Privacy policy

1. Introduction

Protecting your privacy and ensuring the security of your personal data is our priority. We make every effort to ensure that personal data is processed in accordance with applicable laws, including the GDPR, the Polish Personal Data Protection Act, and other binding regulations. This Privacy Policy applies to the website www.wasilewski.legal.

Administrator:

Ronald Wasilewski, conducting business activity as Wasilewski Legal | Kancelaria Adwokacka Ronald Wasilewski, with its registered office at ul. W. Pytlasińskiego 8, 30-698 Kraków, TIN: 6793022122, in accordance with the principles of personal data protection.

Contact Information for the Administrator:

• Phone: +48 514 514 400
• Email: [email protected]

We undertake all reasonable measures to protect your data. Below, you will find information on how we process your personal data in compliance with data protection regulations and ensure data security in the following situations:

1. When you visit our website: www.wasilewski.legal;
2. Contact us through contact forms, chats, email, or directly share your data;
3. Opt-in to receive marketing materials;
4. Use recruitment forms or apply for positions;
5. View our social media profiles;
6. Participate in conferences, workshops, or online events organized by Wasilewski Legal;
7. Purchase products offered by Wasilewski Legal.

For full details regarding data processing, please refer to the extended sections of this Privacy Policy. If you have further questions or need assistance, feel free to contact us at [email protected].

2. Definitions

• Administrator – Ronald Wasilewski, conducting business activity as Wasilewski Legal | Kancelaria Adwokacka Ronald Wasilewski, registered at ul. Władysława Pytlasińskiego 8, 30-698 Kraków, TIN: 6793022122, REGON: 383251478.
• Personal Data – information that allows the identification of a physical person, both directly and indirectly. This includes unique traits related to physical, genetic, psychological, economic, social, or cultural identity. Examples of such data are IP addresses, geolocation data, online identifiers, and information collected via cookies and similar technologies.
• GDPR – the General Data Protection Regulation (EU) 2016/679 of the European Parliament and Council dated April 27, 2016, a regulation concerning the protection of physical persons regarding personal data processing and the free movement of such data, repealing Directive 95/46/EC.
• Service – the website available at www.wasilewski.legal, including all subdomains and applications associated with the activities of Wasilewski Legal.
• Policy – this Privacy Policy, applicable to the Service and the use of cookies.
• User – any person visiting the Service or using services offered by Wasilewski Legal.

For further information on data processing, cookies, and how we protect your rights, please refer to the subsequent sections of this Privacy Policy.

3. Principles of data processing

Wasilewski Legal processes personal data in accordance with the following principles, ensuring compliance with the law on personal data protection:

• legality, fairness, transparency, and purpose – Wasilewski Legal processes personal data in accordance with applicable legal provisions, ensuring fair and transparent processing. Data is processed in a lawful, clear, and transparent manner and solely for the specific purpose for which it was collected. Each data processing operation is based on a legitimate purpose, ensuring compliance with regulations and transparency in all activities.
• accuracy of data – The firm makes every effort to ensure that personal data is accurate, up-to-date, and reflects the actual state. Regular data verification prevents errors and ensures the reliability of processing.
• data minimization – Wasilewski Legal limits the processing of personal data exclusively to what is necessary to fulfill clearly defined purposes. This principle reduces the amount of data collected, providing better privacy protection.
• security and confidentiality – Wasilewski Legal employs a broad range of technical and organizational security measures to protect data from unauthorized access, accidental loss, modification, or destruction. This includes both IT systems and internal procedures to ensure confidentiality, integrity, and security during data processing.
• accountability – Wasilewski Legal ensures accountability in personal data processing. This means that every data operation is monitored and recorded, and Wasilewski Legal can demonstrate compliance with legal data protection obligations at every stage. Regular audits and reviews are conducted to ensure the adequacy of the measures applied in the context of evolving legal standards.
• storage limitation – Personal data is stored only for the time necessary to achieve the purpose for which it was collected, unless longer storage periods are required by law.
• collaboration with third parties – We cooperate only with third parties who ensure an adequate level of data security. We ensure that data entrusted to external entities is processed in accordance with the highest security standards.

4. Scope, purpose, and legal basis for processing personal data

Wasilewski Legal processes personal data for the following purposes:

• providing online services – Wasilewski Legal processes personal data to provide users access to the content shown on the website. In this case, the legal basis for data processing is the necessity of processing to perform a contract (Article 6(1)(b) of GDPR).
• responding to user inquiries – Wasilewski Legal processes data to answer inquiries submitted through various contact forms available on the website or via the provided contact details. In cases where the inquiry relates to a specific matter, the processing is based on the legitimate interest of the administrator (Article 6(1)(f) of GDPR).
• analytics and statistics – User data is used to monitor website activity and preferences, enabling detailed analysis. This allows Wasilewski Legal to continuously improve the website’s functionality and enhance the quality of services. Data processing is based on the legitimate interest of the administrator (Article 6(1)(f) of GDPR). Additionally, data may be processed to prepare personalized service or product offers at the user’s request. This is necessary for taking steps before entering into a contract (Article 6(1)(b) of GDPR).
• concluding agreements for electronically provided services – Data is processed to execute agreements necessary for the provision of services in accordance with the terms of the contract (Article 6(1)(b) of GDPR).
• establishing, asserting, and defending claims – In the event of potential legal disputes, data may be used to establish and assert claims or defend against them. This is in line with the legitimate interest of the administrator, which includes securing their legal rights (Article 6(1)(f) of GDPR).
• registration for training/webinars – When registering for free webinars organized by Wasilewski Legal, data is processed to manage registration and attendance (Article 6(1)(b) of GDPR). This also applies to paid training sessions, for which contractual terms apply.
• for marketing purposes – Based on your consent, data may be used for marketing purposes. This does not involve business relations or sharing data with third parties when collected for delivering marketing messages. Processing is conducted under Article 6(1)(a) of GDPR.
• Data Archiving and Backup Creation – To ensure proper data security, Wasilewski Legal carries out archiving and creates backup copies. Processing for this purpose is based on both legal obligations and our legitimate interests (Article 6(1)(c) and (f) of GDPR).
• For Financial Obligations Arising from Agreements – Data is processed to meet legal obligations, particularly those deriving from tax and accounting regulations (Article 6(1)(c) of GDPR).

In case you contact the Administrator via email on matters not related to agreements or services, your personal data will only be processed to respond and resolve the issue mentioned in your message.

4.1 Scope of data processing during website use

When using the website, Wasilewski Legal processes personal data, such as IP addresses and other identifiers, as well as information collected via cookies and similar technologies. This data is used exclusively for the purposes for which it was originally collected and includes:

• IP addresses,
• information from cookies and similar technologies,
• anonymized data about browsers and devices,
• anonymized traffic data on the website, including page visits,
• data regarding conversions and interactions with content,
• approximate geolocation,
• data about user behavior on the website.

This data is processed for purposes such as ensuring the website’s functionality, optimizing its performance, and for analytical and marketing purposes. The processing is based on the legitimate interest of the Administrator (Art. 6(1)(f) GDPR). Data is processed until a valid objection is raised by the data subject or until it is no longer needed.

4.2 Scope of data processing for contact and marketing purposes

If you choose to contact us using any of the forms provided on the website, email, phone, traditional mail, or in person, and grant us the right to contact you (e.g., for marketing purposes with your consent or in the context of business relations), we process the data you provide as needed to respond to your inquiry or establish a business relationship. This includes data such as your email address, name, or IP address collected when using the form. These activities include:

1. Based on our legitimate interest, we process data to:
   
   1. respond to your inquiries and maintain ongoing contact,
   2. address your request for contact in a specific matter,
   3. provide direct marketing for our products and services during an existing business relationship,
   4. archive and create backups, in compliance with data protection obligations.
2. Based on your consent, for marketing purposes, if unrelated to an existing business relationship or for data provided to third parties.

Providing data is voluntary but may be necessary for us to address your inquiry or maintain contact with you.

4.3 Cookies and related technologies

Wasilewski Legal’s use of cookies Wasilewski Legal uses cookies primarily to provide online services in accordance with data processing principles. The data collected by cookies is anonymous and supports statistical analysis to optimize website functionality and reduce the number of displayed ads.

Scope of collected information

We collect data related to user interactions with the website, such as:

• dates,
• visit durations,
• device types,
• and IP addresses.

This information is anonymized and solely used to improve website performance.

Purposes of cookie use:

1. Content Personalization – Adjusting website content based on user preferences for a seamless experience.
2. Traffic Analytics – Using Google Analytics for insights.

Cookie Types:

Necessary + Marketing or Security Detailed Draft with bullets + Anchors and more struct

4.4 Google Analytics and other analytical tools

Use of analytical tools

The administrator uses various tools and solutions for analytical purposes. Below, we provide key information about these tools. Detailed data collection policies can be found in the respective data privacy policies of each partner.

• Google Analytics
  Wasilewski Legal uses Google Analytics to analyze web activity. The tool collects anonymous information, including IP addresses, browser details, session durations, and visited pages. Users can manage their cookie preferences in browser settings. Further information on Google Analytics data collection can be found here.
• Meta Pixel
  Wasilewski Legal utilizes Meta Pixel for marketing optimization. This tool, owned by Meta Platforms Ireland, tracks interactions such as clicks, visits, and purchases. The collected data remains anonymized, enhancing advertising efficiency and content targeting. Details on Meta Pixel can be accessed here.

4.5 Processing Data in connection with social media use

Wasilewski Legal operates profiles on social media platforms such as Facebook (Meta), LinkedIn, TikTok, Instagram (Meta), and YouTube. These profiles serve promotional, educational, communication, and marketing purposes.

Wasilewski Legal processes the personal data of users who:

• Subscribe to Wasilewski Legal’s profiles by clicking options such as “Like,” “Follow,” “Subscribe,” etc.,
• Engage with content on Wasilewski Legal’s profiles by liking, commenting, sharing, or reacting,
• Send messages through private communication functions available on these platforms.

The types of data processed may include, but are not limited to, names, email addresses, profile pictures, demographic information, and any publicly accessible content or data included in private messages. Providing such information is voluntary but necessary to engage in interactions via social media platforms. Wasilewski Legal’s access to these data is limited to aggregated, anonymized reports on campaign effectiveness and post reach.

In this context, the administrators of your data also include Meta Platforms Ireland Limited (responsible for Facebook and Instagram), LinkedIn Ireland Unlimited Company, TikTok Technology Limited, and YouTube. The specific privacy policies for these platforms can be accessed at the links below:

• Facebook: Privacy Policy
• Instagram: Privacy Policy
• TikTok: Privacy Policy
• LinkedIn: Privacy Policy
• YouTube: Privacy Policy

Scope of data processing:

• Facebook – Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland – Wasilewski Legal accesses only aggregated statistical data about its page, which includes metrics such as the number of followers, page likes, user demographics (age and gender distribution), and geographic data (city and country). We also collect data on page and post reach, including the number of likes, reactions, comments, shares, clicks on links, and aggregated, anonymized reports related to campaigns conducted through Facebook’s self-service advertising system.
• Instagram – Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland – Wasilewski Legal accesses aggregated statistical data about its profile, including the number of followers, user demographics (e.g., age, gender, and geographic distribution), and engagement metrics such as likes, comments, shares, and link clicks on posted content. Instagram also allows us to obtain anonymized reports on post reach and campaign effectiveness through its tools. LinkedIn – LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, United States – On this platform, Wasilewski Legal accesses statistical data for specific timeframes, including the number of visitors to our profile, the number of followers and connections, and reactions to published content. We also collect data on comments, shares, and private messages sent through LinkedIn. The data available to us may include information such as names, images, job titles, professional backgrounds, and—if related to corporate profiles—average employment figures and professional roles.
• TikTok – TikTok Technology Limited, headquartered in the Republic of Ireland at 10 Earlsfort Terrace, Dublin, D02 T380, Ireland – Wasilewski Legal accesses aggregated statistical data about its profile, such as the number of followers, user demographics (age, gender, geographic distribution), and engagement metrics including likes, comments, shares, and video views. Anonymized reports on post reach and campaign effectiveness are also available through TikTok’s analytics tools.
• YouTube – Google LLC, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA – Wasilewski Legal accesses aggregated statistical data provided by YouTube, which includes metrics such as the number of subscribers, video views, user demographics (e.g., age, gender, geographic distribution), and engagement data such as likes, comments, shares, and link clicks. Reports on post reach and campaign effectiveness conducted via YouTube’s tools are also available.

4.6. Scope of data processing related to participation in events organized by Wasilewski Legal

Wasilewski Legal will process your personal data to facilitate your registration and participation in events such as conferences, workshops, or webinars. This includes sending you information about the event agenda and other important details. The legal basis for processing your data is our legitimate interest in organizing events and ensuring participants have full access to all components.

When registering for conferences, workshops, or webinars, we may collect data such as your name, company name (if applicable), email address, and Tax Identification Number (TIN, if required).

This data will be used for the following purposes:

• Responding to inquiries related to the organization of conferences, workshops, or webinars.
• Confirming registrations for conferences, workshops, or webinars by sending appropriate notifications.
• Sending reminders to participants about upcoming events for which they have registered.

The processing of this information is based on Wasilewski Legal’s legitimate interest in organizing free events such as conferences, workshops, or webinars for promotional and educational purposes to showcase our services or raise awareness of legal matters.

For paid events, in addition to the aforementioned data, Wasilewski Legal will also process your surname, business registration number (if applicable), and bank account details. Additional information necessary for proper payment settlement and participation in the event may also be processed. The processing of data for paid events is based on the necessity of fulfilling the contract.

Providing personal data is voluntary but may be required to participate in conferences, workshops, or webinars. For paid events, the provision of data is essential to conclude and execute the contract. Failure to provide the necessary data may result in the inability to register or attend the event.

4.7. Scope of data processing related to applications for positions or internships at Wasilewski Legal

Your personal data will be processed for the following purposes:

• Assessing your qualifications for the position you are applying for or your participation in a student internship program.
• Verifying your skills and competencies required for the position you are seeking.
• Selecting a suitable candidate for employment or an internship at Wasilewski Legal.

If you provide additional consent, your data may also be processed for future recruitment processes.

Legal Basis for processing your personal data:

• legal obligation – In accordance with Article 22(1) § 1 of the Polish Labor Code, and the necessity of processing data to conclude an employment contract. This applies to data such as your name, date of birth, contact details, educational background, professional qualifications, and previous work experience.
• necessity of processing – Data processing is essential to prepare an employment or internship agreement. consent for processing – If you voluntarily decide to provide additional data beyond the standard scope (e.g., name, date of birth, contact details, educational background, qualifications, employment history), it will be processed based on your explicit consent.
• legitimate interest of the administrator – This includes processing data collected during recruitment interviews. The purpose is to evaluate your skills and competencies and determine whether you are the best-suited candidate for the position or internship. Data processed under this basis is used solely for recruitment purposes.
• consent for future recruitment – Your data may be processed for purposes related to future recruitment processes if you have explicitly consented to this.

4.8. Scope of data processing related to cooperation with suppliers and contractors

When Wasilewski Legal cooperates with suppliers or contractors, we process the personal data of designated representatives and members of their staff. This pertains to individuals who enter into agreements on behalf of these entities, participate in the performance of contracts, or are in contact with us as part of the cooperation.

If you are a representative or employee of our supplier or contractor, Wasilewski Legal processes your personal data provided by your employer or contractor, such as your name, surname, company name, the entity you work for, the task you perform, your position, and contact information.

The data is processed for the following purposes:

1. execution and settlement of contracts – Based on the necessity of processing data for the fulfillment of the contract (Article 6(1)(b) of GDPR) or the legitimate interest of the Administrator to ensure the proper execution of obligations arising from the contract (Article 6(1)(f) of GDPR).
2. establishing and maintaining business relationships – Based on the legitimate interest of the Administrator, which is the management of relationships with suppliers and contractors (Article 6(1)(f) of GDPR).
3. conducting marketing activities related to our products and services – Based on the Administrator’s legitimate interest in promoting and marketing its products and services (Article 6(1)(f) of GDPR), while ensuring compliance with applicable legal requirements.
4. compliance with legal obligations, particularly tax and accounting obligations – Based on the legitimate interest of the Administrator, which involves adhering to applicable laws associated with a given contract (Article 6(1)(f) of GDPR).
5. potential legal claims or disputes – Based on the Administrator’s legitimate interest in protecting and asserting its rights, as well as fulfilling obligations related to compliance with legal standards and regulations on data protection (Article 6(1)(f) of GDPR).

Transfer of personal data outside the european economic area (EEA)

The Administrator uses stripe payments Europe, Ltd., located at the one building, 1 Grand Canal Street Lower, Dublin 2, Ireland, for the purpose of processing online payments via the website. Stripe processes personal data, such as first and last name, email address, payment card number (processed solely by Stripe), IP address, and transaction details, for the authorization and execution of payment transactions. Stripe acts as a data processor on behalf of the Administrator in accordance with GDPR regulations. For more detailed information about Stripe’s data processing practices, please refer to the Stripe Privacy Policy.

Stripe complies with the PCI-DSS (Payment Card Industry Data Security Standard), ensuring the security of transaction data. All information transmitted to Stripe is encrypted and processed in accordance with the highest security standards. Stripe may retain personal data for the period necessary to complete transactions and fulfill legal obligations stemming from tax and accounting regulations.

Data shared with stripe includes:

• First and last name,
• Email address,
• Payment card details (processed exclusively by Stripe),
• IP address,
• Transaction details (e.g., amount, transaction date).

Data Security

Stripe employs advanced security measures to protect data from unauthorized access, use, or disclosure. Data transmission to Stripe is based on Article 6(1)(b) of GDPR (necessity for the performance of a contract) and Article 6(1)(f) of GDPR (legitimate interest of the Administrator in providing secure and efficient payment systems).

Stripe may share data with its affiliates and third-party service providers to process payments and ensure security. The Administrator guarantees that Stripe meets all GDPR requirements, including in cases of data transfers outside the European Economic Area (EEA), by applying appropriate security mechanisms and safeguards.

4.9. Scope of data processing related to complaints or withdrawal from agreements

What data is processed?

• Email address,
• First and last name,
• Address,
• Invoice address,
• Telephone number,
• Name of the company and TAX ID (VAT,if applicable),
• Bank account details.

Personal data is processed for the following purposes:

• Execution of complaint procedures or the right to withdraw from the agreement – in accordance with Article 6(1)(c) of the GDPR, for the time necessary to complete the complaint process or withdrawal from the agreement.
• Archiving of documentation related to complaints or withdrawal from agreements – in accordance with Article 6(1)(f) of the GDPR, based on the legitimate interest of the Administrator, which is the ability to document the content and processing of complaints for the period of claim limitation (typically 3 to 6 years, extended by an additional year depending on the status of the individual – entrepreneur or consumer).

5. Manychat

Manychat is a tool designed to automate communication, allowing for the creation of automatic messages to users, conducting campaigns, and interacting with users. Wasilewski Legal uses it for direct marketing through platforms such as Instagram and Facebook, as discussed earlier.

Wasilewski Legal can send automated messages only if you have provided your consent upon receiving the first message through Manychat. If you do not provide consent, no further automated messages will be sent. You can withdraw your consent at any time.

Manychat may process the following user data:

• IP address,
• Email address,
• First and last name,
• Information available on public profiles of social media platforms,
• Data exchanged during conversations,
• Information contained in cookies and other similar technologies (e.g., statistical data, user behavior, approximate location, etc.).

The processing of data by Manychat is based on a data processing agreement between the Administrator and Manychat. In some cases, Manychat may also act as an administrator. Personal data may also be transferred outside the EEA, where Manychat ensures a level of data protection compliant with GDPR requirements.

Below you will find essential documents:

• Agreement between the Administrator and Manychat
• Privacy Policy
• Data Processing Agreement between the Administrator and Manychat
• Sub-processing by Manychat of Personal Data

6. Data processing period

Personal data will be processed until the conclusion of activities related to the legitimate legal interests of the Administrator, the expiration of claims connected to contracts or obligations, or the fulfillment of statutory obligations. Processing may also end upon objection to the processing of personal data for marketing purposes. In the case of newsletters and similar communications, data will be processed until consent is withdrawn or an objection is raised against further transmission.

7. Sharing personal data with third parties

Recipients of your personal data may include entities directly or indirectly related to Wasilewski Legal, as well as third parties, including service providers located within the European Union. This may include:

• External service providers such as IT companies (e.g., cloud computing), call center service providers, marketing and promotional entities, and others processing data for Wasilewski Legal under processing agreements.
• Professional consultants and organizations including accountants, translators, auditors, legal advisers, tax consultants, administrative bodies, courts, and law enforcement agencies.

Your data will primarily be processed within Poland or other locations related to Wasilewski Legal’s activities. It will not be transferred outside the European Union. If such a transfer is necessary, appropriate security measures in compliance with the GDPR and Polish regulations will be ensured.

Wasilewski Legal may entrust data processing to other law firms and suppliers. These entities are contractually bound to maintain confidentiality and adhere to data protection standards, ensuring compliance with GDPR regulations and specific instructions provided by Wasilewski Legal.

8. Sharing personal data with third-party entities

Your personal data may be transferred outside of Poland to locations where Wasilewski Legal operates, including countries outside the European Economic Area (EEA). If your data is transferred to such countries, which may not guarantee the same level of data protection as the EEA, Wasilewski Legal will ensure privacy and confidentiality by applying proper legal grounds and implementing appropriate security measures as required by GDPR.

9. User rights

Under the GDPR, you have a range of rights concerning the processing of your personal data. Please note that not all rights apply in every situation; their applicability depends on the context of the data processing. To exercise these rights or seek assistance, you may contact us at [email protected].

Your rights include:

• Withdrawal of consent – Withdraw your consent to data processing at any time without providing a reason (Article 7(3) of GDPR).
• Access to personal data – Request access to your personal data and receive information on how it is processed (Article 15 of GDPR).
• Data copy – Obtain a copy of your processed personal data in a structured, commonly used, and machine-readable format (Article 15(3) of GDPR).
• Correction of data – Correct or complete personal data that is inaccurate or incomplete (Article 16 of GDPR). Deletion of data – Exercise your right to be forgotten (Article 17 of GDPR).
• Restriction of processing – Request a restriction on data processing under specific circumstances (Article 18 of GDPR). Data portability – Request the transfer of your personal data to another administrator (Article 20 of GDPR). Objection to processing – Object to data processing, particularly for marketing purposes (Article 21 of GDPR).
• Complaint to a supervisory authority – File a complaint with the appropriate supervisory authority if you believe your data is being processed unlawfully. In Poland, this is the President of the Personal Data Protection Office, based in Warsaw (Article 77 of GDPR).

10. Privacy Policy Changes

As the administrator, I reserve the right to modify or supplement this Privacy Policy if necessary, e.g., due to changes in legal regulations, organizational adjustments, or technical updates.

Date of Last Policy Update: 24.10.2024

11. Final Provisions

All materials available on this website, including the content of this Policy, are protected by copyright law, in accordance with the Act of February 4, 1994, on Copyright and Related Rights. Unauthorized use of content published on the website or in the store, beyond the scope of permissible personal use, may result in civil or criminal liability, including claims for damages or compensation.

12. Contact with the Administrator

For any questions or requests related to the processing of personal data, please contact: [email protected]