apply

Visit our profile

Linkedin

Change language

Privacy policy

1. General information
  1. [Service] The website available at www.bixbite.com.pl (hereinafter: the “Service”) is operated by Bixbite sp. z o.o. (address: ul. Żelazna 51/53, 00-841 Wola), registered in the National Court Register under number xxxxxxxxxx, with NIP: xxxxxxxxxx and REGON: xxxxxxxxx.
  2. [Administrator] The controller of your personal data processed via the Service is Bixbite sp. z o.o. (address: ul. Żelazna 51/53, 00-841 Wola). You can contact the Controller via email: kontakt@bixbite.com.pl.
  3. [Policy] This Privacy Policy (hereinafter: “Policy”) provides information on the processing of personal data within the Service.
  4. [Data Security] The Controller processes personal data in accordance with personal data protection laws, in particular the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Polish Personal Data Protection Act of May 10, 2018.
  5. [User Information] The Service processes information about its visitors (Users), including data:
  • entered into order or contact forms, or submitted via CVs or cover letters;
  • provided through email communication;
  • stored in end-user devices – cookies;
  • related to activity within the Service and collected in server logs (e.g., timestamps, IP addresses), necessary for site administration but not used for user identification.
  1. [Security] The Controller respects privacy rights and ensures data security using encrypted communication protocols (SSL) and adequate technical and organizational measures.
  2. [Voluntary Submission] The Service only collects data voluntarily provided by Users.
2. Personal Data Processing in the Service
  1. [Voluntariness] The Controller collects only information voluntarily provided by the User. The data provided in the form is processed for the purpose resulting from the function of the specific form.
  2. [Order in the Store] Personal data provided in the order form in the Store is processed for the purpose of concluding and performing a service sales agreement based on the necessity for the performance of the contract (Art. 6(1)(b) GDPR), for the correct settlement of the contract based on the necessity to fulfill the legal obligations incumbent upon the Controller (Art. 6(1)(c) GDPR), and may also be processed for communication purposes and for the establishment, exercise, or defense of legal claims based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR). Providing data in the order form is voluntary, but necessary to conclude the contract. The Controller will store this data for the time necessary to perform the contract, fulfill its legal obligations, and for the limitation period of potential claims.
  3. [Contact Form] Personal data provided in the contact form as well as via a CV file or cover letter is processed for the purpose of:
    1. responding to the submitted message and communicating in connection with it based on the legitimate interest of the Controller in the form of communication (Art. 6(1)(f) GDPR). Providing data in the contact form is voluntary, but necessary for communication and responding to the message. The Controller will store this data for the time necessary to handle the message and maintain communication, and may also retain it for the limitation period of potential claims;
    2. conducting recruitment activities, in particular:
      1. evaluating the candidate’s qualifications for a given position,
      2. assessing the candidate’s abilities and skills for the given position,
      3. selecting a suitable person or persons for employment.
  4. The legal basis for the processing of personal data in this case is the User’s consent.
  5. carrying out marketing activities via email. The legal basis for processing personal data in this case is the User’s consent.
  6. The processing of Users’ personal data concerns, in particular, the address, full name, date of birth, email address, residential address, PESEL number, and phone number.
  7. [Marketing of Own Services] Personal data in the form of name and email address submitted via the order form on the Service may also be processed by the Controller for the purpose of marketing its own services based on the Controller’s legitimate interest (Art. 6(1)(f) GDPR). At any time, the User may object to such processing based on the legitimate interest of the Controller by sending an email to kontakt@bixbite.com.pl. The Controller will store this data for the period during which its own services are being marketed or until a valid objection is submitted.
  8. [Data Recipients] The data provided through the Service may be disclosed or entrusted to third parties only within the limits established by law. The Controller may be required to provide information collected by the Service to authorized authorities based on lawful requests within the scope of such requests. Data submitted to the Controller, including through the forms available on the Service, may be transferred to entities performing certain services for the Controller in connection with the operation of the Service, such as IT, marketing, or legal support, solely for the purpose of providing these services to the Controller. Data submitted by Users of the Service or through communication with the Controller may also be transferred only to those recipients who have appropriate authorization related to the provision of necessary services for the Controller’s purposes, including IT services and services related to organizing and promoting the Controller’s operations.
3. Data Processing Outside the Service
  1. In addition to the data provided via forms, the Administrator also processes:
    1. [Communication] Data shared during communication via telephone, email, or traditional mail. Providing data for this purpose is voluntary but necessary in order to respond to the submitted message or to maintain communication. This data is processed on the basis of the Controller’s legitimate interest in communication or as implied by the content of the correspondence (Art. 6(1)(f) GDPR). The Administrator retains this data for the duration of the communication and may continue to process it for the limitation period of any potential claims. This data may be transferred by the Administrator only to entities providing services necessary for communication, including IT and marketing services, and solely for the performance of those services.
    2. [Social Media] Data of Users who interact with the Administrator on social media platforms (e.g., Facebook, Instagram, LinkedIn) by liking the page, reacting to posts or stories, sharing posts, commenting, sending messages via the managed account, or joining an event. Through these interactions, the Administrator may gain access to the User’s name, image, public profile, and any other information shared in messages or comments. Providing data for this purpose is voluntary but necessary to respond to a message or maintain communication. The legal basis for processing this data is the Administrator’s legitimate interest in communicating with Users and analyzing such communication (Art. 6(1)(f) GDPR). The Controller retains this data only for as long as necessary to communicate with Users, analyze that communication, and for the limitation period of any potential claims. This data may only be transferred to entities providing services necessary for communication, including IT and marketing services, solely for the performance of those services.
4. Cookies and User Profiling
  1. [Cookies] The Service uses cookies. Cookies are not used to identify Users. Cookies are pieces of computer data, particularly text files, that are stored on the User’s end device and are intended for use on the Service’s website. Cookies typically contain the name of the website from which they originate, the duration of their storage on the end device, and a unique identifier.
  2. [Purposes of Using Cookies] Cookies are used for the following purposes:
    • creating statistics and conducting analytics to help understand how Users interact with the website, enabling improvements to its structure and content;
    • maintaining the User’s session on the Service;
    • profiling the User in order to display personalized content in advertising networks, particularly the Google network.
  3. The Administrator uses the following types of cookies on the Service:
Cookie Table
Type Name Provider Function Retention period
Essential PHPSESSID bixbite.com.pl Utrzymuje sesję Użytkownika podczas przeglądania strony Session
Essential JSESSIONID bixbite.com.pl Identyfikacja sesji na serwerze Session
Niezbędne csrftoken bixbite.com.pl Zabezpieczenie przed atakami CSRF Session
Essential consent_cookie bixbite.com.pl Przechowuje zgodę Użytkownika na używanie plików cookie 1 year
Essential __Secure-3PAPISID google.com Zabezpieczenie przed nieautoryzowanym dostępem 2 years
Functional lang bixbite.com.pl Przechowuje preferencje językowe Użytkownika 1 year
Funkcjonalne theme bixbite.com.pl Przechowuje preferencje Użytkownika dotyczące wyglądu strony 1 year
Analytical _ga google.com (Google Analytics) Służy do liczenia ilości odwiedzin stron Serwisu 2 years
Analytical _gid google.com (Google Analytics) Służy do liczenia ilości odwiedzin stron Serwisu 1 day
Performance RT pingdom.com Monitorowanie szybkości ładowania strony 7 days
Wydajnościowe _gat google.com (Google Analytics) Ograniczanie liczby zapytań do serwera 1 minute
Marketing fr facebook.com Wyświetlanie spersonalizowanych reklam 90 days
Marketing NID google.com Wyświetlanie spersonalizowanych reklam w Google 6 months
  1. [Disabling Cookies] While using the Service, the User may select the extent to which the Controller can use information stored in cookies via the cookie settings window displayed on the website. The User may also change these settings through their web browser. Restrictions on the use of cookies may affect certain functionalities available on the Service’s website.
  2. [Statistics] The Controller collects anonymous data on visits to the Service’s pages and analyzes them using Google Analytics. This tool does not provide data that allows the identification of a specific individual.
  3. [Ad Management] Regarding information about the User’s preferences collected by the Google advertising network, the User may view and edit the information resulting from cookies using the following tool: https://www.google.com/ads/preferences/
  4. [Profiling] Profiling is performed within the Service to display content tailored to the User. However, it does not result in decisions that produce legal effects for the User.
  5. [Blocking] It is possible to block the use of data by the Controller for analytics via Google Analytics. To do so, you can install the Google Analytics opt-out browser add-on available here: https://tools.google.com/dlpage/gaoptout/?hl=pl
5. Server logs
  1. [Service Administration] Information about certain User behaviors is logged at the server level. This data is used solely for the purpose of administering the Service and ensuring the most efficient operation of the hosting services provided. This data is not associated with specific individuals browsing the site.
  2. [Resources] Accessed resources are identified by URL addresses. Additionally, the following information may be recorded, used solely for server administration purposes:
    • the time the request was received,
    • the time the response was sent,
    • the name of the client station –
    • identified via the HTTP protocol,
    • information about errors that occurred during HTTP transactions,
    • the URL of the previously visited page (referrer link) – in the case where the transition to the Service occurred via a link,
    • information about the User’s browser,
    • information about the IP address.
6. Your rights
  1. [Security] All personal data is processed in accordance with applicable laws. The Controller applies appropriate technical and organizational measures to ensure the protection of processed data, adequate to the risks and the category of data being protected. In particular, personal data is secured against unauthorized access, loss, or damage.
  2. [Data Transfer Outside the EEA] As part of processing data using Google services, such data may be transferred outside the European Economic Area (EEA). With regard to transfers to the United Kingdom, Canada, Israel, Japan, and the United States, the European Commission has recognized that these countries provide an adequate level of data protection. For other countries where Google may process data, standard contractual clauses are used to ensure an adequate level of protection.
  3. [Individual Rights] With respect to all provided personal data, under the principles set forth in the GDPR, you have the right to:
    • obtain information regarding the processing of your personal data and your rights, provided in a concise, transparent, intelligible, and easily accessible form, using clear and plain language;
    • not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless you have given explicit consent, it is permitted by law, or necessary for entering into or performing a contract;
    • withdraw your consent at any time, where processing is based on consent;
    • object to the processing of your data on grounds relating to your particular situation, where processing is based on Article 6(1)(e) or (f) of the GDPR;
    • access your personal data, including obtaining information about how it is processed, especially the purposes, categories, recipients, and retention period of the data;
    • rectify personal data that is inaccurate, and considering the purposes of the processing, you have the right to have incomplete personal data completed, including by providing a supplementary statement;
    • request the erasure of your personal data (unless there are grounds under Article 17 of the GDPR allowing continued processing, e.g., for the establishment, exercise, or defense of legal claims);
    • restrict the processing of personal data in the cases specified in Article 18 of the GDPR;
    • data portability – that is, to receive your personal data, which you have provided to the Controller, in a structured, commonly used, and machine-readable format, where the processing is based on consent or a contract and is carried out by automated means;
    • know the source of your data if it was not collected directly from you;
    • lodge a complaint with the President of the Personal Data Protection Office if you believe the processing of your personal data violates data protection laws, in particular the GDPR.
  4. [Contact] For matters related to personal data protection and exercising your rights, you may contact the Controller at: kontakt@bixbite.com.pl.
  1. [Privacy Policy Updates] The Administrator may make changes or updates to the Privacy Policy if required by law, data protection guidelines, or changes to the Service. Any update to the Privacy Policy will take effect 14 days after the latest version is published.

Contact

Bixbite Sp. z o.o

ul. XXXXXXX

XX-XXX Warszawa

NIP: XXX-XXX-XX-XX

REGON: XXXXXXXXXXXXX

KRS: XXXXXXXXXXXXXX

Copyright © 2025 | Bixbite

Privacy Policy

LinkedIn