en
en
Data Controller Identity
The controller of your personal data is TFC GLOBAL Sp. z o.o., with its registered office in Kraków, ul. Sikorki 21/b, 31-589 Kraków, registered in the Register of Entrepreneurs of the National Court Register kept by the District Court for Kraków-Śródmieście in Kraków, 11th Commercial Division of the National Court Register, under KRS number: 0000909651, NIP: 6793148886, REGON: 367248460.
Data Controller Contact Information
You can contact the Controller in the following ways:
- In writing at: TFC GLOBAL Sp. z o.o., Sikorki 21/b, 31-589 Kraków, with the note "Personal Data Protection"
- Electronically via email: biuro@tfc-global.com
- By phone: (+48) 12 684 33 92
Purpose and Legal Basis for Data Processing
Whenever the Controller refers to "GDPR", it means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
The Controller may process your personal data if necessary for your use of the website.
The purpose, scope, and categories of recipients of the data processed by the Controller will depend on the activities you undertake while using the website.
Data Processing When Using the Website
Each time you visit our website, your browser automatically transmits general user data to our server, including browser type/version, current IP address, operating system, referring URL, and date/time of the server request.
Processing this data is necessary to display our website correctly on your device. The received data is processed collectively and anonymously.
The legal basis for processing is Article 6(1)(f) of the GDPR. The legitimate interest is the proper, efficient, and secure functioning of our website.
Purposes of Processing Data Provided in the Contact Form
These include:
- Communicating with you regarding the message sent via the contact form, based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR), and based on your consent (Art. 6(1)(a) GDPR).
- Communicating with you regarding marketing consents, based on the Controller’s legitimate interest (direct marketing) and your consent.
- Archiving documents, statistics, or pursuing/defending claims related to contract execution, based on legitimate interests (Art. 6(1)(f) GDPR).
The contact form collects: name and surname, email, phone number. Optionally, you may provide additional data voluntarily within your message. This data is necessary to provide a response.
Data Retention Period
Your personal data will be processed for the time necessary to achieve the purposes or until you object (where processing is based on legitimate interest) or withdraw consent. Afterwards, data may be stored until limitation periods expire or until legal retention obligations lapse.
Categories of Recipients
Your data may be processed by subcontractors (entities used by the Controller in fulfilling its duties). Your data is always processed with appropriate safeguards.
Due to the use of suppliers storing data on US servers (e.g., Google LLC), your data may be transferred outside the European Economic Area. However, these subcontractors participate in the Privacy Shield program, ensuring an adequate level of protection as required by EU law.
Automated Decision Making and Profiling
The Controller will not make decisions about you in an automated way, including profiling.
Your Rights
You have the right to:
- Access your personal data and request rectification, deletion, or restriction of processing.
- Data portability.
- Withdraw consent at any time (this does not affect processing done before withdrawal).
- Object to processing where the basis is the Controller's legitimate interest.
- File a complaint with the data protection authority (President of the Personal Data Protection Office) if you believe your data is processed unlawfully.
To exercise your rights, contact the Controller.
Cookies
Cookies are small text-numeric files stored on your device by our website system. They allow recognition upon future visits.
Cookies are used with your consent, expressed via browser settings.
Purpose of cookies: managing the website and improving content quality. They are also used for anonymous statistics and analysis. Cookies do not identify users.
Types of cookies used:
- Session cookies (deleted after browser is closed)
- Persistent cookies (stored for a set time)
- First-party cookies (set by the website)
- Third-party cookies (e.g., Google Ads, Google Analytics, Facebook, LinkedIn, Cookiebot)
Tools Used by the Controller
Google Analytics, Ads, reCAPTCHA, Tag Manager:
These services help analyze and improve the website.
Google Analytics uses cookies for analysis. Data is processed collectively and anonymously.
Google Ads cookies measure ad campaign effectiveness. Cookies are device-specific and expire after a period. The Controller receives only statistical reports.
Cookiebot (Usercentrics A/S) stores cookie consent status for the current domain.
Legal basis: Article 6(1)(f) GDPR (legitimate interest in proper website function).
Social Media
Our site includes social media plugins (e.g., Facebook, LinkedIn) to allow sharing content.
These tools collect browsing history, IP address, browser info, and timestamps. When using social functions (e.g., Share, Comment), this data is transmitted to the social media provider.
Plugin overviews:
- Facebook (Meta Platforms Ireland Ltd.): https://developers.facebook.com/docs/plugins
- LinkedIn: https://developer.linkedin.com/plugins#
Cookie Settings
Most browsers accept cookies by default. You may withdraw or modify your consent anytime by changing browser settings or clicking the black-and-white paperclip icon at the lower-left corner of the website.
Restricting cookies may affect some content visibility or full site functionality.
Server Logs
Using the website generates server requests. Each request is recorded in logs, including IP address, server date/time, browser and OS info.
These logs are not associated with individual users and are used solely for site administration. They are not shared except with authorized personnel managing the server.
