropriate e-mail message to the address:
(4) In the situation where the User exercises the rights resulting from the above rights, the Administrator shall comply with the request or refuse to comply with it immediately, but no later than
within one month of receipt. However, if - due to the complicated nature of the
of the request or the number of requests, the Administrator will not be able to comply with the request within one month,
it shall comply with the request within the next two months by informing the User beforehand within
month of receipt of the request - of the intended extension of the deadline and the reasons for it.
(5) If it is determined that the processing of personal data violates the provisions of the RODO, the data subject has the right to lodge a complaint with the President of the Office for the Protection of Personal Data
Personal Data Protection Office with its seat in Warsaw.


1 The Administrator's website uses "cookies" files.
(2) The installation of "cookies" is necessary for the proper provision of services on the website. Cookies contain information necessary for the proper
functioning of the website, as well as providing the possibility of developing general statistics
(3) The website uses two types of "cookies": "session" and "permanent".
a) "Session cookies" are temporary files which are stored in the User's
User's terminal equipment until they log out (leave the website).
b) "Permanent" cookies are stored on the User's terminal equipment for the time
specified in the parameters of "cookies" or until they are deleted by the User.
(4) The Administrator uses its own cookies to better understand how Users interact with the content of the website. The cookies collect information about the way
use of the website by the User, the type of page from which the User was redirected
as well as the number of visits and the duration of the User's visit to the website. This information does not
record your specific personal data, but is used to compile statistics on website usage.
use of the website.
(5) The Administrator uses external cookies to collect general and anonymous statistical data via Google Analytics analytical tools (Administrator
external cookies: Google Inc. based in the USA).
(6) Cookies may also be used by advertising networks, in particular the Google network. For this purpose, they may store information about the User's navigation path or time
The user has the right to decide whether or not to use cookies.
(7) The user has the right to decide on the access of cookies to his/her computer by selecting them in advance in his/her browser window. Detailed information on
details on the possibility and handling of cookies are available in the settings of your software
(web browser) settings. Information for selected, most popular browsers:
a) Chrome:
b) Safari:,
c) Firefox:
Our website uses Google Analytics, a web analytics service
provided by Google Ireland Limited (below: Google). Google Analytics uses
cookies (collects data on IP addresses, network location, date of visit, operating system,
browser type). The user has the right to prevent the storage of cookies by
using the appropriate setting of your browser software.


The period of data processing by the Administrator depends on the type of service provided and the purpose of the processing
of processing. The period of data processing specified may also result from regulations, in the
case they constitute the basis for processing. In case of data processing on the basis of
legitimate interest of the Administrator - the data shall be processed for the period
enabling its realization or until an effective objection is raised against the processing of the
data. If processing is based on consent, data are processed until the consent is
withdrawal. Where the basis for processing is necessity for the conclusion and
performance of the contract, the data will be processed until the contract is terminated. The processing period
of the data may be extended where the processing is necessary to establish,
investigation or defence against possible claims, and after this period, only in the
case and to the extent required by law. After the expiry of the period
processing, the data shall be irreversibly deleted or anonymised.


Your personal data will, in principle, not be transferred outside the European Economic Area
Economic Area (hereinafter EEA). However, with regard to the services provided by the provider of the
shop software provider, your data may be transferred outside the EEA. This will be
However, these will only be countries which provide an adequate level of protection on the basis of a decision of the
European Commission, and for countries that do not provide an adequate level of protection,
only if they provide adequate safeguards, including, inter alia, on the basis of
on the basis of standard contractual clauses adopted by the European Commission or
binding corporate rules.


The controller will not process your personal data in an automated manner
in such a way that any automated processing could result in
any decision, produce any other legal effect, or otherwise materially affect your rights and
materially affect your rights and obligations.


1. the Administrator shall apply technical and organisational measures to ensure the protection of the
1. The Administrator shall apply technical and organisational measures which ensure the protection of the personal data processed, appropriate to the risks and the category of data protected.
protection, and in particular secures the data against their access to unauthorised persons, against their
unauthorised persons, from being taken by an unauthorised person, from being processed with the violation of
the binding provisions of law and against alteration, loss, damage or destruction. 2.
(2) The controller shall make available appropriate technical measures to prevent unauthorised persons from acquiring and modifying personal data sent electronically.
by unauthorised persons.
(3) In matters not regulated by this Privacy Policy, the provisions of RODO and other relevant provisions of Polish law shall apply accordingly.