Privacy Policy

Effective date: December 04, 2025
Last modified: December 04, 2025

Privacy Policy Preamble

Prior to engaging with the Services provided by IT-Magic Sp. z o.o., we request your attention to the following stipulations:

  • This Privacy Policy constitutes a legally binding agreement between the user (“you”) and IT-Magic Sp. z o.o. (“us,” “we,” “our”), and is inseparable from our prevailing Terms of Use.
  • The corporate entity referenced by “we,” “us,” and “our” is exclusively IT-Magic Sp. z o.o., a company duly incorporated under the laws of Poland and the European Union. In all instances, IT-Magic Sp. z o.o. functions as the data controller unless expressly noted otherwise herein.
  • As the data controller, we are the determinative entity regarding the collection, duration of processing, and specific purposes for which personal data is handled.
  • This policy’s provisions apply to any and all utilization of our Services. By using the Services, you establish a reasonable expectation for the processing of your personal data. Should this expectation not align with your preferences, you must discontinue the use of our Services or formally submit an objection to the processing of your data.
  • We adhere to a strict policy against the clandestine acquisition of personal data. We are committed to only soliciting data that is indispensable for the stated objective. For example, our “Contact Us” functionality strictly requires only a name and email address to formulate a response, without mandating complete identity disclosure.
  • All communications concerning this Privacy Policy or the exercise of data subject rights should be directed to [email protected].

Applicability and Governing Provisions

This Privacy Policy meticulously governs the processes associated with personal data and cookie identifiers that arise from your use of the Services delineated in our Terms of Use.

This document serves to clarify our obligations as a data controller, specifically addressing:

  • The categories of information processed, the established legal basis, and the defined purposes for processing.
  • The external parties (recipients) with whom data may be shared.
  • The established retention timelines for personal data.
  • The comprehensive rights vested in you concerning your personal data.
  • The technical and organizational security protocols implemented to protect personal information.
  • The procedures for policy amendment.
  • Official contact particulars.

Data Collection, Legal Basis, and Processing Purposes

Information Directly Supplied by the User

Scope of Data: We acquire or collect personal data upon your interaction with our Services, typically via the submission of forms such as “Contact Us” on our Website. Data collected via “Contact Us” may encompass name, email address, phone number, project budget, and descriptive details.

Purpose of Use: Data collection is predicated on your reasonable expectation for us to utilize it to fulfill the function of the specific form. “Contact Us” data is processed to address inquiries, provide technical support, or handle customer service requests.

Legal Grounds: The primary legal bases for processing are the fulfillment of a contract or the steps preparatory to entering into a contract (e.g., providing our Services). Consent may also form a legal basis. Additionally, processing may align with our legitimate interests, such as effective service delivery and professional relationship building, which are deemed justified provided they do not infringe upon your rights. We rigorously uphold your right to object to processing based on legitimate interests.

Automated Collection (Cookies)

Scope: Personal data may be collected through analytical web technologies (cookie identifiers) based on Website interaction, providing insights into engagement preferences.

Purpose: The data serves to optimize the user experience on the Website and ensure its functional efficacy.

Legal Grounds: Processing in this category is dependent upon the user’s explicit consent for the deployment of cookie identifiers.

Use: This assists in performance evaluation, user experience customization, and the dissemination of relevant service information.

Processing may also occur to meet legal obligations (e.g., regulatory requests), always respecting the user’s right to object.

Confidentiality and Children’s Privacy

The Services are neither designed for nor knowingly marketed to minors. We do not intentionally collect or retain data pertaining to children.

Ancillary Processing Grounds

Data processing may additionally occur when necessary: to protect the vital interests of any individual; to execute a task carried out in the public interest or the exercise of official authority; or for the legitimate interests of IT-Magic Sp. z o.o. or a third party (e.g., investigating misconduct, liability defense). Users will be notified of any alteration to the processing purposes, and consent will be re-sought if required.

We affirm that we do not engage in data monetization via sale, nor do we employ solely automated decision-making processes that produce legal or similarly significant effects.

Data Disclosure and Transfer

Internal Access and International Data Flow

Personal data may be shared with authorized employees or contracted personnel under service agreements, with requisite security measures applied. These recipients may operate within the EU or in jurisdictions like the US, Ukraine, and Poland. International transfers to non-equivalent protection countries mandate the implementation of adequate safeguards, including, but not limited to, Data Transfer Agreements incorporating European Commission – approved Standard Contractual Clauses (SCCs).

External Vendors and Sharing with Third Parties

We utilize external services (e.g., cloud platforms, analytics). Data shared with third parties, particularly analytics providers, is generally restricted to non-personal, de-identified, or aggregated information. A comprehensive list of current external services is available upon written request to [email protected].

IT-Magic mandates adherence to GDPR and equivalent data protection standards from all service providers. This is ensured via certification checks, binding data protection agreements, and technical security protocols. Disclosure to comply with legal requirements (e.g., official investigatory demands) may also occur.

Data Preservation Period

Data is retained exclusively for the duration necessary for the provision of the Services, assessed individually based on data characteristics, processing objectives, and applicable legal retention mandates. Data shall not be preserved longer than its defined necessity. Personal data may be anonymized – stripped of identifiers – for internal integrity and statistical analysis, whereupon it ceases to be personal data.

Rights of the Data Subject

You possess the following rights concerning your personal data:

  • Right of Access: Confirmation of processing and acquisition of a data copy.
  • Right to Rectification: Correction of inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten) or Restriction: Request for data deletion or limiting its use.
  • Right to Object: Formal objection to processing or withdrawal of previously granted consent.

We commit to timely responses for verified requests, acknowledging that complex requests may necessitate an extension up to 60 days, with continuous communication regarding the status. To exercise your rights, utilize the provided contact information. Should you find our practices non-compliant, you retain the right to lodge a complaint with the competent EU Data Protection Authority in your jurisdiction.

Data Protection Measures

We employ stringent physical and electronic security measures to ensure privacy protection. In the event of a significant personal data breach, affected clients and relevant authorities will be promptly informed, and all efforts will be made to mitigate associated risks.

Policy Revisions

This Privacy Policy may undergo periodic amendments. The revision date is reflected in the “Last modified” header, with material changes summarized in a “Key changes” section. Continued use of Services post-amendment constitutes acceptance of the revised policy. Significant revisions will be communicated via appropriate channels (e.g., on-site notices).

We trust this document furnishes a clear understanding of our data handling protocols.

Contact Details

Please utilize the designated contact channel for any inquiries pertaining to this Privacy Policy.

IT-Magic Sp. z o.o., registered under the law of Poland and the European Union

Contact email: [email protected]

Poland
Zlota St. 75A lok. 7,
Warsaw 00-819

Scroll to Top