This website uses cookies.

Privacy Policy

I. General Provisions
  1. This document constitutes an appendix to the Regulations. While using our services, you entrust us with your information. The only aim of this Privacy Policy is to help you understand the kinds of information and data collected, the purpose of their collection as well as the purpose of their use. These data are very important to us, therefore we ask you to read this document carefully, as it defines the rules and methods of processing and protection of personal data. This document also determines the rules for the use of Cookies.
  2. We declare that we comply with the rules of personal data protection and legal regulations provided for in the Polish Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  3. The person whose personal data are processed has the right to ask us for comprehensive information on how we use their personal data. We always try to provide clear information about the data we collect, the manner and purposes of their use, the entities to which they are transferred, the protection of these data ensured by us during their transfer, as well as institutions to be contacted in case of any doubts.
  4. The Seller applies such technical measures as: physical protection measures of personal data, hardware of the IT and telecommunications infrastructure, protection measures within software tools and databases as well as organisational measures ensuring proper protection of personal data processed; in particular those measures protecting personal data against unauthorised disclosure to third parties, obtaining them by an unauthorised person and using them for an unknown purpose, as well as accidental or intentional change, loss, damage or destruction.
  5. Pursuant to the rules specified in the Regulations and this document, we have exclusive access to the data. Access to personal data may be also entrusted to other entities through which payments are made, which collect, process and store personal data in accordance with their Regulations and entities which are liable for the performance of the order. The access to personal data is granted to the above-mentioned entities in the necessary scope which will ensure the provision of services.
  6. Personal data are processed only for purposes to which you have given your consent by clicking on the relevant boxes of the form placed on the Website or in another clear way. The legal basis for the processing of your personal data is the consent to the processing of data or the requirement to provide a service that you have ordered from us (e.g. to execute a Product order) (pursuant to Article 6(1)(a) and (b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR.
II. Privacy Rules
  1. We treat privacy seriously. We ensure respect for privacy and the fullest guaranteed convenience of the use of our services.
  2. We value the trust of the Users who entrust us with their personal data for the purpose of the order execution. We always use personal data in an honest manner so as not to disappoint this trust, only to the extent necessary for the execution of the order, including its processing.
  3. The User has the right to obtain clear and complete information on how and for what purposes we use their personal data. We always clearly inform Users about the data we collect, how and to whom we transfer them, as well as entities to be contacted in the case of doubts, questions and comments.
  4. In the case of doubts as to our use of the User’s personal data, we will immediately take actions to clarify and allay such doubts and to provide full and exhaustive responses to all questions concerning them.
  5. We will take all reasonable steps to protect the Users’ data against improper and uncontrolled use and to secure them in a comprehensive manner.
  6. The controller of your personal data is TAXOLOGY Sp. z o.o. Tax identification number (NIP): 5272883861, Sienna 64, 00-825 Warsaw.
  7. The legal basis for the processing of your personal data is Article 6(1)(b) of the GDPR. The submission of data is not mandatory, but necessary to undertake appropriate activities preceding the execution of the agreement and its performance. We will transfer your personal data to other recipients entrusted with the processing of personal data on our behalf and for our benefit. Your data will be transferred on the basis of Article 6(1)(f) of the GDPR, where the legitimate interest is the proper performance of agreements/orders. In addition, we will make your personal data available to other business partners. We store the collected personal data in the European Economic Area (the ‘EEA’), but they may be also transferred to a country outside this area and processed there. Each personal data transfer operation is performed in accordance with the applicable law. If data are transferred outside the EEA, we use standard contractual clauses and the privacy shield as safeguards in relation to countries which according to the European Commission do not ensure an adequate level of data protection.
  8. Your personal data related to the execution and performance of the agreements will be processed for the period of their performance, as well as for a period no longer than that determined in the provisions of law, including in the provisions of the Polish Civil Code and the Polish Accounting Act, i.e. for no longer than 10 years from the end of the calendar year in which the last agreement was performed.
  9. Your personal data processed for the purpose of the execution and performance of future agreements will be processed until an objection is raised.
  10. You have the right to: access your personal data and receive copies of your personal data subject to processing, rectify your incorrect data; request the erasure of data (the right to be forgotten) in the case of the occurrence of circumstances provided for in Article 17 of the GDPR; request the restriction of data processing in cases specified in Article 18 of the GDPR, object to the processing of data in cases specified in Article 21 of the GDPR, and transfer your data, processed in an automated manner.
  11. If you consider that personal data are processed unlawfully, you may lodge a complaint with the supervisory authority (Personal Data Protection Office, ul. Stawki 2, Warsaw). If you need additional information related to the personal data protection or want to exercise your rights, please contact us by letter to the correspondence address.
  12. We make every effort to protect information being in our possession against unauthorised access, unauthorised modification, disclosure and destruction. In particular:
  13. We control methods of collecting, storing and processing information, including physical security measures, to protect against unauthorised access to the system.
  14. We grant access to personal data only to employees, contractors and representatives who must have access to them. Moreover, they are obliged under an agreement to maintain strict confidentiality, and to allow us to control and check how they fulfil their obligations; if they fail to fulfil these obligations they may suffer consequences.
  15. We will comply with all applicable data protection laws and regulations and will cooperate with data protection authorities and competent law enforcement bodies. In the absence of data protection provisions, we will follow generally accepted rules of data protection, rules of social coexistence and established customs.
  16. The exact manner of the personal data protection is described in the personal data protection policy (PDP: security policy, personal data protection regulations, IT system management instruction). For security reasons, due to the procedures described therein, it is available only to state inspection authorities.
  17. If you have any questions concerning the treatment of personal data, please contact us through the website from which you have been redirected to this Privacy Policy. The contact request will be immediately submitted to the appropriate person.
  18. The User always has the right to notify us if:
    1. they do not want to receive information or messages from us in any form;
    2. they want to receive a copy of their personal data being in our possession;
    3. they want to rectify, update or delete their personal data in our records;
    4. they want to report violations and inappropriate use or processing of their personal data.

In order to make it easier for us to respond or refer to the information provided, please submit the first and last name and further relevant details.

III. Scope and purpose of the personal data collection
  1. We process necessary personal data exclusively to perform services and to fulfil accounting obligations, i.e.:
    1. to place an order,
    2. to make the agreement, process complaints and withdraw from the agreement,
    3. to issue a VAT invoice or another receipt.
    4. to monitor traffic on our websites;
    5. to collect anonymous statistics in order to determine how users use our website;
    6. to determine the number of anonymous users of our websites;
    7. to control how often the selected content is shown to users and what type of content is shown most frequently;
    8. to control how often users choose a given service or from the level of which service the contact is made most frequently;
    9. to examine newsletter subscriptions and contact options;
    10. to use the system of personalised recommendations for e-commerce;
    11. to use the tool for e-mail and then telephone communication;
    12. to integrate with the community portal;
    13. to make online payments, if any.
  1. We collect, process and store the following user data:
    1. first and last name,
    2. address of residence,
    3. address for service (if different from the address of residence),
    4. tax identification number (NIP),
    5. e-mail address,
    6. telephone number (mobile, landline),
    7. date of birth,
    8. PESEL number,
    9. data necessary to complete the VAT return
    10. information about the web browser used,
    11. other personal data provided to us voluntarily.
  1. The submission of the above data is completely voluntary, but also necessary for the full provision of services.
  2. Purpose for which we collect and process or use personal data:
    1. direct marketing, archival purposes of advertising campaigns;
    2. fulfilment of obligations imposed by the provisions of law through collecting information on undesirable actions.
  3. We may transfer personal data to servers located outside the user’s country of residence or to related entities, third parties with their registered office in other countries, including EEA countries (European Economic Area – free trade area and Common Market, covering Member States of the European Union and the European Free Trade Association (EFTA)) for the processing of personal data by such entities on our behalf in accordance with the provisions of this Privacy Policy and the applicable provisions of law, customs and data protection regulations.
  4. We store your personal data for no longer than it is necessary for the proper quality of the service, and depending on the mode and purpose of obtaining them, we store them for the service duration and after its completion for the following purposes:
    1. the fulfilment of obligations resulting from the provisions of law and tax and accounting regulations;
    2. the prevention of fraud or crimes;
    3. statistical and archiving purposes.
    4. Marketing activities – for the term of the agreement, granting a separate consent to the processing of such data – until the completion of activities related to the processing of transactions, your objection to such processing or withdrawal of the consent.
    5. Sales-related and promotional activities – e.g. competitions, promotional campaigns – for the duration of such activities and the period of their settlement.
    6. Operating activities – until the obligations imposed by the GDPR and relevant national regulations are time-barred, in order to demonstrate reliability of the processing of personal data
    7. pursuing any claims related to the agreement performed.

Taking into account the fact that many countries to which these personal data are transferred do not ensure the same level of legal protection of personal data as the user’s country. The access to the user’s personal data stored in another country may be obtained in accordance with the law applicable there for example by: courts, authorities liable for law enforcement and national security, in accordance with regulations in force in that country. With the reservation of legitimate requests for data disclosure, we undertake to require entities processing personal data outside the user’s country to take measures aimed at protecting data adequately to the regulations of their national law.

IV. Cookie Policy
  1. We automatically collect information contained in cookies in order to collect the User’s data. A cookie is a small piece of text sent to the User’s browser and sent back by the browser at the time of next visits to the website. They are mainly used to maintain sessions by generating and sending back a temporary identifier after logging in. We use ‘session’ cookies stored on the User’s end device until they log out or the website or the web browser is disabled, and ‘permanent’ cookies stored on the User’s end device for a period specified in the cookie parameters or until they are deleted by the User.
  2. Cookies adjust and optimise the Website and its offer for the needs of the Users through such activities as creating statistics of views and ensuring security. Cookies are also necessary to keep the session after leaving the Website.
  3. The Controller processes data contained in Cookies whenever the Website is visited by visitors for the following purposes:
    1. optimising the use of the Website;
    2. identifying the Service Recipients as logged in at a given moment;
    3. adapting graphics, selection options and any other content of the Website to the Service Recipient’s individual preferences;
    4. remembering data from Order Forms completed automatically and manually or login data provided by the visitor;
    5. collecting and analysing anonymous statistics presented in the administrative panel concerning the manner in which the Website is used and Google Analytics;
    6. creating remarketing lists based on information about preferences, behaviour and manner of the Website use and collecting demographic data, and then making these lists available in AdWords, AdSense and Facebook Ads. Google Adsense Cookies are used to display relevant ads. Adsense Cookies do not contain personal data. If you would like to learn more about Google AdSense Cookies and how to control them, go to
    7. creating data segments based on demographic information, interests and preferences in the selection of products/services viewed;
    8. using demographic data and data concerning interests in Analytics reports.
  4. Due to the necessity to prevent online robots from the performance of certain functions on our commercial platforms, we use the Google reCAPTCHA mechanism to occasionally examine whether the users’ behaviours do not show evidence of robot behaviours. In such a situation, we can disclose your IP address to Google LLC.
  5. The User may at any time block Cookies completely and delete their collection with the use of their web browser.
  6. The blocking by the User of the possibility to collect Cookies on their device may hinder or prevent the use of some functionalities of the Website, to which the User is fully entitled, but in such a situation they must be aware of limitations of functionalities.
Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
CONSENT Permanent Used for occasional examination whether the users’ behaviours do not show evidence of robot behaviours. 2 years (from the last update)
NID Permanent Used for occasional examination whether the users’ behaviours do not show evidence of robot behaviours. 2 years (from the last update)


Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
PREF Permanent It helps personalise advertisements in own services (e.g. in the search engine) – especially when the user is not logged into their Google account. 2 years (from the last update)
id Permanent Used for advertising purposes outside Google websites from the domain 2 years (from the last update)
drt_, FLC, NID Permanent Cookie of the server of advertisements. It collects information about the user’s activities after clicking on Google Adwords advertisement and sends back the information about conversions. 12 hours (from the last update)


Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
_UTMA Permanent Used for differentiating users and sessions. The Cookie is updated and each time data are sent to Google Analytics. 2 years (from the last update)
_UTMB Permanent It is responsible for storing information about a given visit 30 minutes (from the last update)
_UMTC Session The _utmc Cookie works with _utmb and determines whether it is necessary to start tracking a new visit or whether the data collected should be classified to the previous visit. It contains information only about a unique identifier of the website and expires after the browser is closed. Until the end of the session
_UMTZ Permanent It contains information about the sources of visits. Due to it, it is possible to count visits from search engines and data from marketing campaigns 6 months (from the last update)
_UMTV Permanent It stores the session identifier. It is necessary to store information about the fact of being logged in on the website. 2 years (from the last update)


Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
PREF Permanent This cookie is used by Google to store preferences and information about the user relevant to Google Maps. 10 years (from the last update)
Visitor_info1_Live Permanent This cookie is used by YouTube to store the user’s preferences on websites with video content. 8 months (from the last update)
Use_Hitbox Permanent This cookie is used by YouTube to store the user’s preferences on websites with video content. Until the end of the session


Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
PREF Permanent This cookie is used by Google to store preferences and information about the user relevant to Google Maps. 2 years (from the last update)


Cookie name Cookie type Purpose of saving Cookies Validity period of Cookies
datr Permanent This cookie is saved when the web browser obtains access to It allows the identification of suspicious login attempts and thus ensures greater security for users. It is used for example to signal unsuccessful login attempts or creation of multiple accounts for spam distribution. 2 years (from the last update)
  1. The User who does not want to use cookies for the above-described purpose can delete them manually at any time. In order to become acquainted with the detailed operation instruction, the User should visit the website of the manufacturer of the web browser currently used by the User.
  2. More information about Cookies is available in the help menu of each web browser. Examples of web browsers supporting the above-mentioned Cookies:
    1. Cookie settings in Internet Explorer
    2. Cookie settings in Chrome
    3. Cookie settings in Firefox
    4. Cookie settings in Opera
    5. Cookie settings in Safari
    6. Cookies in Android
    7. Cookies in Blackberry
    8. Cookies in iOS (Safari)
    9. Cookies inn Phone Windows
V. Rights and obligations
  1. We have the right and in cases specified by law also the statutory obligation to transfer selected or all information concerning personal data to public authorities or third parties that submit such a request for information on the basis of the applicable provisions of the Polish law.
  2. The User has the right to access the content of their personal data that they provide; the User may rectify and supplement these data at any time, as well as they have the right to request their deletion from databases or cessation of their processing, without giving any reason. In order to exercise their rights, the User may at any time send the relevant message to the e-mail address or submit/transfer such a request in any other way.
  3. The processing of personal data of natural persons who are our clients is based on:
    1. justified interest as the data controller (e.g. in the scope of database creation, analytical and profiling activities, including activities concerning the analysis of the use of products, direct marketing of own products, securing documentation for the purpose of defence against potential claims or for the purpose of pursuing claims)
    2. consent (in particular consent to e-mail marketing or telemarketing)
    3. performance of the agreement made
    4. obligations resulting from law (e.g. tax law or accounting regulations).
  4. The processing of personal data of natural persons who are potential clients is based on:
    1. legitimate interest of the data controller (e.g. in the scope of database creation, direct marketing of own products)
    2. consent (in particular consent to e-mail marketing or telemarketing)
  5. The User’s request for the erasure of personal data or discontinuation of their processing may result in total inability to provide services or their significant limitation.
  6. We pay particular attention to profiling and indicate that:
    1. for profiling purposes we usually process data that were previously subject to the ssl encryption;
    2. we use for this purpose typical data: e-mail and IP addresses or cookies
    3. we perform profiling in order to analyse or forecast personal preferences and interests of persons using our Websites, products or services and to adjust the content placed on our Websites or products to these preferences
    4. we perform profiling for marketing purposes, i.e. in order to adjust the marketing offer to the above-mentioned preferences.
  7. We undertake to comply with the applicable provisions of the law and rules of social coexistence.
  8. Information about out-of-court consumer dispute resolution. The entity authorised within the meaning of the Polish Act on out-of-court consumer dispute resolution is the Financial Ombudsman, at the following website address:
VI. Basic Safety Rules
  1. Every user should take care of the security of their own data and the security of their devices used to access the Internet. Such a device should absolutely have an anti-virus programme with the current regularly supplemented database of definitions and types of viruses, secure version of the web browser used and firewall enabled. The user should check whether the operating system and the software installed on it have the latest and compatible updates, because in attacks errors detected in the software installed are used.
  2. Access data to services offered on the Internet, such as logins, passwords, PIN codes, electronic certificates, etc., should be secured in a place unavailable to others and impossible to hack from the level of the Internet. They should not be disclosed or stored on the device in a form that allows access and reading by unauthorised persons.
  3. Caution when opening strange attachments or several links in e-mails that we have not expected, e.g. from unknown senders or from the spam folder.
  4. It is recommended to run in the web browser anti-phishing filters, i.e. tools that check whether the website displayed is authentic and is not used to extort information, e.g. by posing as a person or an institution.
  5. Files should be downloaded only from trusted places, online services and websites. We do not recommend installing software from unverified sources, especially from unknown and unverified publishers. This also applies to mobile devices, e.g. smartphones and tablets.
  6. When using home wireless network, it is necessary to set a password that is safe and difficult to crack, it should not be any pattern and string of characters easy to guess (e.g. street name, home owner name, birth date, etc.). It is also recommended to use the highest possible standards of the encryption of wireless networks that can be activated on the equipment owned, e.g. WPA2.
VII. Use of Social Media plugins
  1. Plugins of, Twitter and other social media may be placed on our websites. Services related to them are provided by Facebook Inc. and Twitter Inc., respectively.
  2. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA Facebook. To see Facebook plugins, go to:
  3. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. To see Twitter plugins, go to:
  4. The plugin transfers to its supplier only the information about which of our websites you have visited and when. If the user is logged into their account e.g. on Facebook or Twitter when viewing or staying on our website, the provider can link their interests, information preferences and other data obtained e.g. by clicking the ‘Like’ button, leaving a comment or entering the profile name in the web browsers. This information will also be submitted by the web browser directly to the supplier.
  5. More detailed information about the collection and use of data by Facebook or Twitter and about the privacy protection can be found on the following websites:
  6. Data protection/advice concerning privacy issued by Facebook:
  7. Data protection/advice concerning privacy issued by Twitter:
  8. In order to avoid recording a visit to our website on the selected user account by Facebook or Twitter, you must log out of your account before you start viewing our websites.
Note on Copyrights to the Regulations

The owner of all material copyrights to the model of this policy is the LEGATO Law Firm, which has granted a non-exclusive and non-transferable right to use this document for purposes related to own commercial activity on the Internet, and extends legal protection to the above-mentioned document for the term of the agreement. Copying and disseminating the model of this document without the consent of the LEGATO Law Firm are prohibited and may be subject to both criminal and civil liability. Online sellers can learn more about the possibility to use the model of the privacy policy and cookies on the following website

Do you need any support in VAT compliance?

If you need any help in the field of VAT registration and returns, check out our offer of a comprehensive VAT compliance service.