Privacy Policy — SysGroup

// 01

§1 Who is the controller of your data?

SYSGROUP SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ (a Polish limited liability company)

ul. Gdańska 119, 85-022 Bydgoszcz, Poland

EU VAT: PL9671432180 · KRS: 0000819054

Pursuant to Article 37 GDPR, SYSGROUP Sp. z o.o. has not appointed a Data Protection Officer. Privacy matters are handled directly by the company at the contact address above.

// 02

§2 Why this policy matters

This privacy policy explains in clear language what data we collect, why we collect it, how long we keep it, with whom we may share it, and what rights you have.

The document forms an integral part of our service terms. We comply with Regulation (EU) 2016/679 of 27 April 2016 (the "GDPR") and the Polish Personal Data Protection Act.

// 03

§3 Core privacy principles

3.1 We respect your privacy

We collect only the data necessary to provide our services
We use it solely for the purposes we tell you about
We apply appropriate security measures
We never sell your personal data

3.2 Transparency

We always inform you clearly and intelligibly about how we use your data. If you have any questions, we'll answer them.

// 04

§4 What data we collect, and why

Category	Scope	Purpose
Identification	First name, surname, tax ID	User identification, invoicing, contract performance
Contact	Email, phone	Communication, order delivery, customer service
Address	Residential / delivery address	Deliveries, accounting documents
Technical	IP address, browser	Security, statistics, site optimisation

Note: Providing data is voluntary, but necessary for us to deliver our services.

// 05

§5 Legal bases for processing

Art. 6(1)(a)Your consent (e.g. newsletter, marketing)
Art. 6(1)(b)Performance of a contract (order fulfilment, customer service)
Art. 6(1)(c)Legal obligation (accounting, tax)
Art. 6(1)(f)Legitimate interest (security, statistics)

// 06

§6 How long we keep data

Category	Retention period
Contract performance	Until the contract is completed
Accounting records (invoices)	5 years from the end of the tax year (Polish law)
Marketing (consent-based)	Until consent is withdrawn or objection raised
Claims defence	Until claims are time-barred (max 10 years)

// 07

§7 Who do we share data with?

🖥️

IT service providers

Hosting, technical support

📦

Couriers

Physical deliveries

💳

Payment processors

Online transaction handling

📊

Accounting firm

Bookkeeping

📣

Marketing tools

Newsletter delivery

🏛️

Public authorities

Where required by law

Important: All our subprocessors are bound by confidentiality and process data only under our instructions and in line with the GDPR. We prefer EEA-based providers.

// 08

§8 Your rights

8.1

Right of access

You can obtain confirmation of whether we process your data and receive a copy.

8.2

Right to rectification

You can correct inaccurate data or complete incomplete data.

8.3

Right to erasure

You can request deletion when data is no longer necessary or where you withdraw consent.

8.4

Right to restriction

You can request restriction of processing in defined situations.

8.5

Right to data portability

You can receive your data in a machine-readable format for transfer to another controller.

8.6

Right to object

You can object to processing for marketing purposes.

8.7

Withdrawal of consent

Where processing is based on consent, you can withdraw it at any time.

8.8

Right to lodge a complaint

You can complain to the Polish supervisory authority (UODO, ul. Stawki 2, Warsaw) if you believe we infringe the GDPR. EU residents may also contact their local supervisory authority.

How to exercise your rights:
Email info@sysgroup.pl or write to ul. Gdańska 119, 85-022 Bydgoszcz, Poland. We respond within 30 days.

// 09

§9 Cookies

9.1 What cookies are

Cookies are small text files that websites place on your device. They can help remember preferences, analyse traffic, ensure security and personalise content. This site does NOT set any cookies and uses no analytics trackers.

9.2 Cookie categories (for reference)

9.3 Managing cookies in your browser

Even though we don't set any, you can manage cookies in your browser settings:

Google Chrome Mozilla Firefox Safari Microsoft Edge

Blocking all cookies may impair functionality of some sites in general (though it has no effect here, as we set none).

// 10

§10 Social media plugins

This site does NOT use social media plugins (e.g. Facebook, Instagram, X/Twitter, LinkedIn). Any social links are plain HTML and load no third-party scripts.

// 11

§11 Security

We take all reasonable measures to protect your personal data against unauthorised access, accidental loss, destruction or unlawful disclosure.

🔒

SSL/TLS encryption

All site traffic is encrypted with TLS.

🛡️

Server hardening

Servers are protected by current security baselines and active monitoring.

👤

Access control

Only authorised personnel can access personal data.

🔍

Regular reviews

We review our systems and controls on a recurring basis.

// 12

§12 Transfers outside the EEA

In standard operations we do not transfer data outside the European Economic Area. We use infrastructure and subprocessors located in the EU/EEA. Should such a transfer become necessary, we apply appropriate safeguards:

SCCStandard Contractual Clauses — approved by the European Commission
ECAdequacy decisions — of the European Commission for specific countries
GDPR VOther mechanisms — in line with Chapter V of the GDPR

// 13

§13 Changes to this policy

We may update this privacy policy. We will announce material changes via a notice on the website or, where we hold your address, by email.

The version published on the website at any given time is the binding version.

// 14

§14 Contact

For any data protection matters, you can reach us at:

Emailinfo@sysgroup.pl

Addressul. Gdańska 119, 85-022 Bydgoszcz, Poland

Response timeWithin 30 days

EU VATPL9671432180