Privacy policy


Information on data protection

From May 25, 2018, in the field of data protection throughout Europe, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (in short: GDPR). The following information on data protection contains content related to the Apical Consulting sp.z o.o. based in Katowice, the processing of personal data within the meaning of the GDPR.

For the purposes of this Privacy Policy, a User is considered to be any entity that has performed any activity on the Internet platform available at (hereinafter: the Platform) that requires providing personal data.

I. General information
  1. The administrator of personal data collected via the website:, is Apical Consulting sp. z o.o .. with headquarters in Katowice, address: 40-229 Katowice, ul. Gabriela Hałubki 2/31, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Katowice-Wschód in Katowice, 8th Commercial Division of the National Court Register under the KRS number: 0000846370, NIP: 9542815772, REGON: 38631512100000.
  2. Data protection is carried out in accordance with the requirements of generally applicable law, in particular the Act of May 10, 2018 on the protection of personal data, the Act of July 18, 2002 on the provision of electronic services, and the Regulation of the European Parliament and the Council (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (“GDPR”).
  3. To ensure the greatest possible security, we use:
    • The places of logging in and entering personal data are protected at the transmission layer (SSL certificate). As a result, personal data and login data entered on the website are encrypted on the user’s computer and can only be read on the target server.
    • User passwords are stored in a hashed form. The hash function works in one direction – it is not possible to reverse its operation, which is the modern standard for storing user passwords.
    • The operator changes his administrative passwords periodically.
    • In order to protect data, the Operator regularly makes backup copies.
    • An important element of data protection is regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.
    • Personal data provided in the contact form are treated as confidential and are not visible to unauthorized persons.
    • The administrator has not appointed a Personal Data Protection Officer.
II. Data administration
  1. If the User uses the contact form on the Platform or sends an e-mail to the address of the employees of Apical Consulting sp.z o.o. provided on the Platform, the Administrator will process User’s data such as: name, surname, e-mail address, telephone number and other data if provided by the User, in particular: address, IP address, company name and tax identification number. </ li>
  2. Apical Consulting sp.z o.o. is also the administrator of personal data subscribed to the newsletter.
  3. The administrator does not process special categories of data.
III. The purposes of processing personal data, the legal basis and the Controller’s legitimate interest
  1. There are the following purposes of processing Users’ data:
    1. making contact in order to shape the content of the Agreement, its amendment or termination, as well as providing the necessary information and explanations related to the subject of services provided by Apical Consulting sp.z o.o.,
    2. proper implementation of services provided by Apical Consulting sp.z o.o. by electronic means,
    3. direct marketing of the services offered other than the newsletter,
    4. newsletter subscription,
  2. Data is collected only in an adequate, necessary and necessary scope in relation to the purposes for which they are processed.
  3. The legal basis for the processing of data referred to in point 1 is art. 6 sec. 1 letter a), b), c) and f) of the GDPR, which means that data processing is justified in the case of:
    1. obtaining the consent of the data subject;
    2. when it is necessary for the performance of a contract to which the data subject is party, or to take steps at the request of the data subject prior to entering into a contract;
    3. processing is necessary to fulfill the legal obligation incumbent on the controller;
    4. when it is necessary for the purposes of the legitimate interests pursued by the administrator or by a third party, with exceptions provided for in the GDPR.
  4. Providing personal data by the User is not obligatory, however, failure to do so will make it impossible to provide services provided by the Administrator.
  5. The recipients of the User’s personal data are, in particular, entities authorized under the law (including competent tax authorities, other state administration bodies – courts, prosecutor’s office, police, bailiff), an entity providing legal services to the Administrator and an accounting office keeping the Administrator’s accounts.
  6. The User’s data will be processed by the Administrator until the basis for their processing ceases to exist, i.e .:
    1. in the case of granting consent until its withdrawal, restriction or other actions of the User limiting this consent,
    2. in the case of the necessity of data for the performance of the contract, for the duration of its performance and until the expiry of the limitation of claims arising from this contract,
    3. if the basis for data processing is the legitimate interest of the Administrator, until the User submits an effective objection or the legitimate interest of the Administrator ceases, e.g. the expiry of the limitation period for claims,
    4. for tax and accounting purposes to the extent and for a period consistent with applicable regulations.
IV. User rights
  1. In addition to the right to withdraw consent to data processing, Users, if the statutory conditions are met, have the following rights:
    1. the right to access the stored personal data, in particular Users can obtain information about the purpose of processing, categories of personal data, categories of recipients to whom their personal data have been or will be made available, the planned period of storage,
    2. the right to rectify incorrect or complete data,
    3. the right to delete stored personal data, unless there are contractual retention periods or the Administrator is not obliged to comply with other statutory obligations or has no authority to exercise statutory rights in this regard,
    4. the right to limit data processing;
    5. the right to transfer data, i.e. the right to send, at the request of the User, data stored by the Administrator in a popular, machine format or request to transfer data to another Administrator,
    6. the right to lodge a complaint with the supervisory authority. As a rule, you can contact the supervisory authority competent for the usual place of residence or workplace or for the registered office of the Administrator.
  2. Under the conditions specified in Art. 21 sec. 1 of the GDPR, the User may object to the processing of data for reasons related to the specific situation of the data subject.
  3. The right of objection referred to in point 2 applies for all processing purposes indicated in this data protection information, insofar as these data are processed on the basis of Article 6 para. 1 letter f) of the GDPR.
  4. The user always has the right to withdraw the consent given. The consequence of withdrawal of consent by the User is not the ineffectiveness of data processing based on properly granted consent until its withdrawal.
V. Information about cookies
  1. The entity that places information in the form of cookies (so-called cookies) and other similar technologies on the end device (e.g. computer, laptop, smartphone) and accesses them is the Administrator.
  2. Cookies are IT data, in particular text files, which are stored on the end device of each User. Cookies contain the name of the website domain they come from, the storage time on the end device and a unique name. The cookies store information that is often necessary for the proper functioning of the website. A unique number that identifies the user’s device may be stored in cookies, but the User’s identity is not determined on its basis.
  3. The Administrator uses cookies and other similar technologies to provide services and ensure the safety of Users (e.g. in the field of detection of fraud in the field of authentication).
  4. Due to the lifetime of cookies and other similar technologies, the Administrator uses one type of these files, the so-called “Session”, i.e. temporary files stored on the User’s end device until they leave the website. These types of cookies do not collect any information about the User that could be used for marketing purposes, nor do they remember the places visited by the User on the Internet.
VI. Securing personal data
  1. The Administrator makes every effort to provide Users with a high level of security in the processing of their personal data and for this purpose:
    1. uses technical and organizational measures required by law, in particular with regard to the security of personal data processing;
    2. applies measures ensuring the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
    3. provides Users with a secure and encrypted connection when transmitting personal data.
VII. Making contact with the Administrator
  1. The User may contact the Administrator in several ways. It is possible to contact us by e-mail, telephone or via traditional mail. If the User contacts the Administrator, the personal data that he voluntarily provides in connection with this, the Administrator uses only to contact the User and handle his inquiry.
  2. If you want to contact the Administrator, use the contact details provided below:
    1. correspondence address: 40-229 Katowice, Gabriela Hałubki 2/31
    2. email address:
    3. telephone number: (+48) 730 303 918