Privacy Policy

Effective date: 08.2025

1. Data Controller

The data controller is:

EMDRlink Sp. z o.o.
Lipowa 45A, 05-800 Pruszków
NIP 5342677062,
REGON 528137180,
KRS 0001095498.

Responsible for data protection: Michal Chmielewski

2. Scope of Data Processed

We process user-provided data, including: name and surname, email address, phone number, address details, payment data, order history, marketing data (if consent is given), and data submitted through forms.

3. Purposes and Legal Basis for Processing

• provision of services (Art. 6(1)(b) GDPR),
• handling orders and subscriptions (Art. 6(1)(b) GDPR),
• marketing with consent (Art. 6(1)(a) GDPR),
• traffic analysis and service quality improvement (Art. 6(1)(f) GDPR),
• legal compliance (Art. 6(1)(c) GDPR).

4. Data Recipients

Data may be shared with: payment providers (PayU, Stripe), shipping providers (Apaczka.pl and partners), IT service providers, and analytics tools (Google Analytics, Hotjar, Google Ads).

5. Data Retention

We store data:

• for the duration of the contract and as required by law (usually 5 years),
• marketing data – until consent is withdrawn.

6. User Rights

You have the right to access, rectify, delete, restrict processing, transfer your data, object to processing, and lodge a complaint with the supervisory authority (President of UODO).

7. Cookies and Analytics Tools

We use cookies and tools such as Google Analytics, Hotjar, and Google Ads to analyze traffic and marketing activities. Details are available in the Cookies Policy.

8. Security

We implement technical and organizational measures to ensure data security.

9. Contact Regarding Personal Data

For any questions regarding personal data, contact us at: odo@emdrlink.pl