top of page

Privacy Policy

1. General Information

This Privacy Policy sets out the rules for processing personal data of users of the website (hereinafter referred to as the “Website”), in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and other applicable legal provisions.

The controller of personal data is Cibus Group Spółka z ograniczoną odpowiedzialnością, with its registered office in Warsaw (00-499), Plac Trzech Krzyży 10/14, entered in the Register of Entrepreneurs of the National Court Register under KRS number 0001084571, NIP 7011187282, REGON 527610762 (hereinafter referred to as the “Controller”).

The Controller places particular emphasis on protecting users’ privacy and ensuring the security of processed personal data.

2. Scope of Processed Data

The Controller may process the following personal data:

  • first and last name,

  • e-mail address,

  • telephone number,

  • data provided in contact forms or e-mail correspondence,

  • IP address,

  • technical and statistical data related to the use of the Website (e.g. browser type, operating system).

Providing personal data is voluntary but necessary to use certain functionalities of the Website.

3. Purposes of Data Processing

Personal data are processed for the purpose of:

  • responding to enquiries submitted via contact forms or e-mail,

  • conducting ongoing correspondence and communication with users,

  • providing services electronically,

  • improving the functioning of the Website and conducting statistical analyses,

  • fulfilling legal obligations imposed on the Controller.

4. Legal Basis for Processing

Personal data are processed on the basis of:

  • the user’s consent (Article 6(1)(a) GDPR),

  • necessity for the performance of a contract or taking steps prior to entering into a contract (Article 6(1)(b) GDPR),

  • legal obligation of the Controller (Article 6(1)(c) GDPR),

  • legitimate interests of the Controller (Article 6(1)(f) GDPR), in particular conducting correspondence and securing potential claims.

5. Data Recipients

Personal data may be transferred to entities cooperating with the Controller only to the extent necessary for the proper functioning of the Website, in particular:

  • IT and hosting service providers,

  • entities supporting the technical infrastructure.

Personal data may also be disclosed to entities authorized to receive such data under applicable law.

The Controller does not transfer personal data to third countries outside the EU/EEA, unless this results from the tools used and is carried out in compliance with GDPR regulations.

6. Data Retention Period

Personal data are stored only for the period necessary to achieve the purposes for which they were collected, and thereafter for the period required by law or until consent is withdrawn, where processing is based on consent.

7. Rights of Data Subjects

Data subjects have the right to:

  • access their personal data,

  • rectify personal data,

  • erase personal data (“right to be forgotten”),

  • restrict processing,

  • data portability,

  • object to the processing of personal data,

  • withdraw consent at any time (without affecting the lawfulness of processing carried out before withdrawal),

  • lodge a complaint with the President of the Personal Data Protection Office or the relevant supervisory authority.

8. Cookies

The Website uses cookies in order to:

  • ensure proper operation of the Website,

  • conduct statistical analyses,

  • improve the quality and functionality of the service.

Users may change cookie settings at any time in their web browser.

9. Data Security

The Controller applies appropriate technical and organizational measures to ensure the protection of personal data against loss, unauthorized access, disclosure, alteration or destruction.

10. Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy. The current version of the Privacy Policy is always available on the Website.

bottom of page