top of page

Privacy Policy

Purpose:
The purpose of the Privacy Policy is to ensure that personal data processing processes comply
with the provisions of the GDPR Regulation and the Act of May 10, 2018, on the protection of
personal data (Journal of Laws 2018, item 1000, hereinafter: the 'Act').


The protection of personal data is implemented through physical security measures,
organizational procedures, system software, applications, and by the users themselves. The
applied security measures aim to achieve the above objective and ensure:
1) data confidentiality - understood as the property ensuring that data is not disclosed to
unauthorized persons,
2) data integrity - understood as the property ensuring that personal data has not been
altered or destroyed in an unauthorized manner,
3) data accountability - understood as the property ensuring that an individual's actions
can be uniquely attributed to that individual,
4) system integrity - understood as the inviolability of the system, the impossibility of any
manipulation, whether intentional or accidental


1. DEFINITIONS
1.1. Administrator – the company KONDO & PARTNERS general partnership, based in GdaÅ„sk
(80-338), Opacka Street 24/9, registered in the Register of Entrepreneurs maintained by the
District Court Gdańsk-North in Gdańsk, 8th Commercial Division of the National Court
Register under the number KRS 0001102383, NIP: 5842851853, REGON: 528630614.
1.2. Personal Data – all information about an identified or identifiable natural person through one
or more specific factors defining physical, physiological, genetic, mental, economic, cultural,
or social identity, including the device's IP, location data, online identifier, and information
collected through cookies and other similar technologies.
1.3. Policy – this Privacy Policy.
1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27
April 2016 on the protection of natural persons with regard to the processing of personal
data and on the free movement of such data, and repealing Directive 95/46/EC.
1.5. Service – the Administrator's website www.kondopartners.com
1.6. Account – the User's account enabling the use of the Service and logging into the Service
1.7. User – any natural person visiting the Service or using one or more of the services or
functionalities described in the Policy


2. PROCESSING OF DATA IN CONNECTION WITH THE USE OF THE SERVICE
2.1. In connection with the User's use of the Service, the Administrator collects data to the extent
necessary to provide individual services offered, as well as information about the User's activity
on the Service. The detailed rules and purposes of personal data processing collected during the
User's use of the Service are described below.

2.2. This Policy sets out the detailed rules for handling personal data collected during the User's
use of the Service and the purposes of processing such data, particularly the method of
processing personal data necessary to provide services via the Service.


3. PURPOSES AND LEGAL BASES FOR DATA PROCESSING IN THE SERVICE USE OF
THE SERVICE
3.1. Personal data of all persons using the Service (including IP address or other identifiers and
information collected via cookies or other similar technologies), who are not registered Users
(i.e., persons without a profile in the Service), are processed by the Administrator:
3.1.1. for the purpose of providing electronic services in the scope of making content collected
on the Service available to Users – in this case, the legal basis for processing is the
necessity of processing for the performance of a contract (Article 6(1)(b) GDPR);
3.1.2. for the purpose of handling orders for products or services (proper execution and
settlement) made without registration in the Service – in this case, the legal basis for
processing is the necessity of processing for the performance of a contract (Article
6(1)(b) GDPR);
3.1.3. for the purpose of providing the requested service of regularly receiving newsletters
(regular newsletter) – in this case, the legal basis for processing is the legitimate interest
of the Administrator (Article 6(1)(f) GDPR), consisting of promoting offered products and
services;
3.1.4. for analytical and statistical purposes – in this case, the legal basis for processing is the
legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting of conducting
analyses of Users' activity and preferences to improve the functionalities and services
provided;
3.1.5. for the purpose of pursuing claims or defending against them – the legal basis for
processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting
of protecting its rights;
3.1.6. for the Administrator's marketing purposes – the rules for processing personal data for
marketing purposes are described in the 'MARKETING' section.


4. REGISTRATION
4.1. Persons who register are asked to provide the data necessary to create and manage an
Account. To facilitate the service, the User may provide additional data, thereby consenting
to their processing. Such data can be deleted at any time. Providing the data marked as
mandatory is required to set up and manage the Account, and failure to provide them will
result in the inability to set up the Account. Providing the remaining data is voluntary.
4.2. Personal data is processed:
4.2.1. for the purpose of providing services related to the creation and management of the
Account, in particular, the provision of the Service – the legal basis for processing is the
necessity of processing for the performance of a contract (Article 6(1)(b) GDPR), and for
optional data provided, the legal basis for processing is consent (Article 6(1)(a) GDPR);

4.2.2. for analytical and statistical purposes – the legal basis for processing is the legitimate
interest of the Administrator (Article 6(1)(f) GDPR), consisting of conducting analyses of
Users' activity on the Service and the way they use the Account, as well as Users'
preferences to improve the functionalities applied;
4.2.3. for the purpose of potentially establishing and pursuing claims or defending against
claims – the legal basis for processing is the legitimate interest of the Administrator
(Article 6(1)(f) GDPR), consisting of protecting its rights;
4.2.4. for the marketing purposes of the Administrator and other entities – the rules for
processing Personal Data for marketing purposes are described in the MARKETING
section;
4.3. If the User includes any Personal Data of other persons in the Account (including their
name, address, phone number, or email address), they may do so only if it does not violate
the law and the personal rights of those persons.


5. MARKETING NEWSLETTER
5.1. The Administrator processes Users' personal data for marketing activities, which involve
sending email notifications about interesting offers or content, which in some cases contain
commercial information (newsletter service).
5.2. The Administrator provides the newsletter service to individuals who have provided their
email address for this purpose. Providing this data is required to deliver the newsletter
service, and failure to provide it will result in the inability to send the newsletter.
5.3. Personal data is processed:

5.3.1. for the purpose of directing marketing content to the User within the newsletter – the legal
basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR)
in connection with the consent given to receive the newsletter;
5.3.2. for analytical and statistical purposes – the legal basis for processing is the legitimate
interest of the Administrator (Article 6(1)(f) GDPR), consisting of conducting analyses and
statistics to tailor the content and services sent to newsletter recipients;

5.3.3. for the purpose of potentially establishing and pursuing claims or defending against them
– the legal basis for processing is the legitimate interest of the Administrator (Article
6(1)(f) GDPR), consisting of the ability to defend its rights.


6. SOCIAL MEDIA
6.1. The Administrator processes personal data of Users visiting the Administrator's profiles on
social media platforms (Facebook, YouTube, Instagram). These data are processed solely in

connection with maintaining the profile, including informing Users about the Administrator's
activities and promoting various events, services, and products. The legal basis for
processing personal data by the Administrator for this purpose is its legitimate interest
(Article 6(1)(f) GDPR), which involves promoting its own brand.


7. COOKIE POLICY
7.1. Cookies are small text files installed on the User's device. Cookies collect information that
facilitates the use of the website – for example, by remembering information about the User,
such as login details or language preferences. The data processed in connection with the
use of cookies is managed by KONDO & PARTNERS general partnership, based in Gdańsk
(80-338), Opacka Street 24/9. The Administrator uses its own cookies, which are installed
directly by the Service. Third-party cookies are also used – these are cookies from a domain
other than the domain of the visited website – primarily for the Administrator's analytical and
advertising activities.
7.2. The Service primarily uses cookies to ensure the proper functioning of the website,
remember the User's choices on the site, and – with the User's appropriate consent – also for analyzing and tracking traffic on the Service and tailoring advertising content to interests.
Based on obtained consent, the Service also installs cookies that enable the use of social
media functionalities.

7.3. The operation of cookies is safe for Users' devices.
7.4. Cookies are used to:
a) customize the content of the Service to the User's preferences and optimize the use of
the Service; in particular, these files allow the User's device to be recognized and the
Service to be displayed accordingly, tailored to the User's individual needs;
b) create general statistics that help understand how Users use the Service, which allows
for improving the structure and content of the Service
7.5. Within the Service, two main types of cookies are used, which can be divided based on the
storage period: 'session' cookies and 'persistent' cookies. 'Session' cookies are temporary
files stored on the User';s end device until they log out, leave the Service, or turn off the
software (web browser), i.e., for the duration of the session. 'Persistent' cookies are stored
on the User's end device for the time specified in the cookie parameters or until deleted by
the User.
7.6. The following types of cookies are used within the Service:

7.6.1. 'Necessary' cookies, enabling navigation of the Service and the use of its basic
functions, including services available within the Service, e.g., authentication cookies
used for services requiring authentication within the Service;
7.6.2. Cookies used to ensure security, for example, used to detect fraud in the authentication
process within the Service;

7.6.3. 'Performance' cookies, enabling the collection of information on how the Service is used;
7.6.4. 'Functional' cookies, allowing the 'remembering' of settings selected by the User and
personalizing the User interface, e.g., in terms of the selected language or region from
which the User comes, font size, appearance of the Service, etc.;
7.6.5. 'Advertising' cookies, allowing the delivery of advertising content more tailored to the
User's interests;

7.6.6. 'Social' cookies, saved and used in connection with the functionality of social networks
integrated with the Service; they may be used to save preferences and behaviors related
to social networking services;
7.7. In many cases, the software used for browsing websites (web browser) by default allows
cookies to be stored on the User's end device. Users can change the cookie settings at any
time. These settings can be changed in particular in such a way as to block the automatic
handling of cookies in the web browser settings or to inform about their placement on the
User's device each time. Detailed information on the possibilities and ways of handling
cookies is available in the software settings (web browser). If you want to delete cookies that
have been saved on your computer (until the settings are changed, or during previous visits
to the website), you need to do it manually in your browser.
7.8. The Administrator informs that restrictions on the use of cookies may affect some
functionalities available on the Service.

7.9. Cookies placed on the User's end device may also be used by advertisers and partners
cooperating with the Administrator.
7.10. More information about cookies is available at www.wszystkoociasteczkach.pl or in the
'Help' section in the web browser menu.

7.11. The User can verify the status of their current privacy settings for the used browser at any
time using the tools available at the following links:
http://www.youronlinechoices.com/pl/twojewybory
http://optout.aboutads.info/?c=2&lang=EN
7.12. To exercise the rights to access, correct, delete, restrict, transfer, object to the processing
of personal data, submit a complaint, or ask any other question regarding cookies, you
should send an inquiry to the address /Company address/ or other contact details of the
Administrator provided in the Privacy Policy.


8. PERIOD OF PERSONAL DATA PROCESSING
8.1. The duration of data processing by the Administrator depends on the type of service
provided and the purpose of the processing. Generally, data is processed for the time of
providing the service or fulfilling the order, until the consent given is withdrawn or an

effective objection to data processing is raised in cases where the legal basis for data
processing is the legitimate interest of the Administrator.
8.2. The period of data processing may be extended if the processing is necessary to establish
and pursue potential claims or defend against them, and after that period only if and to the
extent required by law. After the processing period has expired, the data is irreversibly
deleted or anonymized.


9. USER RIGHTS
9.1. The User has the right to: access the data content and request its rectification, deletion,
restriction of processing, the right to data portability, and the right to object to data
processing, as well as the right to lodge a complaint with the supervisory authority dealing
with personal data protection.
9.2. To the extent that the User's data is processed based on consent, it can be withdrawn at any
time by contacting the Administrator or using the functionalities provided in the Service.
Withdrawal of consent does not affect the lawfulness of processing carried out based on
consent before its withdrawal.

9.3. The User has the right to object to data processing for marketing purposes if the processing
is carried out in connection with the legitimate interest of the Administrator, and also – for
reasons related to the User's particular situation – in other cases where the legal basis for
data processing is the legitimate interest of the Administrator (e.g., in connection with the
implementation of analytical and statistical purposes).


10. DATA RECIPIENTS
10.1. In connection with the provision of services, personal data will be disclosed to external
entities, including in particular IT service providers, analytical and marketing tools, and
entities such as marketing agencies (in the scope of marketing services.
10.2. With the User's consent, their data may also be shared with other entities for their own
purposes, including marketing purposes.

10.3. The Administrator reserves the right to disclose selected information about the User to
competent authorities or third parties who request such information based on an appropriate
legal basis and in accordance with applicable law.


11. TRANSFER OF DATA OUTSIDE THE EEA
11.1. The level of personal data protection outside the European Economic Area (EEA) differs
from that provided by European law. For this reason, the Administrator transfers personal
data outside the EEA only when necessary and with an appropriate level of protection
ensured, primarily through:
11.1.1. cooperation with entities processing personal data in countries with respect to which a
relevant decision of the European Commission regarding the adequacy of personal data
protection has been issued;

11.1.2. the use of standard contractual clauses issued by the European Commission; together
with the required additional security measures, these provide personal data with the
same protection as they have within the European Union;
11.1.3. the use of binding corporate rules approved by the competent supervisory authority.
11.2. To ensure a high level of protection for transferred personal data, such transfers are
carried out:
11.2.1. based on the European Commission's decision confirming an adequate level of personal
data protection in the United Kingdom – with respect to entities based in Ireland;
11.2.2. in all other cases – based on the standard contractual clauses issued by the European
Commission. The User has the right to obtain a copy of the standard contractual clauses
establishing appropriate safeguards and a summary description of the security measures
applied. To do this, please contact the Administrator via email at info@kondopartners.com or by
correspondence adress at ul. Opacka 24/9 Gdańsk, Poland;
11.3. The Administrator has conducted a risk assessment for the transfer of Users' personal
data outside the European Economic Area and has determined that, in connection with the
security measures applied, the transfer of personal data to the entities indicated in points
11.2.1 and 11.2.2 above can take place based on the standard contractual clauses
mentioned in point 11.2.2 above.


12. PERSONAL DATA SECURITY
12.1. The Administrator continuously conducts risk analysis to ensure that personal data is
processed securely – ensuring primarily that access to data is granted only to authorized
persons and only to the extent necessary for their tasks. The Administrator ensures that all
operations on personal data are recorded and performed only by authorized employees and
collaborators.
12.2. The Administrator takes all necessary measures to ensure that its subcontractors and
other cooperating entities provide a guarantee of the application of appropriate security
measures in each case where they process personal data on behalf of the Administrator.


13. CONTACT DETAILS OF THE ADMINISTRATOR
Contact with the Administrator regarding the processing of your personal data is possible via
email: info@kondopartners.com or by correspondence adress: ul. Opacka 24/9 Gdańsk, Poland (preferably with the 'Personal Data').


14. CHANGES TO THE PRIVACY POLICY
14.1. The Policy is continuously reviewed and updated as necessary. In the event of an update
to the Policy, the User will be notified by displaying a clear notice on the Service or by
sending the User an email. In some cases, the User may be notified in advance of the Policy
update, and the use of the Service's services will imply acceptance of the updated version of
the Policy.

14.2. A User who does not accept the terms of service in the Service after the newer version of
the Policy comes into effect may cease using the Service's services.

14.3. The current version of the Policy was adopted and is effective from 3.07.2024.

bottom of page