Privacy Policy

I. About us

The personal data controller of users of the Estorelabs.com website is e-commerce Mastery sp. z o.o. (i.e. Ltd.) with its registered office in Warsaw (02-001) at Al. Jerozolimskie 81, registered in the Register of Entrepreneurs kept by the District Court in Warsaw, 12th Commercial Division of the National Court Register under the number: 0000714755, tax identification number: 1132959266, hereinafter referred to as 'ESTORELABS'.

The company has appointed a Data Protection Officer (Agnieszka Rzycka-Osiej), who can be contacted at rodo@estorelabs.com. Personal data is obtained and processed in the manner and on the terms set out in this Policy.

Privacy protection is particularly important for ESTORELABS. We make sure that your data is processed in accordance with the data protection regulations, in particular the General Data Protection Regulation 2016/679/EC (hereinafter referred to as 'GDPR').

II. What do we use your personal data for

1. As the administrator of this website, we process the data of users visiting our domain using a web browser.

2. Contact details obtained via contact forms are used to communicate with subjects interested in our services, to answer questions, as well as to conclude, implement and efficiently service our contracts.

3. We also conduct marketing activities to reach the widest possible group of interested parties and to provide them with up-to-date information about our products and services.

4. Through the 'Careers' tab, we recruit new members of our team.

5. We also process data required for the functioning of cookies:

a. necessary for the operation of the website ('essential cookies') - processed in the legitimate interest of the administrator, which is the functioning of the website

b. for other purposes ('performance cookies' and 'functional cookies') serving statistical and analytical purposes - which we process only when you give your consent.

6. We share your data with third parties with your consent or when we are authorized to do so under the provisions of the GDPR or obliged under other legal provisions.

III. On what basis do we process your data

We may process personal data on several legal grounds.

1. We process your data on the basis of your consent, which may be withdrawn at any time. The consent may concern, for example, the processing of certain cookies or marketing activities ⮚ legal basis: art. 6 sec. 1 letter a GDPR

2. Another case is when processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract ⮚ legal basis: art. 6 sec. 1 letter b GDPR.

3. In some situations, processing is necessary for compliance with a legal obligation to which we are subjects. Such obligations result, for example, from the provisions on electronic services or the Accounting Act. ⮚ legal basis: art. 6 sec. 1 letter c GDPR.

4. Processing may also be necessary for the purposes of our legitimate interests, such as marketing, essential cookies, communication with customers on inquiries submitted in forms or pursuing claims from our business activity. ⮚ legal basis: art. 6 sec. 1 letter f GDPR.

IV. What are your rights?

• We take appropriate measures to provide all relevant information in a concise, transparent, understandable and easily accessible form, in clear and plain language and to conduct communications with you regarding the processing of personal data and exercising your right to:
• information on the processing of personal data;
• access to data, including the right to a copy of personal data;
• rectification of data;
• erasure of data / right to be forgotten;
• restriction of processing;
• data portability in the case of data processed on the basis of consent or contract;
• withdraw of consent at any time – withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;
• object to data processing based on a legitimate interest;
• not to be subject to a decision based solely on automated processing (including profiling);
• information about a data protection breach.
• In order to contact us regarding the implementation of a given right, please contact us via:
• Email address: rodo@estorelabs.com
• The security of your data is a priority for us, however, if you believe that by processing your personal data we violate the provisions of the GDPR, you have the right to lodge a complaint with the supervisory authority competent for these matters.

V. Subcontractors/processors

Personal data may be processed on behalf of the data controller by trusted third party suppliers - i.e. processors. We entrust the processing of personal data to: third parties that provide IT services, such as providers of platforms, hosting services, remarketing services and cookies…

If we cooperate with entities that process personal data on our behalf, we only use the services of such processors that provide guarantees for the implementation of appropriate technical and organizational measures that the processing meets the requirements of the GDPR and protects sufficiently the rights of data subjects.

VI. Data retention

We process personal data no longer than it is necessary for the purposes for which the data are processed. After such a period, we anonymise the data (deprive the features permitting identification of a data subject) or erase it.

The period of data processing is determined firstly on the basis of the law (e.g. time of storing accounting documents), secondly on the justified interest of the data controller (e.g. marketing activity) or the lasting of your consent. In the case of cookies – we store them for the period necessary to achieve their purposes (i.e. for the duration of session identification files). The above periods may be extended based on the legal obligations of the data controller, the need to secure the pursuit of claims and for statistical or archival purposes.

VII. Method of processing and securing data

We ensure that any person acting under our authorization and having access to your personal data processes it only within the scope of our instructions, unless other requirements result from EU law or the law of a Member State.

The collected personal data will not be transferred outside the European Economic Area (EEA). In the event of a planned transfer outside the EEA, we will obtain an appropriate legal basis and inform users about the transfer in advance.

VIII. Social media and social networks

The website contains references (links) to external social networks, such as Instagram, TikTok, LinkedIn ('Social Plugins').

The functions assigned to individual links, e.g. sending information and personal data, are activated only after clicking on a given link. Then the Social Plugin of the individual social network and your browser will connect you directly to the selected website.

The purpose and scope of personal data processing by social networks and the rights and obligations of such portals to protect the privacy of users can be found in the privacy policies within a given portal.

When using Social Plugins, the user should remember that social networks have their own privacy policies that the user should get acquainted to. ESTORELABS is not responsible for the activities of social networks, content provided by them and applicable privacy policies, with the exception of content published by us on our fan page. The specific social network is responsible for the data processing beginning with your click on their link.

IX. Cookies

What are cookies and what are they for?

Cookies are small files saved on your computer that store settings and other information used on the websites you are visiting. These files are sent by the website to the browser. Each cookie has an anonymous identifier and allows you to identify the device in whose memory it has been saved for a certain period of time (the time after which the cookie will be deleted).

Cookies may contain website settings or be used to recognize your device, adapt the content of the website to your preferences or to track users' interaction with the website (previous activities). We also use cookies to optimize the use of websites and to support and enforce security measures.

What cookies do we use?

We may use the following types of cookies:

• Session cookies – these are information stored in the browser's memory until the end of the browser session, i.e. until it is closed. These cookies are necessary for some website functionalities to work properly.
• Permanent cookies – thanks to them the use of the website is easier (e.g. they remember the selected resolution, content layout). They can be used for a variety of purposes, including remembering your preferences and choices when using the website. These cookies remain in the browser's memory for a longer period.
• Own cookies (first party cookies) – they are saved by the currently viewed website. They are used to improve the quality of using the website.
• Third party cookies – they are used by third parties, such as Google Analytics, to track your visits to various websites and place advertisements.

Cookies can be divided into the following categories:

• Necessary cookies;
• Performance cookies;
• Functional cookies;
• Marketing cookies.

Necessary cookies: always active

Without these cookies, you cannot navigate the website or use its features. We process your data based on art. 6 (1) f) GDPR. You can object to such processing of your data, but it will prevent the use of our website or make it much more difficult.

Performance, functional and marketing cookies: (after selecting the 'Accept all' button)

Performance cookies collect information about how visitors use the website, such as which pages are visited the most. These files are used to improve the operation of the website.

The functionality files store information about your choices, thanks to which we can offer improved and personalized functions. For example, these types of cookies may store information about tracking numbers entered in applications.

Marketing cookies are used to create a user's own profile, based on his preferences and likes while browsing the Internet, and to display advertising messages consistent with the user's profile. Thanks to this, the advertising messages that you see on the website can be more suitable and interesting for you.

These files can be launched only with your consent, expressed by selecting the button: 'Accept all' on the cookie banner that appears after opening the website. You can withdraw your consent at any time.

How long do we store cookies?

Session cookies remain on your device until you leave the website or turn off the software (web browser). Permanent cookies will be stored on your device for a maximum of 12 months or until you withdraw your consent.

How to manage cookies?

Please note that if you do not consent to install the cookies, you will not be able to fully use some elements of the website, e.g. you will not be able to use personalization. Remember to configure all browsers on the various devices (tablets, smartphones, computers) you use. There are different ways to configure browsers, so please refer to the 'Help' section of your browser to learn how to configure it and use the available options.

Ways to configure cookie settings in individual browsers can be found, among others at the addresses:

• Chrome: https://support.google.com/chrome/answer/95647?
• Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
• Safari: https://support.apple.com/pl-pl/guide/safari/sfri11471/mac
• Opera: https://www.opera.com/pl/use-cases/clean-browser-and-remove-trackers
• Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
• Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

You can disable 'Google Analytics' cookies by downloading the module available at: https://tools.google.com/dlpage/gaoptout/

You might also use the following website: www.youronlinechoices.eu/

X. Privacy Policy update

We may make changes to this policy, in particular in order to adapt it to changes in generally applicable regulations. Changes to the policy will come into force on the date specified in the information about its change, but not earlier than within 14 days of their announcement.