Keeping your personal data secure is very important to us. We want it to be processed in line with the highest standards; hence, we have prepared this privacy policy, which describes how and for what purpose we process your personal data and what rights you have in connection with our use of cookies and other similar technologies.

This Policy applies to those who visit the website available at (“Website”) and its content. This Policy applies only to the processing of personal data carried out by OPEN-UP. This Policy does not apply to any websites or services owned or operated by third parties to which links can be found on the Website. OPEN-UP is responsible for neither the content nor privacy standards and policies applicable to any websites or services owned or operated by third parties to which links can be found on the Website.

Our Website may use cookies and other similar technologies (hereinafter referred to jointly as “cookies”). Cookies are small text files sent by our website or third parties through our website, stored on your device, and then read by your browser. Cookies are a technology commonly used to store and transfer information that makes it possible to, among other things, remember the user’s settings and preferences, collect statistics, and optimize websites, personalize the content being displayed and customize advertisements.

Below, you can find information on the types of cookies we use on our Website and how we use them.


Who is the controller of your personal data?

The Personal Data Controller is:

OPEN-UP spółka z ograniczoną odpowiedzialnością spółka komandytowa with its registered office in Kraków at 34/1 Starowiślna Street, postal code: 31-032, entered in the Register of Entrepreneurs kept by the District Court for the Kraków-Śródmieście, 11th Commercial Division of the National Court Register, under number KRS 0000295953, with NIP (Tax ID Number): 676-23-66-949,

address for correspondence: OPEN-UP sp. z o.o. sp.k., ul. Starowiślna 34/1, 31-032 Kraków


Why do we process your personal data?

Certain cookies are necessary to ensure safe and efficient communication/data transmission over the network, as well as proper operation of website essential functions, and to provide services based on the mechanisms implemented on the Website (such as form mechanisms and efficient website loading). Other cookies allow us to analyse how the Website is used to improve its performance, interactions, and user experience. We also use cookies designed to adapt displayed advertisements to the user’s needs and preferences and to share our pages and content via external social networks and other external websites, including for advertising purposes.

What personal data do we process?

We process personal data in the course of using our Website.


We may process the following categories of data: type of the device used, unique device number, device IP address, operating system, browser type, information on how the website is used and diagnostic information, search history, session summary, location information, and other data provided automatically through the web browser.


Moreover, in connection with your use of the contact form provided on our Website, the following categories of personal data are obtained directly from you or third parties:

(i) first name and surname

(ii) business email address

(iii) business phone number

What is the basis for personal data processing?

We process personal data in compliance with Article 6(1)(a) and (b) of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) (OJ EU L 119 of 4/05/2016, p. 1, as amended) based on your consent provided in connection with sending the contact form.


Furthermore, we process personal data regarding cookies as part of our legitimate interest related to providing information about our operations and offering services via the Website (i.e., pursuant to Article 6(1)(f) of the GDPR).

How long will we process your personal data?

Cookies are stored in the memory of your device: (i) temporarily until the browser is closed (session cookies) or (ii) permanently until they expire or are deleted (permanent cookies). You can delete cookies from your computer or mobile device by yourself at any time using your web browser’s settings. You can also disable the option of saving all cookies or only cookies from third parties in your browser settings. If you disable cookies, our Website may work improperly, or you will not be able to use some of the functionalities.

Do we process your data automatically (including through profiling)?

Personal data related to cookies is processed automatically, in particular, to adapt the Website content to the user’s preferences, optimize the process of using the Website, make statistical analyses, or present customized marketing content. Processing the data this way will not affect your rights or cause any legal effects.

Where do we store your personal data?

Your personal data will be stored in countries of the European Economic Area (“EEA”). However, some of the services we use may also require the transfer and processing of data outside the EEA. Each such transfer of personal data will be made in compliance with applicable regulations and based on appropriate legal safeguards (standard contractual clauses for personal data protection approved by the European Commission).

Who do we share your personal data with?

We may share personal data with third parties, for example, to ensure communication with the user, analytical services related to examining interactions with the Website or collecting statistics on the Website usage to improve and optimize it or to display customized ads and provide the option of sharing content on social networks and external websites.


Certain cookies are placed on your device via our Website but by third parties. Cookies from third parties may also be placed by social networks or for advertising purposes, enabling tracking and analysing users’ activities on websites and delivering personalized advertisements, including remarketing of our products.

What are your rights?

You have numerous rights in connection with the processing of personal data. You can get additional information on the scope and method of exercising your rights by contacting us at the following email address:

Right of access to personal data

You have the right to request us to provide you with information on whether we process your personal data and, among other things, to what extent, for what purpose, how we do it, with whom we share the data we hold, and where we have obtained it. You can submit a relevant request to the contact email address we have provided.

 Right to data portability

You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to request that the data be transferred to another entity.

Right to data rectification

You have the right to request that we immediately rectify incorrect data and – considering purposes of the processing – complete incomplete personal data, including by providing an additional statement.

Right to erasure

You have the right to request that your personal data be erased immediately when: (i) it is no longer necessary for the purposes for which it has been collected or otherwise processed, (ii) you have withdrawn your consent to the data processing, and we have no other valid basis for the processing, (iii) you have objected to the processing, and there are no overriding legitimate grounds for the processing, (iv) personal data has been processed unlawfully, (v) personal data must be erased to fulfil a legal obligation. However, there may be legally justified exceptional cases when we are not able to fulfil your request.

Right to restriction of the processing

You have the right to request that we limit the processing of your personal data: (i) if you believe that your data is incorrect and you report it to us – we will limit the processing until we verify the data correctness, (ii) if the processing is unlawful, but you do not agree to the deletion of your data, (iii) if we no longer need your personal data for appropriate processing purposes, but it is required to pursue claims, establish or protect rights, (iv) in the event of your objection to the data processing – until we check whether we have an overriding legitimate interest justifying further processing despite the objection.

Right to withdraw consent for the processing

If the basis for personal data processing is your consent, you have the right to withdraw the consent at any time. Withdrawing the consent does not affect the lawfulness of the processing of your personal data we have already carried out based on your consent before its withdrawal.

Right to object

You have the right to object to the processing of your personal data (including profiling) at any time for purposes arising from legitimate interests of the controller or a third party. Further data processing is only possible if there are valid and legally justified overriding grounds for the personal data processing or specified data is necessary to pursue claims, determine or protect rights.

Right to refuse consent to direct marketing

You have the right to object to the processing of your personal data at any time for purposes of direct marketing (including profiling) to the extent to which the processing relates to such direct marketing. In the event of an objection, your personal data will not be used for such purposes.

How can you exercise your rights?

Laws and regulations do not require any specific form or method of communication to exercise your rights. However, we attach great importance to ensuring that the rights can be exercised effectively, which is why we have provided a dedicated contact channel via email to handle inquiries, notifications, and requests relating to the exercise of the said rights:

Right to lodge a complaint with the supervisory authority

If you believe we process your personal data incorrectly, you can always contact us, and you can lodge a complaint with the supervisory body (the President of the Personal Data Protection Office).

Updates of the Privacy Policy

If it is necessary to update this Privacy Policy, you will always have access to its most recent version on our Website.