Privacy policy

Privacy Policy

This Privacy Policy provides comprehensive information regarding the processing of personal data within the domain tqlo.pl.

General Terms of Personal Data Processing The controller of personal data is TQLO Sp. z o.o., with its registered office in Warsaw, ul. Skierniewicka 10A, entered into the register of entrepreneurs maintained by the District Court in Warsaw, XIII Commercial Division of the National Court Register under number KRS 0001147757, with Tax ID (NIP): 5273145421 (hereinafter referred to as the “Controller”).

You can contact the Controller in writing at the address mentioned above or via email at: kontakt@tqlo.pl.

The processing of personal data by the Controller complies with the applicable legal provisions, particularly Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data and repealing Directive 95/46/EC (“GDPR”).

The processing applies to individuals and their personal data, depending on the purpose for which it is processed (specific purposes of processing are detailed in Section II of this Privacy Policy). Providing data is voluntary, and failure to provide it may result in the inability to fulfill a particular purpose, e.g., responding to a query. If providing personal data is mandatory, the Controller will directly inform you.

The Controller may process personal data exclusively in an automated manner, including profiling, which may result in legal consequences or similarly significant effects for the data subject. / The Controller may process personal data in an automated manner, including profiling; however, such automated processing will not lead to decisions with legal consequences or significantly affect the data subject. / The Controller does not process personal data solely in an automated manner, including profiling.

Legal Basis and Period of Personal Data Processing Every processing of personal data is carried out for specific, explicit, and legally defined purposes, and the Controller ensures that no data is collected or processed beyond the purposes listed below:

1. Performance of Contracts: Processing related to the conclusion and performance of a contract is based on Article 6(1)(b) of GDPR and particularly pertains to:
   • Providing services in accordance with the concluded contract;
   • Contacting regarding the provided service;
   • Taking pre-contractual actions, particularly delivering offers upon the data subject’s request. The processing period corresponds to the duration of the contract.
2. Business Relationships: Establishing business relationships, including responding to queries, is based on Article 6(1)(f) of GDPR concerning the Controller’s legitimate interests in responding to inquiries. Personal data will be processed until an effective objection is raised, but not longer than the end of the calendar year following three years from the date of response.
3. Claims and Complaints: Pursuing or securing claims and handling complaints are based on Article 6(1)(f) of GDPR concerning the Controller’s legitimate interests in protecting its rights and those of the data subjects. The processing period corresponds to the statute of limitations for the relevant claims and begins when pursuing or defending against a claim.
4. Marketing Activities: Marketing of own or third-party services is based on Article 6(1)(f) of GDPR concerning the Controller’s legitimate interests in promoting services and seeking collaboration. Personal data processing for marketing purposes continues until consent is withdrawn or an effective objection is raised, but no longer than […].
5. Tax and Accounting Obligations: Fulfillment of tax and accounting obligations is based on Article 6(1)(c) of GDPR in relation to applicable tax and accounting laws. The processing period corresponds to the duration of the legal obligation as defined by current laws.

Rights of Data Subjects Data subjects whose personal data is processed by the Controller, provided that legally stipulated conditions are met, have the right to:

• Access their data and obtain a copy;
• Rectify data;
• Request data deletion;
• Restrict processing;
• Data portability;
• Object to processing due to their specific situation when the processing is based on the Controller’s legitimate interest;
• Object to processing for marketing purposes when based on the Controller’s legitimate interest;
• Lodge a complaint with a supervisory authority if they believe the processing violates applicable laws (address: President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw);
• Withdraw consent if the processing is based on consent (withdrawal does not affect the lawfulness of processing carried out before the withdrawal).

Recipients of Personal Data Personal data may be shared with entities authorized to receive it under applicable laws, including judicial authorities.

Data may also be shared with trusted recipients, such as carriers and postal service providers, accounting service providers, legal service providers, technical support providers (IT systems and website maintenance, software or system providers), and debt collection companies.

The Controller does not transfer personal data outside the European Economic Area (EEA) or to international organizations. / The Controller transfers personal data outside the EEA or to international organizations. Transfers outside the EEA occur based on a European Commission adequacy decision, standard contractual clauses, or another legal basis such as explicit consent from the data subject. Detailed information on appropriate safeguards is available from the Controller, who can be contacted as specified in Section I.2 of this Privacy Policy.

Cookies General Information The Controller uses cookies or similar technologies (“cookies”), which include data such as text files stored on users’ devices.

Cookies allow the Controller to process data about the user’s device, location, activities on the website (e.g., visit duration), and other data depending on the type of cookie used (e.g., interest in specific advertisements).

Cookies Used on tqlo.pl The Controller uses session and persistent cookies. Session cookies remain on the user’s device until they leave the website or log out, while persistent cookies remain for a specified period or until manually deleted.

Cookies are used for the following purposes:

• Essential: Necessary for the proper functioning of the website. This category cannot be disabled.
• Statistical: Monitor user traffic and verify user choices, including tracking the number of visits.
• Marketing: Used for displaying ads and tailoring them to user preferences by analyzing user behavior on the website and potentially other websites.
• Functional: Remember user choices, such as preferred language, content layout, and region.

The Controller uses both first-party cookies and third-party cookies created and managed by external entities.

Managing Cookies All cookies, except essential ones, require user consent before being applied. Users can manage cookies at any time, withdraw consent, or object to non-essential cookies through the website or directly in their browser settings:

• Microsoft Edge
• Chrome
• Opera
• Mozilla Firefox
• Safari

Restricting cookies may affect some website functionalities.