Legal information
Privacy Policy
Last updated: January 15, 2026
1. Data Controller
The controller of your personal data is Smartgainpl Sp. z o.o. with its registered office in Warsaw at ul. Marszalkowska 84/92, 00-514 Warsaw, registered in the National Court Register under number KRS 0000912345, NIP 5213891072, REGON 387654210. For matters related to personal data protection, you can contact us at: dane@smartgainpl.com.
2. Data We Collect
As part of our services, we process the following categories of personal data: first and last name provided in the contact form, email address necessary for return contact, message content describing your situation or inquiry, as well as technical data such as IP address, browser type, and operating system collected automatically when using the website. We do not collect sensitive data such as health information, religious beliefs, or political orientation.
3. Purposes of Data Processing
We process your personal data for the following purposes: responding to inquiries submitted via the contact form (legal basis: Art. 6(1)(b) GDPR — performance of a contract or pre-contractual actions), providing advisory services in finance and grants (legal basis: Art. 6(1)(b) GDPR), conducting web analytics to improve website quality (legal basis: Art. 6(1)(f) GDPR — legitimate interest of the controller), and fulfilling obligations under applicable law, including tax and accounting regulations (legal basis: Art. 6(1)(c) GDPR).
4. Data Retention Period
We retain personal data for the period necessary to fulfill the purposes for which it was collected. Contact form data is retained for 12 months from the date of last contact, unless cooperation is established — in which case data is retained for the entire duration of cooperation and for 5 years after its termination, in accordance with tax regulations. Analytical data is stored in anonymized form for up to 26 months.
5. User Rights
Under the GDPR, you have the following rights: the right to access your personal data and obtain a copy thereof, the right to rectify inaccurate or supplement incomplete data, the right to erasure (right to be forgotten), the right to restrict processing, the right to data portability, the right to object to processing based on legitimate interest, and the right to withdraw consent at any time without affecting the lawfulness of processing carried out prior to its withdrawal.
6. Data Recipients
Your personal data may be transferred to the following categories of recipients: hosting and IT service providers ensuring the technical infrastructure of our website, entities providing accounting and legal services for the controller, state authorities and other entities authorized under applicable law. We do not transfer personal data to third countries or international organizations outside the European Economic Area.
7. Data Security
We apply appropriate technical and organizational measures to protect processed personal data, in particular securing data against unauthorized disclosure, processing in violation of applicable regulations, and alteration, loss, damage, or destruction. Applied safeguards include: SSL/TLS encryption, regular software updates, access control to IT systems, and employee training in personal data protection.
8. Complaint to Supervisory Authority
If you believe that the processing of your personal data violates GDPR provisions, you have the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, website: https://uodo.gov.pl.
9. Changes to Privacy Policy
This Privacy Policy may be updated to adapt to changes in legislation or the controller's practices. We will inform you of significant changes through the website. We recommend regularly reviewing the content of the Privacy Policy.