The Privacy Policy contains information on the processing of personal data and the use of cookies in relation to the use of the website available at: https://kremerlegal.pl/, operated by Wojciech Kremer conducting business activity under the name Wojciech Kremer Kancelaria Radcy Prawnego.

The Privacy Policy also contains information regarding the processing of personal data of individuals who contact the Administrator by phone, via email, or through the contact form available on the Website, as well as individuals who visit the Administrator’s profile on LinkedIn or contact the Administrator through that platform.

Personal data is processed in accordance with the law, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of  27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR,” and the Act of 6 July 1982 on attorneys-at-law. The Administrator is the attorney-at-law bound by the professional secrecy of an attorney-at-law.

The website uses an SSL certificate to ensure secure communication.

The following definitions apply in this privacy policy:

1. Administrator – Wojciech Kremer, conducting business activity under the name Wojciech Kremer Kancelaria Radcy Prawnego, whose permanent place of business and address for delivery is ul. Armii Krajowej 18, Galileo, 10th floor, 30-150 Kraków, NIP: 6762568558, REGON: 383896695;
2. Privacy Policy – this privacy policy;
3. Terms and Conditions – the terms and conditions for the provision of electronic services available on the Website at: Terms and conditions for the provision of electronic services
4. Website – the website operated by the Administrator, available at the following URL: https://kremerlegal.pl/;
5. User (and in the plural Users, used interchangeably) – any natural person using the Website, as well as any natural person contacting the Administrator by phone, via email, through the contact form available on the Website, or via LinkedIn.

1. Administrator of personal data

The Administrator of personal data is Wojciech Kremer, conducting business activity under the name Wojciech Kremer Kancelaria Radcy Prawnego, whose permanent place of business and address for delivery is ul. Armii Krajowej 18, Galileo, 10th floor, 30-150 Kraków, NIP: 6762568558, REGON: 383896695, defined above as: “Administrator”.

You may contact the Administrator regarding any matters related to the processing of personal data:

1. in writing at the following address: ul. Armii Krajowej 18, Galileo, 10th floor, 30-150 Kraków,
2. by email at the following e-mail address: kremer@kremerlegal.pl or biuro@kremerlegal.pl,
3. by phone at the following number: +48 791 871 157.

Given the scope and nature of the Administrator’s activities, the Administrator has decided not to appoint a Data Protection Officer.

2. Scope and purposes of processing, legal bases for processing, and the period for which personal data is processed

The scope of the personal data processed, as well as the purposes and legal bases for processing and the period for which personal data is processed, have been defined separately for each type of User activity.

2.1 Use of the Website – technical data recorded in server logs

Using the Website (as with any other website) involves sending requests to the server where the Website is hosted. Such requests are recorded in server logs. Consequently, technical data automatically transmitted by the web browser used by the User is processed. Technical data includes i.a. the date and time of use of the Website, information about the operating system, information about the web browser, and the IP address.

The technical data recorded in the server logs are not linked or associated with a specific individual using the Website, nor with the Users’ personal data processed in accordance with the rules set forth below, subject to this Section 2.1, Paragraph 4 (below). Access to server logs is restricted to server administrators. The server on which the Website is hosted is located within the European Economic Area.

The technical data contained in the server logs referred to above may potentially constitute Users’ personal data; therefore, information about them has been included in the Privacy Policy. The purpose of processing such data is:

1. to ensure the proper and stable operation of the Website (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR) and
2. monitoring by the Administrator of the Website’s operation and how Users use it, including monitoring for any unusual activity, such as that related to User activity (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

In the event that the Administrator processes technical data for the purpose referred to in subparagraph (b) above, the Administrator may take steps to link the data recorded in the Server logs to a specific person using the Website if, in the course of such processing, it detects unusual activity and has reasonable grounds to suspect that it results from using the Website in a manner contrary to the law or the Terms of Service. In such cases, the Administrator may process the User’s personal data for the purpose of establishing, defending against, or pursuing claims (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

Technical data is processed only for the period required for technical reasons in view of the purpose of processing referred to in point (a) above. Additionally, technical data and personal data (in cases where technical data is linked to personal data as described in the preceding paragraph) are processed for the period necessary to establish, defend, or pursue claims.

2.2 Contacting the Administrator via the contact form

The website allows the User to contact the Administrator via the contact form.

When contacting the Administrator via the contact form, the User provides the Administrator with their first and last name, email address, and, optionally, a phone number, as well as any other information they voluntarily include in their message, particularly details regarding the matter for which they are seeking legal assistance. Providing this data is voluntary, but the User’s first and last name and email address are necessary to contact the Administrator via the contact form.

The Administrator processes the data referred to above for the following purposes:

1. to maintain correspondence addressed to the Administrator, to contact the User, including responding to a message sent via the contact form (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
2. if justified – to determine the details of a matter requiring legal assistance and the details of the entity concerned (in particular in cases where the User contacts the Administrator regarding a legal entity or other organizational unit that the User represents), including to verify that there is no conflict of interest and to schedule a meeting or present an offer (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
3. to take steps at the User’s request prior to entering into a contract, if the User is interested in entering into a contract for the provision of legal services with the Administrator or in another form of cooperation with the Administrator (Article 6(1)(b) of the GDPR);
4. to potentially establish, defend, or pursue claims (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);

for archival and statistical purposes (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

The data is processed for the period necessary to respond to the User’s message. Additionally, the data is processed for the period necessary to safeguard the Administrator’s interests, i.e., to determine the data referred to in point (b) above, if this proves justified, as well as to verify whether there is a conflict of interest, to schedule a meeting or present an offer, and for the possible establishment, defense, or pursuit of claims. The data is also processed for the period during which the Administrator uses it for archival and statistical purposes, as well as for the period of any actions taken prior to the conclusion of a contract.

2.3 Contacting the Administrator – by phone and via email

The Website publishes information regarding the Administrator’s phone number and email addresses. This information is published in the form of interactive buttons which, when clicked by the User, redirect them directly to the appropriate applications enabling an internet connection or the sending of an email.

When contacting the Administrator by phone (regardless of the method used to make the call), the User provides the Administrator with a phone number and other information voluntarily disclosed during the conversation, particularly information regarding the matter requiring legal assistance. Providing this information is voluntary, but in the case of the phone number, it is necessary to contact the Administrator by phone.

When contacting the Administrator via email (regardless of how the message is sent), the User provides the Administrator with an email address and other data that they voluntarily include in their message, in particular data regarding the matter requiring legal assistance. Providing data is voluntary, but in the case of an email address, it is necessary to contact the Administrator via email.

The Administrator processes the data referred to above for the following purposes:

1. handling correspondence addressed to the Administrator, contacting the User, including conducting a telephone conversation or responding to an email (the Administrator’s legitimate interest—Article 6(1)(f) of the GDPR);
2. if justified—to determine the details of a matter requiring legal assistance and the details of the entity concerned (in particular in cases where the User contacts the Administrator regarding a legal entity or other organizational unit that the User represents), including to verify that there is no conflict of interest and to schedule a meeting or present an offer (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
3. to take steps at the User’s request prior to entering into a contract, if the User is interested in entering into a contract for the provision of legal services with the Administrator or in another form of cooperation with the Administrator (Article 6(1)(b) of the GDPR);
4. to potentially establish, defend, or pursue claims (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
5. for archival and statistical purposes (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

Data is processed for the period necessary to establish the method of contact with the User selected by the User. Additionally, the data is processed for the period necessary to safeguard the Administrator’s interests, i.e., to determine the data referred to in point (b) above, if this proves justified, as well as to verify whether there is a conflict of interest, to schedule a meeting or present an offer, and for the possible establishment, defense, or pursuit of claims. The data is also processed for the period during which the Administrator uses it for archival and statistical purposes, as well as for the period of any actions taken prior to the conclusion of a contract.

2.4 Contacting the Administrator – via LinkedIn

The Administrator maintains public profiles on the LinkedIn social media platform (a personal profile at https://www.linkedin.com/in/wojciech-kremer/ and a business profile for the Law Firm at https://www.linkedin.com/company/wojciech-kremer-kancelaria-radcy-prawnego). The Website displays information about the business profile in the form of an interactive icon; when the User clicks on it, they are redirected directly to the profile.

The Administrator processes personal data provided by profile Users in the form of comments or direct, private messages. Users’ personal data includes their first and last names, and may also include their image and other data voluntarily provided in the content of a comment or direct message.

The Administrator processes data contained in comments to enable Users to engage with the Administrator’s profiles, to manage profiles, moderate comments, and respond to them, present information related to the profiles, and build the Administrator’s image (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR). Additionally, data may be processed to take steps at the User’s request prior to entering into a contract, if the User is interested in entering into a contract for the provision of legal services with the Administrator or another type of cooperation with the Administrator (Article 6(1)(b) of the GDPR), for the possible determination, defend against or pursue claims (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR) and for archival and statistical purposes (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

The Administrator processes the data contained in direct messages for the following purposes:

1. to contact the User, including responding to messages sent (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
2. if justified – to determine the details of a matter requiring legal assistance and the details of the entity concerned (in particular in cases where the User contacts the Administrator regarding a legal person or other organizational unit that the User represents), including to verify that there is no conflict of interest and to schedule a meeting or present an offer (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
3. to take steps at the User’s request prior to entering into a contract, if the User is interested in entering into a contract for the provision of legal services with the Administrator or in another form of cooperation with the Administrator (Article 6(1)(b) of the GDPR);
4. to potentially establish, defend, or pursue claims (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR);
5. for archival and statistical purposes (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR).

The data is processed for the period necessary for activities related to managing the Administrator’s profiles on the LinkedIn portal, as well as for the period necessary to contact the User. Additionally, the data is processed for the period necessary to safeguard the Administrator’s interests, i.e., to determine the data referred to in point (b) above, if this proves justified, as well as to verify whether there is a conflict of interest, to schedule a meeting or present an offer, and for the possible establishment, defense, or pursuit of claims. The data is also processed for the period during which the Administrator uses it for archival and statistical purposes, as well as for the period of any actions taken prior to the conclusion of a contract.

• Note: The Administrator is not the administrator of the LinkedIn service, which is operated in Poland by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place
  Dublin 2, D02 AD98, Ireland. The above information applies exclusively to the Administrator’s processing of personal data provided to it by Users via this website; it does not cover the processing of personal data of LinkedIn users by the operator of that service.

3. Sources of data

Users’ personal data is obtained directly from Users, including data partially transmitted automatically in connection with Users’ use of the Website or their engagement in specific activities on the Website.

4. Security of personal data

Personal data is collected and stored with due diligence, in a manner consistent with the regulations governing the protection of personal data, while maintaining the necessary technical and legal measures and respecting the professional secrecy of an attorney-at-law, which the Administrator is obligated to uphold.

5. Data transfer

Personal data may be disclosed and transferred to entities providing services to the Administrator, in particular entities providing accounting, human resources and IT services (in particular, the entity providing Website hosting services), statistical services, as well as postal operators, couriers and marketing agencies.

Such entities process data on the basis of agreements concluded with the Administrator, exclusively within the scope resulting from those agreements and on the basis of documented instructions from the Administrator. Data is processed in a manner consistent with the regulations governing the protection of personal data.

In addition, Users’ data may be transferred to tax authorities or, if required by the Administrator’s legitimate interest, to other competent public authorities.

6. Transfer of personal data to third countries

The Administrator uses services provided by Microsoft (Microsoft Corporation), One Microsoft Way, Redmond, WA 98052-7329, USA, which may process data outside the European Economic Area, declaring that the processing of personal data is in accordance with the GDPR. Data transfers are based on standard contractual clauses. Except for the use of the indicated services, and subject to the information regarding the Administrator’s use of cookies, as set forth in Section 9 of the Privacy Policy, Users’ personal data is not transferred outside the European Economic Area.

7. Automated decision-making, including profiling

The personal data being processed is not subject to automated decision-making, including profiling.

8. Rights of data subjects

Users whose personal data is processed generally have the following rights:

1. the right to information about data processing and access to data;
2. the right to rectification of data;
3. the right to erasure;
4. the right to restrict data processing;
5. the right to object to data processing;
6. the right to data portability;
7. the right to withdraw consent to data processing, if such consent has been given;
8. the right to lodge a complaint with a supervisory authority.

These rights are described in detail in Articles 16–21 of the GDPR. It is important to note the following:

1. not all of the above rights are absolute;
2. withdrawing consent to the processing of personal data does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal,
3. The User always has the right to lodge a complaint with the supervisory authority, which is the President of the Personal Data Protection Office,
4. in case of any doubts regarding the User’s processed data or the purposes of such processing, it is possible to contact the Administrator using the contact details provided in the Privacy Policy;
5. given the specific nature of the Administrator’s activities, the exercise of the above rights must not violate the rules for the processing of personal data set forth in Chapter 1a of the Act of 6 July 1982 on attorneys-at-law.

9. Cookies

Cookies are IT data – text files, stored on Users’ end devices (e.g., computers, smartphones, tablets) when visiting websites. Cookies do not interfere with the integrity of Users’ devices.

The Website uses its own cookies to ensure the proper functioning of the Website, as well as third-party cookies, described below. The use of third-party cookies results from the use of services provided by these third parties. By using cookies, including in particular third-party cookies, the Administrator may have access to information about Users, such as: information about the operating system and web browser, subpages viewed, time spent on the Website, clicks on links, the User’s age range, the User’s gender, the User’s approximate location, and the User’s interests. Data collected through the use of cookies is not linked or associated with a specific individual or with User data processed in accordance with the principles set forth in this Privacy Policy (above), and is anonymous in nature. Nevertheless, it may potentially constitute Users’ personal data.

Since the information contained in cookies is collected by third parties, it is processed by those parties in accordance with their own rules, as set forth in their terms of service and privacy policies.

The purpose of processing data collected by the Administrator through the use of cookies is to ensure the proper and stable operation of the Website (the Administrator’s legitimate interest – Article 6(1)(f) of the GDPR), statistical analysis of data and marketing activities (the User’s consent– Article 6(1)(a) of the GDPR).

The website uses two types of cookies:

1. so-called session cookies, which are temporary files stored on the user’s device until the user leaves the website or closes the web browser,
2. so-called persistent cookies, which are stored on the end device for the period specified in the cookie parameters or until they are deleted.

The Administrator uses cookies based on the User’s consent, with the exception of cookies necessary for the proper functioning of the Website. The Administrator uses a tool for managing consent to the use of cookies, i.e., Cookiebot, provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. Detailed information regarding the processing of personal data by Usercentrics A/S is available in that entity’s privacy policy at: https://www.cookiebot.com/en/privacy-policy/.

During the first visit to the Website, a message is displayed via the Cookiebot tool, asking for consent to the use of cookies and providing a mechanism to consent to the use of specific categories of cookies. Cookies – excluding those necessary for the proper functioning of the Website, remain blocked until the User consents to their use. Once consent is given, the User may withdraw it at any time or limit it to selected categories of cookies (re-access to the consent panel is possible by clicking the appropriate button in the lower-left corner of the Website screen). Limiting the use of cookies may cause difficulties in using the Website.

It is also possible to manage cookies through your web browser settings. Most browsers automatically allow the use of cookies, but it is generally possible to delete them via browser settings. Below are links to websites containing information on cookie settings in the most popular web browsers:

1. Mozilla Firefox: https://support.mozilla.org/pl/kb/usuwanie-ciasteczek-i-danych-stron-firefox;
2. Microsoft Edge: https://support.microsoft.com/pl-pl/edge/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use;
3. Google Chrome: google.com/chrome/bin/answer.py?hl=pl&answer=95647;
4. Safari:apple.com/pl-pl/HT201265;
5. Safari (Desktop):apple.com/pl-pl/guide/safari/sfri11471/mac;
6. Opera:opera.com/pl/latest/security-and-privacy/.

The website uses cookies from the third parties listed below in connection with the services provided by these entities.

Note: All links contained in the Privacy Policy refer to external websites or documents from other providers, for whose content the Administrator is not responsible.

Detailed information about the cookies currently used by the Administrator, including information about the names and providers of individual cookies and their maximum storage period, is provided in the table below. Below (above the table) is also information regarding the User’s current consent to the use of cookies.