Privacy Policy

General Information

1. This Privacy Policy applies to the website available at: b2blab.pl
2. The website is operated by and the data controller is:
   B2B LAB Błażej Pianowski
   Aleja Komisji Edukacji Narodowej 93
   02-777 Warsaw, Poland
3. Operator’s email contact address: kontakt@b2blab.pl
4. The website operator and controller of your personal data is with respect to any data you voluntarily provide on the site.
   
   
5. The website processes personal data for the following purposes:
   • Managing the newsletter
   • Conducting online chat conversations
   • Displaying the user’s profile to other users
   • Handling inquiries via the contact form
   • Providing the requested services
   • Debt collection
   • Displaying offers or information
6. The website collects information about users and their behavior in the following ways:
   
   
   
   
   1. Through data voluntarily entered into forms, which are then stored in the Operator’s systems.
   2. By storing cookies on end-user devices.

2. Selected Data Protection Methods Used by the Operator

1. Login and data entry areas are protected at the transmission layer (SSL certificate). This means that personal data and login information entered on the website are encrypted on the user’s device and can only be read on the target server.
2. User passwords are stored in a hashed form. The hashing function is one-way, meaning it cannot be reversed. This is the current standard for securely storing user passwords.
3. The operator periodically changes administrative passwords.
   
   
4. To protect the data, the operator regularly performs backups.
   
   
5. An important element of data protection is the regular updating of all software used by the operator to process personal data, including frequent updates of software component.

3. Hosting

1. The website is hosted (technically maintained) on the operator’s servers at: cyberFolks.pl
2. To ensure technical reliability, the hosting company maintains server-level logs. The following data may be recorded:
   • resources identified by URL (addresses of requested resources – pages, files),
   • time of the request,
   • time the response was sent,
   • client station name – identified via the HTTP protocol,
     
     
   • information about errors that occurred during the execution of the HTTP transaction,
   • URL address of the previously visited page (referer link) – if the user accessed the website via a hyperlink,
   • information about the user’s browser,
   • information about the IP address,
   • diagnostic information related to the process of ordering services independently via forms on the website,
   • information related to email communication sent to and from the Operator.
     
     

4. Your Rights and Additional Information About How Data Is Used

1. To fulfill obligations under data protection regulations and to ensure effective data security, the Operator has appointed a Data Protection Officer (DPO).
2. The Data Protection Officer (DPO) is:
   Błażej Pianowski, Address: Aleja Komisji Edukacji Narodowej 93, 02-777 Warsaw, Poland Email contact: kontakt@b2blab.pl
3. In certain situations, the Controller has the right to share your personal data with other recipients if it is necessary to perform a contract with you or to fulfill the Controller’s legal obligations. This applies to the following groups of recipients:
   
   
   • the hosting company, under a data processing agreement
   • postal service providers
   • legal offices and debt recovery agencies
   • banks
   • payment service providers
   • online chat solution providers
   • companies providing marketing services to the Controller
     
     
4. The Controller will not retain your personal data longer than necessary to carry out the activities defined by separate legal provisions (e.g., accounting). Marketing-related data will not be processed for more than three years.
   
   
5. You have the right to request from the Controller:
   • access to your personal data
   • rectification of your personal data,
     
     
     
   • deletion of your personal data,,
   • restriction of the processing of your personal data,
     
     
   • and data portability.
     
     
6. You have the right to object to the processing referred to in section 3.2—namely, the processing of personal data for the performance of the Controller’s legitimate interests, including profiling. However, this right to object cannot be exercised if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.
   
   
7. Na działania Administratora przysługuje skarga do Prezesa Urzędu Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warszawa.
8. Providing personal data is voluntary but necessary for the operation of the Service.
9. Automated decision-making, including profiling, may be applied to you for the purpose of providing services under the concluded contract and for the Controller’s direct marketing.
   
   
   
   
10. Personal data may be transferred to third countries as defined by data protection regulations. This means that we transmit it outside the territory of the European Union.
    
    

5. Information Provided in Forms

1. The website collects information voluntarily provided by the user, including personal data, if submitted.
2. The website may record connection parameters (timestamp, IP address).
   
   
3. The website may, in certain cases, store information that links form data to the email address of the user filling out the form. In such cases, the user’s email address appears within the URL of the page containing the form.
4. Data provided in a form is processed for the purpose corresponding to that form’s specific function – for example, to handle a service request, facilitate business contact, register for services, etc. The context and description of each form clearly explain its purpose.
   
   

6. Administrator’s Logs

1. Information about users’ behavior on the website may be logged. This data is used to administer the website.

7. Important Marketing Techniques

1. The operator uses statistical analysis of website traffic via Google Analytics (Google Inc., USA). The operator does not share personal data with the service provider—only anonymized information. This service relies on cookies stored on the user’s device. For information about user preferences collected by Google’s advertising network, users can view and edit cookie-based data using the tool at https://www.google.com/ads/preferences/.
2. The operator uses remarketing techniques to tailor advertising messages based on user behavior on the website. While this may give the impression that personal data is being used to track you, in practice no personal data is transferred from the Operator to advertising providers. These activities require that cookies be enabled.
3. The Operator uses the Facebook Pixel. This technology enables Facebook (Facebook Inc., USA) to recognize when a registered user visits the website. It relies on data for which Facebook itself is the data controller; the Operator does not transmit any additional personal data to Facebook. This service operates through cookies stored on the user’s device.
4. The Operator uses a solution that analyzes user behavior by creating heatmaps and recording on-page activity. This information is anonymized before being sent to the service provider, so they cannot identify any individual. In particular, entered passwords and other personal data are not recorded.
5. The Operator uses automation solutions to interact with users—for example, sending an email to a user after they visit a specific subpage, provided they have consented to receive commercial correspondence from the Operator.

8. Information about Cookies

1. The website uses cookies.
   
   
   
   
2. Cookies are data files, in particular text files, that are stored on the end device of the Service user and intended for use on the Service’s web pages. Cookies typically contain the name of the website from which they originate, the duration of storage on the end device, and a unique identifier.
3. The entity that places cookies on the user’s device and accesses them is the website operator.
4. Cookies are used for the following purposes:
   1. Maintaining the user’s session (after logging in), so that the user does not need to re-enter their login and password on each page;
   2. fulfilling the purposes specified above in section “7. Important Marketing Techniques”;
5. The Service uses two main types of cookies: “session” cookies and “persistent” cookies. Session cookies are temporary files stored on the user’s device until they log out, leave the website, or close their browser. Persistent cookies remain on the user’s device for the period specified in the cookie parameters or until they are deleted by the user.
6. Web browser software typically allows cookies to be stored on the user’s device by default. Service users can change these settings. Web browsers enable the deletion of cookies, and it is also possible to block cookies automatically. Detailed information on these options is available in the browser’s help or documentation.
7. Restricting the use of cookies may affect certain functionalities available on the Service’s web pages.
8. Cookies placed on the end device of the Service user may also be used by entities cooperating with the website operator, in particular the following companies: Google (Google Inc., USA), Facebook (Facebook Inc., USA), Twitter (Twitter Inc., USA).

9. Managing Cookies – How to Give and Withdraw Consent in Practice

1. If a user does not want to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, or maintaining user preferences may hinder, and in extreme cases prevent, the use of the website.
2. To manage your cookie settings, select your web browser from the list below and follow the instructions:
   
   
   
   
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

   Mobile devices:

   • Android
   • Safari (iOS)
   • Windows Phone