Privacy Policy

Privacy Policy of the Internet Service

  1. The Data Controller of Personal Data of the Internet service available at the address:, hereinafter referred to as the Internet Service, is Maciej Szczotka conducting business under the name “Automation Trader spółka z ograniczoną odpowiedzialnością”, based at ul. Browarowa 21, 43-100 Tychy, Tax Identification Number (NIP): 6463009354, National Business Registry Number (REGON): 527345886, registered on January 3, 2024 by the District Court Katowice-Wschód, VIII Economic Department of the National Court Register. Share capital: 50,000 PLN.

  2. Any inquiries, requests, or complaints related to the processing of personal data by the Data Controller, hereinafter referred to as Notifications, should be directed to the following email address: [email protected] or in writing to Automation Trader Spółka z o.o., ul. Browarowa 21, 43-100 Tychy. The notification should clearly specify:

    • The data of the person or persons covered by the Notification,
    • The event that is the reason for the Notification,
    • Present your requests and the legal basis for these requests,
    • Specify the expected way of handling the matter.
  3. In our Internet Service, we collect the following personal data:

    • Name and surname, company name, email address, phone number – this data may be processed when you provide it to us as a user of our Internet Service through a contact form or chat available on the Service, as well as through email, phone contact, or traditional mail.
    • IP address of the device and potential personal data contained in Cookies files – information resulting from general principles of Internet connections, such as an IP address (and other information contained in system logs), is used for technical and statistical purposes, including collecting general demographic information (e.g., about the region from which the connection originates). This type of data is also used for marketing and analytical purposes if consent is given in accordance with Article 173 (1) of telecommunications law.
    • Additionally, other data may be collected as part of specific matters or may be provided by users of our Internet Service via email, chat, or contact form available on the Internet Service, traditional mail, or during phone contact.
  4. Every person using our Internet Service has the option to choose whether and to what extent they want to use our services and provide information and data about themselves, in accordance with the content of this Privacy Policy.

  5. We process personal data for the following purposes:

    • Conclusion and performance of contracts related to the services offered by us (Article 6 (1) (b) of the GDPR) – in this scope, data will cease to be processed upon the completion of the specific contract.
    • Fulfillment of legal obligations incumbent on the Data Controller, in particular, documentation keeping, issuing invoices, etc. (Article 6 (1) (c) of the GDPR) – in this scope, personal data will be deleted after fulfilling specific legal obligations.
    • Sending marketing content regarding the Data Controller and conducting website analytics in connection with the use of cookies (Article 6 (1) (a) of the GDPR) – in this scope, personal data is processed until the end of the session or the deletion of cookies by the user, withdrawal of consent, or until effective objection to processing for this purpose.
    • Running the website (Article 6 (1) (f) of the GDPR in connection with Article 173 (1) of telecommunications law) – in this scope, personal data will cease to be processed in case of the expiry of the cookie file, deletion of cookies, or accordingly upon the termination of a specific session.
    • Ongoing communication related to the operation of the Internet Service (Article 6 (1) (f) of the GDPR, i.e., legitimate interest of the Data Controller) – in this scope, your personal data will cease to be processed upon responding to a specific question or handling a specific matter.
    • Establishing and pursuing claims or defending against such claims (Article 6 (1) (f) of the GDPR, i.e., legitimate interest of the Data Controller) – in this scope, personal data will be deleted upon the expiry of the claims, but as a rule, after the lapse of a 3-year statute of limitations period.
  6. The source of personal data processed by the Data Controller is individuals whose data is concerned.

  7. In the case of a button or function that is a link to an external website, application, or social media, there is a co-administration relationship between the Administrator of this Internet Service and the administrator of the external website. Co-administration is limited exclusively to data necessary for operations related to the functioning of a specific button or function. The Administrator is not responsible for the policies regarding the further processing of personal data by other entities and organizations or social media service providers. Our Co-Administrators within this Internet Service include:

    • Meta Platforms Ireland Ltd. (Facebook, Messenger, Instagram) with its registered office at: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland,
    • Pinterest Europe Limited (Pinterest) with its registered office at: 2nd Floor Palmerston House, Fenian Street, Dublin 2, Dublin, D02WD37, IRELAND, D02WD37,
    • Google Ireland Ltd. (YouTube, Google Maps) with its registered office at: Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland,
    • Twitter International Unlimited Company (Twitter) with its registered office at: Fenian Strees DO2 F663 Dublin, Ireland.
  8. The Administrator uses tools provided by Google Ireland Ltd, Microsoft Ireland Operations Ltd, Meta Platforms Ireland Ltd, and As a rule, data processed as part of the use of these tools is processed on servers located within the EEA. Nevertheless, entities providing these tools may be obliged to transfer data to third parties if such obligation is imposed on them by law or is necessary due to the nature of the services provided (SaaS, hosting, etc.). The scope of personal data transferred refers to potential personal data contained in Cookies files. The legal basis for processing personal data indicated in the preceding sentence has been indicated in point 5 (c) and (d) of this Privacy Policy. The transfer of personal data to the United States is carried out based on the Decision of the European Commission of July 10, 2023, on ensuring an adequate level of protection through the EU-US data protection framework (Article 45 (1) of the GDPR). Our data importer entities, i.e., Google LLC, Inc., Meta Platforms, Inc., Microsoft Corporation, meet the criteria of the decision and participate in the Data Protection Framework program (

  9. We do not provide any personal data to third parties without the explicit consent of the individuals whose data is concerned. Personal data without the consent of the individuals whose data is concerned may only be made available to public authorities, i.e., authorities and administration (e.g., tax authorities, law enforcement authorities, and other entities authorized by universally applicable legal provisions).

  10. Personal data may be entrusted for processing to entities processing such data on our behalf as the Data Controller. In such a situation, as the Data Controller, we conclude a personal data processing entrustment agreement with the data processing entity. The data processing entity processes the entrusted personal data only for the purposes, to the extent, and for the purposes indicated in the entrustment agreement mentioned in the preceding sentence. Without entrusting personal data for processing, we would not be able to conduct our activities within the framework of the Internet Service. As the Data Controller, we entrust personal data for processing, in particular, to the following entities:

    • Providing hosting services for the website on which our Internet Service operates,
    • Providing analytical and marketing tools,
    • Other entities providing services necessary for the operation of the Data Controller.
  11. Personal data is not subject to profiling by us as the Data Controller within the meaning of the GDPR provisions.

  12. In accordance with the GDPR provisions, every person whose personal data we process as the Data Controller has the right to:

    • Access their personal data as referred to in Article 15 of the GDPR,
    • Be informed about the processing of personal data as referred to in Article 12 of the GDPR,
    • Correct, supplement, update, or rectify personal data as referred to in Article 16 of the GDPR,
    • Withdraw consent at any time as provided in Article 7 (3) of the GDPR,
    • Have data deleted (the right to be forgotten) as referred to in Article 17 of the GDPR,
    • Restrict processing as referred to in Article 18 of the GDPR,
    • Data portability as referred to in Article 20 of the GDPR,
    • Object to the processing of personal data as referred to in Article 21 of the GDPR,
    • In the case of the legal basis being consent, the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal,
    • Not be subject to profiling as referred to in Article 22 in conjunction with Article 4 (4) of the GDPR,
    • Lodge a complaint with the supervisory authority (i.e., the President of the Office for Personal Data Protection), as referred to in Article 77 of the GDPR.
  13. If you wish to exercise your rights as described in the preceding paragraph, please send an email to the email address or in writing to the correspondence address mentioned in point 2 above.

  14. Each identified case of a security breach is documented, and in the event of one of the situations specified in the GDPR or the Act, individuals whose data is concerned are informed about such violations of personal data protection rules, and – if applicable – the supervisory authority is also informed.

  15. In matters not regulated by this Privacy Policy, the relevant provisions of the universally applicable law apply. In the event of a conflict between the provisions of this Privacy Policy and the above-mentioned provisions, the latter take precedence.

Automation Trader
IT Loft Park, ul. Browarowa 21
43-100 Tychy, Poland
Tel: +44 7418 359 399
[email protected]

VAT-EU: PL6463009354
REGON: 527345886
DUNS: 427734105

2024 © Automation Trader