PRIVACY POLICY OF THE SERVICE

1. General provisions

The protection of Users' privacy is particularly important to KRISMAR Spółka z ograniczoną odpowiedzialnością. Users of the apt-krismar.pl service are guaranteed high standards of personal data protection. KRISMAR Sp. z o.o. as the Data Administrator takes special care to ensure that personal data is processed in accordance with applicable laws, including the regulation of the European Parliament and the Council (EU) 2016/679 of April 27, 2016 (GDPR).

2. Personal data administrator

The administrator of personal data provided by the User in the serviceapt-krismar.plis:

KRISMAR Spółka z ograniczoną odpowiedzialnością
ul. Sokołowska 56, 08-110 Siedlce
NIP: 5532513665, REGON: 243362812, KRS: 0000476525
Agency number: 29392
Email address:biuro@apt-krismar.pl

The Administrator has not designated a Data Protection Officer (DPO). For matters related to personal data protection, you can contact the Administrator at the email address:
biuro@apt-krismar.plor by mail at the above address.

3. Legal bases for data processing

The Administrator processes Users' personal data in accordance with Article 6 of the GDPR, based on the following legal bases:
- User consent – Article 6(1)(a) of the GDPR,
- Necessity for the performance of a contract – Article 6(1)(b) of the GDPR,
- Legal obligation of the Administrator – Article 6(1)(c) of the GDPR,
- Legitimate interests of the Administrator – Article 6(1)(f) of the GDPR.

4. Purposes and scope of processing personal data

1. Communication with the User (Article 6(1)(f) of the GDPR)
Purpose: responding to inquiries, handling applications, contact regarding recruitment or business matters.
Scope: first name, last name, email address, phone number, message content.

2. Conclusion and performance of a contract (Article 6(1)(b) of the GDPR)
Purpose: taking action at the User's request before concluding a contract or its execution.

3. Marketing activities (Article 6(1)(a) of the GDPR)
Purpose: sending offers and commercial information electronically or by phone.

4. Fulfilling legal obligations (Article 6(1)(c) of the GDPR)
Purpose: carrying out obligations arising from tax, accounting, and labor law.

5. Establishing, pursuing, or defending claims (Article 6(1)(f) of the GDPR)
Purpose: protecting the Administrator's interests in the event of legal disputes.

5. No profiling and automated decision-making

Users' personal data is not processed in an automated manner and is not subject to profiling within the meaning of Article 22 of the GDPR.

6. Recipients of personal data

Personal data may be transferred to: entities providing IT, marketing, accounting, or hosting services, business partners of the Administrator (e.g., employers), and public authorities to the extent required by law. Data recipients process it based on data processing agreements in accordance with Article 28 of the GDPR. Data is not transferred outside the European Economic Area (EEA).

7. Data retention period

Personal data will be stored for the period necessary to achieve the purposes for which it was collected, until consent is withdrawn, the expiry of the limitation period for claims, or for the time required by law. After these periods, the data will be permanently deleted or anonymized.

8. User rights

The User has the right to: access their data, rectify, delete, restrict processing, transfer data, object, and withdraw consent at any time. Requests can be submitted to the email address:biuro@apt-krismar.plor by mail to the Administrator's registered office.

9. Right to lodge a complaint

The User has the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO) if they believe that the processing of data violates the provisions of the GDPR.

10. Cookies

The serviceapt-krismar.pluses cookies to ensure the proper functioning of the service, to tailor content to user preferences, to analyze site traffic, and to conduct marketing activities. The User can manage cookie settings in their browser. Detailed rules are specified in the Cookie Policy.

11. Personal data security

The Administrator uses technical and organizational measures to protect personal data against loss, unauthorized access, or disclosure. The security measures include access control, data transmission encryption (SSL), backups, and restricted access for authorized persons.

12. Changes to the Privacy Policy

The Administrator reserves the right to make changes to the Privacy Policy in order to adapt it to applicable laws or technological changes. Any changes will be published on the site apt-krismar.pl, along with the date of the update.

13. Contact

For matters related to the processing of personal data, please contact:

KRISMAR Limited Liability Company
ul. Sokołowska 56, 08-110 Siedlce
E-mail: biuro@apt-krismar.pl

Date of update: October 2025.