my account

Privacy Policy

I. General Provisions

  1. This Privacy Policy defines the methods of collecting, processing, and storing personal data necessary to provide electronic services via the website at the domain ecssystems.cfolks.pl (hereinafter referred to as the “Service”).

  2. The controller of Users’ personal data is ELECTRONIC SOFTWARE CONTROL SYSTEMS Sp. z o.o., Hoża 86, unit 410, 00-682 Warsaw (hereinafter referred to as the “Controller”).

  3. Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).

  4. Data collected by the Controller will be:
    – processed lawfully,
    – collected for specified, legitimate purposes and not further processed in a manner incompatible with those purposes,
    – factually correct and adequate in relation to the purposes for which they are processed,
    – kept no longer than necessary for achieving the purposes of the processing.

II. Purpose and Legal Basis of Data Processing

  1. The Controller processes personal data necessary to provide and develop services available via the Service and its individual functionalities.

  2. Personal data will be processed for the following purposes:
    a. to register an account, verify the User’s identity, and perform the agreement for the provision of electronic services pursuant to the Act of 18 July 2002 on Providing Services by Electronic Means, in particular by enabling the User to use their account – based on acceptance of the Terms and Conditions (Article 6(1)(b) GDPR);
    b. to communicate with the User to provide necessary information and to build positive and reliable relations, which constitutes the Controller’s legitimate interest (Article 6(1)(f) GDPR);
    c. to promote the Controller’s own products and/or services and those of its Partners by sending marketing information (newsletter) by electronic means, provided that the User has consented to receive such notifications via email (Article 6(1)(a) GDPR);
    d. to provide access to industry news related to the Controller’s business, provided that the User has consented to receive such notifications via email (Article 6(1)(a) GDPR);
    e. for analytical and statistical purposes, based on the Controller’s legitimate interest in verifying User activity and preferences to optimize services, products, and the Service’s functionalities (Article 6(1)(f) GDPR);
    f. to establish, exercise or defend against legal claims, based on the Controller’s legitimate interest in protecting its rights (Article 6(1)(f) GDPR).

  3. In each of the above cases (section 2), providing data is voluntary but necessary to conclude an agreement or use other functionalities of the Service.

III. Duration of Personal Data Processing

  1. Personal data will be processed for the duration of the User’s activity within the Service (i.e., as long as the User holds an account) and afterward for the time necessary to comply with legal obligations or establish, exercise, or defend claims – but not longer than 3 years from the termination of the agreement for the provision of electronic services.

  2. Data processed based on consent will be processed until the consent is withdrawn. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

IV. Information on Data Processing

  1. Depending on the purpose of processing, personal data may be disclosed to:
    a. entities affiliated with the Controller,
    b. entities cooperating with the Controller,
    c. subcontractors, in particular entities providing and maintaining selected IT systems and solutions,
    d. entities handling online payments,
    e. courier and postal service providers,
    f. law firms.

  2. Personal data processed by the Controller will not be / may be transferred outside the European Economic Area or to international organizations.

V. Rights of Data Subjects

  1. The User has the right to:
    – access their personal data,
    – rectify the data,
    – delete the data,
    – restrict data processing,
    – data portability,
    – object to processing based on the Controller’s legitimate interest,
    – withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

  2. The User has the right to lodge a complaint with the President of the Personal Data Protection Office if they believe that the processing of their data violates their rights and freedoms.

  3. The processing of personal data does not involve automated decision-making, including profiling.

VI. Final Provisions

  1. The Controller reserves the right to amend this Privacy Policy while ensuring that the Users’ rights under this document are not limited.

  2. Users will be informed of any changes to the Privacy Policy through a notice available on the Service.

ESCsystems

© 2025 ESCsystems

Design by: adshock.pl

Regulations I Cookie policy