Menu

Privacy Policy

This document sets out the rules for the processing of personal data on the website www.capitalpark.pl in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation – “GDPR”).

  1. The controller of personal data is Capital Park Sp. z o.o., with its registered office in Warsaw (02-797), at ul. Franciszka Klimczaka 1, entered in the National Court Register (KRS) under number 0001057169, Tax Identification Number (NIP): 9512577670 (the “Controller”). The Controller may be contacted at the above address or electronically at: biuro@capitalpark.pl.
  2. Of the purposes of processing personal data and the legal basis for such processing, we inform you at the time of concluding contracts or collecting data via a contact form. Personal data may be processed for purposes necessary to: (i) conclude and perform a contract to which you are a party, or (ii) take actions at your request prior to concluding a contract, or (iii) respond to an inquiry regarding elements of the Controller’s commercial offer or matters related to the Controller’s business activities, (iv) fulfil a legal obligation incumbent on the Controller, or (v) pursue purposes resulting from the legitimate interests pursued by the Controller, as well as (vi) on the basis of your consent – for purposes consistent with the content of the consent given (including, inter alia, the sending of newsletters). In each case where processing is based on the legitimate interests of the Controller, such processing may include: pursuing claims by the Controller, defending against claims brought against the Controller, direct marketing of the Controller’s services, provision of services, or communication with you. The legal basis for the processing of personal data results from the provisions of the GDPR, i.e. Article 6(1)(a), (b), (c) and (f) GDPR.
  3. Personal data may be stored for the period necessary to achieve the purposes indicated above, as well as for the limitation period of claims that may arise from undertaken obligations. In the case of data processed on the basis of your consent, personal data will be stored until such consent is withdrawn. If legal provisions require earlier deletion of your personal data or longer retention thereof, the Controller will comply with such legal obligation.
  4. You have the right to request from the Controller access to your personal data, as well as the rectification or completion thereof if the data is inaccurate or incomplete.
  5. You have the right to request the erasure of personal data in each of the following cases:
    • personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
    • the data subject has withdrawn the consent on which the processing is based and there is no other legal basis for the processing;
    • the data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR;
    • personal data has been processed unlawfully;
    • personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State to which the Controller is subject.
    • The above does not apply in the cases referred to in Article 17(3) GDPR.
  6. You have the right to request the restriction of the processing of personal data in each of the following cases:
    • the data subject contests the accuracy of the personal data – for a period enabling the Controller to verify the accuracy of the data;
    • the processing is unlawful and the data subject opposes the erasure of the personal data, requesting instead the restriction of its use;
    • the Controller no longer needs the personal data for the purposes of processing, but the data is required by the data subject for the establishment, exercise or defence of legal claims;
    • the data subject has objected to the processing pursuant to Article 21(1) GDPR – pending verification whether the legitimate grounds on the part of the Controller override those of the data subject.
  7. If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes (Article 21(2) GDPR). If the data subject objects to the processing for direct marketing purposes, personal data may no longer be processed for such purposes.
  8. Your data may be disclosed to persons or entities authorised under applicable law, in particular at the request of public or judicial authorities in cases justified by law, as well as to authorised entities where this is necessary for the proper performance of a contract, e.g. disclosure of data to a bank, an investment contractor, a notary public in connection with the execution of a notarial deed, property managers, or IT service providers. Our service providers are located in Poland and other countries of the European Economic Area (EEA). In connection with the use of Google Analytics, personal data is transferred outside the EEA (to the United States of America). In connection with the transfer of your data outside the EEA, service providers are obliged to ensure an adequate level of protection of personal data. These safeguards result in particular from the obligation to apply standard contractual clauses adopted by the European Commission. Information regarding data transfers by Google is available at: https://policies.google.com/technologies/partner-sites?hl.
  9. You have the right to lodge a complaint with the President of the Personal Data Protection Office if the processing of your personal data violates applicable law (https://uodo.gov.pl/p/kontakt).
  10. In most cases, personal data has been obtained directly from you (the data subject). There may be cases where your data has been obtained from your employers, principals, clients, or other authorised parties.
  11. Providing data is voluntary; however, for specifically defined purposes under relevant agreements in force with the Controller, providing data may be necessary to carry out specific transactions or activities.
  12. The Controller does not make decisions in an automated manner.
  13. The Controller uses cookies on the website for statistical purposes, to track operations performed by visitors on the website, and to improve and personalise user experience. There are two types of cookies: persistent cookies and session cookies. Persistent cookies are stored on the user’s device for a certain period of time. Session cookies are stored on the user’s device only during navigation of the website. When the browser is closed, session cookies are deleted. The Controller uses Google Analytics, which may be associated with the collection of information about website visits gathered by Google from logged-in Google users who have consented to personalised advertising. Information collected by Google may include: user location, browsing history, and information from websites cooperating with Google, and is used to provide aggregated and anonymous insights into customer behaviour. By using our website and accepting tracking and cookies, you knowingly consent to such association. You may review or delete information about yourself via Google My Activity.
  14. Persistent cookies are used, for example, to store user preferences on the website so that users do not have to repeat certain actions each time they visit the site. Session cookies are used to store statistical data regarding website usage. By using the website or by consenting to our Privacy Policy and cookie information, you consent to the use of cookies. If you do not agree to the use of cookies, you may disable them in your browser’s security/privacy settings. You may delete cookies from your device at any time. If you do not wish cookies to be used, you may disable them in your browser settings (please refer to your browser’s help section for further information). You may also delete cookies that have been stored in connection with previously visited websites.
  15. Any changes to the Privacy Policy and Cookies Policy will be published on this website.