Our Privacy Policy
Privacy Policy & Internal Whistleblowing Procedure – WarPol.Info Sp. z o.o.
Effective Date: [Insert date of last update]
I. Privacy Protection
Protecting the privacy of our users is of utmost importance. Users of the website https://www.wpi.com.pl/ are guaranteed the highest standards of privacy protection. WarPol.Info Sp. z o.o., as the data controller, ensures the security of personal data provided by users.
This Privacy Policy is implemented in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR). It establishes rules for the processing and protection of personal data provided by users in connection with their use of the website and related services.
Definitions:
- User: any individual whose data is processed while using the website or related services.
- Administrator / Data Controller: WarPol.Info Sp. z o.o., ul. Sąsiedzka 1G, 05-806 Sokołów k/Warszawy, Poland; NIP: 5223034286; REGON: 362101717.
Basis for Data Processing
- Data processing necessary for the execution of a contract, legal obligation, or legitimate interest is based on Articles 6(1)(b) and 6(1)(c) GDPR.
- Providing data for marketing purposes is voluntary; refusal or withdrawal of consent prevents the Administrator from sending promotional communications.
II. User Consent
Using the website constitutes consent to the collection, use, and sharing of data as outlined in this Privacy Policy. Users can withdraw consent at any time without affecting the lawfulness of prior processing. Changes to this policy will be considered accepted if the user continues to use the website.
III. Types of Personal Data Collected
a) Data obtained directly from users:
- Contact via website form or support channels
- Use of products or services provided by the Administrator
b) Data obtained from other sources:
- Cookies, analytics, and software reports from user devices
- Data brokers for demographic information
- Service providers for location data (based on IP)
- Business partners for joint marketing or product/service delivery
- Publicly available sources, such as registers and public domains
c) Data categories collected:
- Name / company / business owner(s)
- Mailing address
- Website address
- Phone number
- Email address
- NIP / REGON
- IP address
- Content of messages (email, chat, voice recordings)
- User feedback, product/service reviews, and support requests
IV. Purposes of Processing
- Service execution: authentication, access authorization, contract fulfillment
- Communication: personalized emails, notifications, support responses
- Advertising & marketing: targeted offers based on consent and legitimate interest
- Service improvement: analytics, statistics, and market research
- Security: fraud prevention, network and information protection
- Claims handling: investigation of disputes and legal claims
- Accounting & financial obligations: bookkeeping and invoicing
Data is only shared with authorized recipients or legal authorities when required by law.
V. User Rights
- Access: request confirmation and copy of personal data
- Correction: correct inaccurate or incomplete data
- Erasure (“right to be forgotten”): in cases of withdrawal of consent, illegal processing, or when data is no longer needed
- Restriction: temporarily limit processing under certain conditions
- Data portability: receive data in a structured format or transfer to another controller
- Objection: object to processing, especially for marketing or profiling
- Lodging a complaint: submit a complaint to the supervisory authority
- Automated decisions / profiling: rights regarding decisions made solely by automated processing
VI. Cookies and Other Technologies
Cookies are used to enhance service functionality and deliver personalized content. Users can manage cookies through browser settings or opt-out mechanisms.
VII. Security & Storage
Data is stored in secure systems with restricted access. Retention periods vary by purpose:
- Analytics/statistics: until purpose achieved
- Contractual services: duration of contract + limitation period
- Accounting: statutory retention periods
- Marketing: until objection or termination of business relationship
Changes to this policy will be notified on the website or directly to users.
VIII. Contact Information
- Administrator email: biuro@wpi.com.pl
- Data Protection Officer (DPO): ido@warpol.com.pl | +48 22 350 61 30 ext. 198
- Postal address: WarPol.Info Sp. z o.o., ul. Sąsiedzka 1G, 05-806 Sokołów k/Warszawy
Internal Whistleblowing Procedure
Legal Basis: Act of 14 June 2024 on the Protection of Whistleblowers (Journal of Laws 2024, item 928).
I. Objective
Establish internal procedures for reporting and addressing legal violations while ensuring whistleblower protection.
II. Scope of Reports
Violations include:
- Corruption, public procurement, financial services, AML/CFT
- Product/transport safety, environmental protection, radiological/nuclear safety
- Food safety, animal welfare, public health, consumer protection
- Privacy/data protection, IT security, state/ EU financial interests
- Market competition and taxation rules
- Constitutional rights and freedoms
Additionally, workplace bullying as defined in company regulations.
III. Whistleblower Definition
A whistleblower is a natural person reporting or publicly disclosing a legal violation in connection with their work, provided they reasonably believe the information is true.
IV. Internal Reporting Channels
- Email: sygnalisci@wpi.com.pl
- Mail: WarPol.Info Sp. z o.o., in a sealed envelope marked “whistleblower”
- Oral report: arranged within 14 days, documented in a written protocol
Anonymous reports are allowed and evaluated if containing actionable information.
V. Process & Feedback
- Reports acknowledged within 7 days
- Feedback provided within 3 months
- Designated internal officer ensures independence and impartiality
- Investigation may involve external specialists
- Findings are documented in a protocol including recommendations and actions
VI. External Reporting
Whistleblowers may report externally to the Ombudsman or public authority without first reporting internally.