The Policy is for information purposes and serves satisfaction of information obligations imposed on the data controller under the GDPR, i.e. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Anyone who uses the website available at (“Website”) should become acquainted with the Privacy Policy. The Privacy Policy determines the rules for processing personal data of persons using the Website and using Cookie files and other tracking technologies used in connection with operation of the Website.


  1. The controller of users’ personal data is Blazity sp. z o.o. with its registered office in Warsaw (00-535), ul. Trzech Krzyży 10/14, entered in the register of entrepreneurs of the National Court Register (KRS) under number KRS: 0000743458, Tax Identification Number NIP: 9512467349, National Business Registry Number REGON: 38093625300000, share capital in the amount of PLN 5,000.00 (“Blazity”).

  2. Each data subject may contact Blazity as the personal data controller by sending a message to the e-mail


  1. The purpose and scope of processed personal data are determined by the scope of consents and data provided by the data subject in the contact form or otherwise. The processing of personal data by Blazity may concern in particular: first and last name, e-mail address, social media identifiers, phone number, work place, IP address, as well as any other data voluntarily provided by the data subject, in particular by means of the contact form.

  2. Providing personal data is voluntary, but failure to provide the personal data marked in forms as obligatory will prevent sending mails through the Website or phone contact on the part of Blazity. Due to the nature of actions taken up by Blazity, they cannot be provided anonymously.

  3. Personal data of users will be processed for the following purposes:


Scope of data

Legal ground

Processing period

phone calls (after the data subject uses the contact form)

phone number, e-mail address, first name, other personal data voluntarily provided by the data subject

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in responding to queries and correspondence provided directly by data subjects

until a call ends or the data subject objects

correspondence in electronic form (after the data subject uses the contact form)

e-mail address, first and last name, organisation name, other personal data voluntarily provided by the data subject

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in responding to queries and correspondence provided directly by data subjects

until correspondence ends or the data subject objects

providing access to the website

IP address

Article 6.1(b) of the GDPR – statutory authorisation to process data necessary to perform an agreement 

until lapse of the period of limitation of claims connected with access to the website

marketing activities (after the data subject uses the contact form)

e-mail address

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in informing about its activity

until data cease to be useful or the data subject objects

analysing traffic on the website

IP address, Cookie files of the following type:

- _utma;

- _utmb;- _utmc;- _utmz;- PHPSESSID

Article 6(1)(a) of the GDPR – consent given by the data subject

until data cease to be useful or the data subject withdraws the consent

protection against claims, raising claims

e-mail address, first and last name, other data voluntarily provided by the data subject in the course of co-operation

Article 6(1)(f) of the GDPR – legitimate interest of the controller which consists in protecting against claims and raising claims

until lapse of the period of limitation applicable to claims connected with access to the Website and users actions within the website, calculated from the time of the user’s last visit on the website

  1. If Blazity is advised that the person uses the services provided by Blazity or the Website functionalities in violation of applicable legal provisions, then Blazity may process user’s personal data in a scope required for establishing his/her liability.

  2. Blazity does not transfer personal data collected through the Website to third countries (beyond the EEA). Should it become necessary, Blazity will immediately inform each data subject. Furthermore, data will be transferred to the third country on the terms determined in clauses 2.6. and 2.7. below.

  3. Transferring users’ personal data to third parties will be governed by model contractual clauses, where both Blazity and its counterparties undertake to ensure appropriate level of security of users’ personal data. Prior to signing model contractual clauses, Blazity verifies each of its counterparties which would have access to users’ personal data and assesses whether the country to which users’ personal data would be transferred enables enforcement of rights and provides the users with effective legal remedies.

  4. If the European Commission issues a decision in which it determines whether the relevant third country ensures the appropriate level of protection of personal data, then transferring users’ personal data to such country may also proceed on the basis of such decision.

  5. In each case where users’ personal data are transferred to a third country, the user is authorised to obtain a copy of such data.

  6. Blazity will not make automated decisions against data subjects. Blazity will carry out profiling of data subjects in a scope necessary to present them personalised content of marketing nature adjusted to needs, preferences and conduct of particular Users.


  1. Blazity may transfer users’ personal data to third parties for the purpose of performance of the activities stated in the Terms of Service. The recipients of User’s data may involve in particular:  hosting provider, e-mail operator, software development company, provider of the CRM software, provider of the service connected with sending e-mails, accounting firm, law firm, entities providing cloud and other solutions used by Blazity in its current operations which involve personal data processing. 

  2. Personal data collected by Blazity may also be disclosed to competent state bodies or institutions (law enforcement authorities, courts, security service) authorised to gain access to them on the basis of the respective generally applicable legal provisions, or other persons and entities – in the cases prescribed by the generally applicable legal provisions.

  3. Each entity to which Blazity transfers personal data for processing on the basis of a personal data transfer agreement (“Data Transfer Agreement”) guarantees an adequate level of security and confidentiality of the processing of personal data. An entity processing personal data on the basis of the Transfer Agreement may process personal data through another entity only upon prior written consent of Blazity. 

  4. Disclosure of Users’ personal data to unauthorised entities under the Privacy Policy may take place only upon prior written consent of the data subject.


  1. Each data subject has the right to: (a) delete the collected personal data referring to him/her both from the system belonging to Blazity as well as from bases of entities which have co-operated with Blazity, (b) restrict the processing of data, (c) portability of the personal data collected by Blazity and referring to the relevant person, in this to receive them in a structured form, (d) request Blazity to enable him/her access to his/her personal data and to rectify them, (e) object to personal data processing, (f) withdraw the consent towards Blazity at any time without affecting the legality of the personal data processing carried out on the basis of the consent before it is withdrawn, (g) lodge a complaint about Blazity to the supervisory authority (President of the Personal Data Protection Office).


  1. Blazity may store http enquiries, therefore the files containing web server logs may store certain data related to users, including the IP address of the computer sending the enquiry, the name of user’s station – identification through http protocol, date and system time of registration on the website and receipt of the enquiry, number of bytes sent by the server, the URL address of the site visited by the user before (if the user has entered the website through a link), information concerning user’s browser, information concerning errors occurred by realization of the http transaction. Web server logs may be collected for the purposes of proper administration by Blazity. Only persons authorised to administer the IT system have access to the data referred to above. Files containing web server logs may be analysed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Summary of such details does not identify the user.

  2. Blazity may use analytics and marketing tools, in particular  ActiveCampaign, Hotjar, Google Analytics and Facebook Pixel, Google Tag Manager, as part of which it has access to anonymised information on users, including: information on the operating system and Internet browser used by the user, time spent on the website, user’s age range, gender, approximate location, interests determined on the basis of his/her activity in the Internet. The details referred to in the preceding sentence are not combined with users’ personal data and do not enable their identification and are not personal data within the meaning of the GDPR. 


  1. Blazity takes care of security of users’ personal data. For this purpose Blazity has implemented appropriate safeguards and means of protection of personal data taking into account risks connected with the process of personal data processing. In particular, Blazity applies technological and organisational means in order to secure personal data against being disclosed to unauthorised persons, taken over by an unauthorised person, changed, lost, damaged or destroyed, as well as processed in violation of the GDPR by using, among other things, SSL certificates. The compilation of personal data collected by Blazity is stored on secured servers, moreover, personal data are also secured by internal procedures of Blazity related to the processing of personal data and information security policy.

  2. Irrespective of the foregoing, Blazity states that using the Internet and services provided by electronic means may pose a threat of malware breaking into the teleinformatic system and device of the relevant person, as well as a third party gaining access to data, including personal data. In order to minimise such threats, each person should use appropriate technical safeguards (antivirus programs) or programs securing identification in the Internet. 


  1. For the purposes of the correct operation of the website, Blazity uses a cookie support technology. Cookies are packages of information stored on the device of a relevant user through Blazity, usually containing information corresponding to the intended use of a particular file, by means of which the user uses the Blazity website – these are usually: website address, date of publishing, lifetime of a cookie, unique number, and additional information corresponding to the intended use of a particular file.

  2. Blazity uses two types of Cookies: (a) session cookies, which are permanently deleted upon closing the session of user’s browser; (b) permanent cookies, which remain on user’s device after closing the session until they are deleted. 

  3. Cookie files used by Blazity are related to the supplier of the solutions referred to in clause 5.2. of this Privacy Policy.

  4. It is not possible to identify the user on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collection of any personal data. 

  5. Cookies used by Blazity are safe for user’s device, in particular they prevent viruses or other software from breaking into the device.

  6. Files generated directly by Blazity may not be read by other websites. Third-Party Cookies (i.e. Cookies provided by entities co-operating with Blazity) may be read by an external server. 

  7. The user may individually change the cookie settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. 

  8. First of all, the user may disable storing cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the Blazity website.

  9. The user may also individually remove Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.

  10. Blazity uses own Cookies for the following purposes: configuration of the website and adjustment of the page content to the preferences or conduct of the user; analysis and research of views, click number and path taken on the website to improve the appearance and organisation of content on the website, time spent and number and frequency of visits on the Blazity website, as well as determination of Website user’s needs.

  11. Details concerning Cookie support are available in the settings of the browser used by the data subject.


  1. The Privacy Policy comes into force on October 2021.