• pl
  • § 1 General provisions

    1 The administrator of the personal data of the users of the website located under the domain www.jamel.pl is JAMEL spółka z ograniczoną odpowiedzialnością S.K.A. with its registered office in Gdańsk, ul. Liczmańskiego 3/7, 80-322 Gdańsk, entered in the National Register of Entrepreneurs kept by the District Court Gdańsk-Północ in Gdańsk, VII Economic Division of the National Court Register, under KRS:0000977600, NIP: PL 584-267-47-18, REGON: 220776820 (hereinafter: “Administrator”).

    2 Contact with the Administrator is possible:

    ◦ at e-mail address: mq/mfnbk|idfu,◦ in writing, to the Administrator’s address: 3/7 Liczmańskiego Street, 80-322 Gdańsk.

    3 The purpose of the Policy is to define the actions taken with regard to personal data collected through the Administrator’s website and related services and tools used by its users, as well as in the activity of concluding and executing contracts in contact outside the website. 

    4 If necessary, the provisions of this Policy may change. The change will be communicated to users by announcing the new contents of the Policy, and in the case of the base of people who have consented to the processing of data by e-mail or provided e-mail data in the execution of contracts, they will also be notified of the change by e-mail.

    § 2 Processing bases, purposes and storage of personal data

    1 Users’ personal data shall be processed in accordance with the General Data Protection Regulation, the Personal Data Protection Act, the Personal Data Protection Act of 10.05.2018 and the Electronic Services Act of 18.07.2002.

    2 In the case of processing of personal data on the basis of an e-mail or complaint sent by the user, such processing shall be carried out on the basis of Article 6(1)(b) of the General Data Protection Regulation, according to which the processing is necessary in order to take action at the request of the data subject.

    3 If a separate consent is obtained from the user, the user’s personal data may also be processed by the controller for marketing purposes, including for the purpose of directing commercial information electronically to the e-mail address indicated by the user (Article 6(1)(a) of the General Data Protection Regulation).

    ‍4 When the Administrator enters into and performs a sales contract or service contracts, the other party is required to provide the data necessary for the conclusion of the contract (which is a contractual requirement and, with regard to tax numbers, also a statutory requirement), and for this purpose the Administrator processes personal data (Article 6(1)(b) of the General Data Protection Regulation).


    5 When conducting research and analysis to improve the performance of available services (e.g., tracking tools), Article 6(1)(f) of the General Data Protection Regulation is indicated as the basis for data processing.

    6 Users’ personal data shall be stored for no longer than necessary to achieve the purpose of processing, i.e. until the withdrawal of consent if processing is based on such consent, until the statute of limitations for the Administrator’s and the other party’s claims for the performance of concluded contracts (in the case of sales/service contracts, 2 years, counting to the end of the year), and until the fulfillment of an inquiry directed by e-mail or the completion of the processing of complaints.

    7 To the extent necessary for the proper functioning of the website, its functionality and the proper execution of payment operations (if any through the website), the website uses the User’s metadata. Metadata should be understood as the process of reading and recognizing by the site’s computer system the configuration and components of the computer used by the user in order to adjust the site to its capabilities and establish a secure connection between the user’s computer and the site. Importantly, such metadata cannot lead to the identification of the User, as well as are not in any way harmful to the data stored on the computer. Nevertheless, the User has the right to withdraw consent to the processing of metadata at any time by configuring his/her browser accordingly or downloading the appropriate plug-in provided by the browser manufacturer. In order to do so, consult the software manufacturer and its recommendations.

    8 The Administrator may use profiling for direct marketing purposes, but decisions made on its basis by the Administrator do not relate to the conclusion or refusal of a contract or the possibility of using electronic services. The effect of using profiling may be, for example, to grant a person a discount, send him or her a discount code, remind him or her of unfinished purchases, send a product proposal that may match the person’s interests or preferences, or offer better terms and conditions compared to a standard offer. Despite the profiling, it is the person who freely decides whether he or she will want to take advantage of the discount or better terms received in this way and make a purchase. Profiling involves the automatic analysis or prediction of a person’s behavior on the Administrator’s site, e.g. by adding a particular product to a shopping cart, browsing a particular product page, or by analyzing a person’s past activity history on the site. The condition for such profiling is that the Administrator has the person’s personal data in order to be able to then send him/her, for example, a discount code. 


    9 To the extent necessary for the proper functioning of the website, its functionality, the website may, during your use of the website, collect other information, including but not limited to:a) IP address;b) device, hardware and software information, such as hardware identifiers, mobile device identifiers (e.g. Apple Identifier for Advertising [“IDFA”] or advertising identifier on an Android device [“AAID”]),c) type of platform,d) settings and components,e) installed softwaref )presence of necessary plug-ins;g) approximate geolocation data (compiled from IP address or device settings);h) web browser data, including browser type and preferred language;

    10 Taking into account the nature, scope, context and purposes of the processing, as well as the risk of violation of the rights or freedoms of natural persons of varying probability and severity, the Administrator shall implement appropriate technical and organizational measures to ensure that the processing is carried out in accordance with the Regulation and to be able to demonstrate this. These measures shall be reviewed and updated as necessary. The Administrator shall use technical measures to prevent unauthorized persons from obtaining and modifying, personal data sent electronically.

    § 3 Data sharing

    1 The Administrator shall ensure that any personal information collected is used to fulfill obligations to users. This information will not be shared with third parties except when:

    ◦ the explicit consent of the data subjects to do so is given in advance, or ◦ if the obligation to provide such data is or will be based on applicable laws, such as law enforcement agencies.

    2 In addition, personal data of service recipients and customers may be transferred to the following recipients or categories of recipients:

    ◦ service providers supplying the Administrator with technical, IT and organizational solutions that enable the Administrator to conduct its business, including the website and the electronic services provided through it (in particular, computer software providers, marketing agencies, email and hosting providers, business management and technical support software providers to the Administrator and the product delivery operator) – the Administrator shall make the collected personal data of the Customer available to the selected provider acting on its behalf only in the case and to the extent necessary to realize the given purpose of data processing in accordance with this Privacy Policy.

    ◦ accounting, legal and advisory service providers providing accounting, legal or advisory support to the Administrator (in particular, an accounting firm, law firm or debt collection company) – the Administrator shall make the collected personal data of the Customer available to the selected provider acting on its behalf only in the case and to the extent necessary to realize the given purpose of data processing in accordance with this Privacy Policy.

    3 The Administrator may share anonymized data (i.e., data that does not identify specific Users) with external service providers in order to better identify the attractiveness of advertisements and services to Users, and in this regard, due to the location of software providers, data may be transferred – subject to the principles of their protection – to third countries, however, providing standard contractual provisions approved by the European Commission for the processing of personal data or having the appropriate authority to do so on the basis of bilateral data processing entrustment agreements between the European Union and the third country in question, while not being a member of the European Economic Area. These entities in the case of the Administrator are:

    ◦ Google LLC. (Headquarters: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for Google Analytics tools used to analyze website statistics, Google Tag manager: used to manage scripts by easily adding code snippets to a website or application and to track actions performed by users on a website, Google Ads used to display sponsored links in Google’s search engine results and on collaborative sites under the Google AdSense program,

    ◦ Facebook Inc. (registered address: Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA) for Facebook pixel used to track conversions from Facebook ads, optimize them based on collected data and statistics, and build a targeted audience list for future advertising.

    4 Third-party analytics technologies integrated into the Administrator’s services (including SDKs [Software Development Kits] and APIs [Application Program Interfaces]) may combine data collected in connection with your use of the Administrator’s website with information they have collected separately over time and/or across platforms. Many of these companies collect and use information under their own data protection policies, which can be found on their websites. The Administrator encourages you to familiarize yourself with these policies.

    5 The Administrator’s website may use the functionality of Google Analytics, a web audience analysis service provided by Google, LLC. (“Google”). Google Analytics uses cookies to help website operators analyze how visitors use the website. The information generated by the cookie about visitors’ use of the website is generally transmitted to and stored by Google on servers in the United States. In accordance with current IT standards, the IP addresses of users visiting the Administrator’s website are abbreviated. Only in exceptional cases is the complete IP address transferred to a Google server in the United States and shortened there. On behalf of the Administrator, Google will use this information to evaluate the website for its users, to compile reports on website traffic and to provide other services related to website traffic and Internet usage for website operators. In doing so, Google will not associate the IP address submitted as part of Google Analytics with any other data in its possession. For more information on how Google Analytics collects and uses data, please visit Google’s official website at:

    www.google.com/policies/privacy/partners. In addition, each User can prevent Google from collecting and processing data about his/her use of the website by downloading and installing a browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout.

    6 When the Administrator shares data with third parties, it makes every effort to do so only with entities certified under the (former) EU-U.S. and Switzerland-U.S. Privacy Shield programs, which are available at www.privacyshield.gov. Such entities, when handling information originating in the European Economic Area (EEA), will do so in accordance with the Accountability for Onward Transfer principle of the Privacy Shield program. Where applicable, the Administrator will rely on EU standard contractual clauses and other safeguards to enable transfers outside the EEA. In accordance with the July 16, 2020 decision of the Court of Justice of the European Union with respect to the EU-US Privacy Shield and the European Data Protection Board guidelines, the Administrator continues to assess the legal regime of the countries to which data is transferred and, where necessary, updates measures to ensure adequate levels of protection.

    § 4 Rights of the User

    1 A user whose personal data is processed has the right to:

    (a) access, rectification, restriction, erasure or portability – the data subject has the right to request from the Controller access to his/her personal data, rectification, erasure (“right to be forgotten”) or restriction of processing, and has the right to object to processing, and has the right to portability of his/her data. The detailed conditions for exercising the rights indicated above are indicated in Articles 15-21 of the RODO Regulation.

    (b) withdrawal of consent at any time – a person whose data is processed by the Administrator on the basis of expressed consent (pursuant to Article 6(1)(a) or Article 9(2)(a) of the RODO Ordinance), then he/she has the right to withdraw consent at any time without affecting the legality of the processing performed on the basis of consent before its withdrawal.

    (c) lodge a complaint to a supervisory authority – a person whose data is processed by the Controller has the right to lodge a complaint to a supervisory authority in the manner and mode specified in the provisions of the RODO Regulation and Polish law, in particular the Personal Data Protection Act. The supervisory authority in Poland is the President of the Office for Personal Data Protection in Warsaw.

    (d) Objection – The data subject has the right to object at any time – on grounds relating to his or her particular situation – to the processing of personal data concerning him or her based on Article 6(1)(e) (public interest or tasks) or (f) (legitimate interest of the controller), including profiling under these provisions. In such a case, the controller shall no longer be allowed to process such personal data, unless the controller demonstrates the existence of compelling legitimate grounds for the processing overriding the interests, rights and freedoms of the data subject, or grounds for establishing, asserting or defending claims.

    (e) objection to direct marketing – if personal data are processed for the purposes of direct marketing (based on the legitimate interests of the Controller, not on the basis of the data subject’s consent), the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such marketing, including profiling, to the extent that the processing is related to such direct marketing.2 The exercise of the above rights shall be based on the user’s request sent to the email address mq/mfnbk|idfu. Such request should include the user’s name.

    3 The user shall ensure that the data he/she provides or publishes on the site is correct.

    § 5 Cookies

    1 By “cookies” we mean IT data, in particular text files, stored on the users’ terminal devices (usually on the computer’s hard drive or mobile device) for the purpose of saving certain settings and data by the user’s browser in order to use the websites. These files allow recognition of the user’s device and display the website accordingly, providing comfort during its use. The storage of “cookies” therefore allows the website and the offer to be properly prepared for the user’s preferences – the server recognizes the user and remembers preferences such as visits, clicks, previous actions, among others.

    2 “Cookies” contain, in particular, the domain name of the website from which they originate, the time they are stored on the end device and a unique number used to identify the browser from which the connection to the website is made.

    3 “Cookies” are used for:

    (a) adapting the content of the websites to the user’s preferences and optimizing the use of the websites,

    b) create anonymous statistics, which, by helping to determine how the user uses the websites, make it possible to improve their structure and content,

    c) provide site users with advertising content tailored to their interests.


    Cookies are not used to identify the user and their identity is not established on their basis.

    4 The basic division of “cookies” is their distinction into:

    (a) “cookies” of an essential nature – they are absolutely necessary for the proper functioning of the website or the functionality you wish to use, as without them we could not provide many of the services we offer. Some of them also ensure the security of the services we provide electronically.

    b) Functional “cookies” – are important for the operation of the website due to the fact that:

    are used to enrich the functionality of the websites; without them, the website will work properly, but will not be tailored to the user’s preferences,

    serve to ensure a high level of website functionality; without them, the level of website functionality may decrease, but their absence should not prevent you from using the website completely,

    serve the majority of website functionality; blocking them will result in selected functions not working properly.

    (c) Business “cookies” – enable the implementation of the business model on the basis of which the website is provided; their blocking will not result in the unavailability of all functionality, but may reduce the level of service provision due to the inability of the website owner to realize revenues subsidizing its operation. This category includes, for example, advertising “cookies”.

    d) “Cookies” for website configuration – allow you to set functions and services on websites.

    e) Cookies for security and reliability of websites – enable verification of authenticity and optimization of website performance.

    f) Authentication “cookies” – allow to inform when a user is logged in, so that the website can show relevant information and features.

    g) Session research “cookies” – allow recording information about how users use the website. They may relate to the most visited pages or possible error messages displayed on certain pages. The “cookies” used to record the so-called “session state” help improve services and enhance the browsing experience.

    h) “Cookies” for studying the processes taking place on the site – they enable the smooth operation of the website and the functions available on it.

    i) Ad serving “cookies” – allow displaying ads that are more interesting for users and at the same time more valuable for publishers and advertisers; “cookies” can also be used to personalize advertising, as well as to display ads outside the websites.

    (j) Location-accessing “cookies” – allow the information displayed to be tailored to the user’s location.

    (k) Analytics, research or audience audit cookies – allow the website owner to better understand the preferences of its users and, through analysis, improve and develop products and services. Typically, the website owner or research company collects information anonymously and processes trend data without identifying the personal data of individual users.

    (l) Non-harmful “cookies” – includes cookies necessary for the proper operation of the website and needed to enable the functionality of the website, but their operation has nothing to do with tracking the user

    m) Research “cookies” – used to track users, but do not include information that allows (without other data) to identify a specific user.

    5 The use of “cookies” for the purpose of adapting the content of the websites to the user’s preferences does not, as a rule, imply the collection of any information allowing to identify the user, although this information may sometimes have the nature of personal data, that is, data allowing to attribute certain behavior to a specific user. Personal data collected using “cookies” may be collected solely for the purpose of performing certain functions for the user. Such data are encrypted in a way that prevents unauthorized access to them.

    6 The cookies used by this website are not harmful either to the user or to the terminal device used by the user, so in order for the website to function properly, it is recommended not to disable them in browsers. In many cases, web browsing software (web browser) by default allows the storage of information in the form of “cookies” and other similar technologies on the user’s terminal device. The user can change the browser’s use of “cookies” at any time. To do this, change the browser settings. How to change the settings varies depending on the software (web browser) you use. You will find relevant instructions on the subpages, depending on the browser you use.

    7 “Cookies” are also used to facilitate logging into your account, including via social media, and to enable you to move between subpages on websites without having to log in again on each subpage. At the same time, cookies are used to secure websites, e.g. to prevent unauthorized access.

    8 As part of its cookie technology, the Administrator may use tracking pixels or pure GIF files to collect information about how users use its services and how they respond to marketing messages sent by email. A pixel is a software code that allows an object, usually an image the size of a pixel, to be embedded on a page, which provides the ability to track user behavior on the web pages where it is deployed. After giving the appropriate consent, the browser automatically establishes a direct connection to the server storing the pixel, so the processing of the data collected by the pixel is done within the framework of the data protection policy of the partner who administers the aforementioned server.

    9 The Administrator may use web log files (which contain technical data, such as the user’s IP address) to monitor traffic on its services, resolve technical problems, detect and prevent fraud, and enforce the User Agreement.

    10 The Administrator informs you that the website does not respond to Do Not Track (DNT) signals, while you can disable certain forms of online tracking, including certain analytics and personalized advertising, by changing the cookie settings in your browser or using our cookie consent tools (if applicable).

    11 Detailed information on how to change the settings for cookies and how to delete them yourself in the most popular web browsers is available in the help section of your web browser and on the following pages (just click on the link):

    in Chrome browser

    in Firefox browser


    in the Opera browser 


    in Safari browser


    in the Microsoft Edge browser

    12 For detailed information about managing cookies on your cell phone or other mobile device, please refer to the user manual for your mobile device.