Privacy Policy
Last Updated: 2 July 2026
This Privacy Policy explains how Paper & Practice, operating from Stanisława Moniuszki 7, Katowice, Poland, collects, uses, stores, and protects personal data belonging to visitors of this website and participants of its programs. This document has been prepared in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Polish Act of 10 May 2018 on the Protection of Personal Data.
1. Data Controller
The data controller responsible for personal data processed through this website is Paper & Practice, located at Stanisława Moniuszki 7, Katowice, Poland. Inquiries regarding data processing may be directed to [email protected] or by phone at +48 71 307 22 67.
2. Categories of Personal Data Collected
We may collect the following categories of personal data: identification data such as name and email address submitted through contact or inquiry forms; communication data contained in messages sent to us; technical data such as IP address, browser type, and device information collected automatically through cookies and similar technologies as described in our Cookie Policy; and any information voluntarily provided during correspondence regarding program interest.
3. Purposes and Legal Basis for Processing
Personal data submitted through the contact form is processed for the purpose of responding to inquiries about the program, which constitutes a legitimate interest under Article 6(1)(f) GDPR, or where applicable, is based on consent under Article 6(1)(a) GDPR. Technical data collected via cookies is processed based on consent obtained through our cookie consent mechanism, except for strictly necessary cookies which are processed based on legitimate interest in operating the website.
4. Data Retention
Personal data submitted through inquiry forms is retained only for as long as necessary to respond to the relevant inquiry and for a reasonable period afterward to allow for follow-up communication, typically not exceeding twenty-four months unless a longer retention period is required by applicable law or requested by the data subject for ongoing communication.
5. Recipients of Personal Data
Personal data is not sold or shared with third parties for marketing purposes. Data may be shared with service providers who assist in operating this website, such as hosting providers and email service providers, strictly to the extent necessary to perform their services, and always under appropriate data processing agreements consistent with Article 28 GDPR.
6. International Data Transfers
Where any service provider used to operate this website is located outside the European Economic Area, transfers of personal data are conducted in accordance with GDPR requirements, including reliance on adequacy decisions or standard contractual clauses approved by the European Commission.
7. Data Subject Rights
Under GDPR, individuals have the right to access their personal data, request rectification of inaccurate data, request erasure of data, request restriction of processing, object to processing based on legitimate interest, request data portability, and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Requests can be submitted to [email protected].
8. Right to Lodge a Complaint
Individuals who believe their personal data has been processed unlawfully have the right to lodge a complaint with the Polish supervisory authority, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, UODO), or with the supervisory authority of their habitual residence within the European Union.
9. Cookies and Similar Technologies
This website uses cookies to operate correctly and, where consented to, to analyze usage patterns. Full details regarding the categories of cookies used, their purposes, and how to manage preferences are available in our separate Cookie Policy, accessible via the footer of this website.
10. Security Measures
Reasonable technical and organizational measures are implemented to protect personal data against unauthorized access, alteration, disclosure, or destruction, consistent with the requirements of Article 32 GDPR, taking into account the nature, scope, and risks associated with the processing activities described in this policy.
11. Changes to This Policy
This Privacy Policy may be updated periodically to reflect changes in legal requirements or our data processing practices. The date at the top of this page indicates when the policy was last revised. Continued use of the website following any update constitutes acknowledgment of the revised policy.
12. Contact Regarding This Policy
Questions or requests related to this Privacy Policy or the processing of personal data can be directed to [email protected] or by post to Paper & Practice, Stanisława Moniuszki 7, Katowice, Poland.