Privacy and Cookie Policy

§1 General Information

This Privacy and Cookie Policy (hereinafter also referred to as the Policy) defines the rules for processing and protecting personal data by the Legal Link Group, , including data transmitted via the website www.legal.link (hereafter referred to as the Website).

The data administrator is the Legal Link Group. The Legal Link Group includes:

  • Legal Link sp. z o.o. registered in the National Court Register under KRS number: 0000834740, NIP: 6762579237, REGON: 38581991900000; DISTRICT COURT FOR KRAKÓW-DOWNTOWN IN KRAKOW, XI ECONOMIC DEPARTMENT OF THE NATIONAL COURT REGISTER - SHARE CAPITAL: PLN 70,000
  • Legal Link Layer-Janiga sp. k. registered in the National Court Register under KRS number: 0000743876, NIP: 6772436976, REGON: 380982490; DISTRICT COURT FOR KRAKÓW-DOWNTOWN IN KRAKOW, XI ECONOMIC DEPARTMENT OF THE NATIONAL COURT REGISTER

The address for Legal Link Group for business activities and correspondence is: al. 29 Listopada 85, 31-408 Kraków.

We care about the security of personal data and the privacy of the Website User. If you have any doubts regarding the provisions of this Privacy and Cookie Policy, please contact the Administrator via email at: info@legal.link.

The Administrator reserves the right to make changes to the Policy, and it is the responsibility of every Website User to be aware of the current version of the Policy. Reasons for changes may include internet technology development, changes in binding law or development of the Website through, for example, the use of new tools by the Administrator.

§2 Definitions

Administrator – Legal Link Group

Legal Link Group – a group of related entities consisting of:

  • Legal Link sp. z o.o. located in Krakow, 31-408, Aleja 29 Listopada 85, registered in the National Court Register under the number KRS: 0000834740, NIP: 6762579237, REGON: 38581991900000; capital stock of PLN 70,000; District Court for Krakow-City Centre in Krakow, XI Commercial Division of the National Court Register.
  • Legal Link Layer-Janiga sp. k. located in Krakow, 31-408, Aleja 29 Listopada 85, registered in the National Court Register under the number KRS: 0000743876, NIP: 6772436976, REGON: 380982490; District Court for Krakow-City Centre in Krakow, XI Commercial Division of the National Court Register.

User – any entity visiting and using the site.

Website and/or Online Store – the website, blog and online store located at the domain legal.link.

User Account or Account - an account set up on the online Store Platform that enables access to purchased trainings and products in accordance with the Store's Terms and Conditions, which the User is obliged to accept during account registration.

Form or Forms – areas on the Website that allow the User to enter personal data for specified purposes, e.g., for newsletter, order placement or contact with the User.

Newsletter – represents a free service provided electronically by the Administrator to the User by sending electronic messages through which the Administrator informs about events, services, products and other elements important from the Administrator's point of view and/or for the purpose of realizing the Administrator’s legally justified goal, which is direct marketing, including sending marketing and commercial content with the User’s consent. Detailed information about the newsletter dispatch is provided later in this privacy policy.

GDPR - refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Act on Personal Data Protection – the act of 10 May 2018 on personal data protection (Journal of Laws 2018, item 1000, as amended).

Act on Providing Services by Electronic Means – the act of 18 July 2002 on providing services by electronic means (Journal of Laws No. 144, item 1204, as amended).

§3 Personal Data and Processing Principles

Is providing data voluntary? What are the consequences of providing it?

Providing data is voluntary, but failing to provide certain information, generally marked as mandatory on the Administrator's Website, will result in an inability to perform a given service, achieve a specific goal or take certain actions.

If a User provides data that is not mandatory or provides more data than the Administrator needs to process, it is understood as processing based on the User’s own decision, and then the processing is based on the legal basis contained in Art. 6 (1)(a) of GDPR (consent). The User consents to the processing of this data and to the anonymization of data that the Administrator does not require.

For what purposes and on what legal bases do we process the User's personal data provided while using the website?

The User's personal data on the Administrator's Website may be processed for the following purposes and on the following legal bases:

  1. To perform a service or execute a contract, send an offer (e.g., advertising) at the User's request — based on Art. 6(1)(b) GDPR (necessity for the performance of a contract or to act at the request of the data subject).
  2. To issue an invoice, bill and fulfill other obligations arising from tax law regulations in the case of orders in the Online Store or other products and services — based on Art. 6(1)(c) GDPR (legal obligation).
  3. To grant a discount or inform about promotions and interesting offers from the Administrator or entities recommended by it — based on Art. 6(1)(a) GDPR (consent).
  4. To consider complaints or claims related to the contract — based on Art. 6(1)(b) GDPR (necessity for the performance of a contract) and Art. 6(1)(c) GDPR (legal obligation).
  5. To establish, pursue or defend against claims — based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  6. For telephone contact related to the performance of the service — based on Art. 6(1)(b) GDPR (necessity for the performance of a contract).
  7. For telephone contact to present offers and direct marketing – based on Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interest of the Administrator), if you are already our client.
  8. To create records related to GDPR and other regulations — based on Art. 6(1)(c) GDPR (legal obligation) and Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  9. For archiving and evidence purposes, to secure information that may serve to demonstrate facts — based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  10. For analytical purposes, including analysis of data automatically collected when using the website, including cookies such as Google Analytics cookies, Facebook Pixel — based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  11. For the use of cookies on the Website and its subpages — based on Art. 6(1)(a) GDPR (consent).
  12. To manage the Website and Administrator’s pages on other platforms — based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  13. To conduct satisfaction surveys regarding the services offered — based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  14. To post reviews by Users of services provided by the Administrator — based on Art. 6(1)(a) GDPR (consent).
  15. For the Administrator's internal administrative purposes related to managing contact with the User, which is a legally justified interest of the Administrator of data based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  16. To send newsletters - based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator in processing data for direct marketing purposes) and based on the Act on Providing Services by Electronic Means (consent).
  17. To tailor content displayed on the Administrator's pages to individual needs and continuously improve the quality of offered services - based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  18. For direct marketing targeting the User's own products or services or recommended third-party products - based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  19. To create proprietary databases of Users - based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  20. To manage the @legallinktaxandlaw fan page on Facebook, Legal Link profile on LinkedIn, and interact with users – based on Art. 6(1)(f) GDPR (legitimate interest of the Administrator).
  21. To target advertising on social media and websites, such as Facebook Leads Ads or Facebook Custom Audience, and to direct remarketing - based on Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interest of the administrator) aimed at promoting and advertising Administrator's services through remarketing directed at people subscribed to mailing or visiting a specific website).
  22. To store comments on the Website - based on Art. 6(1)(a) GDPR (consent).

Because we are unable to provide all services independently, we use services from external providers. Your data is passed on to the following categories of entities:

  • Accounting offices
  • Payment systems that handle payments
  • Communication systems that allow us to contact you and fulfill placed orders
  • Experts creating trainings and informational materials published on the Website
  • Subcontractors responsible for contact and customer service, marketing activities, administration and service of the Website, and fulfillment of placed orders
  • Hosting companies
  • Entities with which we cooperate in providing services offered on the Website and/or Online Store

The provisions by the User of data that are not mandatory or the provisions of excess data that the Administrator does not need to process occurs based on the decision of the User themselves, and then the processing is carried out based on the premise contained in Art. 6(1)(a) of the GDPR (consent). The User gives their consent to the processing of these data and to the anonymization of data that the Administrator does not require and does not want to process, yet the User has provided them to the Administrator.

How is data collected?

Only those data which the User themselves provides are collected and processed, except for – in certain situations – data automatically collected via cookies and login data, as discussed below.

During a visit to the Website, data about the visit itself, such as the user's IP address, domain name, browser type, operating system type, etc. (login data), are automatically collected. These automatically collected data can be used to analyze user behaviors on the website, collect demographic data about users, or personalize the content of the site to improve it. However, these data are processed only to administer the Website, ensure efficient hosting service or direct marketing content, and are not associated with individual users' data.e found later in this policy.

Data may also be collected for the purpose of filling out forms located on the Website, as mentioned later in the privacy policy.

Information Society Services

The Administrator does not collect data on children. Users should be at least 16 years old to independently consent to the processing of personal data for the purpose of providing information society services, including marketing purposes, or to obtain such consent from a legal guardian (e.g., parent).

If the User is under the age of 16, they should not use the Site and www.legal.link service.

The Administrator is authorized to make reasonable efforts to verify whether the user meets the age requirement mentioned above, or whether the person exercising parental authority or care over the User under 16 has given or approved the consent.

What are the User's rights?

The User is entitled at any time to exercise their rights contained in Articles 15-21 of the GDPR, i.e.:

  • the right to access the contents of their data,
  • the right to data portability,
  • the right to rectify data,
  • the right to erase data if there is no basis for their processing,
  • the right to restrict processing if it has been carried out improperly or without legal basis,
  • the right to object to data processing based on the legally justified interest of the administrator,
  • the right to lodge a complaint with the supervisory authority – the President of the Office for Personal Data Protection (under the terms defined in the personal data protection act), if they believe that the processing of their data is inconsistent with the currently applicable legal provisions in data protection.
  • the right to be forgotten if further processing is not provided for by current legal regulations.

The Administrator notes that these rights are not absolute and do not apply to all data processing activities of the User's personal data. This applies, for example, to the right to obtain a copy of the data. This right cannot adversely affect the rights and freedoms of others, such as copyright, professional secrecy. To learn about the limitations concerning the User's rights, refer to the content of the GDPR.

The User always has the right to lodge a complaint with the supervisory authority.

To exercise their rights, the User may contact the Administrator via email at info@legal.link or by mail to the address of the Administrator's place of business specifying the scope of their requests. A response will be provided no later than 30 days from the receipt of the request and its justification, unless an extension of this period is justified in accordance with the GDPR.

Can the user withdraw their consent?

If the user has given consent for specific actions, such consent can be withdrawn at any time. This will result in the removal of the email address from the administrator's mailing list and/or the phone number from the contact list, and the discontinuation of specified actions (if the subscription was based on consent). Withdrawing consent does not affect the processing of data that was performed based on consent before its withdrawal.

In some cases, data may not be completely deleted and will be retained to defend against potential claims for the period compliant with the provisions of the civil code or, for example, to fulfill legal obligations imposed on the Administrator (e.g., tax obligations).

Each time, the Administrator will address the user's request, justifying further actions resulting from legal obligations.

Do we transfer user data to third countries?

User data may be transferred outside the European Union - to third countries.

Given that the Administrator uses external service providers such as Facebook, Google, Zoom, Webflow, PayU, Mailerlite, Microsoft, etc., user data may be transferred to the United States of America (USA) due to their storage on American servers (in whole or in part). Google and Facebook apply compliance mechanisms provided for by the GDPR (e.g., certifications) or standard contractual clauses for their services. The data will only be transferred to recipients who guarantee the highest protection and security of data, including through:

  1. cooperation with entities processing personal data in countries for which the European Commission has issued an appropriate decision,
  2. application of standard contractual clauses issued by the European Commission (as is the case with Google),
  3. application of binding corporate rules approved by the competent supervisory authority, or upon user consent.

Detailed information is available in the privacy policy of each of these service providers, available on their websites. For example:

Google: https://policies.google.com/privacy?hl=pl
Facebook: https://www.facebook.com/privacy/explanation
MailerLite: https://www.mailerlite.com/legal/privacy-policy
Microsoft: https://privacy.microsoft.com/pl-pl
Wix: https://pl.wix.com/about/privacy
ClickMeeting: https://clickmeeting.com/pl/legal
Webflow: https://webflow.com/legal/privacy
Web To Learn: https://webtolearn.pl/polityka-prywatnosci-i-regulamin

Currently, services offered by Google and Facebook are mainly provided by entities located within the European Union. However, it is necessary to review these providers' privacy policy to obtain current information about personal data protection.

How long do we keep user data?

User data will be stored by the Administrator for the time necessary to perform specific services/achieve goals and:

  1. for the period of service delivery and cooperation, and for the period of limitation of claims according to legal provisions – in relation to data provided by contractors and clients or users,
  2. for the period of negotiations preceding the conclusion of a contract or the performance of a service – in relation to data provided in a quotation inquiry,
  3. for the period required by law, including tax law — in relation to personal data associated with fulfilling legal obligations,
  4. until a successful objection is made based on Article 21 of the GDPR — in relation to personal data processed based on the legally justified interest of the administrator, including for direct marketing purposes,
  5. until consent is withdrawn or the processing goal, business purpose is achieved — in relation to personal data processed based on consent. After consent is withdrawn, data may still be processed to defend against potential claims in line with the period of limitation of these claims or the period (shorter) indicated to the user,
  6. until data becomes outdated or loses its usefulness — in relation to personal data processed mainly for analytical, statistical purposes, use of cookies, and management of the Administrator's websites,
  7. for a maximum period of 3 years in case of individuals who have unsubscribed from the newsletter in order to defend against possible claims (e.g., information about the subscription date and the date of unsubscribing from the newsletter, the number of newsletters received, actions taken, and activity related to received messages), or after a period of 1 year of inactivity by the subscriber, such as not opening any messages from the Administrator.

Data retention periods specified in years are calculated at the end of each year in which data processing began. This is intended to streamline the data processing and management process.

Detailed periods of personal data processing, related to specific processing activities, are found in the Administrator's processing activities register.

Links to Other Sites

Links to other websites may appear on the Site. These will open in a new browser window or the same window. The Administrator is not responsible for the content transmitted by these sites. The User is required to read the privacy policy or terms of these sites.

Social Media Activity - Facebook/LinkedIn

The Data Administrator of the User's personal data on the Facebook page under the name Legal Link in the Facebook service (hereinafter referred to as the Fanpage) is the Administrator.

User personal data provided on the Fanpage will be processed for the purpose of administering and managing the Fanpage, communicating with the User, interacting, directing marketing content to the User, and creating the Fanpage community.

The basis for their processing is the User's consent and the legally justified interest of the administrator in interacting with Users and Followers of the Fanpage. The User voluntarily decides to like/follow the Fanpage.

The rules prevailing on the Fanpage are set by the Administrator, however, the rules for staying in the Facebook social network result from Facebook's regulations.

At any time, the User may stop following the Fanpage. The Administrator will then no longer display any content to the User related to the Administrator's Fanpage.

The Administrator sees the User's personal data, such as name, surname, or general information that the User places on their profiles as public.The processing of other personal data is done by the social network Facebook and under the terms contained in its regulations.

User personal data will be processed for the period of conducting/existence of the Fanpage based on the consent expressed by liking/clicking "Follow" Fanpage or entering into interactions e.g., leaving a comment, sending a message, and for the purpose of realizing the legally justified interests of the Administrator, i.e., marketing of their own products or services or defense against claims.

User personal data may be shared with other data recipients, such as the Facebook portal, cooperating advertising agencies or other subcontractors serving the Administrator's Fanpage, IT service, virtual assistant, or teachers handling individual online courses if contact occurs outside the Facebook portal.

The remaining User rights are described in this privacy policy.

User data may be transferred to third countries in accordance with Facebook's regulations.

This data may also be profiled, which helps better personalize the advertising offer directed to the User. However, they will not be processed in an automated manner within the meaning of the GDPR (having a negative impact on the User's rights and freedoms).

The above rules related to data within the Facebook portal also apply to the Linkedin portal.

Data security

User personal data are stored and protected with due care, in accordance with the internal procedures implemented by the Administrator. The Administrator processes information about the User using appropriate technical and organizational measures that meet the requirements of the generally applicable laws, particularly the provisions on the protection of personal data. These measures are primarily intended to protect Users' personal data from access by unauthorized persons.

In particular, access to Users' personal data is only granted to authorized persons who are obliged to keep this data confidential or entities to whom the processing of personal data has been entrusted based on a separate data entrustment agreement.

The User should also exercise care in securing their personal data transmitted over the Internet, particularly not to disclose their login data to third parties, use antivirus protections, and update software.

Who May Be the Recipient of Personal Data?

The Administrator informs that it uses the services of external entities. Entities to which personal data processing is entrusted (such as courier companies, companies intermediating in electronic payments, companies offering accounting services, companies enabling newsletter dispatch) guarantee the application of appropriate measures to protect and secure personal data required by law, in particular by the GDPR.

The Administrator informs the User that it entrusts the processing of personal data to, among others, the following entities:

  1. MailerLite Inc. – for the purpose of sending newsletters, using the mailing system, creating landing pages, and newsletter signup,
  2. webflow.com Ltd – for storing personal data on the server,
  3. Wix.com Ltd – for creating landing pages and collecting leads,
  4. Web INnovative Software Sp. z o.o. – for issuing accounting documents,
  5. PayU S.A. or Blue Media S.A. – to handle the payment system and electronic transactions,
  6. OVH – for domain and mail server management,
  7. Other contractors or subcontractors engaged for technical, administrative support, or providing legal aid to the Administrator and its clients, e.g., accounting, IT, graphic, copywriting, debt collection agencies, lawyers, etc.
  8. Entities cooperating in the provision of services or co-creating the service, etc.
  9. Authorities, e.g., the tax office – for fulfilling legal-tax obligations related to settlements and accounting.

Did we appoint a Data Protection Officer?

The Data Administrator hereby informs that a Data Protection Officer (DPO) has not been appointed and the responsibilities related to the processing of personal data are carried out independently.

The User acknowledges that their personal data may be transferred to authorized state bodies in connection with proceedings conducted by them, upon their request, and after meeting the conditions confirming the necessity to obtain such data from the Administrator.

Do we profile user data?

User personal data will not be used for automated decision-making affecting the rights, obligations, or freedoms of the User as defined by the GDPR.

Within the website and tracking technologies, User data may be profiled, which helps in better personalizing the company's offer directed to the User (mainly through so-called behavioral advertising). However, this should not have any impact on the User's legal situation, particularly regarding the terms of contracts they have entered or intend to enter. It may only help in better matching the content and directed advertisements to the User's interests. The used information is anonymous and is not associated with personal data provided by the User, e.g., in the purchasing process. They derive from statistical data such as gender, age, interests, approximate location, behavior on the Site.

Every User has the right to object to profiling if it would negatively impact their rights and obligations.

If you want to learn more about behavioral advertising, click here: https://www.youronlinechoices.com/pl/o-reklamie-behawioralnej

§4 Forms

The Administrator uses the following types of forms on the Website:

1. Newsletter Subscription Form
Requires entering one's name and email address in the designated fields, which are mandatory. Subsequently, to add their email address to the Administrator's subscriber database, the User must confirm the desire to subscribe. The data thus obtained are added to the mailing list for sending newsletters.

Subscription/registration implies that the User agrees to this Policy and consents to receive marketing and commercial information via electronic communication means, such as email or SMS, under the Act of July 18, 2002, on providing services by electronic means (Journal of Laws from 2020, item 344with later changes).

By subscribing to the newsletter, the User also consents to the Administrator using the User's telecommunication terminal equipment (e.g., phone, tablet, computer) for direct marketing of the Administrator's products and services and for presenting commercial information according to Article 172(1) of the Telecommunications Law (Journal of Laws from 2024, item 34 with later changes).

These consents are voluntary but necessary for sending the newsletter, including informing about services, new blog entries, products, promotions, and discounts offered by the Administrator or third-party products recommended by them. Consents can be withdrawn at any time, which will stop the newsletter distribution as per the rules in this privacy policy.

The newsletter is sent for an indefinite period, from the time of activation until the withdrawal of consent. After withdrawing consent, the User's data may be stored in the newsletter database for another year, to demonstrate the fact of the User's consent to communication via the newsletter, User's actions (email open rates), and the moment of its withdrawal, as well as any related claims, which constitutes a legally justified interest of the Administrator (Art. 6(1)(f) GDPR).

The newsletter may be discontinued if the User shows no activity for at least 1 year from the start of the newsletter service or from the day of opening the last email (sent newsletter). In such a case, the Administrator will delete the User's data from the newsletter system (provider). The User will not be entitled to receive any messages from the Administrator unless they decide to re-subscribe using the newsletter subscription form or contact the Administrator in another selected way.

The mailing system used to send the newsletter records all activity and actions taken by the User related to the emails sent (date and time of opening the messages, clicks on links, the moment of unsubscribing, etc.).

The Administrator may also conduct remarketing based on Art. 6(1)(f) GDPR (the legally justified interest of the Administrator, which involves promoting and advertising services to those subscribed to the newsletter, such that the email addresses of subscribers are uploaded into the marketing tool offered by Facebook Inc., known as the Ad Manager, and then targeted advertising created by the Administrator or authorized persons is directed at them through the Administrator's advertising account, provided that the newsletter subscribers are also users of the Facebook platform (have an account there). Each time, this data is deleted after the advertising campaign ends. In the case of executing another advertising campaign, an updated subscriber database is uploaded to the tool). Detailed information about so-called custom audience groups, data hashing rules, and their processing can be found in the privacy policy of the Facebook portal at this link: https://www.facebook.com/legal/terms/customaudience#and https://www.facebook.com/legal/terms/dataprocessing, and the Administrator recommends that each User and subscriber familiarize themselves with these rules.

2. Contact form
Enables sending messages to the Administrator and contact via electronic means. Personal data in the form of the first name, last name, email address, and data provided in the message content are processed by the Administrator in accordance with this Privacy Policy for the purpose of contacting the User.

After the contact with you has concluded, the data may be archived, which is a legally justified interest of the Administrator. The Administrator cannot specify the exact period of message archiving and, therefore, their deletion. However, the maximum period will not exceed the limitation periods for claims arising from legal regulations.

The Administrator is not responsible for the content of comments posted by readers of the Fanpage. The Administrator reserves the right not to post comments that are spammy, offensive, contain vulgar or offensive terms, unlawful content, or contain any links to other sites posted without his consent.

3. Order Form in the Shop
When placing an order in the online shop, you must provide specific data as stipulated in the sales regulations, in order to allow  execution of the order, fulfillment of legal obligations imposed on the Administrator, handling settlements, consideration of claims, and also for statistical and archival purposes, and for direct marketing towards customers, which is a legally justified interest of the Administrator.

The data mainly includes: first name, last name, company name, tax identification number (NIP), residential address or company headquarters, possibly a delivery address, email address. If you already have a user account in the shop, then providing the login (or email address) and password and logging into your account, followed by further steps related to the order is sufficient.

The Administrator stores data for the duration of the order or service fulfillment, and after its completion, for the period necessary to protect against claims. Additionally, for the period specified by legal regulations, e.g., tax law (including the period for storing invoices).

4. Complaint and Contract Withdrawal Form
If you use services or products from the Administrator, you can file a complaint or withdraw from the contract concluded. For this purpose, the Administrator enables you to fill out the complaint form and the contract withdrawal form attached to the sales regulations. You can also perform these actions without filling out the form, however, by providing the necessary data.

Required data in this case include: first name, last name or possibly username, residential address or company headquarters address (if the order was made on behalf of a company), email address, phone number (optionally), bank account number (if a refund will be necessary).

Providing data is voluntary but necessary to consider the complaint in accordance with legal regulations and sales regulations. Data will be stored for the purpose of executing the complaint procedure / contract withdrawal and for archival purposes and defense against claims.

5. User Account Registration Form in the Online Shop
Users have the option to create an account in the online shop, for which they should perform appropriate registration and provide data: first name, last name, email address, residential address, company headquarters address, tax identification number (NIP), and then a password.

Account creation is conducted under the terms provided in the sales regulations and is a service provided electronically. The rules for maintaining the account and its possible deletion are contained in the regulations.

Data marked as mandatory is required and without them, it will not be possible to create a user account. Provision of other data is voluntary.

The Administrator may entrust the processing of personal data to third parties without separate consent from the User (based on a data entrustment agreement).

If the User utilizes services from external providers such as Google, they should familiarize themselves with their privacy policy, available from these service providers on their websites.

§5 Disclaimer and Copyrights

  1. All content posted on the Site is subject to copyright of designated individuals and/or the Administrator (e.g., photographs, texts, other materials, etc.). The Administrator does not consent to the copying of this content in whole or in part without his express prior consent.
  2. The Administrator hereby informs the User that any dissemination of content provided by the Administrator constitutes a violation of legal regulations and may result in civil or criminal liability. The Administrator may also demand appropriate compensation for material or immaterial damages incurred in accordance with applicable laws.
  3. The Administrator is not responsible for using materials available on the site in a way that violates the law.
  4. The contents placed on the Site are current as of the date of their posting unless indicated otherwise.

§6 Technologies

To use the Administrator's website, it is necessary to have:

  1. A device with Internet access that meets the recommended bandwidth.
  2. An active email inbox capable of receiving messages.
  3. An internet browser that supports web page display (optimally Google Chrome).
  4. Software capable of reading content in the provided formats such as PDF, video, mp3, mp4.

§7 Cookie Policy

  1. Like most websites, the Administrator's site uses tracking technologies, namely cookies, which enable improving the website according to the needs of its visitors.
  2. Cookies are small text files stored on an end device (e.g., computer, tablet, smartphone) when you visit the site.  
  3. These can be first-party cookies (directly from our website) and third-party cookies (from other websites).
  4. Cookies allow customization of content to meet the individual needs of the User and other visitors. They also generate statistics that show how users interact with the site, which helps enhance the website's content, structure, and design.
  5. Third-Party Cookies Used on the Site:
  • Facebook Conversion Pixel and Facebook Ads (Facebook Custom Audiences) – used for managing ads on Facebook and conducting remarketing activities, which are considered a legitimate interest of the Administrator. The Administrator may also direct advertising content to the User through Facebook as part of contact ads.​

The Facebook Pixel, provided by Facebook Inc. and its affiliated companies, is an analytics tool that helps measure the effectiveness of advertisements by showing how users interact with the Website. It helps target a specific audience (Facebook Ads, Facebook Insights), facilitating tailored advertising initiatives.

The Administrator may conduct remarketing based on Article 6(1)(f) of the GDPR (legitimate interest of the administrator), targeting those who have consented to receive offers or users who have liked the Fanpage. Email addresses are uploaded into Facebook Inc.'s advertising manager tool, then targeted with ads created by the Administrator or authorized persons, provided these individuals are also Facebook users. Information is deleted after each advertising campaign. For subsequent campaigns, an updated contact database is uploaded. Detailed information about 'Custom Audience' groups, data hashing, and processing can be found on Facebook's privacy policies at these links: Custom Audience Terms and Data Processing Terms. Users are encouraged to review these policies to understand data management practices better.

Data collected using the Facebook Pixel are anonymous and do not allow for the identification of the User. They display general user data such as location, age, gender, and interests. Facebook may combine this data with information provided by the user within their Facebook account and use it according to its policies and objectives. Users are advised to familiarize themselves with the details regarding the use of the Facebook Pixel and, if necessary, ask questions to the provider of this tool, as well as manage their privacy settings on Facebook. More information is available at Facebook’s Privacy Explanation. Users can opt out of cookies responsible for displaying remarketing ads at any time at Facebook Ads Preferences. By using the website, the User consents to the installation of the specified cookie on their end device.

  • The embedded Google Analytics code – used for analyzing the statistics of the website. Google Analytics uses its own cookies to analyze the activities and behaviors of Users on the website. These files store information, such as from which page the User came to the current website, helping to improve the site.

This tool is provided by Google LLC. The activities undertaken using Google Analytics are based on the legitimate interest of the Administrator, which involves the creation and use of statistics, subsequently enabling the improvement of the Administrator's services and optimization of the website.

While using Google Analytics, the Administrator does not process any User data that enables personal identification.

The Administrator recommends familiarizing yourself with the details related to the use of Google Analytics, the possibility of disabling the tracking code, and potentially asking questions to the provider of this tool at this link: https://support.google.com/analytics#topic=3544906.

  • Web push notifications, from the browser level – to improve communication with the User and deliver valuable content or offers more quickly, the Administrator allows the User to consent to receiving web push notifications from their browser.

​To consent to receiving web push notifications, the User should select the "display notifications" option or a similar one (as each browser may label this option differently) on the message sent by their web browser. Consent to receive such notifications can be withdrawn at any time by changing the settings of the User's web browser. The Administrator does not process any personal data of Users using web push notifications. Users are identified solely based on information stored by their web browsers, to which the Administrator does not have access.

  • Plugins directing to social media such as Facebook, LinkedIn.

After clicking on the icon of a given plugin, the User is redirected to the page of an external provider, in this case, the owner of the social media service such as Facebook. The User then has the option to click "Like" or "Share" and like the Administrator's fan page, located on the Facebook portal or directly share its content (post, article, video, etc.).

The Administrator recommends reviewing Facebook's privacy policy before creating an account on this portal. The Administrator has no influence over the data processed by the Facebook portal. From the moment the User clicks on the button of the plugin directing to social media, personal data are processed by the social media portal, e.g., Facebook, which becomes their administrator and decides on the purposes and scope of their processing. Cookies left by the Facebook plugin (or other third parties) may also be applied to the User's device upon entering the Website and then associated with data collected in the Facebook portal. The User, by using the Website, accepts this fact. The Administrator has no control over the processing of data by third parties in this way.

These guidelines should also be referred to the handling of:
Facebook – fan page located at the URL: https://www.facebook.com/legallinktaxandlaw,
Profile on LinkedIn, located at the URL: https://www.linkedin.com/company/legallink-main.

  • Tools for assessing the effectiveness of Google Ads campaigns - for conducting advertising and remarketing campaigns, which is the legally justified interest of the Administrator.

The Administrator does not collect any data that would allow for the identification of the User's personal data.

The Administrator recommends reviewing Google's privacy policy to learn the details of how these features work and their possible deactivation from the User's browser level.​

  • Cookies used for recovering abandoned carts and user activity on the online store page - aimed at directing advertising communications to the User related to an unfinished order, which constitutes a legally justified interest of the Administrator.
  • Embed content from portals, services, blogs, and other external web pages on the Site.

The Administrator may embed content from portals, services, blogs, and other external web pages on the Site. Specifically, these can be videos from services like Vimeo or Zoom.

These third parties may save certain data about the content playback performed by the User.

If you do not want this to happen, log out from the portal (if you have an account and are logged in) before visiting my Site or do not play such content on the Site. You can also change your browser settings to block the display of specific content from certain portals.

  1. The Administrator again recommends familiarizing yourself with the privacy policy of each of the above service providers to learn about the possibilities of making changes and settings that ensure the protection of your rights.
  2. Two types of cookies are used on the site: session cookies, which are deleted after closing the browser, logging out, or leaving the website, and persistent cookies, which are stored on the User's end device, allowing the browser to be recognized the next time the site is accessed, for the duration specified in the cookie parameters or until they are deleted by the User.
  3. In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies on the User's end device. Service Users can change the settings regarding cookies at any time. These settings can be particularly changed in such a way as to block the automatic handling of cookies in the browser settings or to inform about their placement in the User's device each time. Detailed information on the possibilities and ways of handling cookies is available in the software settings (web browser).
  4. The Administrator informs that restrictions on the use of cookies (disabling them, limiting) may affect some functionalities available on the website pages and hinder their operation.
  5. More information about cookies is available at http://wszystkoociasteczkach.pl/ or in the "Help" section in the internet browser menu.

§8 Consent for cookies

Upon your first visit to the Site, you must express your consent for cookies or undertake other possible actions indicated in the notification to continue using the Site's content. Using the Site signifies your consent. If you do not wish to give such consent, you should leave the Site. You can always change your browser settings to disable or delete cookies. Necessary information is available in the "Help" tab of your browser.

§9 Server Logs

  1. Using the Site involves sending requests to the server where the Site is stored.
  2. Each request to the server is recorded in the server logs. Logs include the User's IP address, date and time of the server, information about the internet browser, and operating system used by the User.
  3. Logs are recorded and stored on the server.
  4. Server logs are used for administering the Site, and their content is not disclosed to anyone except those authorized to administer the server.
  5. The Administrator does not use server logs to identify the User in any way.

​​

Publication Date of the Privacy Policy: December 29, 2020
Last Update: July 15, 2024