Privacy and Cookies Policy – dalpo.pl

This Privacy Policy sets out the rules for the processing and protection of personal data of users using the website available at dalpo.en (hereinafter referred to as the “Service”).
We exercise particular care to protect the interests of data subjects. We ensure that the data we collect is:

  • processed lawfully, in accordance with applicable laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – “GDPR”),
  • collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes,
  • adequate in relation to the purposes for which it is processed.

1. Data Controller
The controller of personal data collected via the Service is Dalpo (the appropriate company should be indicated), with its registered office in Poznań (60-118), ul. Miedziana 3.

2. Data Protection Officer – The Controller has appointed a Data Protection Officer – Ms. Natalia Dzieciuchowicz, who can be contacted at: iod@dalpo.pl.

3. Purposes and Legal Bases of Data Processing
Your personal data is processed for the following purposes:

  • Handling inquiries via the contact form: we process your email address, message content (mandatory data) and phone number (optional) based on Article 6(1)(f) GDPR – legitimate interest consisting in communication with users.
  • Newsletter distribution: if you give consent, we process your email address to send commercial and marketing information electronically (Article 6(1)(a) GDPR).
  • Analytics and statistics: we use Google Analytics to understand how users interact with the Service and improve it. Data is processed based on your consent expressed via the cookie banner (Article 6(1)(a) GDPR).

4. Scope of Collected Data

  1. Contact form:
    • email address (required),
    • phone number (optional),
    • message content (required).
  2. Newsletter:
    • email address.
  3. Automatically collected data (cookies) – described below.

5. Data Recipients
Your data may be transferred to entities processing it on behalf of the Controller, including:

  • hosting and server providers,
  • newsletter system providers,
  • Google Ireland Limited (Google Analytics).

The Service contains links to external platforms: Instagram, LinkedIn, YouTube, and Facebook. After clicking these links, the data processing rules are governed by the respective providers. No tracking pixels or social plugins transmitting data automatically are installed.

6. Data Retention Period

  • contact form data: until response is provided or consent is withdrawn / objection raised,
  • newsletter: until consent is withdrawn,
  • statistics: according to cookie retention periods.

7. Your Rights
Under GDPR, you have the right to:

  1. access your data and obtain a copy,
  2. rectify your data,
  3. erase your data (“right to be forgotten”),
  4. restrict processing,
  5. object to processing,
  6. data portability,
  7. withdraw consent at any time,
  8. lodge a complaint with the President of the Personal Data Protection Office (PUODO).

8. Cookies

1. The Service uses cookies to ensure the best user experience. Cookie management is handled via a Consent Manager displayed on first visit.

2. Cookies are used to:

  • customize content,
  • optimize usage,
  • create aggregated statistics,
  • ensure security and session maintenance,
  • facilitate navigation,
  • deliver behavioral advertising.

Third-party cookies may be used for retargeting and behavioral advertising.

3. Types of cookies:

  • necessary – essential for functionality (stored 1 day),
  • analytical – for statistics (up to 2 years),
  • marketing – for personalized ads (up to 1 year).

By duration:

  • session cookies – temporary,
  • persistent cookies – stored between sessions.

5. Third-party cookies

  1. Used for:
    • analytics (Google Analytics),
    • social media integrations (Instagram, LinkedIn, YouTube, Facebook).

9. Data Transfers Outside the EEA
Data may be transferred outside the European Economic Area (e.g. to the USA). The Controller ensures safeguards through:

  • adequacy decisions,
  • Standard Contractual Clauses (SCC),
  • additional technical measures (e.g. encryption).

10. Consent Management
Processing of non-essential cookies is based on your voluntary consent via the Consent Manager. You may withdraw or modify consent at any time.

Change settings

11. Final Provisions

  1. The Service does not use chat systems or automated decision-making.
  2. The Controller reserves the right to amend this Policy.
  3. Last update: 10.04.2026.