PRIVACY

Policy

§ 1 General Information

  1. This Privacy and Cookies Policy defines the principles for processing personal data and the use of cookies and other tracking technologies in connection with the use of the website www.p-beep.com (hereinafter referred to as the “Service”).   
     
  2. The controller of personal data processed through the Service is Innovative Tomorrow Grzegorz Poźniak, conducting business activity at the address: ul. Michałowskiego 19, 59-300 Lubin, Poland, NIP: 6922447681 (hereinafter referred to as the “Controller”).
  3. Contact with the Controller regarding personal data protection is possible via the e-mail address: hello@p-beep.com.
  4. The Controller takes special care to protect the interests of the data subjects, and in particular, ensures that the data collected by him are processed lawfully; collected for specified, lawful purposes and not subjected to further processing incompatible with those purposes; factually correct and adequate in relation to the purposes for which they are processed; and stored in a form which permits identification of data subjects for no longer than is necessary to achieve the purpose of the processing.   
     
     
     
     
  5. This policy complies with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”.   
     
     
     

§ 2 Types of personal data collected

  1. While using the Service, the Controller may collect the following personal data: a) Data provided voluntarily by users in forms (contact, consultation, testing): * First name and last name, * E-mail address, * Phone number. b) Data collected automatically during a visit to the Service (via cookies and other technologies): * IP address, * Approximate geolocation data, * Demographic data (e.g., age, gender – if provided by analytical tools), * Information about interaction with the Service (e.g., clicks, visited subpages, time spent on the site, navigation path, user session recordings), * Information about the user’s end device (e.g., browser type, operating system), * Source of visit to the Service.

§ 3 Methods of data collection

  1. Personal data are collected: a) Directly from the user – by filling out forms available on the Service (contact form, consultation form, testing form). Providing this data is voluntary but necessary to achieve the purpose for which the form was made available (e.g., responding to an inquiry, scheduling a consultation, conducting tests). b) Automatically – during the use of the Service, using cookies and similar tracking technologies (more information in § 8).

§ 4 Purposes and legal bases for data processing

  1. Users’ personal data are processed for the following purposes and on the following legal bases: a) Handling inquiries, requests for consultation, or submissions for testing sent via forms: Data provided in the forms (name, surname, e-mail, phone) are processed to respond to the inquiry, process the consultation request, or handle the testing submission. The legal basis for processing is: * Art. 6(1)(f) GDPR (legitimate interest of the Controller consisting in communication with Service users and responding to their inquiries/submissions), or * Art. 6(1)(b) GDPR (taking steps at the request of the data subject prior to entering into a contract or for the performance of a contract – if the inquiry/consultation/tests are aimed at establishing cooperation or performing a contract). b) Analytical and statistical purposes: Data collected automatically (IP address, geolocation, demographic data, interactions with the service, device data) are processed to analyze traffic on the Service, understand user behavior, optimize the Service’s operation, and create statistics. The legal basis for processing is Art. 6(1)(a) GDPR (user consent expressed through cookie settings). c) Marketing purposes: Data collected automatically may be used for marketing purposes, including remarketing (displaying ads to users who visited the Service on other websites). The legal basis for processing is Art. 6(1)(a) GDPR (user consent expressed through cookie settings). d) Ensuring the security of the Service: IP addresses and other technical data may be processed to ensure the security of the IT infrastructure and detect abuse. The legal basis is Art. 6(1)(f) GDPR (legitimate interest of the Controller).   
     

§ 5 Recipients of personal data and data transfer outside the EEA

  1. Users’ personal data may be disclosed to the following categories of recipients: a) Providers of technical and analytical services that enable the functioning of the Service and traffic analysis (e.g., hosting providers, providers of analytical and marketing tools). b) Social media platform providers (Facebook, Instagram, LinkedIn). c) Entities authorized under applicable law (e.g., courts, law enforcement authorities). d) Other entities, if necessary for the realization of processing purposes and the user has consented to it or it results from legal provisions.
  2. The Controller uses tools provided by entities that may be based outside the European Economic Area (EEA), particularly in the United States (e.g., providers of analytical, marketing, cloud services).
  3. Transfer of data outside the EEA takes place with an adequate level of protection ensured, primarily through: a) application of standard contractual clauses issued by the European Commission, b) participation of these entities in programs ensuring an adequate level of protection approved by the European Commission (e.g., EU-US Data Privacy Framework), c) cooperation with entities processing personal data in countries for which an adequacy decision has been issued by the European Commission stating an adequate level of protection.

§ 6 Data retention period

  1. Personal data will be stored for the period necessary to achieve the purposes for which they were collected: a) Data from contact/consultation/testing forms: for the period necessary to conduct correspondence, provide a response, perform the consultation service, or conduct tests, and after that time for the period required by law or until the expiry of the limitation period for any claims. If the user requests data deletion, they will be deleted unless the law requires their further storage. b) Data processed based on consent (analytical, marketing purposes): until the user withdraws consent or until the data is no longer needed for the purpose (e.g., data from cookies according to their lifespan – see § 8). c) Data processed based on legitimate interest: until the user effectively objects or the interest ceases.

§ 7 Rights of data subjects

  1. In connection with the processing of personal data by the Controller, users have the following rights under the GDPR: a) Right of access to their data (Art. 15 GDPR) – to obtain information about the processed data and receive a copy of them. b) Right to rectification (correction) of their data (Art. 16 GDPR) – to request correction of inaccurate data or completion of incomplete data. c) Right to erasure of data (“right to be forgotten”) (Art. 17 GDPR) – to request the deletion of data if there is no longer a legal basis for their processing. d) Right to restriction of data processing (Art. 18 GDPR) – to request the restriction of data processing in specific cases (e.g., when the accuracy of the data is contested). e) Right to data portability (Art. 20 GDPR) – to receive the provided data in a structured, commonly used and machine-readable format and to transmit those data to another controller (applies to data processed based on consent or contract by automated means). f) Right to object (Art. 21 GDPR) – to object to the processing of data based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR), including profiling. In the case of an objection to direct marketing, the objection is always effective. g) Right to withdraw consent (Art. 7(3) GDPR) – to withdraw consent for data processing at any time if processing is based on consent (this does not affect the lawfulness of processing carried out before withdrawal). Consent for cookies can be withdrawn by changing browser settings or using the cookie consent management tool (if available on the Service). h) Right to lodge a complaint with a supervisory authority – the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw), if the user considers that the processing of their personal data violates the provisions of the GDPR.   
     
  2. To exercise their rights, the user should contact the Controller at the e-mail address: hello@p-beep.com. A response will be provided within the timeframe stipulated by the GDPR (generally within one month).

§ 8 Cookie Policy

  1. What are cookies? Cookies are small text files saved on the user’s end device (computer, tablet, smartphone) while Browse websites. They usually contain the name of the website they come from, their storage time, and a unique number.
  2. Purpose of using cookies: The Controller uses cookies and similar technologies for the following purposes: a) Analytical and statistical: Collecting anonymous, aggregated statistics about how the Service is used, which helps understand user preferences and improve the structure and content of the Service. Analytical tools used for this purpose collect data about visits, traffic sources, pages viewed, time spent on the site, approximate location, demographic data, and some also allow behavior analysis through heatmaps and user session recordings. b) Marketing: Using data to conduct remarketing activities and display tailored ads to users in advertising networks and on other platforms. Marketing tools used may also serve to track the effectiveness of advertising campaigns. c) Integration with social media: If social media plugins or pixels (e.g., Facebook, Instagram, LinkedIn) are embedded in the Service, they may also save their own cookies for marketing or analytical purposes. d) Functional/Technical: Necessary for the proper functioning of certain features of the Service, e.g., remembering user preferences regarding cookie consent.
  3. Types of cookies used: a) Session cookies: Temporary files stored on the user’s device until logging out, leaving the website, or closing the browser. b) Persistent cookies: Stored on the user’s device for the time specified in the cookie parameters or until deleted by the user. c) First-party cookies: Placed directly by the Service Controller. d) Third-party cookies: Placed by external entities whose components have been integrated with the Service (e.g., providers of analytical tools, marketing tools, social platforms). The Controller does not have full control over the cookies of these entities – it is recommended to review their privacy policies available on their websites.
  4. Legal basis for using cookies: a) For cookies necessary for the functioning of the Service, the legal basis is Art. 6(1)(f) GDPR (legitimate interest of the Controller). b) For all other cookies (analytical, marketing, third-party), the legal basis is Art. 6(1)(a) GDPR (user consent), voluntarily expressed via the banner/cookie consent management tool on the first visit to the Service.
  5. Managing cookies and withdrawing consent: a) The user can withdraw or change their consent to the use of cookies at any time through the settings of the consent management tool or by changing their web browser settings. b) Most web browsers allow cookies to be saved on the end device by default. The user can independently change the browser settings to block cookies (all or selected) or to receive information each time they are sent to the device. Instructions for managing cookies are available in the settings of the respective browser. c) Please note that restricting or disabling the use of cookies may affect some functionalities of the Service, particularly those requiring consent. Disabling analytical and marketing cookies will not prevent the use of the Service but will limit the Controller’s ability to collect data.

§ 9 Personal data security

  1. The Controller applies technical and organizational measures ensuring the protection of processed personal data appropriate to the threats and categories of data protected, and in particular, secures data against unauthorized access, acquisition by an unauthorized person, processing in violation of applicable regulations, and alteration, loss, damage, or destruction.   
     
     
     
  2. Communication between the user’s device and the Controller’s server during the collection of personal data may be encrypted using an SSL certificate.
  3. The Controller uses the services of trusted providers who ensure appropriate standards of data storage security.

§ 10 Profiling and automated decision-making

  1. Users’ personal data are not subject to profiling that results in decisions producing legal effects concerning them or similarly significantly affecting them within the meaning of the GDPR. Data collected automatically may be used for marketing purposes (remarketing), which might be considered a form of profiling, but this is based on user consent and does not lead to automated decision-making with significant effects.

§ 11 Changes to the Privacy Policy

  1. The Controller reserves the right to make changes to this Privacy and Cookies Policy.
  2. All changes will be published in this location (on this page).
  3. Changes come into effect on the date of their publication in the Service. It is recommended to regularly check the content of the Policy.

§ 12 Final provisions

  1. In matters not regulated by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply.   
     
  2. This policy is effective from April 29, 2025.

Copyright © 2025 p-beep. All rights reserved.