{"id":351,"date":"2026-06-22T10:02:54","date_gmt":"2026-06-22T08:02:54","guid":{"rendered":"http:\/\/surfstories.local\/polityka-prywatnosci\/"},"modified":"2026-07-15T08:57:28","modified_gmt":"2026-07-15T06:57:28","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/surfstories.eu\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"351\" class=\"elementor elementor-351\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-8baf848 e-con-full e-flex e-con e-parent\" data-id=\"8baf848\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t<div class=\"elementor-element elementor-element-427b30f e-flex e-con-boxed e-con e-child\" data-id=\"427b30f\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6ef9598 ss-eyebrow elementor-widget elementor-widget-heading\" data-id=\"6ef9598\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Legal notice<\/h6>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4528d58 elementor-widget elementor-widget-heading\" data-id=\"4528d58\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Privacy Policy and Information Notice\n<\/h1>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ba0d358 e-con-full e-flex e-con e-parent\" data-id=\"ba0d358\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t<div class=\"elementor-element elementor-element-6d9a638 e-flex e-con-boxed e-con e-child\" data-id=\"6d9a638\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-db942e7 ss-legal elementor-widget elementor-widget-text-editor\" data-id=\"db942e7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>This document (\u201ePrivacy Policy\u201d) sets out the rules governing the processing and protection of Customers\u2019 personal data, as well as the rules governing the storage of and access to information on Customers\u2019 Devices via cookies.<\/p><h4>I. Definitions<\/h4><ol><li><strong>Administrator\u00a0<\/strong>\u2013 refers to the controller of customers\u2019 personal data \u2013 Wojciech Ratajczyk, trading as Przedsi\u0119biorstwo Innowacji PINI, with its registered office in Krak\u00f3w at 21\/23 Koszykarska Street, Tax Identification Number (NIP) 5631469140, email address:\u00a0<a href=\"mailto:contact@surfstories.eu\">contact@surfstories.eu<br \/><\/a><\/li><li><strong>Cookies\u00a0<\/strong>\u2013 refers to digital data, in particular small text files, which are saved and stored on the Devices through which the Customer uses the Website.<\/li><li><strong>Page\u00a0<\/strong>\u2013 refers to the Controller\u2019s website, hosted on the surfstories.eu domain<\/li><li><strong>Device\u00a0<\/strong>\u2013 means the electronic device through which the Customer accesses the Website.<\/li><li><strong>Customer\u00a0<\/strong>\u2013 means any Customer who uses the Website or contacts the Controller in any other way.<\/li><li><strong>GDPR\u00a0<\/strong>\u2013 refers to the European Union\u2019s General Data Protection Regulation 2016\/679 of 27 April 2016.<\/li><\/ol><h4>II. Protection of personal data<\/h4><ol><li>The Privacy Policy applies if you use the Controller\u2019s services, i.e. if you use the Website, contact the Controller, for example\u00a0via email or the form available on the Website, receive emails from the Controller, or contact the Controller by telephone.<\/li><li>Depending on the services you use, the Controller processes the following personal data: email address, first name and surname, address, company name and details, tax identification number, bank account number, telephone number, message content, and any other data provided by the Customer in connection with the service entrusted to the Controller or prior to the conclusion of a contract.<\/li><li>The Controller uses personal data to provide its services to Customers \u2013 to conclude a contract, as well as to receive and send emails in connection with the performance of the contract or prior to its conclusion. The legal basis for data processing is processing necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract (legal basis under Article 6(1)(b) of the GDPR), and in certain cases the legal basis may also be a specific provision of law which allows the Controller to process data in order to comply with a legal obligation \u2013 e.g. accounting and tax regulations (legal basis: Article 6(1)(c) of the GDPR).<\/li><li>The Controller requires the Customer to provide the personal data necessary for the performance of the contract \u2013 the provision of services or a reply to a message. If the Customer fails to provide this information, the Controller will be unable to provide the services or respond to the enquiry. Where required by law, for example under tax legislation, the Controller may also require the provision of other necessary data. Apart from the above cases, the provision of personal data by the Customer is voluntary.<\/li><li>The Data Controller entrusts the processing of personal data to service providers who carry out specific duties and functions on behalf of the Data Controller. The Controller discloses data to service providers for the purposes of: website support, email management, postal and courier services, data storage services, and the provision of legal services to the Controller. The Controller entrusts the service providers listed above only with such data as is necessary for the proper performance of services for or on behalf of the Controller. Where data is transferred, the Controller ensures that the service provider processes the data in accordance with security requirements and does not use the data for purposes other than the provision of services to the Controller.<\/li><li>The Controller does not disclose personal data to any entities other than the service providers described in the paragraph above, except where this is necessary in accordance with legal provisions or a decision by public authorities, or where it is necessary to establish, exercise or defend the Controller\u2019s rights.<\/li><li>The data controller does not transfer personal data outside the European Union.<\/li><li>The Controller processes Customers\u2019 personal data only for as long as is necessary for the proper performance of contracts with Customers, i.e. the provision of services and the pursuit of claims arising from the performance of the contract, as well as for the period required by the legal obligations imposed on the Controller (e.g. in relation to the fulfilment of tax and accounting obligations, in accordance with the relevant legislation, for a period of 5 years), strictly to the extent necessary.<\/li><li>The data controller ensures that appropriate technical and organisational measures are in place to safeguard personal data, in order to ensure an adequate level of security for the personal data being processed.<\/li><li>Customers have the right to access their personal data, including the right to request information about their data or to be provided with a copy of such data processed by the Controller.<\/li><li>Customers have the right to correct their personal data if it is incomplete, out of date or incorrect.<\/li><li>Customers have the right to object to the processing of their personal data by the Controller. \u201eMarketing\u201d objection \u2013 Customers have the right to object to the processing of their data for the purposes of direct marketing. Objection on grounds of a particular situation \u2013 The customer also has the right to object to the processing of their data on the basis of a legitimate interest for purposes other than direct marketing, as well as where the processing is necessary for the Controller to carry out a task carried out in the public interest. In such cases, the data subject must specify the particular circumstances justifying the Controller\u2019s cessation of the processing to which the objection relates. The Controller will cease to process the Customer\u2019s data for these purposes, unless it demonstrates that the grounds for the Controller\u2019s processing of the data override the Customer\u2019s rights, or that the data is necessary for the Controller to establish, exercise or defend legal claims.<\/li><li>Customers have the right to request that the Controller restrict the processing of their personal data.<\/li><li>Customers have the right to request the erasure of their personal data.<\/li><li>Customers have the right to request that their personal data be transferred to them or to a designated third party.<\/li><li>Customers have the right to lodge a complaint with the supervisory authority responsible for personal data protection: the Office for Personal Data Protection (UODO), ul. Stawki 2, 00-193 Warsaw, Poland, website:\u00a0<a href=\"http:\/\/www.uodo.gov.pl\/\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/www.uodo.gov.pl\/<br \/><\/a><\/li><li>The Data Controller does not carry out data profiling. The Data Controller does not automatically collect any information, with the exception of information contained in cookies, provided the Customer has given their consent.<\/li><\/ol><h4>III. Cookie Policy<\/h4><ol><li>The administrator collects information using cookies stored on customers\u2019 devices.<\/li><li>Cookies are IT data, specifically text files, which are stored on the Website User\u2019s device and are intended to facilitate the use of the Website. Cookies usually contain the name of the website from which they originate, their storage duration on the device, and a unique number. Cookies enable us to identify the software used by the Customer and to tailor the Website to the individual needs of each Customer.<\/li><li>The administrator collects information using cookies for the following purposes:<br \/>a) to tailor the services provided via the Website to the needs of Customers and to optimise the use of the Website;b) to compile general and anonymous statistics on Customers\u2019 use of the Website, using analytical tools that help us understand how Users interact with the Website, which enables us to improve the structure and content<\/li><li>The administrator collects information using the following categories of cookies:<br \/>a) temporary files, which usually remain on the Customer\u2019s Device until the web browser is closed. Once the browser is closed, the files are deleted. The Controller uses such cookies, amongst other things, to store the Customer\u2019s data. b) persistent cookies, which remain on the Customer\u2019s Device for a specified period or until the Customer deletes them. These files are not deleted when the browser is closed.<\/li><li>Using the Website without changing your web browser\u2019s cookie settings means that cookies will be stored on your device.<\/li><li>The customer may change their cookie settings at any time. The Customer may block or restrict the placement of cookies on their Device by changing their web browser settings. Detailed information on changing cookie settings is available in the settings of the web browser used by the Customer.<\/li><li>Disabling or restricting the option in your web browser that allows cookies to be stored does not prevent Customers from using the Website, but it may affect certain features available on the Website.<\/li><li>The above information will be processed for technical purposes relating to ensuring the proper functioning of the Website and for statistical purposes. The legal basis for data processing is the Controller\u2019s legitimate interest (pursuant to Article 6(1)(f) of the GDPR)<\/li><\/ol><h4>IV. Social media plugins<\/h4><ol><li>The Administrator uses technologies such as social media plugins, including the Facebook Social Plugin, which allow social media service providers to access the Customer\u2019s data. The Administrator\u2019s websites feature \u2018Like\u2019 and \u2018Recommend\/Share\u2019 buttons linked to Facebook. To this end, code referring to Facebook is embedded in the relevant sections and pages. By using the \u2018Like\u2019 button or recommending an image or section of the website, the user logs into Facebook, where Facebook\u2019s privacy policy applies. This policy can be viewed at:\u00a0<a href=\"https:\/\/pl-pl.facebook.com\/help\/cookies\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/pl-pl.facebook.com\/help\/cookies<\/a>. Detailed information on the scope and purpose of data processing via the Facebook Social Plugin can be found at the following link:\u00a0<a href=\"https:\/\/www.facebook.com\/full_data_use_policy\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/www.facebook.com\/full_data_use_policy<br \/><\/a>.<\/li><\/ol>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Informacja prawna Polityka prywatno\u015bci oraz klauzula informacyjna W\u00a0niniejszym dokumencie (\u201ePolityka Prywatno\u015bci\u201d) okre\u015blono zasady przetwarzania i\u00a0ochrony danych osobowych Klient\u00f3w oraz\u00a0zasady przechowywania i\u00a0dost\u0119pu do\u00a0informacji na\u00a0Urz\u0105dzeniach Klienta za\u00a0pomoc\u0105 plik\u00f3w Cookies. I. Definicje Administrator\u00a0&#8211; oznacza administratora danych osobowych Klient\u00f3w &#8211; Wojciech Ratajczyk, prowadz\u0105cym dzia\u0142alno\u015b\u0107 gospodarcz\u0105 pod\u00a0nazw\u0105 Przedsi\u0119biorstwo Innowacji PINI, z\u00a0siedzib\u0105 w\u00a0Krakowie przy ul.\u00a0Koszykarskiej 21\/23, NIP 5631469140, adres poczty elektronicznej:\u00a0contact@surfstories.eu [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"elementor_header_footer","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-351","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/pages\/351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/types\/page"}],"replies":[{"embeddable":true,"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/comments?post=351"}],"version-history":[{"count":6,"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/pages\/351\/revisions"}],"predecessor-version":[{"id":630,"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/pages\/351\/revisions\/630"}],"wp:attachment":[{"href":"https:\/\/surfstories.eu\/en\/wp-json\/wp\/v2\/media?parent=351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}