Privacy policy and cookies of the website https://sitix.pl

Effective date: 20.03.2026

1. GENERAL PROVISIONS

1.1. This Privacy Policy and Cookies Policy sets out the rules for the processing of personal data and the use of cookies in connection with the use of the website https://sitix.pl, hereinafter referred to as the “Service”.

1.2. The Controller exercises due diligence to ensure that personal data is processed in accordance with the applicable provisions of law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and the relevant provisions of Polish law.

2. CONTROLLER OF PERSONAL DATA

2.1. The controller of personal data is SITIX Spółka z ograniczoną odpowiedzialnością, with its registered office in Bialystok, Warszawska str. 6/32, 15-063 Bialystok, entered in the register of entrepreneurs of the National Court Register under KRS number 0000972182, NIP: 9662163148, REGON: 522056344, hereinafter referred to as the “Controller”.

2.2. Contact with the Controller is possible:

a) by traditional mail to the registered office address indicated above,

b) by email: info@sitix.pl,

2.3. The Controller has not appointed a Data Protection Officer. In all matters concerning the processing of personal data, you may contact the Controller directly using the contact details indicated above.

3. SCOPE OF DATA PROCESSED

3.1. The Controller may process personal data voluntarily provided by the user, in particular:

a) first and last name,

b) telephone number,

c) email address,

d) company name,

e) job position,

f) the content of the message,

g) data contained in attachments sent via the form or by email,

h) data necessary to prepare an offer, perform a contract, or conduct correspondence.

3.2. The Controller may also process data collected automatically during the use of the Service, in particular:

a) IP address,

b) the date and time of the visit,

c) information about the end device,

d) information about the operating system and browser,

e) data concerning activity within the Service,

f) data stored in cookies or similar technologies.

4. SOURCE OF DATA

4.1. As a rule, personal data comes directly from the person to whom the data relates.

4.2. In the case of business contact, the Controller may also process the data of persons representing a contractor or persons designated for contact on the part of the client or business partner, if such data has been provided to the Controller in connection with the cooperation being conducted.

5. PURPOSES AND LEGAL GROUNDS FOR PROCESSING

5.1. Personal data is processed for the following purposes:

a) handling inquiries submitted via the contact form, email, by telephone, or in any other way – on the basis of Article 6(1)(b) GDPR, if the contact is aimed at concluding a contract or taking steps prior to concluding it, or on the basis of Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest consisting in conducting communication and handling inquiries;

b) preparing an offer, conducting negotiations, concluding and performing a contract – on the basis of Article 6(1)(b) GDPR;

c) fulfilling the legal obligations incumbent upon the Controller, in particular tax, accounting, and archiving obligations – on the basis of Article 6(1)(c) GDPR;

d) establishing, pursuing, or defending claims – on the basis of Article 6(1)(f) GDPR, i.e. the Controller’s legitimate interest;

e) conducting direct marketing of the Controller’s own products and services – on the basis of Article 6(1)(f) GDPR, and where communication channels requiring prior consent are used – also on the basis of consent, i.e. Article 6(1)(a) GDPR;

f) compiling statistics, ensuring the security of the Service, detecting abuse, administering the Service, and improving its functionality – on the basis of Article 6(1)(f) GDPR;

g) the use of optional cookies, in particular analytical or marketing cookies – on the basis of Article 6(1)(a) GDPR, i.e. the user’s consent.

6. IS THE PROVISION OF DATA MANDATORY

6.1. The provision of personal data is voluntary, however, in many cases it may be necessary in order to:

a) respond to an inquiry,

b) prepare an offer,

c) conclude or perform a contract,

d) conduct further business communication.

6.2. Failure to provide data may make it impossible or difficult to achieve the above purposes.

7. DATA RECIPIENTS

7.1. Personal data may be disclosed to entities cooperating with the Controller solely to the extent necessary to achieve the purposes of processing, in particular:

a) providers of hosting and IT services,

b) providers of email and communication tools,

c) entities providing servicing, administrative, or technical support services,

d) the accounting office, law firm, advisors,

e) postal operators and couriers,

f) banks and payment institutions – if this is necessary for the performance of a contract,

g) providers of analytical or marketing tools – solely where the user gives consent to this and where such tools are actually used within the Service,

h) public authorities – if the obligation to transfer data results from provisions of law.

7.2. If the Controller uses entities processing data on its behalf, such entities act on the basis of appropriate agreements and solely in accordance with the Controller’s instructions.

8. TRANSFER OF DATA OUTSIDE THE EEA

8.1. As a rule, personal data is processed within the European Economic Area.

8.2. If, in connection with the use of specific technological tools or cloud services, personal data is transferred outside the European Economic Area, the Controller shall ensure that such transfer takes place in accordance with the GDPR, in particular on the basis of an adequacy decision or with the use of standard contractual clauses.

9. DATA RETENTION PERIOD

9.1. Data related to the handling of inquiries and correspondence is stored for the time necessary to handle the matter, and then for the period needed to safeguard potential claims, but no longer than 24 months from the end of the contact, unless further storage is justified by the conclusion of a contract or a legal obligation.

9.2. Data related to the conclusion and performance of a contract is stored for the duration of the contract, and after its termination for the period required by law and for the time necessary to establish, pursue, or defend claims.

9.3. Data contained in accounting and tax documents is stored for the period required by the applicable provisions of law.

9.4. Data processed on the basis of consent is stored until the consent is withdrawn or the purpose of processing ceases.

9.5. Data related to cookies is stored for the period indicated in the settings of the cookie management tool or until it is deleted by the user, depending on the type of cookie concerned.

10. RIGHTS OF DATA SUBJECTS

10.1. A data subject has the right to:

a) access to data,

b) rectification of data,

c) erasure of data,

d) restriction of processing,

e) data portability – in the cases provided for by law,

f) object to the processing of data based on Article 6(1)(f) GDPR,

g) withdraw consent at any time – where processing is based on consent; the withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal,

h) lodge a complaint with the President of the Personal Data Protection Office.

10.2. If an objection is raised to the processing of data for direct marketing purposes, the Controller shall cease processing the data for that purpose.

10.3. In order to exercise your rights, you may contact the Controller at: info@sitix.pl.

11. AUTOMATED DECISION-MAKING AND PROFILING

11.1. Personal data is not used to make decisions concerning the user based solely on automated processing that would produce legal effects concerning the user or similarly significantly affect the user.

11.2. If the Controller implements solutions involving profiling, this Policy shall be updated accordingly.

12. COOKIES AND SIMILAR TECHNOLOGIES

12.1. The Service uses cookies and similar technologies in order to ensure the proper operation of the website, enhance security, remember selected settings, analyze traffic, and – where applicable – conduct marketing activities.

12.2. The following categories of cookies may be used within the Service:

a) necessary – essential for the proper functioning of the Service,

b) functional – enabling the user’s settings to be remembered,

c) analytical – used to measure and analyze traffic within the Service,

d) marketing – used to tailor marketing content and measure the effectiveness of campaigns, where such tools are used.

12.3. Necessary cookies may be used without the user’s consent if they are essential to ensure the proper functioning of the Service.

12.4. Functional, analytical, and marketing cookies are used solely after obtaining the user’s prior consent, where required by law.

12.5. During the first visit to the Service, the user may:

a) accept all optional cookies,

b) reject all optional cookies,

c) manage preferences for individual categories of cookies.

12.6. The user may change the settings concerning cookies at any time using the tool available within the Service or by changing the settings of their web browser.

12.7. Restricting the use of certain cookies may affect the proper operation of selected functions of the Service.

13. SERVER LOGS

13.1. Use of the Service involves sending requests to the server on which the Service is stored.

13.2. Each request sent to the server may be recorded in the server logs and may include, among other things, the IP address, the date and time of the event, information about the web browser, and the operating system.

13.3. Data recorded in the server logs is used solely for technical, administrative, security, and diagnostic purposes and is not associated with specific persons unless this is necessary to determine the causes of an incident or security breach.

14. DATA SECURITY

14.1. The Controller applies appropriate technical and organizational measures aimed at protecting personal data against loss, destruction, disclosure to unauthorized persons, unauthorized access, or other unlawful processing.

15. CHANGES TO THE POLICY

15.1. The Controller may periodically update this Policy, in particular in the event of legal, technological, or organizational changes.

15.2. The current version of the Policy is published within the Service.

16. CONTACT

In matters concerning this Policy and the processing of personal data, please contact:

SITIX Sp. z o.o.

Warszawska str. 6/32, 15-063 Bialystok

email: info@sitix.pl