Privacy Policy

Privacy Policy

The following Privacy Policy sets forth the rules for storing and accessing data on the Devices of the Users who use the Website for the purpose of providing electronic services by the Administrator, as well as the rules for collecting and processing of the Users' personal data provided by them personally and voluntarily through the tools available in the Service.

§1 Definitions

  • Service - the Internet service "btla.pl" operating under the address https://btla.pl

  • External service - websites of partners, service providers or recipients of services cooperating with the Administrator

  • Administrator of the Website / Data - the Administrator of the Website and the Data Administrator (hereinafter referred to as the Administrator) is "ZP20 Piotr Markowski BTLA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ", a company running its business activity at the address: Porcelanowa 23, 40-246 Katowice, A1/406, with Taxpayer Identification Number (TIN): 9542834982, providing services electronically via the Website

  • User - a natural person for whom the Administrator provides services electronically through the Website.

  • Device – electronic device with software, through which the User gains access to the Website

  • Cookies – text data collected in the form of files placed on the User's Device

  • GDPR- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

  • Personal Data - it means any information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person

  • Processing - it means an operation or set of operations performed upon personal data or sets of personal data, by automated or non-automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction;

  • Restriction of processing - means the marking of stored personal data to restrict its processing in the future

  • Profiling - means any form of automated processing of personal data which consists of using personal data to evaluate certain personal aspects relating to a natural person, particularly to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movement

  • Consent - consent of a data subject means any freely given, specific, informed and unambiguous indication of will by which the data subject, either by a statement or by a clear affirmative action, gives his or her consent to the processing of personal data relating to him or her

  • Personal data breach - means a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or unauthorized access to personal data transmitted, stored or otherwise processed

  • Pseudonymization - it means the processing of personal data in such a way that the data can no longer be attributed to a specific data subject, without using additional information, provided that such additional information is kept separately and is covered by technical and organisational measures which make it impossible to attribute it to an identified or identifiable natural person

  • Anonymization - Data anonymization is an irreversible process concerning operations over data that destroys / overwrites "personal data" making it impossible to identify or associate a particular record with a particular user or a natural person.

§2 Data Protection Officer

Pursuant to Art. 37 GDPR, the Administrator has not designated a Data Protection Officer.

In matters concerning data processing, including personal data processing, please contact the Administrator directly.

§3 Types of Cookies

  • Internal cookies - files placed and read from User's Device by ICT system of the Service

  • External cookies - files placed and read from User's Device by ICT systems of External services. Scripts from Third Party Services that may place Cookies on User Devices have been knowingly placed on a Service through scripts and services made available and installed on that Service

  • Session cookies - files placed and read from the User's Device by External Service a single session of a given Device. When the session ends, the files are deleted from the User's Device.

  • Persistent cookies - files placed and read from the User's Device by External Service or they are manually deleted. Cookies are not deleted automatically when a Device session ends unless the User's Device configuration is set to delete cookies after the end of the Device session.

§4 Data storage security

  • Mechanisms for storing and reading cookies - Mechanisms for storing, reading and exchanging data between Cookies stored on a User's Device and Service are implemented through built-in mechanisms of Internet browsers and do not allow collecting other data from User's Device or data of other websites visited by the User, including personal data or confidential information. It is also virtually impossible to transfer viruses, Trojan horses and other worms to Your Device.

  • Internal cookies - the cookies used by Administrator are safe for Devices of Users and they do not contain scripts, content or information that could threaten security of personal data or security of User's Device.

  • Third party cookies - Administrator makes all possible efforts to verify and select website partners in the context of safety of Users. The Administrator selects well-known, large partners with global public trust to cooperate. However, he does not have full control over the content of Cookies from external partners. To the extent permitted by law, the Administrator shall not be held liable for the security of Cookies from external Websites, their content and use by the Scripts installed in the service in accordance with the license. The list of partners is presented hereinafter in the Privacy Policy.

  • Control of Cookies

  • Threats on the side of the User – The Administrator uses all possible technical measures to ensure the security of the data placed in cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User’s activity. The Administrator is not responsible for any interception of this data, impersonation of the User's session or its deletion, as a result of conscious or unconscious activity of the User, viruses, Trojan horses and other spyware, which may be or was infected with the User's Device. In order to protect themselves from these threats, users should follow the internet usage guidelines.

  • Storage of personal data– The Administrator ensures that he makes every effort to ensure that processed personal data entered voluntarily by Users are secure, access to them is limited and carried out in accordance with their purpose and objectives of processing. The Administrator also ensures that he makes every effort to protect the data he holds against loss using appropriate physical and organizational security measures.

§5 Purposes for which cookies are used

  • Improving and facilitating access to the Service
  • Personalization of the Service for Users
  • Enabling logging into the Service
  • Marketing and Remarketing on external websites
  • Ad serving servics
  • Affiliation services
  • Keeping statistics (users, number of visits, types of devices, link, etc.).
  • Serving multimedia services
  • Provision of community services

§6 Purposes of personal data processing

Personal data voluntarily provided by Users are processed for one of the following purposes:

  • Execution of electronic services:
    • Services of registration and maintaining the User's account in the Service and functionalities connected with it
    • Services related to registration and maintaining the User's account on the Website and the functionalities related to it
    • Commenting on / liking posts on the Service without registering
    • Services to share information about content posted on the Service, social media sites or other sites.
  • Communication of the Administrator with the Users on matters related to the Service and data protection
  • Providing the legally justified interest of the Administrator

Data about Users collected anonymously and automatically is processed for one of the following purposes:

  • Keeping statistics
  • Remarketing
  • Serving ads tailored to users' preferences
  • Servicing of affiliate programs
  • Providing the legally justified interest of the Administrator

§7 Cookies of Third-Party Services

The Administrator on the Website uses JavaScript scripts and web components of partners who may place their own cookies on the User's Device. Remember that you can decide in your browser settings about the allowed cookies that can be used by particular websites. Below is a list of partners or their services implemented on the Website that may place cookies:

Services provided by third parties are beyond the control of the Administrator. These entities may at any time change their terms of service, privacy policies, purpose of data processing, and the way they use cookies.

§8 Types of collected data

The Service collects data on Users. Part of the data is collected automatically and anonymously, and part of the data is personal data provided voluntarily by Users when signing up for particular services offered by the Website.

Anonymous data collected automatically:

  • IP address
  • Browser type
  • Screen resolution
  • Approximate location
  • Subpages opened on the website
  • Time spent on relevant subpage
  • Operating system type
  • Previous subpage address
  • Referring website address
  • Browser language
  • Internet connection speed
  • Internet service provider

Data collected during registration:

  • First name / last name / nickname
  • Login
  • E-mail address
  • IP address (collected automatically)

Data collected when signing up for the Newsletter service

  • First name / last name / nickname
  • E-mail address
  • IP address (collected automatically)

Data collected when signing up for the Newsletter service

  • Name and surname / nickname
  • E-mail address
  • www address
  • IP address (collected automatically)

Some data (without identifying information) may be stored in cookies. Some data (without identifying information) may be transmitted to a statistical service provider.

§9 Access to personal data by third parties

As a rule, the only recipient of personal data provided by Users is the Administrator. Data collected as part of the services provided are not transferred or resold to third parties.

Access to the data (most often based on a Data Processing Entrustment Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary to run a website, i.e.:

  • Hosting companies that provide hosting or related services to the Administrator
  • Companies through which the Newsletter service is provided

Entrusting the processing of personal data - Newsletter

Administrator in order to provide the Newsletter service, uses a third-party service -Mailchimp, MailerLite,. The data entered in the newsletter subscription form is transmitted, stored and processed in a third-party service of this service provider.

Please be informed that the indicated partner may modify the indicated privacy policy without the consent of the Administrator.


Entrusting the processing of personal data - Hosting Services, VPS or Dedicated Servers

The Administrator, in order to run the service, uses an external hosting provider, VPS or Dedicated Servers - Globtel Internet. All data collected and processed on the website is stored and processed in the infrastructure of the service provider located within the borders of the European Union. It is possible to access the data as a result of maintenance work carried out by the staff of the service provider. Access to this data is governed by an agreement between the Administrator and the Service Provider.


§10 Method of processing personal data

Personal data provided voluntarily by Users:

  • Personal data will not be transferred outside the European Union unless it has been published as a result of an individual action by the User (e.g., entering a comment or entry), which will make the data available to any person visiting the website.
  • Personal data will not be used for automated decision-making (profiling).
  • Personal data will not be resold to third parties.

Anonymous data (without personal data) collected automatically:

  • Anonymous data (without personal data) will be transferred outside the European Union.
  • Anonymous data (without personal data) will not be used for automated decision making (profiling).
  • Anonymous data (without personal data) will not be resold to third parties.

§11 Legal basis of personal data processing

The Service collects and processes Users' data based on:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
    • Article 6(1). (1)(a)
      processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering such a contract
    • Article 6(1). (1)(b)
      processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering such a contract
    • Article 6(1). (1)(d)
      processing is necessary to protect vested interests of the data subject or of another natural person
    • Article 6(1). (1)(f)
      processing is necessary for the purposes of the legally justified interests pursued by the administrator or by a third party
  • Act of 10 May 2018 on the protection of personal data (Journal of Laws 2018, item 1000)
  • Act of July 16, 2004. Telecommunications Law (Journal of Laws 2004 No. 171 item 1800)
  • Act of 4 February 1994 on copyright and related rights (Journal of laws 1994, no. 24 item 83)

§12 Personal data processing period

Personal data provided voluntarily by Users:

As a rule, the indicated personal data are stored only for the period of providing the Service within the Service by the Administrator. They are deleted or anonymized up to 30 days after termination of services (e.g., deletion of registered user account, unsubscribing from Newsletter list, etc.).

The exception is when it is necessary to secure legally justified purposes for further processing of such data by the Administrator. In such a situation, the Administrator will be storing the indicated data from the time of the request to remove them by the User, no longer than for a period of 3 years in the case of violation or suspicion of violation of the service regulations by the User

Anonymous data (without personal data) collected automatically:

Anonymous statistical data, which does not constitute personal data, is stored by the Administrator in order to keep statistics of the service for an indefinite time period

§13 Users' rights related to personal data processing

The Service collects and processes Users' data based on:

  • Right of access to personal data
    Users have the right to obtain access to their personal data, upon request submitted to the Administrator

  • Right of rectification of personal data
    Users have the right to request the Administrator to promptly rectify personal data that are incorrect and/or to complete incomplete personal data, upon a request submitted to the Administrator

  • The right to erasure of personal data
    The Users have the right to request the Administrator to delete their personal data immediately, upon request submitted to the Administrator. In the case of user accounts, deletion of data consists in anonymization of data allowing for identification of the User. The Administrator reserves the right to suspend the execution of the request for deletion of the data in order to protect the legally justified interest of the Administrator (e.g., when the User committed an infringement of the Regulations, or the data were obtained as a result of correspondence).
    In the case of the Newsletter service, the User has the possibility to delete individually his/her personal data using a link placed in each e-mail message sent.

  • Right to restrict processing of personal data
    Users have the right to restrict the processing of personal data in the cases indicated in Article 18 of the GDPR, among others disputing the correctness of personal data, carried out upon a request submitted to the Administrator

  • Right to portability of personal data
    Users have the right to obtain from the Administrator personal data concerning the User in a structured, commonly used and machine-readable format, carried out upon a request submitted to the Administrator

  • The right to object to processing of personal data
    Users have the right to object to processing of their personal data in the cases specified in Article 21 RODO, carried out upon request made to the Administrator

  • Right to lodge a complaint
    Users have the right to lodge a complaint with the data protection supervisory authority.

§14 Contact to Administrator

The Administrator can be contacted in one of the following ways

  • Postal address - ZP20 Piotr Markowski BTLA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, Porcelanowa St. 23, 40-246 Katowice, A1/406

  • E-mail address - kontakt@balt.pl

  • Contact form- available at: /contact

§15 Requirements of the Service

  • Restricting saving and access to Cookies on a User's Device may cause some features of the Website to work incorrectly.

  • The Administrator shall not be held liable for malfunctioning of the Website's functions if the User restricts the ability to save and read cookie files in any way.

§16 External links

In the Service - in articles, posts, entries or comments of Users there may be links to external websites, with which the Owner of the service does not cooperate. These links and websites or files indicated under them may be dangerous to your Device or pose a risk to the security of your data. The Administrator is not responsible for the content outside the Service.

§17 Changes in Privacy Policy

  • The Administrator reserves the right to make any changes to this Privacy Policy without notifying the Users regarding the use and application of anonymous data or the use of Cookies.

  • The Administrator reserves the right to make any changes to this Privacy Policy regarding the processing of Personal Data, of which he will inform the Users who have user accounts or are subscribed to the newsletter service, via e-mail within 7 days from the change of the records. Continuing to use the services means reading and accepting the changes made to the Privacy Policy. In case the User does not agree with the changes, he/she is obliged to delete his/her account from the Service or unsubscribe from the Newsletter service.

  • Any changes to the Privacy Policy will be posted on this subpage of the Service.

  • The changes shall become effective upon publication.