1. Introduction – Contact Details

2. Personal Data Protection Regulations

3. Principles of Processing Your Personal Data

4. User Rights in Connection with Personal Data Processing

5. Personal Data Security

6. How We Process Your Data

7. Consent – Withdrawal of Consent

8. Data Storage

9. Data Recipients – Sharing Data with Other Entities

10. Data Processing Using Cookies and Other Internet Technologies

11. Changes to the Policy

I. Introduction – Contact Details

This Privacy Policy contains general information regarding the use (processing) of personal data of individuals visiting or using services provided by Foreigner Support, hereinafter referred to as the “Website,” created by the Administrator, Foreigner Support, owned by Wioletta Jakubczyk.

We respect the privacy of our Users; therefore, we provide this Privacy Policy to ensure that every User knows the extent to which their personal data is processed. This allows Users to make informed and voluntary decisions about whether to use our services at Foreigner Support.

In this Privacy Policy, we aim to describe how and to what extent we collect Users’ personal data, the purposes for which we use this data, to whom we disclose it, and how we protect it. Users will also find information about their rights in accordance with applicable data protection regulations.

This policy is general in nature and covers only certain aspects related to the processing of personal data. Detailed information is provided in our Regulations and information clauses, which will be presented to the User when collecting their personal data during the use of the Website and Foreigner Support services.

For more information on how we use cookies or other data-collecting technologies on our websites, please refer to our Cookie Policy.

Administrator’s Contact Information: Foreigner Support, owned by Wioletta Boćkowska, registered in the Central Register and Information on Economic Activity (CEIDG) under
TIN (NIP): 1231529988.
Register Address: Ogrodowa 16, 05-500 Mysiadło.
Website: https://foreignersupport.pl.
Email: info@foreignersupport.pl.
Phone: +48 531 638 638.

II. Personal Data Protection Regulations

This Privacy Policy is based on the following regulations:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR).
• The Telecommunications Law of 16 July 2004 (consolidated text: Journal of Laws of 2017, item 1907, as amended).
• The Act of 18 July 2002 on the provision of electronic services (consolidated text: Journal of Laws of 2017, item 1219, as amended).
• The Act of 10 May 2018 on personal data protection (Journal of Laws of 2018, item 1000).

III. Principles of Processing Your Personal Data

We appreciate the trust that our Users have placed in us. In processing Users’ personal data, we ensure that this data is processed securely, reliably, legally, and in a manner that is transparent to the User.

Below, we present the most important principles that guide us:

• We collect personal data only to the minimal extent necessary to achieve the purposes for which they are collected.
• The purposes of collecting Users’ personal data are clearly defined and based on legal provisions – we do not process data in a manner inconsistent with these purposes.
• We maintain the accuracy and correctness of Users’ personal data and promptly respond to any requests for rectification or updating of data.
• We fulfill the Users’ right to access their personal data and to correct it.
• We also fulfill Users’ rights to delete personal data, withdraw consent, restrict processing, to data portability, the right to object to data processing, the right not to be subject to a decision based solely on automated data processing, including profiling.
• We limit the storage of personal data in accordance with legal provisions, only for the period necessary to achieve the purposes for which they are collected, unless events occur that may extend the data storage period.
• We protect Users’ personal data from loss, unauthorized access, accidental loss or alteration, and other unlawful forms of processing.
• If personal data is shared with other entities, this is done in a secure manner, contractually protected, and in accordance with applicable legal regulations.

IV. User Rights in Connection with Personal Data Processing

The Administrator exercises User rights related to the processing of their personal data. These rights stem from applicable data protection regulations, particularly the GDPR (Articles 16-21).

Users have the right to:

• Withdraw Consent: Users can withdraw their consent for the processing of personal data at any time, where consent is the legal basis for data processing (see Section VII below). This also applies to the use of cookies – see more in the Cookie Policy.
• Access to Data: Users have the right to receive confirmation from the Administrator about whether their personal data is being processed and in what manner.
• Rectification: Users can request the correction of outdated or inaccurate personal data and the right to supplement it if it is incomplete.
• Objection: Users can object to the processing of their personal data when we process it based on our legitimate interests (e.g., for analytical, statistical, evidential, or archiving purposes). In case of objection, we will need to cease processing the data, unless we can demonstrate compelling legitimate grounds for processing that outweigh the User’s inconvenience or are necessary for the establishment, exercise, or defense of legal claims (e.g., evidential purposes or claims by/from the Administrator). The right to object also applies when processing concerns direct marketing, including profiling (regardless of whether the legal basis for such processing is consent or our legitimate interest; in any case, your objection or withdrawal of consent in this regard will result in us ceasing to process your data for these purposes). This also applies to the use of cookies – see more in the Cookie Policy.
• Erasure of Personal Data by the Administrator (“Right to be Forgotten”): In principle, this right involves requesting the Administrator to promptly erase relevant personal data; however, there are exceptions to this right under Article 17 of the GDPR (especially for the purposes of establishing, exercising, or defending legal claims).
• Restriction of Data Processing: Practically, this can involve temporarily blocking access to your data or transferring data to another system.
• Data Portability: Users have the right to receive a copy of the personal data they have provided to us if processing is based on their consent or on a contract and is carried out in an automated manner.
• Filing a Complaint with the Supervisory Authority: This can be done with the President of the Office for Personal Data Protection.

All requests regarding processed personal data, including your rights, can be submitted by phone, email, or in writing, using the Administrator’s contact details provided in Section I. In the case of withdrawing consent, also see Section VII below.

Your requests will be fulfilled without undue delay, but no later than within one month of receipt. This period may be extended due to the complexity of the request or the number of requests by an additional two months, of which you will be informed. However, until your request is fulfilled, you may receive information from us that you have withdrawn your consent.

When submitting requests to the Administrator, please provide your first and last name and contact details (phone number or email address, and, in the case of written requests, your residential address) for the purposes of verifying your identity. 

V. Personal Data Security

The Administrator takes technical and organizational measures to protect personal data from unlawful or unauthorized access or use, as well as accidental destruction, loss, or alteration, and other unlawful forms of processing. The principle of ensuring security guided us during the design of IT infrastructure, standards, and business practices. Our security procedures include, in particular: access protection, monitoring, review and maintenance, and incident management.

In ensuring the security of processed personal data, we commit to:

• Confidentiality: We will protect data from accidental disclosure to third parties.
• Integrity: We will protect data from unauthorized modification.
• Availability: We will provide authorized persons with access to your data when necessary.

Your personal data may only be processed by third parties if such entities commit to ensuring the appropriate technical and organizational measures to guarantee the security of personal data processing and to maintain the confidentiality of such data. Every Foreigner Support employee with access to personal data has the necessary authorization and is obligated to maintain confidentiality.

VI. How We Process Your Data

For what purpose and on what legal basis do we process User data?

The Administrator processes your personal data only for specific, clear, and lawful purposes. We will not process your data in a manner inconsistent with these purposes.

The purpose and legal basis for processing personal data are communicated to the User each time through a separate notice.

The main grounds for processing your personal data by the Administrator may include:

• Consent: For one or more specified purposes (e.g., responding to inquiries submitted via a form). In the case of using cookies, please refer to the Cookie Policy for more information.
• Performance of a Contract or Actions Leading to a Contract: (e.g., in connection with providing electronic services).
• Legitimate Interests: Except in cases where your interests or fundamental rights and freedoms take precedence over these interests (each described in information clauses, e.g., evidential purposes).

In some cases, the legal basis for processing personal data may also be the protection of vital interests or compliance with a legal obligation to fulfill a legal obligation placed on the Administrator (especially in relation to obligations incumbent on the Administrator as a service provider).

Regarding the use of cookies on the Website and the processing of data through them, more information is available in the Cookie Policy.

Method of Data Collection

The Administrator collects Users’ personal data when they fill out a form on the Website, contact Administrator staff (in which case we may retain information that Users voluntarily provide when writing or contacting us), and automatically collect data contained in system logs and cookies (more on this in the Cookie Policy).

Providing personal data is voluntary but often necessary to handle User requests through online forms or to perform other customer service-related activities. In such cases, providing your data is voluntary but necessary to fulfill such a service.

What data can we process?

The personal data we write about may include various types of data, depending on the category of data subject and whether you are already our Customer or a person potentially interested in our services.

We will always determine and process only the necessary scope of data.

Within the scope of Foreigner Support’s business activities, we may process personal data such as: identification data (e.g., first name, last name), contact data (e.g., phone number, email address, residential address), and in the case of business entities, the company name and Tax Identification Number (NIP).

The scope of data saved in connection with the use of cookies is described in detail in the Cookie Policy.

VII. Consent – Withdrawal of Consent

In relation to the User, including in the context of services offered through the website, the User may be asked to provide consent for the processing of personal data for marketing purposes related to products or services offered by Foreigner Support, including electronic marketing, if your consent is the appropriate legal basis for processing personal data.

For Users and Customers or Potential Customers of Foreigner Support, withdrawal of consent can be made at any time by exercising the right to withdraw consent through direct contact with the data Administrator.

In other cases, where consent has been obtained by the Administrator, you should follow the information provided in the relevant information clauses.

Withdrawal of consent does not affect the lawfulness of processing personal data based on consent before its withdrawal.

The withdrawal of consent will be considered promptly. After processing the request, we will cease processing personal data for the purposes covered by the consent. However, until the request is fulfilled, Users may still receive information from us, which they have opted out of by withdrawing consent, due to the time required for processing the request in our systems.

If we have Users’ data for other purposes (e.g., contract fulfillment, service provision, evidence, or claims processing), we may continue to process it for those purposes under a different legal basis.

Regarding the withdrawal of consent for the installation and use of cookies, more information can be found in the Cookie Policy.

VIII. Data Storage

The Administrator stores personal data for the period necessary to achieve the purposes that the User has been informed about. The period of personal data storage is determined in accordance with applicable legal regulations. Users have the right to obtain information from us about the likely duration of data storage.

IX. Data Recipients – Sharing Data with Other Entities

With the User’s consent, depending on the purpose of data processing and the content of the consent for processing and sharing, your personal data may be shared with entities specified in the consent.

In some cases, data may also be shared with other data controllers if there is a valid legal basis for doing so.

We may also share your data with other data processing entities – companies providing services on our behalf, to whom we delegate tasks requiring data processing, especially in the field of IT services, as well as cooperating entities in other ways.

Please note that in cases where data recipients independently and on their behalf process personal data from the User, for example, offer products and services through their own channels without the involvement of the Administrator or provide services on their own behalf, they will become separate data controllers and will be responsible for the processing of such personal data independently, not subject to the terms of our Privacy Policy.

The Website may contain links to other websites, social media sites, or websites of cooperating entities. By going to a third-party website, Users will be subject to a separate privacy and personal data protection policy for that website. Please review the privacy and personal data protection policy of each individual website.

Our company complies with the General Data Protection Regulation (GDPR) and other regulations regarding the protection of personal data, ensuring the security and confidentiality of processed data. Due to the use of software by our company from the Bitrix24 system, this company becomes a data controller, meaning it may have access to certain personal information of users of our website. By giving consent to the processing of personal data, the User also consents to the transfer of this data by our company to the data controller, which is Bitrix24, and to their processing by that company.

We assure you that Bitrix24 complies with GDPR and other regulations regarding the protection of personal data, ensuring the security and confidentiality of processed data.

Additionally, the User has the right to access their personal data processed by Bitrix24, as well as to correct, delete, limit processing, and object to the processing of personal data by that company.

X. Processing of Data Using Cookies and Other Internet Technologies

In connection with the User’s use of the Website, the Administrator also collects data contained in system logs, cookies, or uses other similar Internet technologies (e.g., codes, pixels, plugins). More information about the use of cookies and other Internet technologies can be found in the Cookie Policy.

XI. Changes to the Policy

The Administrator reserves the right to make changes to this policy, which may result from the need to adapt to changes in legal regulations or prevailing privacy standards or to expand our offer. Therefore, any changes will be communicated by the Administrator through appropriate notifications on their website.