Facebook Linkedin

Privacy policy of Knoxtera Sp. z o. o.

1. Definitions and general information

If you use our website or the services offered through it, including e-consultations, we collect and process your personal data. The privacy policy describes the principles and purposes of processing this personal data, as well as contains information about cookies and similar technologies that we use on the website. The following terms have the following meanings:

The administrator or we - the administrator is an entity that determines the purposes and methods of processing personal data, and is also responsible, among others, for: for the appropriate level of their protection and the implementation of the rights of the data subjects. The administrator of your personal data obtained in connection with your use of the website or services offered through it, including e-consultations, is us, i.e.: Knoxtera Sp. z o. o. based in Warsaw (ul. Skierniewicka 10 A, 01-230 Warszawa).

personal data – any information about an identified or identifiable natural person (i.e. a living person); an identifiable natural person is one who can be identified, directly or indirectly, including: based on an identifier such as name, identification number, location data, online identifier or one or more factors specific to a person's physical, physiological, genetic, mental, economic, cultural or social identity.

data subject – any natural person whose personal data are processed by the Administrator in connection with his business, e.g. a person who is bound by a contract with the Administrator or sends an inquiry to him by e-mail.

Cookies – IT data stored in the end device, containing data on the User's use of the Website.

Privacy Policy – This privacy policy.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Website – the knoxtera.com website.

you, or the user– any natural person who visits the website or uses the services offered through it.

2. Purposes and basis for our processing of personal data

We may process your personal data for various purposes and on various legal bases - depending on the functions of the website. For example, we may process your data to conduct marketing activities, market and statistical analyses, improve the quality of our services or fulfill our legal obligations. Details are described below:

Using the website

We use cookies or similar technologies on the website. Therefore, as an administrator, we process information that may be considered personal data (such as e.g. IP address, online identifiers, data of your device, data regarding activity on the website). We process this information for the following purposes:

  • providing you with the website – the legal basis for processing is the necessity of processing to provide the service (Article 6(1)(b) of the GDPR);

You will find more information about cookies further in the privacy policy.

We record your activity on the website in the so-called system logs (a special computer program used to store a chronological record containing information about events and activities related to our IT system/our platform). The information collected in the logs may include information that is personal data (e.g. IP address, data of your device). We process this information primarily for purposes related to the provision of our services via the platform (Article 6(1)(b) of the GDPR). We also process them for technical and administrative purposes (e.g. error detection) and to ensure the security of our IT system/platform (e.g. detection of network attacks) and to manage this system/platform, as well as for analytical and statistical purposes - in this respect, the legal basis for processing is our legitimate interest (Article 6(1)(f) of the GDPR) consisting in ensuring the proper operation of the website and its improvement as well as protection of our economic interests.

Contact form

We provide the opportunity to contact us using the electronic contact form available on the website. When using this form, you will be asked to provide the required personal information (e.g. name, email address). The above data is necessary to accept and process your inquiry and allows us to contact you. You provide the data voluntarily, but sending an inquiry without providing this data is not possible.

We process personal data provided in the contact form in order to identify the sender and handle the inquiry. The legal basis for processing is our legitimate interest (Article 6(1)(f) of the GDPR), consisting in responding to and providing support to users.

In some cases (e.g. if you file a complaint), we may also process the data contained in the complaint form for the purpose of establishing, pursuing or defending against claims. The basis for processing is our legitimate interest (Article 6(1)(f) of the GDPR), consisting in protecting our rights and property interests and resolving any dispute with you, as well as responding to your complaint.

Direct marketing

We conduct marketing activities taking into account the legal regulations applicable to us, including respect for restrictions or prohibitions on advertising and promotion. We do not use your sensitive data (special categories of data within the meaning of Article 9 of the GDPR) for marketing purposes. The administrator may send marketing content when using the platform if you optionally agree to receive from us, via the communication channel you choose (e.g. e-mail or similar means of electronic communication), our offers, information about promotions, news and similar marketing content regarding the platform and our activities. The legal basis for processing is your consent (Article 6(1)(a) of the GDPR). The content you receive may be tailored to you (e.g. based on your location, gender or age group).

Internet marketing

We may also – within the limits permitted by law – provide information about our activities using online marketing tools (e.g. banners on other websites). To this end, we may use information collected in connection with your use of our platform (e.g. the fact that you are a customer may help us to optimise our online information campaigns). The legal basis for such processing is our legitimate interest in providing information about our business and our services (Article 6(1)(f) of the GDPR). We use the services of marketing partners such as Google, Microsoft, Meta (Facebook) and LinkedIn to display our campaigns to you, tailored on the basis of information collected whilst you are using the platform, including via cookies, if you have agreed to their use. The basis for such processing is your consent (Article 6(1)(a) of the GDPR). More information on this subject can be found in the section of the privacy policy regarding cookies.

Non-standard target groups

We can direct our campaigns on social media platforms (e.g. Facebook) or platform service providers such as Google to a specific group of recipients (so-called custom audiences). For this purpose, we use various technologies, such as a tracking pixel, collecting information about user activity on our profile (company website) on a social media platform, or we provide the operator of a given platform (e.g. Meta) with a secured file with some of our users' data. It includes, among others: e-mail addresses or telephone numbers thanks to which the platform operator, such as Meta, can identify you as a user of our platform (data matching). For example, if we want to display our campaigns on Facebook to people who are already our customers, we provide the Facebook operator (Meta) with a secured list with the necessary data; if our customers are Facebook users, our campaign will be displayed to them. In the same way, we may exclude all or some of our clients from the group of campaign recipients. The personal data transferred are appropriately secured.

Meta (Facebook)

As part of the platform, we use tools offered by Meta Platforms Ireland Ltd, such as the Meta pixel or event analysis in the mobile application and website. For example, when you visit a platform, the Meta pixel sends information to Meta about it. Thanks to this, we can better adjust our campaigns on the Facebook platform and check their effectiveness. This also allows us to obtain analytics and measurements about our products and services from Meta. We are responsible for the data collection and processing process together with Meta Platforms Ireland Limited (co-administration). This includes the following purposes, i.e. creating personalized or relevant advertising and optimizing it.

Determination, investigation and enforcement of claims

In such a case, some personal data provided by the User as part of using the functionality on the Website may be processed, such as: name, surname, data regarding the use of services, if the claims result from the way the User uses the services, other data necessary to prove the existence of the claim, including the extent of the damage suffered. Legal basis - legitimate interest (Article 6(1)(f) of the GDPR), consisting in determining, pursuing and enforcing claims and defending against claims in proceedings before courts and other state authorities.

Company profile on social media

If you visit our profile (company account/company website) on a social media platform such as Facebook, LinkedIn, and you interact with us (e.g. adding to favorites, leaving comments, likes), we process your personal data.

The scope of personal data that we process includes data that you provide to us, as well as data obtained by us from the operator of a given platform, including data such as your ID on the social media platform (name and surname or profile name), profile photo/avatar, etc. Providing data is voluntary, but without providing it you cannot use some functions of the social media platform (e.g. add a comment, write us a message).

Independently of us, the platform operator processes your personal data in order to provide you with the services of this platform, in accordance with its terms and conditions of use. Please read the regulations/terms of use and privacy policy/information on the processing of personal data applicable to the platform you are using. When browsing our website, you will find links to our profiles (company accounts/pages) on social media platforms. After clicking the link, you will be redirected to our profile (account/company website), which we maintain within the selected platform. After redirection to such a platform, the administrator of your personal data is also the operator of a given platform, which may use the collected information for its own purposes (e.g. it may use the information that you have moved from our website to a social media platform, e.g. for advertising purposes, market research or collecting information about your preferences). We have no influence on the processing of personal data, which is carried out independently by the platform operator as a separate administrator. Detailed information on the processing of personal data by social media platforms can be found in their privacy policies:

Facebook, LinkedIn

If you use our profile (company website) on these platforms or content related to it, we process your personal data. Dane, jakie przetwarzamy, mogą obejmować:

  • username;
  • comments posted on our company website;
  • messages you send to us;
  • activity on our company website (thanks to the "Audience Insights" service that we use), e.g. visits to our company website, posts, average duration of video views, information about the country and city where visitors come from, statistics on visitor payments;
  • other information necessary to fulfill requests or to uniquely identify visitors.

The operator of the Facebook and Instagram platforms is Meta Platforms Ireland Limited (Serpentine Avenue, Block J, Dublin 4, Ireland - hereinafter referred to as "Meta"). Meta processes your personal data in accordance with its privacy policy, which is available at Facebook and Instagram.

Co-administration with Meta

We use statistical information related to the use of our profile (company page) on Facebook, which Meta makes available to us in an anonymized form, including via the "Audience Insights" service. This service does not allow you to assign information to individual users or gain access to their individual profiles. You can find more about Facebook business page statistics here.

We are joint controllers of your personal data together with the Facebook operator Meta (Meta Platforms Ireland Limited, Serpentine Avenue, Block J, Dublin 4, Ireland) in relation to the processing of data for the purposes of website statistics (data for statistics). Co-administration includes collective data analysis to display activity statistics of our profile users.

The scope of Meta's responsibility for data processing under joint control is:

  • having a legal basis for data processing for the purposes of website statistics;
  • ensuring the implementation of the rights of data subjects;
  • reporting violations to the supervisory authority and notifying persons affected by the violation about the event;
  • providing appropriate technical and organizational measures to ensure the security of your data.

The scope of our responsibility for data processing under joint control is:

  • having a legal basis for data processing for statistical purposes;
  • fulfillment of information obligations in the scope of our processing purposes.

The main supervisory authority for joint data processing is the Irish Data Protection Commission. Detailed information regarding mutual arrangements between joint controllers is available here.

In connection with maintaining profiles (company websites) on the platforms, we may process your personal data for purposes the implementation of which is our legitimate interest (Article 6(1)(f) of the GDPR), consisting of:

  • maintaining a profile on a social networking site, under the terms specified by the operator of this site;
  • conducting marketing campaigns on the website,
  • providing information about our activities via our profile;
  • building and strengthening relationships with potential and current customers, as part of communication via a social networking site;
  • conducting analyzes and statistics regarding the functioning, popularity and use of our profile;
  • determining, investigating and defending against possible claims regarding the use of the profile.

Collection of contractors' data

If you are our contractor or a contact person acting on behalf of a contractor, we may process your personal data - most often it will be name and surname, e-mail address, telephone number, data regarding the business activity or function performed. We need this data for ongoing contact, preparation and conclusion of the contract, and then its implementation and settlement. In such cases, the basis for processing is the concluded contract or actions aimed at concluding it - in accordance with Art. 6 section 1 letter b GDPR - or our legitimate interest, which is to ensure efficient cooperation and fulfillment of contractual obligations (Article 6(1)(f) of the GDPR).

Your data may also be processed in connection with the legal obligations imposed on us as the administrator, e.g. in the field of issuing invoices, keeping accounting books or tax documentation - in this case, we act on the basis of Art. 6 section 1 letter c GDPR.

It also happens that we contact our contractors or their representatives for marketing purposes - for example, to inform about new services, solutions or invite them to participate in industry events. If you consent to such activities, we process your data based on Art. 6 section 1 letter a GDPR. If we do not require consent and the communication takes place within the framework of an existing business relationship, the basis is our legitimate interest in accordance with Art. 6 section 1 letter f GDPR.

We store data only as long as necessary - in particular for the duration of the contract and for the period required by law, as well as for the time needed to pursue or defend against claims. If the processing is based on consent - e.g. for marketing purposes - the data will be processed until it is withdrawn.

At any time, you can ask us what data we process, request its rectification, restriction of processing, and in certain situations, deletion or objection. If we process data on the basis of your consent, you have the right to withdraw it - without affecting the lawfulness of the processing that took place before its withdrawal.

Other Data Collection

In connection with its business activities, the Administrator also collects personal data in other cases - e.g. during business meetings, industry events or by exchanging business cards - for purposes related to establishing and maintaining business contacts. Personal data is provided voluntarily in such cases. The legal basis for processing in this case is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in creating a network of contacts in connection with the conducted business. Personal data collected in such cases are processed only for the purpose for which they were collected.

2.1. The Administrator ensures that the amount of data processed in correspondence complies with the principle of data minimization and that only authorized persons have access to it.

2.2. When using the website, additional information may be collected, in particular: the IP address assigned to the end device (e.g. telephone, tablet, computer) of the Customer or the external IP address of the Internet provider, domain name, browser type, access time, operating system type.

2.3. For the purpose of marketing own products and improving services, navigation data may also be collected from Users, including information about links and references they decide to click or other activities undertaken on our website, based on the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR), consisting in facilitating the use of services provided electronically and in improving the functionality of these services.

2.4. The provision of personal data is voluntary in connection with the provision of services via the Website, with the reservation, however, that failure to provide the data specified in the form will prevent the provision of this service.

3. Cookies and similar technologies

We use cookies on our platform and may use other similar technologies and tools that are saved on your device and allow us or other entities we work with to collect information (e.g. tracking pixels, local data files, tags), which we refer to collectively as "cookies" for simplicity.

Cookies are small text files saved and stored on your device (e.g. in the memory of your computer or smartphone). They allow, among others: recognize your device and display the website correctly (including adapting it to the user's preferences), as well as collect various information related to the user's browsing of the platform. Cookies usually contain the name of the website (domain) they come from, their storage time on the device and a unique identifier.

Cookies perform various functions. Some of them are strictly necessary for the proper operation of the platform, and others collect information related to your use of the platform, e.g. by remembering your visits and activities performed during that time.
We use cookies and similar technologies primarily for the purposes of:

  • authenticating you within the platform (so you can log in and be logged in);
  • analytical and statistical - so that we can better understand how users use the platform, which allows us to improve the platform and provide better services;
  • marketing (e.g. in connection with collecting information for online campaigns).

The information collected by cookies does not typically directly identify you. From our perspective, the information we obtain through cookies is anonymous data. However, in some cases, especially when combined with other information, cookies can potentially identify an individual (e.g. IP address combined with a cookie ID and information held by third-party vendors we use). We want to take a transparent and privacy-minded approach to cookies, so in our privacy policy we cautiously assume that their use involves the processing of personal data.

Cookies have different periods of activity, after which they are automatically deleted (expire) - unless you delete them yourself first. Some cookies are temporary (so-called session cookies, which are saved only for the duration of your session on the platform or slightly longer - e.g. several minutes) and are automatically deleted after closing the browser or logging out of the platform. Other cookies (e.g. Google Analytics, cookies for displaying cookie messages) are stored longer (e.g. for several months or even years) and can be deleted, e.g. via browser settings.

Some cookies come from our domain (so-called first party cookies), and others come from external servers and are saved by third parties (e.g. service providers we use - so-called third party cookies).

3.1. Necessary cookies

Some cookies are necessary for the proper and secure operation of the platform. Therefore, in accordance with the provisions of law (Article 398 of the Electronic Communications Act), their use does not require your consent.

3.2. Analytical and statistical cookies

As part of the platform, we use the services of other companies that provide us with analytical and statistical services (e.g. Google Analytics). For this purpose, we use our own cookies (first party) or external cookies (provided by external suppliers), which allow us to monitor - for the purposes of analysis and statistics - how you use the platform and what pages you browse within the platform. They also allow you to analyze traffic data on the platform's pages, IP and MAC addresses, general geographical data, the type of browser and device from which you connect to the platform, information about your Internet provider and information about the activities you undertake within the platform (analytics). This allows us to create general reports and statistics to improve the platform and address any bugs.

3.3. Marketing cookies

Marketing cookies enable the display of marketing content (e.g. information about activities) that is tailored to users (based on, among others, information about the visit to our platform, pages viewed on our platform and links clicked). They serve, among others, to tailor marketing content on the Internet, as well as to display marketing content outside our platform and to conduct marketing statistics. The information collected by these cookies may be transferred to other companies that offer their advertising networks or tools for conducting marketing campaigns (e.g. Microsoft, Meta, Google).

All marketing activities we conduct are undertaken in compliance with advertising restrictions and prohibitions that apply to the website. strony.

3.4. Consent to the use of cookies

The use of cookies requires your consent (except for the so-called strictly necessary cookies, which we describe above). We display a message on the platform informing about our use of cookies. In this message, you can consent to the use of cookies for the purposes indicated therein or refuse such consent. If you refuse consent, we can only use cookies strictly necessary for the functioning of the website - your consent is not required to use these cookies, because without them the website will not function properly (Article 398 of the Electronic Communications Act).

If personal data is processed as part of the use of cookies requiring consent (this applies to non-essential cookies - e.g. analytical, marketing), the basis for such processing is your consent (Article 6(1)(a) of the GDPR). Our further processing of your personal data, initially collected thanks to cookies, may be based on our legitimate interest (Article 6(1)(f) of the GDPR - e.g. marketing of products or services, creating statistics and analyses), in accordance with what we described in the previous chapters of the privacy policy.

In the case of external cookies (third party), your consent to the use of such a file also means that your data obtained thanks to such a cookie will be transferred to an external supplier (another company).

You can withdraw your consent to the use of cookies at any time, e.g. by using the cookie settings in the "window" regarding these files displayed on the interface of our website or using the settings of your web browser. You can also set your browser to automatically block all or some cookies. Detailed information about the browser's functionality and settings can be found in its documentation.

Please note that if necessary cookies are blocked, the website will not function properly for technical reasons.

3.5. List of cookies used on the website

Cookie

Duration

Description

cookieyes-consent

1 year

It is used to save information about the user's consent to the use of cookies. Thanks to it, the website remembers the user's choices regarding cookie categories (e.g. marketing, analytical).

wpEmojiSettingsSupports

session

This is a technical WordPress cookie used to determine whether the user's browser supports emoticons (emojis). It does not contain personal data and is used to improve the operation of the interface.

__cf_bm

1 hour

A Cloudflare cookie used to distinguish real users from bots to protect the site from automated attacks (e.g. botnet attacks). It is used to improve the security of the website.

lidc

1 day

This cookie is set by LinkedIn to optimize routing (i.e. directing the user to the appropriate server) and maintaining the user's session during integration with LinkedIn services.

Li_gc

6 months

Set by LinkedIn to record user consent to the use of cookies within LinkedIn services (e.g. social plug-ins, analytics, advertising).

bcookie

1 year

Serves as a user's browser identifier to recognize returning users and ensures the security and integrity of the LinkedIn platform.

3.6. Cookie mechanism

The cookie mechanism is safe for your device. Thanks to it, it is impossible for viruses or other unwanted software to get onto your device. However, you can limit or disable cookies in your browser settings. If you do this, you will still be able to use the Website, although some features that require cookies may not be available.

3.7. Changing cookie settings

Below you will find instructions on how to change cookie settings in popular web browsers:

4. Personal data processing period

The period of our processing of your personal data depends on the type, purpose and basis of processing.

We store data:

  • in the case of processing on the basis of a legitimate interest (e.g. protection against claims or pursuing claims) - for the period necessary to implement this interest (e.g. in the case of property claims - until such claims expire), unless you raise an effective objection to the processing of personal data;
  • if the basis for processing is the necessity to conclude and perform a contract - for the duration of such a contract;
  • if the basis for processing is a legal obligation - for the period specified in the law (e.g. tax documentation is usually kept for 5 years from the end of the year in which the tax payment deadline fell);
  • if the data is processed on the basis of consent - until the consent is withdrawn, unless we no longer need the data to achieve the purpose for which the consent was collected.

We may extend the processing period of your personal data if the processing is necessary to establish, pursue or defend against possible claims or if it is necessary to fulfill our legal obligations, and after that time only if and to the extent required by law. After the storage period has expired, we delete or irreversibly anonymize the data.

Personal data provided as part of comments posted on our fanpage on the Facebook social networking site will be stored until they are deleted by the author (unless we delete them earlier ourselves). More information about the processing of personal data on the Facebook social networking site can be found here.

5. Rights of data subjects

You have the right to access your personal data, request rectification, deletion, restriction of processing, the right to transfer data (if the processing is carried out in an automated manner based on a contract or consent), the right to object to the processing of data (if the processing is based on a legitimate interest - e.g. in connection with the implementation of analytical and statistical purposes - or for direct marketing purposes), the right to withdraw consent and the right to lodge a complaint with the supervisory authority.

More information regarding your rights is provided below:

  • The right to request access to your personal data from us: This means that you can obtain information from us about how and to what extent we process
  • The right to request us to rectify your personal data: This means that you can request us to rectify (correct) your personal data, e.g. if it has been recorded incorrectly or if it has changed.
  • The right to request that we delete your personal data: This means that you can request that we delete your personal data if there is no basis for us to process this data or if there are other circumstances provided for by the GDPR.
  • The right to request us to limit the processing of your personal data: This means that you can request that your personal data be processed only to a limited extent, until your objection to the processing of your data is recognized or until your request for correction of data is considered, or if you want your data to be stored by us in connection with your claims or in connection with the finding of unlawful data processing.
  • The right to transfer personal data: If we process your personal data based on your consent or on the basis of a contract concluded with you and it is done in an automated manner (e.g. by computer), you have the right to request that we transfer your personal data that you have provided to us in a structured, commonly used, machine-readable format (e.g. XML). You may yourself transfer such personal data to another administrator of your choice. Moreover, if technically possible, while maintaining appropriate security standards, at your request, we may transfer your personal data to another administrator indicated by you. The right to data portability must not adversely affect the rights and freedoms of other persons.
  • The right to object to processing: If we process your personal data on the basis of a legitimate interest, you may object to such processing on grounds relating to your particular situation. We will then analyze the objection in terms of the existence of valid legitimate grounds for our processing of personal data that override your interests, rights and freedoms or grounds for us to pursue or defend against claims. In the event of an effective objection, we can no longer process the personal data concerned by the objection.
  • If we process your personal data for direct marketing purposes, you can object to such processing at any time. This objection does not require any justification. If we receive such an objection, we will no longer process your data for direct marketing purposes.
  • The right to withdraw consent to the processing of your personal data: Where we process your personal data on the basis of consent, you may withdraw such consent at any time with future effect. This means that the withdrawal of consent does not affect the lawfulness of processing that took place on the basis of consent before its withdrawal. To withdraw your consent, you can, for example, contact us via the contact channels indicated below, change the settings in your customer account or use the special link visible in the e-mail we sent.
  • The right to lodge a complaint with the supervisory authority: If you believe that our processing of your personal data is unlawful, you have the right to lodge a complaint with the supervisory authority responsible for the protection of personal data. In Poland, the supervisory authority is the President of the Personal Data Protection Office.

It may happen that we will not be able to exercise some rights - e.g. due to legal obligations imposed on us. In this case, we will not be able to fulfill your request to delete this personal data. Due to your exercise of the rights described above, we may additionally verify your identity.

6. Data recipients

As part of running the platform, we use the services of third parties (our subcontractors and external suppliers). Therefore, the recipients of your personal data will be IT service providers (e.g. hosting), companies such as banks and payment operators, companies providing accounting services (in connection with issuing an invoice/bill), entities providing tools for creating online surveys. If we transfer your data to external entities, it is done with respect for legally protected secrets (especially using encryption or other appropriate security measures).

We may also disclose personal data to courts or competent public authorities (e.g. law enforcement agencies) or other authorized third parties. Data is disclosed only when there is an appropriate legal basis for it (e.g. a legal provision requiring the disclosure of personal data) and in accordance with applicable regulations.

 

Due to the use of third-party cookies, the data collected by these cookies, including information that may constitute personal data, is collected by the third-party providers of these cookies (details can be found in section 3.4 of the privacy policy regarding cookies). If you visit or follow our fan page hosted on the Facebook social networking site, or interact via this fan page, we may disclose your personal data to the operator of this website and its other users, on the terms set out by the operator of the Facebook social networking site. The privacy policy of Meta Platforms Ireland Limited (Serpentine Avenue, Block J, Dublin 4, Ireland) can be found here.

7. Source of obtaining personal data

We generally obtain personal data directly from you when you use the platform or the services provided through it.

8. Transfer of data outside the EEA

Service providers are based mainly in Poland and other countries of the European Economic Area (EEA). If your data is transferred outside the EEA, the Administrator will apply appropriate legal safeguards, i.e. standard contractual clauses for the protection of personal data, approved by the European Commission.

The level of protection for personal data outside the European Economic Area (EEA) differs from that provided by European law. For this reason, we ensure that we will only transfer your personal data outside the EEA where necessary and with an adequate level of protection. We currently do not anticipate transferring your data outside the EEA.

9. Security

The procedures introduced by the Administrator ensure an appropriate level of confidentiality and integrity of personal data processed by him. Only properly trained and authorized persons have access to personal data. The Administrator uses organizational and technical solutions to ensure that all operations on personal data are registered and performed only by authorized persons. The Administrator takes the necessary steps when selecting processors and other subcontractors to ensure that the level of personal data protection provided by these entities is sufficient. The Administrator conducts ongoing risk analysis and monitors the adequacy of the data security measures used to the identified threats. If necessary, the Administrator implements additional measures to increase data security.

10. Our contact details and data protection officer

You can contact us by mail at our address: Knoxtera Sp. z o.o., ul. Skierniewicka 10 A, 01-230 Warszawa.

We have appointed a data protection officer (DPO). Our DPO is Krzysztof Pawelec. You can contact him in matters relating to our processing of personal data by sending an e-mail to the following address: ochronadanych@exorigo-upos.pl or by writing to the following address: Knoxtera Sp. z o.o., ul. Skierniewicka 10 A, 01-230 Warszawa with the note "IOD".

11. Changes to the privacy policy

We review our privacy policy on an ongoing basis and update it if necessary. If the changes are significant, we will make every effort to notify you using available contact channels (e.g. e-mail).

The current version of the privacy policy is valid from April 10, 2026.