Privacy and Cookies Policy
Website: https://readyoffice.pl. Last updated: 10 June 2026.
§1. General provisions
- This Policy sets out the rules for processing and protecting the personal data of persons using the readyoffice.pl website (hereinafter: “the Website", “the User") and the rules for using cookies.
- The Controller of personal data is READY OFFICE spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered office in Wrocław, ul. Braniborska 7 lok. 2, 53-680 Wrocław, entered in the Register of Entrepreneurs of the National Court Register under number KRS 0001016520, whose registration files are kept by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register, Tax ID (NIP) 8971917432, statistical number (REGON) 524338740 (hereinafter: “the Controller").
- Contact regarding personal data: e-mail info@readyoffice.pl, tel. +48 696 468 551, or the form: https://readyoffice.pl/en/contact/.
- Data is processed in accordance with: Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), the Personal Data Protection Act of 10 May 2018, and the Electronic Communications Law of 12 July 2024 (PKE).
- The Website uses SSL data transmission encryption.
§2. Scope, purposes and legal bases of processing
- We obtain data: (a) when the User voluntarily provides it in the Website forms (contact, enquiry, quote request), (b) automatically through cookies, (c) from server logs.
- Scope of data: first name and surname, company name, phone number, e-mail address, content of the enquiry (including the city and the selected package), IP address, connection and browser information, and other data provided voluntarily.
- Purposes and legal bases (Article 6(1) GDPR):
- a) handling the enquiry and contact, preparing a quote and offer – Article 6(1)(b) (steps taken to conclude a contract) and (f) (legitimate interest: handling correspondence);
- b) electronic marketing (offers, newsletter, contact by e-mail/SMS/phone) – Article 6(1)(a) (consent). Sending marketing communications by electronic means requires separate consent in accordance with the PKE and the Act on Providing Services by Electronic Means;
- c) fulfilment of the Controller’s legal obligations (e.g. accounting, tax) – Article 6(1)(c);
- d) statistics, analytics, security and development of the Website – Article 6(1)(f) (legitimate interest); analytics and marketing cookies are used on the basis of consent – Article 6(1)(a), given in the consent banner.
- Providing data is voluntary but necessary to handle the enquiry or prepare an offer.
§3. Cookies
- Cookies are text files stored on the User’s end device while using the Website.
- We use the following cookies: strictly necessary (ensuring the Website functions), functional, analytics and marketing.
- Consent: cookies other than strictly necessary ones are installed only after the User has given prior CONSENT via the consent banner (the CookieYes tool). Consent is voluntary, and the User may withdraw it or change settings in the consent panel at any time. The legal basis is Articles 361-362 of the Electronic Communications Law (which, as of 10 November 2024, replaced the Telecommunications Law, including the repealed Article 173) in conjunction with the GDPR.
- Cookies are divided into session cookies (deleted when the browser is closed) and persistent cookies (stored for a specified time or until manually deleted). The User can also manage cookies from the browser settings, including disabling them entirely.
§4. Data recipients and processors
Data may be entrusted to trusted processors acting on behalf of the Controller, to the extent necessary to achieve the stated purposes. Among others, we use:
- hosting provider: Zenbox;
- Brevo (Sendinblue) – handling of mailing and e-mail marketing;
- Pipedrive – CRM system (managing enquiries and contacts);
- Make (Integromat) – automation of data flow from forms;
- Google – Google Analytics, Google Ads, Google reCAPTCHA, Google Tag Manager;
- CookieYes – cookie consent management;
- entities providing accounting, legal and advisory services.
Data may also be disclosed to public authorities on the basis of applicable law. Access to data is granted only to persons authorised by the Controller.
§5. Transfers of data outside the EEA
The use of certain services (e.g. Google tools) may involve transferring personal data outside the European Economic Area, including to the United States. The transfer takes place on the basis of appropriate safeguards, i.e. Standard Contractual Clauses (SCC) approved by the European Commission and/or the EU-US Data Privacy Framework.
§6. Data retention period
We store data no longer than necessary to achieve the purposes and in accordance with legal requirements:
- data from an enquiry / preparation of an offer – for the time the matter is being handled and 12 months after its completion, unless a contract is concluded;
- data processed on the basis of marketing consent – until consent is withdrawn;
- data related to the performance of contracts and accounting and tax obligations – for the period required by law (as a rule, 5 years);
- server logs – for 12 months.
§7. User’s rights
The User has the right to: access their data, rectification, erasure, restriction of processing, data portability, objection, and withdrawal of consent at any time – without affecting the lawfulness of processing carried out before its withdrawal.
The User has the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw.
The Controller does not make decisions concerning the User based solely on automated processing that would produce legal effects on the User or similarly significantly affect them. Within analytics and advertising tools (e.g. Google), profiling for statistical and marketing purposes may take place – it is carried out on the basis of consent given in the cookie banner, which can be withdrawn at any time.
§8. Server logs
Information about certain User activities (URLs, request time, IP address, browser information, errors encountered) is recorded on the server side and used solely to administer the Website and to ensure its security and performance. This data is not linked to specific individuals.
§9. How we protect your data
We apply technical and organisational measures appropriate to the risk:
- SSL/TLS encryption of the connection to the website and forms;
- access to data is limited to authorised persons bound by confidentiality;
- we conclude data processing agreements with our processors (§4);
- the server is secured and regularly backed up by the hosting provider;
- the admin panel and access accounts are protected.
§10. Personal data breaches
In the event of a personal data breach that may result in a risk to the rights or freedoms of individuals, we report it to the President of the Personal Data Protection Office (PUODO) within 72 hours of becoming aware of it (Article 33 GDPR). Where the breach involves a high risk, we also inform the affected individuals without undue delay (Article 34 GDPR). We keep an internal register of breaches. A suspected breach can be reported to: info@readyoffice.pl.
§11. Changes to the Policy
The Controller may update this Policy. The current version is always available on the Website. If you have any questions, please contact: info@readyoffice.pl.
This is a translation of the Polish-language Privacy Policy. In the event of any discrepancy between the language versions, the Polish version prevails.