Privacy Policy

§1. General provisions

This Privacy Policy sets out the rules governing the processing and protection of personal data provided by Users in connection with their use of this website.

The data controller is:

  • Name: TREJKA Sp. z o.o.
  • Registered office address: 31a Moniuszki Street, 15-192 Białystok, Poland
  • Tax Identification Number (NIP): 9662085626
  • KRS: 0000423570
  • Email address: info@trejka.com
  • Telephone: +48 695 423 811

TREJKA Sp. z o.o. provides technical support services for websites based on the WordPress platform, including, amongst other things, maintenance, updates, security and website optimisation. The data controller makes every effort to ensure that the privacy of visitors to the website is respected. The processing of personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and the applicable provisions of Polish law.

§2. Types of personal data collected

Depending on how you use the website, the Controller may collect the following categories of data:

2.1. Contact form

When you use the contact form, we collect:

  • full name or pseudonym,
  • email address,
  • telephone number (optional),
  • message content.

2.2. User account registration

When you register an account on the website, we collect:

  • first name and surname,
  • email address,
  • password (stored exclusively in encrypted form),
  • optional: telephone number, address details.

2.3. Fulfilment of orders and provision of services

When ordering WordPress maintenance services or making a purchase, you must provide the following:

  • first name and surname / company name,
  • correspondence address,
  • email address and telephone number,
  • Tax Identification Number (for VAT invoices),
  • the data necessary to process payments (handled by an external payment provider – the Controller does not store payment card details).

2.4. Data collected automatically

When you visit our website, we automatically collect:

  • the device’s IP address,
  • the type and version of the web browser,
  • data relating to sessions and activity on the website,
  • data collected by cookies (see §5 for details).

§3. Purposes and legal basis for data processing

Users’ personal data is processed for the following purposes:

  • responding to enquiries submitted via the contact form – legal basis: Article 6(1)(b) or (f) of the GDPR,
  • performance of contracts for the provision of WordPress maintenance services (maintenance, updates, security, optimisation) – legal basis: Article 6(1)(b) of the GDPR,
  • order processing, payments and invoicing – legal basis: Article 6(1)(b) of the GDPR,
  • maintaining a user account – legal basis: Article 6(1)(b) of the GDPR,
  • compliance with legal obligations, including the retention of accounting records – legal basis: Article 6(1)(c) of the GDPR,
  • website traffic analysis and content optimisation (Google Analytics) – legal basis: Article 6(1)(a) or (f) of the GDPR,
  • direct marketing and newsletters – solely on the basis of the User’s explicit consent – Article 6(1)(a) of the GDPR.

§4. Data retention period

Personal data is retained for the period necessary to fulfil the purposes for which it was collected:

  • data from the contact form – for up to 12 months from the date of reply,
  • data relating to the provision of services and the fulfilment of orders – for the period required by tax legislation (as a rule, 5 years from the end of the tax year),
  • user account data – until the account is deleted by the User or by the Administrator,
  • data processed on the basis of consent – until such consent is withdrawn.

§5. Cookies and analytics tools

This website uses cookies, which are small text files stored on the User’s device. Cookies are not used to identify individuals and do not collect any personal data.

5.1. Types of cookies used

  • Essential (technical) – necessary for the website to function properly. They do not require the user’s consent.
  • Analytical – these enable the analysis of website traffic using Google Analytics (the data is anonymised). They require the user’s consent.
  • Functional – these remember the user’s preferences. They require the user’s consent.
  • Marketing cookies – these are used to display personalised adverts. They require the user’s explicit consent.

5.2. Google Analytics

This website uses Google Analytics, an analytics tool provided by Google LLC. Google Analytics collects information about how the website is used. The website administrator uses the IP address anonymisation feature. For further information, see: policies.google.com/privacy.

5.3. Managing cookies

You can change your cookie settings at any time via the preferences panel available on the website or through your web browser settings. Disabling essential cookies may prevent the website from functioning properly.

§6. Recipients of personal data

Users’ personal data may only be disclosed to trusted third parties, and only to the extent necessary for the provision of services:

  • electronic payment providers (e.g. Przelewy24, PayU, Stripe) – for the purpose of processing transactions,
  • software and hosting providers – for the purpose of maintaining and supporting WordPress websites,
  • Google LLC – in relation to analytics tools (Google Analytics),
  • accountancy firm – to the extent required by tax legislation.

Data is not sold or disclosed to third parties for marketing purposes without the User’s explicit consent.

§7. Data transfers outside the European Economic Area

Some data recipients (including Google LLC) are based outside the European Economic Area (EEA). Data transfers are carried out on the basis of standard contractual clauses approved by the European Commission, which ensure an adequate level of data protection.

§8. User Rights

Every User whose data is processed has the following rights:

  • Right of access to data (Article 15 of the GDPR).
  • The right to rectification (Article 16 of the GDPR).
  • The right to erasure (Article 17 of the GDPR) – the so-called ‘right to be forgotten’.
  • The right to restrict processing (Article 18 of the GDPR).
  • The right to data portability (Article 20 of the GDPR).
  • Right to object (Article 21 of the GDPR).
  • The right to withdraw consent – at any time, without affecting the lawfulness of processing prior to withdrawal.

To exercise the above rights, please contact the Data Controller by email at: [CONTACT EMAIL]. The Data Controller will respond without undue delay, but no later than within 30 days.

The user also has the right to lodge a complaint with the supervisory authority – the President of the Office for Personal Data Protection (UODO), ul. Stawki 2, 00-193 Warsaw.

§9. Data security

TREJKA Sp. z o.o. implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss or destruction. Data submitted via forms is encrypted using the SSL/TLS protocol. Access to personal data is restricted to authorised persons who are bound by a duty of confidentiality.

§10. Links to external websites

This website may contain links to other websites. TREJKA Sp. z o.o. accepts no responsibility for the privacy policies of the operators of those websites. We recommend that you familiarise yourself with the privacy policy of each external website you visit.

§11. Changes to the Privacy Policy

The Administrator reserves the right to make changes to this Privacy Policy. Users will be informed of any significant changes by the publication of an updated version on the website. The date of the last update is always shown at the top of the document.

§12. Contact details regarding data protection

If you have any questions regarding the processing of personal data or this Privacy Policy, please contact us at:

This document has been drawn up in accordance with the GDPR (EU Regulation 2016/679). This template is for information purposes only – we recommend consulting a legal adviser before implementing it.