Privacy policy


General information

1. This document determines the website’s personal data processing rules (hereinafter: Website) belonging to PapuKurier Sp. z o.o., located in Poznań (60-284), ul Sowińskiego 18A (hereinafter: Controller).

2. The Controller processes personal data in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (hereinafter: “GDPR”).

3. The Website Controller attaches great significance to the protection of privacy and of information they are entrusted with concerning the Users of the Website. The Controller diligently selects and applies adequate technical measures, ensuring the protection of the processed data, mainly protects the data from them being shared to unauthorized persons, disclosed, lost and destroyed, unauthorized modification, as well as them being processed against the binding provisions of law.


Purposes, legal bases, and time of personal data processing

1. The Controller processes your personal data for the following purposes and in the scope of:

a. carrying out the Agreement and activities to enter it, i.e., preparing an offer, registration, and maintenance of the Account, providing Services in the scope of the Agreement, technical support (article 6, section 1, point b GDPR),

b. fulfilling the Controller’s legal obligations, i.e., carrying out tax and account obligations (article 6, section 1, point c GDPR),

c. carrying out marketing activities through the communication channel that the User agreed to, including making contact concerning the presentation of the Controller’s own offer (article 6, section 1, point a GDPR),

d. carrying out the Controller’s legally justified interest article 6, section 1, point f GDPR), i.e., particularly, handling the requests or queries (via email, social media, phone) and adjusting and developing the Website’s functionality, including its structure and content to the Users’ needs, creating aggregated statistics, and keeping the services provided by the Website safe and of high quality.

2. Personal data will be processed for the time necessary to carry out the purposes determined in the point above (§2 point 1), in particular:

a. for the period of cooperation between the User and the Controller, and 6 years after its termination, according to the binding provisions of the law;

b. until the moment of the User withdrawing their agreement,

c. for the time necessary to carry out the purpose for which they were collected, however, no longer than until the moment of filing an objection to their processing.

3. Cookie files will be processed according to the information presented in Cookies Policy.


Data categories

1. The Controller may collect the following personal data:

a. from data subjects:

  • name and surname;
  • email address;
  • telephone number;
  • apartment/delivery address;
  • NIP or REGON number;
  • subject’s name;
  • device’s IP address;

b. from employees and persons representing our Clients/potential Clients:

  • name and surname;
  • email address;
  • telephone number;
  • position/function performed with the Client;
  • Client’s data, their address details, and ID numbers;
  • device’s IP address;
  • location of the device after logging into the Application.

2. The Controller may also download and process other personal data if necessary to carry out the purposes.

3. Providing the data above is voluntary but may be required to carry out the purposes mentioned above or enter an agreement with the Controller and use the Application’s critical functionalities. Failure to provide them may result in not entering the Agreement or not receiving information about the sent request.


Source of data

1. The Controller’s source of the processed personal data is:

a. if received by the data subject – this person;

b. if processing data of client employees/potential client employees – their employer or the person in the location of their device within the Application;

c. if processing data of persons representing clients/potential clients – the client/potential client


Data recipients

1. Personal data may be shared with

a. sub-contractors, particularly subjects providing and maintaining selected IT systems and solutions (including hosting, development, and maintenance of IT systems and websites),

b. courier/mail businesses

c. vindication companies and law firms.

2. Your data will not be shared outside the European Economic Area.


Data subjects’ rights

1. Every User whose personal data are processed by the Controller has the right to:

  • get access to the content of personal data,
  • rectify their data,
  • remove their data,
  • limit the processing of their data,
  • transfer their data,
  • object to the processing done based on the Controller’s legally justified interest,
  • withdraw their consent at any moment, not influencing the legality of the processing done before it.

2. The Website user the right to make a complaint to the President of the Personal Data Protection Office when you think that the processing infringes on the provisions of the GDPR.


Additional information about processing data

1. Providing your data is voluntary, but necessary to provide selected services by the Controller, including carrying out purposes determined in §2 Purposes, legal bases, and personal data processing time.

2. There is no automatic decision-making, including profiling, in the process of processing data.


Final provisions

1. In all matters connected with personal data protection, you can contact the Controller
a. via mail at ul. Sowińskiego 18A, 60-283 Poznań
b. in electronic form:
2. The Controller reserves the right to make changes to this Privacy Policy; Simultaneously, it ensures that the Users’ rights stemming from this document will not be limited without their agreement.