top of page

PRIVACY POLICY

Last updated: 05.05.2026

1. DATA CONTROLLER

The controller of personal data is Labyrinth Security Solutions Sp. z o.o., ul. Krakowska 39A/1, 41-808 Zabrze, Poland, NIP (Tax ID): PL6482812566, KRS (National Court Register): 0000998180, e-mail: info@labyrinth.tech.

2. SOURCES AND TYPES OF PERSONAL DATA

We obtain personal data directly from you – for example via contact forms, newsletter sign‑ups, e‑mail or telephone correspondence. Data may also be collected automatically when you use our website (details in Cookie Policy). In connection with the use of our services and website, we may process the following categories of data:

  • Personal data: name, address, e‑mail address, telephone number

  • Company data: job title, company name, registered office address

  • Communication data: information provided to us during correspondence

  • Technical data: IP address, browser type and version, operating system, device data, time zone

  • Usage details: information about interactions with our wybite, products or services

3. PURPOSES AND LEGAL BASES FOR DATA PROCESSING

3.1. Query handling
Purpose of processing: responding to enquiries, conducting correspondence, and maintaining further contact in a given matter.
Legal basis: Article 6(1)(f) GDPR (legitimate interest)

​

3.2. Newsletter and marketing communication
Purpose of processing: sending commercial information by electronic means.
Legal basis: Article 6(1)(a) GDPR (consent), Article 10 of the Polish Act of 18 July 2002 on the provision of electronic services.

​

3.3. Website analytics and statistics
Purpose of processing: analysing traffic on the website, improving its functionality and content.
Legal basis: Article 6(1)(a) GDPR (consent given via the cookie banner for processing data for analytical purposes).

​

3.4. Conducting correspondence and archiving
Purpose of processing: documenting communication, establishing, exercising or defending against potential claims.
Legal basis: Article 6(1)(f) GDPR (legitimate interest).

4. DATA RETENTION PERIOD

We store personal data only for as long as necessary to fulfil the purposes for which they are processed. After the retention period has expired, the data are anonymised or securely deleted.

5. RECIPIENTS OF PERSONAL DATA

Personal data may be disclosed to the following categories of recipients:

  • IT service providers (hosting, e‑mail, cloud services)

  • Providers of analytical and marketing tools (e.g. Google LLC – Google Analytics 4)

  • Law firms, consultancy firms, auditors

  • Public authorities

​

The Controller does not sell personal data to third parties.

6. TRANSFER OF DATA TO THIRD COUNTRIES

The Controller may transfer data to countries outside the European Economic Area (EEA) only subject to appropriate safeguards, including standard contractual clauses or adequacy decisions of the European Commission.

7. RIGHTS OF DATA SUBJECTS

In connection with the processing of personal data, you have the following rights:

  • Right to access to data (Article 15 GDPR)

  • Right to rectification of data (Article 16 GDPR)

  • Right to erasure of data (“right to be forgotten”) (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object to processing (Article 21 GDPR)

  • Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (Article 7 GDPR)

​

Requests concerning the above rights should be sent to the e‑mail address: info@labyrinth.tech.

 

You also have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO) ul. Stawki 2, 00‑193 Warsaw, www.uodo.gov.pl.

8. AUTOMATED DECISION‑MAKING AND PROFILING

The Controller does not use automated decision‑making or profiling that produces legal effects concerning you or similarly significantly affects you.

9. VOLUNTARINESS OF PROVIDING DATA

Providing personal data is voluntary; however, certain data, in particular contact details, are necessary to handle enquires, and failure to provide them will prevent a response.  Providing an e‑mail address is required to receive the newsletter service. Consent to analytical cookies is voluntary and does not affect the ability to use the website, except for limitations in analytical functionalities.

10. DATA SECURITY

The Controller applies appropriate technical and organisational measures to ensure the security of personal data, in particular encryption of data transmission (TLS/SSL protocol), access control to IT systems, regular creation of backup copies and employee training in data protection.

11. CHANGES TO THE PRIVACY POLICY

The Controller reserves the right to amend this Privacy Policy. Users will be informed of material changes on the website. The current version is always available at: https://www.labyrinth.tech/privacy

bottom of page