Privacy Policy

Effective from: 2025-10-11

1. Data Controller

1.1. The data controller (hereinafter: “Controller”) is:

  • IT360 Kamil Krzemiński
  • al. Powstania Warszawskiego 15
  • 31-539 Kraków, Poland
  • VAT ID: PL7343097416
  • Business Registration Number: 121483743
  • Email: hello@it360.pl
  • Phone: +48 571 505 575

2. Legal Basis and Purpose of Data Processing

2.1. Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

2.2. The Controller processes personal data for the following purposes:

a) Order fulfillment (Art. 6(1)(b) GDPR – performance of contract)

  • name and surname
  • delivery address
  • email address
  • phone number

b) Handling complaints (Art. 6(1)(c) GDPR – legal obligation)

  • data contained in the complaint

c) Issuing and storing invoices (Art. 6(1)(c) GDPR – legal obligation)

  • invoice data (name / company name, address, VAT ID)

d) Direct marketing (Art. 6(1)(f) GDPR – legitimate interest)

  • email address (only with user consent)

e) Establishing, pursuing, or defending claims (Art. 6(1)(f) GDPR – legitimate interest)

  • data necessary to establish, pursue, or defend claims

3. Data Recipients

3.1. Personal data may be transferred to the following categories of recipients:

  • Poczta Polska (Polish Post) – to the extent necessary for delivery
  • Payment operators – to the extent necessary for online payment processing
  • IT service providers – hosting, email services
  • Accounting office – for bookkeeping purposes
  • Law firms – if necessary to pursue claims

3.2. Data may be transferred to third countries (outside the EEA) in the case of international deliveries, solely to the extent necessary to fulfill the shipment.

3.3. When data is transferred outside the EEA, the Controller ensures appropriate safeguards in accordance with GDPR (e.g., standard contractual clauses, adequacy decisions).

4. Data Retention Period

4.1. Personal data is stored for the following periods:

  • Order fulfillment – until the contract is performed and claims arising from it expire
  • Invoices – 5 years from the end of the tax year (accounting regulations)
  • Complaints – until the complaint is resolved and claims expire
  • Marketing – until consent is withdrawn or objection is raised

5. Rights of Data Subjects

5.1. Each person whose data is processed has the right to:

  • access their personal data
  • rectification (correction) of data
  • erasure (“right to be forgotten”)
  • restriction of processing
  • data portability
  • object to processing
  • withdraw consent at any time (if processing is based on consent)

5.2. To exercise the above rights, please contact the Controller:

  • Email: hello@it360.pl
  • In writing:
    IT360 Kamil Krzemiński,
    al. Powstania Warszawskiego 15,
    31-539 Kraków, Poland

5.3. Each person has the right to lodge a complaint with a supervisory authority:

  • President of the Personal Data Protection Office (Poland)
  • ul. Stawki 2, 00-193 Warsaw, Poland
  • www.uodo.gov.pl
  • Or the supervisory authority in their country of residence (list available at: https://edpb.europa.eu/about-edpb/board/members_en)

6. Data Security

6.1. The Controller implements appropriate technical and organizational measures to ensure the security of personal data, in particular protecting data against:

  • unauthorized access
  • loss
  • damage
  • destruction

6.2. Data is stored on secure servers with access restricted to authorized persons.

6.3. The Controller uses encryption (SSL/TLS) for data transmission and secure authentication methods.

7. Cookies

7.1. The website uses cookies to:

  • ensure proper functioning of the website
  • remember user preferences
  • conduct visit statistics

7.2. Types of cookies used:

  • Necessary cookies – required for website operation (shopping cart, session)
  • Analytical cookies – visit statistics (e.g., Google Analytics)
  • Marketing cookies – ad personalization (only with user consent)

7.3. Users can change cookie settings in their browser at any time or delete stored files.

7.4. Disabling cookies may affect website functionality (e.g., inability to place an order).

7.5. The website may use cookies from third parties (e.g., Google Analytics). Information about third-party cookies:

  • Google Analytics: https://policies.google.com/privacy

8. Additional Information

8.1. Data is not processed in an automated manner (including profiling).

8.2. Providing personal data is voluntary but necessary for order fulfillment. Failure to provide data makes it impossible to conclude a sales contract.

8.3. The Controller does not transfer personal data to third parties for marketing purposes without the express consent of the user.

8.4. Personal data is not transferred to third countries that do not ensure an adequate level of protection unless appropriate safeguards are in place (Art. 46 GDPR).

9. Contact Regarding Privacy

9.1. For all questions regarding privacy and personal data processing, please contact:

  • Email: hello@it360.pl
  • Postal address:
    IT360 Kamil Krzemiński,
    al. Powstania Warszawskiego 15,
    31-539 Kraków, Poland

10. Changes to Privacy Policy

10.1. The Controller reserves the right to make changes to this Privacy Policy.

10.2. Users will be informed of all changes by publishing a new version on the website.

10.3. Changes do not affect data processing collected before their introduction.

10.4. Continued use of the website after changes are published constitutes acceptance of the new Privacy Policy.

Last updated: 2025-10-11