Privacy Policy

I. General Provisions

1. The Privacy Policy defines how the personal data of Users necessary for the provision of electronic services via the website www.foundation.alioth.group (hereinafter: the Website) is collected, processed, and stored.
2. The website collects only the personal data necessary to provide and develop the services offered.
3. Personal data collected through the Website is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, GDPR), and the Polish Data Protection Act of 10 May 2018.

II. Data Controller

The controller of personal data collected through the Website is the Alioth Foundation, address: Warsaw, ul. Chmielna 69, KRS: 0001000037, NIP: 5223239829, e-mail: foundation@aliothgroup.pl (hereinafter: the Controller).

III. Purpose of collecting personal data

1. Personal data is used for the purpose of: 
   1. communicating with the User (live chat, contact form, etc.),
   2. sending newsletters (upon the User’s consent),
   3. promotion of the Controller’s offer,
   4. marketing, remarketing, affiliation,
   5. personalization of the Website for Users,
   6. analytical and statistical purposes.
2. Providing data is voluntary, but necessary to use the functionalities of the Website.

IV. Types of personal data processed

The Controller may process the User’s personal data: full name, date of birth, home address, email address, phone number, tax identification number (NIP).

V. Personal data retention period

Users’ personal data will be processed for the following periods:

• if the data is processed on the basis of a contract – until the limitation period for claims after its execution expires,
• if the data is processed based on consent – until the consent is withdrawn, and after withdrawal, until the limitation period for claims.

In both cases, the limitation period is 6 years, and for claims concerning periodic benefits or business activity – 3 years (unless a specific regulation provides otherwise).

VI. Sharing of personal data

1. Users’ personal data may be shared with: entities affiliated with the Controller, its subcontractors, and entities cooperating with the Controller, such as online payment processors, courier/postal service providers, and law firms.
2. Users’ personal data will not be transferred outside the European Economic Area (EEA).

VII. Users’ rights

1. A User of the Website has the right to: access their personal data, rectify it, delete it, restrict its processing, transfer it, object to its processing, and withdraw consent at any time (without affecting the lawfulness of processing carried out based on consent before its withdrawal).
2. Requests related to exercising these rights should be sent to the following address:
3. The Controller fulfills or refuses the request immediately – no later than within one month of receiving it.
4. The User has the right to lodge a complaint with the President of the Personal Data Protection Office if they believe that the processing of their personal data violates their rights and freedoms (GDPR).

VIII. Cookies

1. The Website collects information using cookies – session, persistent, and third-party cookies.
2. The use of cookies supports proper service delivery on the Website and serves statistical purposes.
3. The User can define the scope of cookie access to their device in the browser settings.

IX. Automated decision-making and profiling

1. Users’ data cannot be processed in an automated manner that would result in any decisions being made about them.
2. Users’ data may be profiled in order to tailor content and personalize the offer, subject to their consent.

X. Final provisions

1. The Controller reserves the right to make changes to the Privacy Policy, without limiting the rights of Users.
2. Information about any changes will be published as a notice available on the Website.
3. In matters not covered by this Privacy Policy, the provisions of the GDPR and Polish law shall apply.